Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Haproxy basic auth realms

    Cache/Proxy
    1
    1
    356
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pfdog
      last edited by

      Here pfSense(v2.1)/Haproxy(v1.8.30) facilitate SSL off-loading to various web servers, some with their own means of authenticating user credentials. The general setup works fine.

      However, if just one front end implements basic authentication, then all sites get prompted for the same user credentials, even those front-ends not implementing that protected_realm.

      The Haproxy / Settings / Global Advanced pass thru / Custom options:

      userlist protected_realm 
user someuser insecure-password somepassword

      To prevent that global authentication, is it possible to somehow define un-protected realms as well? For example:

      userlist unprotected_realm 
user ALL password NONE

      Or is there some other solution?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.