I've enabled password protection on one sub-domain using NGINX and wrote a little script that will allow adding users easily. When I enter the password though, the dialog goes away and immediately pops up again.
Here's my password generator script:
#!/bin/bash
if [ -z "$1" ]
then
echo "Username Expected as first param"
elif [ -z "$2" ]
then
echo "Password Expected as second param"
else
htpasswd -b /home/me/.passwords $1 $2
/etc/init.d/nginx reload
fi
Running:
./create-password test password
I can see the following output:
Adding password for user test
[ ok ] Reloading nginx configuration (via systemctl): nginx.service.
Inside /home/me/.passwords I can see the following entry:
test:$apr1$t.LpBHkW$bEBEMK1HRBqAvvkB9cQ.I.
Inside my nginx config (/etc/nginx/sites-enabled/blah), I have the following:
server {
listen 80;
server_name blah.example.com;
auth_basic "Restricted Content";
auth_basic_user_file /home/me/.passwords;
location / {
proxy_pass http://127.0.0.1:6999;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
If I type in test and testing,
the dialog would go away and pop up again.
I'm not seeing any errors in the NGINX error.log, access.log only shows which is basically an error 401, Unauthorized:
___.___.___.___ - test [16/Apr/2016:09:36:38 +0000] "GET / HTTP/1.1" 401 1421 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623
.110 Safari/537.36"
Cancelling the password popup, I see the following:
I'm running Jenkins on that subdomain, the moment I changed my http username and password to match that of the Jenkins username and password, it worked.
Jenkins is probably using http auth headers as well.