我在Apache服务器前运行HAProxy,我想实现一些域的基本authentication。
该手册指出,这应该做的伎俩:
userlist admins user myusername insecure-password mypassword frontend restricted_cluster acl auth_tintoretto http_auth(admins) http-request auth realm ShareaholicRestricted
但是,我有一些其他ACL,并在一个前端有几个域:
frontend http-in # Define hosts acl stag_static hdr(host) -i staging.static.domain.com acl prod_static hdr(host) -i prod2.static.domain.com ## figure out which one to use use_backend apache-node1 if stag_static use_backend nginx-cluster if prod_static
我该如何结合这些命令才能限制访问stag_static?
我没有testing,但尝试把http-request auth realm blah
线在你的后端configuration。 它应该工作。
在与要validation的站点匹配的ACL上预测http-request auth
validation:
frontend http-in acl stag_static hdr(host) -i staging.static.example.com acl prod_static hdr(host) -i prod2.static.examplecom http-request auth realm "The No Homers Club" if stag_static use_backend apache-node1 if stag_static use_backend nginx-cluster if prod_static