Removing basic authorization header in Nginx or Apache
Question
The Nginx/Apache serves as a reverse proxy to the backend server. I'd like to write a rule to remove the Authorization header if the value starts with "Basic". That is the Nginx/Apache server won't pass the Basic auth header, but it will pass all other Authorization headers.
1 answers
solution1
0 2018-02-01 23:33:59
You will need to forge the 401 response. One way is to do than is by:
{
error_page 401 = @error401
location @error401 {
...
proxy_set_header WWW-Authenticate ...
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Apache “destroying” Authorization header
PHP Apache Authorization Header
NGINX to pass digest authorization to Apache
enable Apache http Authorization header
Apache strips down "Authorization" header
Authorization Header missing in Xampp/Apache?
Apache ProxyPass removes Authorization header
Get header [Authorization] php/apache
Symfony & NTLM - Apache header authorization missing
Apache server not allowing Authorization Header in http request
Related Tags