The AuthBasic Handler is a special Handler that will use AuthBasic to authenticate to a virtual host, and then run authorization rules to allow access to the virtual host.
The Handler will send a WWW-Authenticate header to the client, to request user and password, and then check the credentials using REST web service (you must enable REST session service in the manager). Then, when session is granted, the Handler will check authorizations like the standard Handler.
This can be useful to allow a third party application to access a virtual host with users credentials by sending a Basic challenge to it.
You just have to set “Type: AuthBasic” in the virtualHost options in the manager.
If you want to protect only a virtualHost part, keep type on “Main” and set type in your configuration file:
PerlSetVar VHOSTTYPE AuthBasic
fastcgi_param VHOSTTYPE = AuthBasic;
(and remove error_page 401)
Since 1.9.6, LLNG FastCGI server can handle AuthBasic handler. To call it, you just have to add fastcgi_param VHOSTTYPE AuthBasic;
in the FastCGI server call and remove error_page 401
directive:
location = /lmauth { internal; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock; fastcgi_param VHOSTTYPE AuthBasic; # Drop post datas fastcgi_pass_request_body off; fastcgi_param CONTENT_LENGTH ""; # Keep original hostname fastcgi_param HOST $http_host; # Keep original request (LLNG server will received /llauth) fastcgi_param X_ORIGINAL_URI $request_uri; } location / { ... ################################## # CALLING AUTHENTICATION # ################################## auth_request /lmauth; auth_request_set $lmremote_user $upstream_http_lm_remote_user; auth_request_set $lmlocation $upstream_http_location; # Remove this for AuthBasic handler #error_page 401 $lmlocation; ... }
No parameters needed. But you have to allow sessions web services, see REST sessions backend.