Deny status 401 #52
-
How to return 401s to the client on auth failure.
will return 403. we can use
But it'll return 401 with basic auth instead of bearer token. Do you have any workaround for this? |
Beta Was this translation helpful? Give feedback.
Replies: 4 comments
-
http-request deny deny_status 401 should send a HTTP 401 response code.
Ganesh Iyer <notifications@github.com> schrieb am Fr., 22. Nov. 2019, 20:49:
… How to return 401s to the client on auth failure.
frontend http
# *snip*
http-request deny if ! { var(txn.auth_response_successful) -m bool }
will return 403.
we can use
frontend http
# *snip*
http-request auth if ! { var(txn.auth_response_successful) -m bool }
But it'll return 401 with basic auth instead of bearer token. Do you have
any workaround for this?
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#11?email_source=notifications&email_token=AABTC5WR2E2LG32JXFD3EGDQVAZTZA5CNFSM4JQVHIO2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4H3PHR5A>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AABTC5QGGIRG4THBT6CAEJLQVAZTZANCNFSM4JQVHIOQ>
.
|
Beta Was this translation helpful? Give feedback.
-
Hi @TimWolla, thanks for responding. For |
Beta Was this translation helpful? Give feedback.
-
@lastlegion Yes, I'm aware of that limitation, but I incorrectly assumed that 401 would be on that list. As you need to have Lua anyway in order to run this script I guess the best solution for your use case is to add a Lua "service" to generate the correct response. An example can be found on this blog post: https://www.haproxy.com/de/blog/5-ways-to-extend-haproxy-with-lua/ |
Beta Was this translation helpful? Give feedback.
-
Hi @TimWolla, thanks for the suggestion! That looks like it'll work. Great job with the library. |
Beta Was this translation helpful? Give feedback.
@lastlegion Yes, I'm aware of that limitation, but I incorrectly assumed that 401 would be on that list.
As you need to have Lua anyway in order to run this script I guess the best solution for your use case is to add a Lua "service" to generate the correct response. An example can be found on this blog post: https://www.haproxy.com/de/blog/5-ways-to-extend-haproxy-with-lua/