Nginx, Simple Http Authentication Using ngx_http_auth_pam_module Module

I already have a list of users in a mysql database that I use for postfix smtp authentication/sasl. I wonder, whether the list can be used for http authentication . Well, let’s find out.

First of all, of course we must compile nginx to support http_auth_pam_module module.
download ngx_http_auth_pam_module-1.2.tar.gz

When compiling from source build as usual adding the -add-module option:

./configure --add-module=$PATH_TO_MODULE

My pam_mysql for postfix smtp authentication /etc/pam.d/smtp

auth required pam_mysql.so user=user passwd=pass host=localhost db=db table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1 sqlLog=0
account sufficient pam_mysql.so user=user passwd=pass host=localhost db=db table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1 sqllog=0

Nginx configuration

	server {
		listen       80;
		server_name  www.example.com;
		access_log  /var/log/nginx/nginx-test-access.log  main;

		location /secured {
			alias /path/to/public_html/restricted/;
			auth_pam              "Restricted Zone";
			auth_pam_service_name "smtp";
		}

		location / {
			root   /path/to/public_html;
			index  index.html index.htm;

		}
	}

when accessing http://www.example.com/secured via web browser, browser pops up the login box, that’s a good sign.

nginx auth pam chrome

login using my smtp authentication username and password i was successfully landed on default index.html

You may also want to read these posts:

• Postfix Smtp Auth using pam_mysql On Fedora 12
• Nginx, Strip All Newlines Using nginx-nonewlines Module
• Postfix Create Blackhole For Authenticated User’s Outgoing Submission
• Nginx Memcached module And PHP
• nginx mod_strip module and textarea
• Nginx And Simple Permalink
• Nginx As imap4/pop3 Proxy Using Apache As Auth Server Backend
• Build Nginx RPM With ngx_cache_purge module
• Nginx Reverse Proxying Multiple Domains Using map Module
• Nginx Blocking Spoofed Google Bot