Caddy: Basic Auth for proxy ressources

I also would like to be able to protect back end resources accessed through proxy. basicauth would be a good step but I would also like to see some middleware using JWT to control authorisation. See my comments in issue #246
With JWT the authentication can be done elsewhere.

What makes you think the basicauth directive is ignored? I copied your config into a Caddyfile and tried going to /es and was prompted for a password, even with the proxy in place. In other words, I either don't understand your question or am unable to reproduce the behavior.

Okay, I was not aware this should work,
it doesn't work for me.

I am using 
root@elk1:~# caddy -version
Caddy 0.8.2

with the following config:

hostname {
  log /var/log/caddy/access.log {
  basicauth /es tom blablabla
  rotate {
      size 100 # Rotate after 100 MB
      age  14  # Keep log files for 14 days
      keep 10  # Keep at most 10 log files
    }
  }

  proxy  /es  localhost:9200 {
      proxy_header Host {host}
  }

  proxy  /kibana  localhost:5601 {
    proxy_header Host {host}
    without /kibana
  }
}

with the following results:

[~] curl https:/hostname/es                                                                                                                                                                                                                                                                                                                  12:54:28
{"error":{"root_cause":[{"type":"index_not_found_exception","reason":"no such index","resource.type":"index_or_alias","resource.id":"es","index":"es"}],"type":"index_not_found_exception","reason":"no such index","resource.type":"index_or_alias","resource.id":"es","index":"es"},"status":404}%

I would expect a 403 error in this case.

How can I debug this further?

Thanks,
Tom

Your basicauth is inside the log directive; that's not allowed. :wink: Put it outside with the others.