Baic auth pop-up not showing ingress-nginx

5/28/2021

Context:-
I am following https://kubernetes.github.io/ingress-nginx/examples/auth/external-auth/ to enable authentication for my application by using ingress.

Issue:-
Instead of using https://httpbin.org/basic-auth/user/passwd as auth url, I am using the FQDN of my service running in same namespace.
So my annotations looks like:

annotations:
    nginx.ingress.kubernetes.io/auth-url: http://myservice.mynamespace.svc.cluster.local:9995/auth/

where 9995 is the port where myservice exposes /auth/ endpoint
This works when I use curl to hit my APIs passing in the credentials using -u flag.
curl -XGET "http://minikubeip/myapp/status/" -H "Content-Type: application/json" -u "$USERNAME:$PASSWORD"
response:-
{"status":"working"}

But when I open http://minikubeip/myapp/status/ in my browser it immediately returns me 401 page without showing the authentication popup.
When I use https://httpbin.org/basic-auth/user/passwd for nginx.ingress.kubernetes.io/auth-url both curl and browser work, with browser showing me a pop-up to enter password.

I checked httpbin.org and see that it is a GET endpoint which returns 200 for success and 401 for failure. My /auth API is exactly the same specification

My question is: Do I need to do something special for browser to show the basic-auth popup dialog?

-- abnvanand
basic-authentication
kubernetes
minikube
nginx
nginx-ingress

1 Answer

5/28/2021

I had to add

w.Header().Set("WWW-Authenticate", Basic realm="mydomain")

Found it here: https://stackoverflow.com/a/36188200

-- abnvanand
Source: StackOverflow