Authorization header in Nginx for proxying to basic auth backend does't work

Question

https://joshuarogers.net/articles/2015-06/passing-static-credentials-upstream-through-nginx/ http://shairosenfeld.blogspot.jp/2011/03/authorization-header-in-nginx-for.html

I googled around and found these two tutorials about using Nginx for proxying to basic auth. I configured Nginx server in my local host, and restarted. But it doesn't seem to work. I could access the host(http://10.211.55.12:5601 and http://10.211.55.12:80 redirected to the same page in previous) without auth.

The service in "http://10.211.55.12:5601" is Kibana, I want to secure it with auth.

  # Default server configuration
  #
  server {
      listen 80 default_server;
      listen [::]:80 default_server;
      server_name _;
      location / {
          proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_pass http://10.211.55.12:5601;
          proxy_set_header Authorization "Basic a2luZzppc25ha2Vk";
       }
  }

Answer 1

Inside nginx.conf:

server {
  set $pass = YWRtaW46MTIz #admin:123 in base64
}

location /api{
            proxy_pass https://your_api;
            proxy_set_header Authorization "Basic ${pass}";
            proxy_pass_header Authorization;
        }

Answer 2

This:

echo -n "user:pass" | base64

instead of this:

echo "user:pass" | base64

worked for me. More here.

Answer 3

What worked for is:

proxy_set_header  Authorization $http_authorization;
proxy_pass_header Authorization;

$http_authorization is a token that comes from UI (seems like Nginx can extract it to a variable). I see you already have proxy_set_header, adding proxy_pass_header might help.