Closed ghost closed 5 years ago
What I'm trying to achieve is a "background" authentication, because users would already have authenticated against another app via a PHP form. Another option would be to also submit the form to nginx-sso, but that seems impossible or beyond my skills.
Hey, I'm sorry for the delayed answer.
When you are sending a Token
to be used with the token
provider there is no authentication cookie. The token is just used to give one-time access as it is expected to be present in all requests.
If you are normally using the LDAP provider to log in you would need to send the LDAP login credentials to the /login
endpoint:
# curl -i -X POST -F 'ldap-username=myuser' -F 'ldap-password=mypass' -F 'go=https://example.com/loggedin.json' https://login.example.com/login
HTTP/2 302
server: nginx
date: Sat, 29 Jun 2019 10:51:33 GMT
content-length: 0
location: https://example.com/loggedin.json
set-cookie: nginx-sso-ldap=[...]
That way the user has a cookie set and is logged in. Also you might want set the redirect to something yielding a JSON object your XHR request can read.
Hi,
probably not an issue but a misconfiguration:
I'm trying to perform a token-based authentication with a XMLHttpRequest, but I cant get it to work. This is the request:
Apparently, a cookie is set, but the prefix is nginx-sso-main - when I use the login page, it's nginx-sso-ldap. The log then states "no valid user found".
The config.yaml looks like this:
Also, I'm wondering which endpoint to use in the URL. When it's https://login.example.org/login two requests are made to either /login and /debug
Cheers Tobias