私のauth_requestが完全に無視されるのはなぜですか?
nginx.conf
server {
listen 80;
error_page 403 = @error;
location = /auth {
return 403;
}
location /api {
auth_request /auth;
return 201;
}
location /test {
return 200;
}
location @error {
return 500;
}
}
別のバージョンである1.8、1.15.12、1.16.0を試しましたが、運がありませんでした。これは単にデバッグとhttp_auth_requestです。
nginx -V
nginx version: nginx/1.16.0
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-23) (GCC)
built with OpenSSL 1.0.1e-fips 11 Feb 2013
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-pcre=../pcre-8.42 --with-zlib=../zlib-1.2.11 --with-http_ssl_module --with-debug --with-http_auth_request_module
デバッグファイル:
カール -vhttp://127.0.0.1:80/api
2019/05/01 20:50:14 [debug] 16471#0: *1 http request line: "GET /api HTTP/1.1"
2019/05/01 20:50:14 [debug] 16471#0: *1 http uri: "/api"
2019/05/01 20:50:14 [debug] 16471#0: *1 http args: ""
2019/05/01 20:50:14 [debug] 16471#0: *1 http exten: ""
2019/05/01 20:50:14 [debug] 16471#0: *1 posix_memalign: 0000000001157370:4096 @16
2019/05/01 20:50:14 [debug] 16471#0: *1 http process request header line
2019/05/01 20:50:14 [debug] 16471#0: *1 http header: "User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
2019/05/01 20:50:14 [debug] 16471#0: *1 http header: "Host: 127.0.0.1"
2019/05/01 20:50:14 [debug] 16471#0: *1 http header: "Accept: */*"
2019/05/01 20:50:14 [debug] 16471#0: *1 http header done
2019/05/01 20:50:14 [debug] 16471#0: *1 event timer del: 3: 45085285
2019/05/01 20:50:14 [debug] 16471#0: *1 generic phase: 0
2019/05/01 20:50:14 [debug] 16471#0: *1 rewrite phase: 1
2019/05/01 20:50:14 [debug] 16471#0: *1 test location: "/auth"
2019/05/01 20:50:14 [debug] 16471#0: *1 test location: "/api"
2019/05/01 20:50:14 [debug] 16471#0: *1 using configuration "/api"
2019/05/01 20:50:14 [debug] 16471#0: *1 http cl:-1 max:1048576
2019/05/01 20:50:14 [debug] 16471#0: *1 rewrite phase: 3
2019/05/01 20:50:14 [debug] 16471#0: *1 http set discard body
2019/05/01 20:50:14 [debug] 16471#0: *1 HTTP/1.1 201 Created
Server: nginx/1.15.12
Date: Thu, 02 May 2019 00:50:14 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
カール -vhttp://127.0.0.1:80/認証 これは403-> 500で正しく失敗します。
2019/05/01 20:53:43 [debug] 16471#0: *3 http request line: "GET /auth HTTP/1.1"
2019/05/01 20:53:43 [debug] 16471#0: *3 http uri: "/auth"
2019/05/01 20:53:43 [debug] 16471#0: *3 http args: ""
2019/05/01 20:53:43 [debug] 16471#0: *3 http exten: ""
2019/05/01 20:53:43 [debug] 16471#0: *3 posix_memalign: 0000000001157370:4096 @16
2019/05/01 20:53:43 [debug] 16471#0: *3 http process request header line
2019/05/01 20:53:43 [debug] 16471#0: *3 http header: "User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
2019/05/01 20:53:43 [debug] 16471#0: *3 http header: "Host: 127.0.0.1"
2019/05/01 20:53:43 [debug] 16471#0: *3 http header: "Accept: */*"
2019/05/01 20:53:43 [debug] 16471#0: *3 http header done
2019/05/01 20:53:43 [debug] 16471#0: *3 event timer del: 3: 45294398
2019/05/01 20:53:43 [debug] 16471#0: *3 generic phase: 0
2019/05/01 20:53:43 [debug] 16471#0: *3 rewrite phase: 1
2019/05/01 20:53:43 [debug] 16471#0: *3 test location: "/auth"
2019/05/01 20:53:43 [debug] 16471#0: *3 using configuration "=/auth"
2019/05/01 20:53:43 [debug] 16471#0: *3 http cl:-1 max:1048576
2019/05/01 20:53:43 [debug] 16471#0: *3 rewrite phase: 3
2019/05/01 20:53:43 [debug] 16471#0: *3 http finalize request: 403, "/auth?" a:1, c:1
2019/05/01 20:53:43 [debug] 16471#0: *3 http special response: 403, "/auth?"
2019/05/01 20:53:43 [debug] 16471#0: *3 test location: "@error"
2019/05/01 20:53:43 [debug] 16471#0: *3 using location: @error "/auth?"
2019/05/01 20:53:43 [debug] 16471#0: *3 rewrite phase: 3
2019/05/01 20:53:43 [debug] 16471#0: *3 http finalize request: 500, "/auth?" a:1, c:2
2019/05/01 20:53:43 [debug] 16471#0: *3 http special response: 500, "/auth?"
2019/05/01 20:53:43 [debug] 16471#0: *3 http set discard body
2019/05/01 20:53:43 [debug] 16471#0: *3 HTTP/1.1 500 Internal Server Error
Server: nginx/1.15.12
Date: Thu, 02 May 2019 00:53:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: close
カール -vhttp://127.0.0.1:80/テスト 期待どおりに動作します。
2019/05/01 20:44:52 [debug] 15699#0: *7 http request line: "GET /test HTTP/1.1"
2019/05/01 20:44:52 [debug] 15699#0: *7 http uri: "/test"
2019/05/01 20:44:52 [debug] 15699#0: *7 http args: ""
2019/05/01 20:44:52 [debug] 15699#0: *7 http exten: ""
2019/05/01 20:44:52 [debug] 15699#0: *7 posix_memalign: 0000000002179370:4096 @16
2019/05/01 20:44:52 [debug] 15699#0: *7 http process request header line
2019/05/01 20:44:52 [debug] 15699#0: *7 http header: "User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
2019/05/01 20:44:52 [debug] 15699#0: *7 http header: "Host: 127.0.0.1"
2019/05/01 20:44:52 [debug] 15699#0: *7 http header: "Accept: */*"
2019/05/01 20:44:52 [debug] 15699#0: *7 http header done
2019/05/01 20:44:52 [debug] 15699#0: *7 event timer del: 3: 44763130
2019/05/01 20:44:52 [debug] 15699#0: *7 generic phase: 0
2019/05/01 20:44:52 [debug] 15699#0: *7 rewrite phase: 1
2019/05/01 20:44:52 [debug] 15699#0: *7 test location: "/auth"
2019/05/01 20:44:52 [debug] 15699#0: *7 test location: "/test"
2019/05/01 20:44:52 [debug] 15699#0: *7 using configuration "/test"
2019/05/01 20:44:52 [debug] 15699#0: *7 http cl:-1 max:1048576
2019/05/01 20:44:52 [debug] 15699#0: *7 rewrite phase: 3
2019/05/01 20:44:52 [debug] 15699#0: *7 http set discard body
2019/05/01 20:44:52 [debug] 15699#0: *7 HTTP/1.1 200 OK
Server: nginx/1.15.12
Date: Thu, 02 May 2019 00:44:52 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
重要かどうかはわかりませんが、カーネル2.6.32-754.10.1.el6.x86_64を持つrhl 6.1で実行されています。