Nginx, Simple Http Authentication Using ngx_http_auth_pam_module Module

I already have a list of users in a mysql database that I use for postfix smtp authentication/sasl.

I wonder, whether the list can be used for http authentication 😀 . Well, let’s find out.

First of all, of course we must compile nginx to support http_auth_pam_module module.
download ngx_http_auth_pam_module-1.2.tar.gz

When compiling from source build as usual adding the -add-module option:

./configure --add-module=$PATH_TO_MODULE

My pam_mysql for postfix smtp authentication /etc/pam.d/smtp

auth required pam_mysql.so user=user passwd=pass host=localhost db=db table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1 sqlLog=0
account sufficient pam_mysql.so user=user passwd=pass host=localhost db=db table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1 sqllog=0


Nginx configuration

	server {
		listen       80;
		server_name  www.example.com;
		access_log  /var/log/nginx/nginx-test-access.log  main;

		location /secured {
			alias /path/to/public_html/restricted/;
			auth_pam              "Restricted Zone";
			auth_pam_service_name "smtp";
		}

		location / {
			root   /path/to/public_html;
			index  index.html index.htm;

		}
	}

when accessing http://www.example.com/secured via web browser, browser pops up the login box, that’s a good sign.

nginx auth pam chrome
nginx auth pam chrome

login using my smtp authentication username and password i was successfully landed on default index.html

1 Comment

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *