nginx - how to get 401 instead of 302
Beda Kosata
beda.kosata at gmail.com
Thu Oct 27 16:05:08 UTC 2022
Hello,
I am trying to set up shibboleth with Nginx in a specific way. I have two
locations in my settings and I would like the authorization to behave
slightly differently for each of them. For the first one, I need the
default behaviour where the user is automatically redirected to the
discovery URL, if he does not have the proper session established. For the
other one, which is /api/, and which is dedicated to an API which is
accessed from the client side javascript, I do not want to receive
redirects in such cases (they lead to hard-to-detect CORS errors in JS),
but rather a 401, which I could then properly react to in the frontend code.
I have a similar setup already with Apache and there I was able to get
exactly this behaviour by setting `ShibRequestSetting requireSession false`
with `require valid-user`.
However, I am clueless about how to accomplish this in Nginx. I have tried
several approaches already, but no luck.
I would be grateful for any pointers to a solution.
Best regards
Beda
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20221027/0de1c4a6/attachment.htm>
More information about the users
mailing list