support different authentication for same server is not enabled and random behavior is seen #256
Description
I have the situation where for a server, I would like to support all users from my ldap server and also some test users from auth_basic_user_file, due to some restrictions directly adding test users to ldap server is not possible, that is why I opted for such approach.
my config looks something like the following
server {
root /var/www/html;
listen 80;
server_name myserver.net;
auth_ldap "Login with Ldap";
auth_ldap_servers valid_user;
auth_basic "My Server";
auth_basic_user_file users.htpasswd;
satisfy any;
include conf.d/*.conf;
}
removing the auth_ldap part works fine with just the users file and removing the auth_basic part works fine with just the ldap server.
looking into the c code, it seems that once the auth_ldap finds that the user is not valid in the PHASE_NEXT it goes directly to filling the response headers without giving nginx the chance to try another auth.
This actually happens randomly most of the time ldap works first then file but sometimes the opposite works.
Are you aware of such restriction, as I have not seen it documented anywhere and I am not 100% sure if the problem is the lack of support or just misconfiguration from my part.