Menu
I'm protecting my dev server using nginx and the auth_basic module, but I can't seem to find a way to specify the interval at which the 'authentication' expires.
I would like to be able to force nginx to ask for the password say every 6 hours. Is there a way to do that? If not, what is an acceptable workaround?
903
auth_basic. auth_basic_user_file. The ngx_http_auth_basic_module module allows limiting access to resources by validating the user name and password using the “HTTP Basic Authentication” protocol. Access can also be limited by address, by the result of subrequest, or by JWT.
In September 2021, we announced that effective October 1, 2022, we will begin disabling Basic authentication for Outlook, EWS, RPS, POP, IMAP, and EAS protocols in Exchange Online.
htpasswd within our /etc/nginx configuration directory. The first time we use this utility, we need to add the -c option to create the specified file. We specify a username ( sammy in this example) at the end of the command to create a new entry within the file: sudo htpasswd -c /etc/nginx/.
It's probably not possible. There doesn't seem to be any documentation on the nginx HttpAuthBasicModule page to suggest that you can timeout Basic HTTP authentication.
The HTTP specification for Authorization headers also does not specify a timeout mechanism. I don't expect you'll be able to rely on basic authentication if you need timeouts, unless you're also fronting a web application.
If you're fronting a web application, you could maintain a session in a cookie and time out the session after a period of inactivity. When the session timeout finishes, use your web application to send the following headers:
HTTP/1.1 401 Unauthorized
WWW-Authenticate: Basic Realm="MyApp"
That will prompt the browser to ask for credentials again. If you need access to the user's identity in your web application, you should find it in the REMOTE_USER CGI environment variable.
To serve static assets efficiently using this technique, XSendfile might be useful.
139
If you are still looking for solution to this issue, I believe HttpAuthDigestModule is what you are looking for.
I just found it today while surfing the Internet.
Here are the links:
http://wiki.nginx.org/HttpAuthDigestModule
https://github.com/samizdatco/nginx-http-auth-digest
Hopefully it helps you.
25
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
