I am new to NGINX and need some clarification. I am deploying NGINX as a reverse proxy for my web application, which will also work as an API gateway. This API gateway will first send all HTTP requests to the authentication service (radial authentication) and then forward the authenticated requests to the upstream server. Below are my questions for such a scenario.
How does the upstream server know that the received request is an authenticated request? Should the authentication service set some headers in the HTTP request after successful authentication? if so, what are the headers? And the upstream server should read the same headers to evaluate if the request is validated
For an authenticated user, does a typical web server support session information with it? How does NGINX store session information? Does NGINX store session information for all clients requesting NGINX reverse proxies? And is this session information replicated or shared with the upstream server, since the upstream server also needs to support session information?
When the request is received by the NGINX reverse proxy, how does NGINX forward the request to the upstream server? Does NGINX make two sessions per request, i.e. 1 session from client to NGINX and 2 sessions from NGINX to upstream server? OR is it that NGINX doesnt support any session with it, rather NGINX simply redirects / replicates the request to the appropriate upstream server.
And after authorization authentication (in the case of the LDAP auth group), are the details sent to the server upstream? the upstream server should again request this data for the auth server.
source
share