Kubernetes NGINX Ingress: Disable Basic Auth for specific path

不羁的心 提交于 2021-01-29 07:53:40

问题


I want to disable basic auth only on a specific subpath of my App. How this can be done?

e.g.

All subpaths should be basic auth secured:

/ 

This path should be an exception and public reachable:

/#/public 

ingress.yaml

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: app
  labels:
    app: app
  annotations:
    kubernetes.io/ingress.class: nginx
    kubernetes.io/tls-acme: "true"
    ingress.kubernetes.io/auth-type: basic
    ingress.kubernetes.io/auth-secret: basic-auth
    ingress.kubernetes.io/auth-realm:  "Authentication Required"
spec:
  rules:
  - host: "<MYHOST>"
    http:
      paths:
      - path: /
        backend:
          serviceName: app-service
          servicePort: 80
  tls:
    - secretName: "app-secret"
      hosts:
      - "<MYHOST>"

回答1:


The path you're trying to use ( /#/public ) never reachs the server, the client send only /. That's the reason why you are unable to disable de auth.

The symbol (#) is a separator for URL fragment identifier. The rfc2396 explains it.

The semantics of a fragment identifier is a property of the data resulting from a retrieval action, regardless of the type of URI used in the referenc

If you tail the logs of your ingress pod you'll see the url that reachs the backend.

An additional note, if you need the url to reach the server then you need to urlencode it, /%23/public but, it's something with a different meaning.

Regards.



来源:https://stackoverflow.com/questions/54454622/kubernetes-nginx-ingress-disable-basic-auth-for-specific-path

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!