ngx_http_auth_request_module equivance for HAProxy

Does an equivalent module to nginx's ngx_http_auth_request_module exist for HAProxy or Apache? This module allows support for custom authentication through HTTP. I quote:

The ngx_http_auth_request_module module (1.5.4+) implements client authorization based on the result of a subrequest. If the subrequest returns a 2xx response code, the access is allowed. If it returns 401 or 403, the access is denied with the corresponding error code. Any other response code returned by the subrequest is considered an error.

Solution 1:

At least for apache (both 1.x and 2.x) you can try out https://github.com/kitech/mod_authnz_external. It runs an external script to handle user's credentials. This script in turn may query an external service over HTTP[s], in this case it would work similarly (not considering performance issues) to ngx_http_auth_request_module

Solution 2:

You can try this Lua-based solution. It's inspired by ngx_http_auth_request_module.

Load the lua script in the global section.

global
    lua-load /usr/share/haproxy/auth-request.lua

Define an auth backend

backend auth_request
    mode http
    server auth_request 127.0.0.1:8080 check

Invoke the Lua check in a frontend and deny the request if it failed.

frontend http
    http-request lua.auth-request auth_request     /is-allowed
    http-request deny if ! { var(txn.auth_response_successful) -m bool }

The author also made a nice blog post, where he explained the inner workings in much detail.