Merge 173724474c into 16808588ca

nginx-ldap-auth-daemon-ctl.sh

@@ -1,7 +1,7 @@
 #!/bin/sh
 
-CMD=./nginx-ldap-auth-daemon.py
-PIDFILE=./nginx-ldap-auth-daemon.pid
+CMD=`pwd`/nginx-ldap-auth-daemon.py
+PIDFILE=`pwd`/nginx-ldap-auth-daemon.pid
 
 case $1 in
     "start")

nginx-ldap-auth.conf

@@ -5,8 +5,8 @@ events { }
 http {
     proxy_cache_path cache/  keys_zone=auth_cache:10m;
 
-    # The back-end daemon listens on port 9000 as implemented 
-    # in backend-sample-app.py.  
+    # The back-end daemon listens on port 9000 as implemented
+    # in backend-sample-app.py.
     # Change the IP address if the daemon is not running on the
     # same host as NGINX/NGINX Plus.
     upstream backend {
@@ -16,7 +16,7 @@ http {
     # NGINX/NGINX Plus listen on port 8081 for requests that require
     # authentication. Change the port number as appropriate.
     server {
-        listen 127.0.0.1:8081;
+        listen 8081;
 
         # Protected application
         location / {
@@ -39,7 +39,7 @@ http {
             internal;
 
             # The ldap-auth daemon listens on port 8888, as set
-            # in nginx-ldap-auth-daemon.py. 
+            # in nginx-ldap-auth-daemon.py.
             # Change the IP address if the daemon is not running on
             # the same host as NGINX/NGINX Plus.
             proxy_pass http://127.0.0.1:8888;
@@ -52,11 +52,11 @@ http {
             # The following directive adds the cookie to the cache key
             proxy_cache_key "$http_authorization$cookie_nginxauth";
 
-            # As implemented in nginx-ldap-auth-daemon.py, the ldap-auth daemon  
-            # communicates with an OpenLDAP server, passing in the following  
-            # parameters to specify which user account to authenticate. To  
-            # eliminate the need to modify the Python code, this file contains 
-            # 'proxy_set_header' directives that set the values of the 
+            # As implemented in nginx-ldap-auth-daemon.py, the ldap-auth daemon
+            # communicates with an OpenLDAP server, passing in the following
+            # parameters to specify which user account to authenticate. To
+            # eliminate the need to modify the Python code, this file contains
+            # 'proxy_set_header' directives that set the values of the
             # parameters. Set or change them as instructed in the comments.
             #
             #    Parameter      Proxy header
@@ -85,7 +85,7 @@ http {
             proxy_set_header X-Ldap-BindPass "secret";
 
             # (Required) The following directives set the cookie name and pass
-            # it, respectively. They are required for cookie-based 
+            # it, respectively. They are required for cookie-based
             # authentication. Comment them out if using HTTP basic
             # authentication.
             proxy_set_header X-CookieName "nginxauth";
@@ -97,12 +97,12 @@ http {
 
             # (Optional if using OpenLDAP as the LDAP server) Set the LDAP
             # template by uncommenting the following directive and replacing
-            # '(cn=%(username)s)' which is the default set in 
+            # '(cn=%(username)s)' which is the default set in
             # nginx-ldap-auth-daemon.py.
             #proxy_set_header X-Ldap-Template "(cn=%(username)s)";
 
             # (Optional) Set the realm name, by uncommenting the following
-            # directive and replacing 'Restricted' which is the default set 
+            # directive and replacing 'Restricted' which is the default set
             # in nginx-ldap-auth-daemon.py.
             #proxy_set_header X-Ldap-Realm    "Restricted";
         }