我无法在网上找到有关 nginx 从哪个版本开始将其http_auth_basic_module作为配置选项包含的信息。此外,我该如何启用它?或者我可以从哪里下载模块?
服务器配置:
nginx -V
nginx version: nginx/1.24.0 (Ubuntu)
built with OpenSSL 3.0.13 30 Jan 2024
TLS SNI support enabled
./configure \
--with-cc-opt='-g -O2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -ffile-prefix-map=/build/nginx-DlMnQR/nginx-1.24.0=. -flto=auto -ffat-lto-objects -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection -fdebug-prefix-map=/build/nginx-DlMnQR/nginx-1.24.0=/usr/src/nginx-1.24.0-2ubuntu7.1 -fPIC -Wdate-time -D_FORTIFY_SOURCE=3' \
--with-ld-opt='-Wl,-Bsymbolic-functions -flto=auto -ffat-lto-objects -Wl,-z,relro -Wl,-z,now -fPIC' \
--prefix=/usr/share/nginx \
--conf-path=/etc/nginx/nginx.conf \
--http-log-path=/var/log/nginx/access.log \
--error-log-path=stderr \
--lock-path=/var/lock/nginx.lock \
--pid-path=/run/nginx.pid \
--modules-path=/usr/lib/nginx/modules \
--http-client-body-temp-path=/var/lib/nginx/body \
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
--http-proxy-temp-path=/var/lib/nginx/proxy \
--http-scgi-temp-path=/var/lib/nginx/scgi \
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
--with-compat \
--with-debug \
--with-pcre-jit \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_realip_module \
--with-http_auth_request_module \
--with-http_v2_module \
--with-http_dav_module \
--with-http_slice_module \
--with-threads \
--with-http_addition_module \
--with-http_flv_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_mp4_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_sub_module \
--with-mail_ssl_module \
--with-stream_ssl_module \
--with-stream_ssl_preread_module \
--with-stream_realip_module \
--with-http_geoip_module=dynamic \
--with-http_image_filter_module=dynamic \
--with-http_perl_module=dynamic \
--with-http_xslt_module=dynamic \
--with-mail=dynamic \
--with-stream=dynamic \
--with-stream_geoip_module=dynamic
使用 grep 搜索:
nginx -V 2>&1 | grep http_auth_basic_module
结果:
Not found
GitHub - /src/http/modules/ngx_http_auth_basic_module.c
NGINX 配置测试
# info.nginx
location = "/info.nginx" {
auth_basic "Administrator's Area";
auth_basic_user_file /etc/nginx/.htpasswd;
access_log off;
default_type "application/json; charset=UTF-8";
return 200 '{"nginx_version":"$nginx_version","time":{"time_iso8601":"$time_iso8601","time_local":"$time_local","msec":"$msec"},"remote":{"remote_addr":"$remote_addr","remote_port":"$remote_port"},"host":{"host":"$host","hostname":"$hostname"},"server":{"server_addr":"$server_addr","server_name":"$server_name","server_port":"$server_port","server_protocol":"$server_protocol"},"request":{"request_time":"$request_time","request_method":"$request_method","request_uri":"$request_uri","request_filename":"$request_filename","uri":"$uri","query_string":"$query_string","realpath_root":"$realpath_root"},"document":{"document_root":"$document_root","document_uri":"$document_uri"}}';
}
如前所述,根据 nginx开发指南中对请求处理阶段的描述,指令在 期间执行,而指令在 之后生效。作为替代方案,您可以在更晚的时候使用指令跳转到另一个位置(有关详细信息,请参阅此答案):
returnNGX_HTTP_REWRITE_PHASEauth_...NGX_HTTP_ACCESS_PHASEtry_filesNGX_HTTP_PRECONTENT_PHASE除了答案之外,我可以说,如果 nginx 实际上是在没有基本身份验证模块的情况下编译的,则其配置在启动时将无法通过验证,并且 nginx 将返回如下错误
nginx: [emerg] unknown directive "auth_basic" in ...替代方案 - 使用地图验证基本身份验证凭证
逻辑:
$http_<header_name>。Authorization因此从客户端收到的任何标头都会变成$http_authorization。http{...}。Authorization到名为的变量$auth_status。Authorization不存在精确的标题,则映射的计算结果为"unauthorized"。$auth_status来保护上下文location中的一个块server {...}:error_page最后,我们在上下文中创建一个自定义的 HTTP 401server {...},并添加WWW-Authenticate标头以触发浏览器基本身份验证登录提示。