The NTLM module allows proxying requests with NTLM Authentication. The upstream connection is bound to the client connection once the client sends a request with the "Authorization" header field value starting with "Negotiate" or "NTLM". Further client requests will be proxied through the same upstream connection, keeping the authentication context.
Syntax: ntlm [connections];
Default: ntlm 100;
Context: upstream
upstream http_backend {
server 127.0.0.1:8080;
ntlm;
}
server {
...
location /http/ {
proxy_pass http://http_backend;
# next 2 settings are required for the keepalive to work properly
proxy_http_version 1.1;
proxy_set_header Connection "";
}
}
The connections parameter sets the maximum number of connections to the upstream servers that are preserved in the cache.
Syntax: ntlm_timeout timeout;
Default: ntlm_timeout 60s;
Context: upstream
Sets the timeout during which an idle connection to an upstream server will stay open.
Follow the instructions from Building nginx from Sources and add the following line to the configure command
./configure \
--add-module=../nginx-ntlm-module
To build this as dynamic module run this command
./configure \
--add-dynamic-module=../nginx-ntlm-module
In order to run the tests you need nodejs and perl installed on your system
# install the backend packages
npm install -C t/backend
# instal the test framework
cpan Test::Nginx
# set the path to your nginx location
export PATH=/opt/local/nginx/sbin:$PATH
prove -r t
- This module is using most of the code from the original nginx keepalive module.
- DO NOT USE THIS IN PRODUCTION. Nginx Plus has support for NTLM.
- Gabriel Hodoroaga (hodo.dev)
- Add tests
- Add support for multiple workers
- Drop the upstream connection when the client connection drops.
- Add travis ci