Thank you Maxim. Adding an extra variable to the spnego auth module sounds intriguing, but also challenging because; as you mention "rate limiting happens before access checks" and this module mainly deals with access checks until now. Sounds like an extra level of proxying is the way ahead for now. It would be nice if Kerberos were supported directly by nginx. :)
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,288976,288990#msg-288990 _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx