DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #1435 from aledbf/master

Browse source 
Add header to upstream server for external authentication
This commit is contained in:
Manuel Alejandro de Brito Fontes 2017-09-28 15:46:31 -07:00 committed by GitHub
commit cb77efeb02
3 changed files with 4 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

5
controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
View file

@ -687,7 +687,7 @@ stream {
{{ end }}
{{ if not (empty $location.ExternalAuth.SigninURL) }}
error_page 401 = {{ buildAuthSignURL $location.ExternalAuth.SigninURL }};
error_page 401 = $location.ExternalAuth.SigninURL;
{{ end }}
{{/* if the location contains a rate limit annotation, create one */}}
@ -746,6 +746,9 @@ stream {
proxy_set_header X-Original-URI $request_uri;
proxy_set_header X-Scheme $pass_access_scheme;
{{/* This header is used for external authentication */}}
proxy_set_header X-Auth-Request-Redirect $request_uri;
# mitigate HTTPoxy Vulnerability
# https://www.nginx.com/blog/mitigating-the-httpoxy-vulnerability-with-nginx/
proxy_set_header Proxy "";