Missing proxy_cache_key if README.md ?
eLvErDe opened this issue · 1 comments
Hello,
I don't understand how the configuration could works by using only
proxy_cache auth_cache;
proxy_cache_valid 200 10m;
When using HTTP Basic authorization by setting:
proxy_set_header Authorization $http_authorization;
The configuration lead to anyone having access after one auth called succeeded, which is what I think such configuration is supposed to do. But it does not make any sense.
Changing the cache configuration to include the Authroization header fixes the issue:
proxy_cache auth_cache;
proxy_cache_key "$http_authorization";
proxy_cache_valid 200 10m;
Am I stupid of the documentation is lacking this additional line ?
Best regards, Adam.
Adam,
You are right and README may be improved in this regards.
At the same time the example configuration contains almost exactly what you propose. Please have a look here:
https://github.com/nginxinc/nginx-ldap-auth/blame/master/nginx-ldap-auth.conf#L55