nginx - how to get 401 instead of 302
beda.kosata at gmail.com
Thu Oct 27 16:05:08 UTC 2022
I am trying to set up shibboleth with Nginx in a specific way. I have two
locations in my settings and I would like the authorization to behave
slightly differently for each of them. For the first one, I need the
default behaviour where the user is automatically redirected to the
discovery URL, if he does not have the proper session established. For the
other one, which is /api/, and which is dedicated to an API which is
redirects in such cases (they lead to hard-to-detect CORS errors in JS),
but rather a 401, which I could then properly react to in the frontend code.
I have a similar setup already with Apache and there I was able to get
exactly this behaviour by setting `ShibRequestSetting requireSession false`
with `require valid-user`.
However, I am clueless about how to accomplish this in Nginx. I have tried
several approaches already, but no luck.
I would be grateful for any pointers to a solution.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users