Question

Why am I getting Proxy returns “HTTP/1.1 407 authenticationrequired”?

Posted July 7, 2017 6.3k views
Nginx Configuration Management Ubuntu 16.04

I am using nginx, gunicorn, django for backend. I have created apis in django, and these apis works fine for me from postman and even from my python code. But when I try to access the api from proxy server it gives me ‘Unable to tunnel through proxy. Proxy returns “HTTP/1.1 407 authenticationrequired.”’

Here are my nginx settings :

server {
    listen 80;
    server_name mywebsite.in;
    return 301 https://$host$request_uri;
}

server {
    listen 80;
    server_name www.mywebsite.in;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl ;
    server_name mywebsite.in ;
    ssl_certificate /root/mywebsite.in.crt;
    ssl_certificate_key /root/mywebsite.in.key;

    #FOR SERVING HTML PAGES
    root /root/front/mywebsite ;
    index index.html index.php;

    location /py/ {

        include proxy_params;
        proxy_set_header X-Forwarded-Protocol https ;
        proxy_ssl_session_reuse off;
        # proxy_ssl_certificate /root/mywebsite.in.crt;
        # proxy_ssl_certificate_key /root/mywebsite.in.key;
        # proxy_ssl_client_certificate /root/intermediate.crt;
        # proxy_ssl_verify off;

        proxy_pass http://localhost:8000/ ;
    }

    location /blog/ {
    proxy_pass https://mywebsitein.blogspot.in/;
    }

    location /upload {
    #  auth_basic                 "Restricted Upload";
    #  auth_basic_user_file       basic.htpasswd;
    limit_except POST          { deny all; }

    client_body_temp_path      /tmp/$request_body_file;
    client_body_in_file_only   on;
    client_body_buffer_size    128K;
    client_max_body_size       1000M;

    proxy_pass_request_headers on;
    proxy_set_header           X-FILE $request_body_file;
    proxy_set_body             off;
    proxy_redirect             off;
    proxy_pass                 http://localhost:8000/file;
    }
}

Here is my nginx.conf

user www-data;
worker_processes 4;
pid /run/nginx.pid;

events {
    worker_connections 768;
    # multi_accept on;
}

http {

    ##
    # Basic Settings
    ##

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    proxy_read_timeout 1200;
    # server_tokens off;

    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;
    expires 1h;
    add_header Cache-Control no-cache;
    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # Logging Settings
    ##

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    ##
    # Gzip Settings
    ##

    gzip on;
    gzip_disable "msie6";
    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_buffers 16 8k;
    gzip_http_version 1.1;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon application/javascript;
}

My API Is of the form https://www.mywebsite.in/py/api/main

Link for the question asked on stackoverflow.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

4 answers

Hi @nipun59

Make sure there’s no spaces between the last character and the semi-colon.
And can you share the /etc/nginx/proxy_params ?

@hansen here is /etc/nginx/proxy_params

proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;


  • @nipun59
    Can you run this command to test how it works in cURL:

    curl 'http://httpbin.org/redirect-to?url=https://www.mywebsite.in/' -s -L -x localhost:8000 -v -o /dev/null
    
    • I should run this on my droplet’s ubuntu instance?

      • Yes, since we’re trying to connect via localhost:8000

        • First I tried to my API URL
          curl ’http://httpbin.org/redirect-to?url=https://www.mywebsite.in/py/api’ -s -L -x localhost:8000 -v -o /dev/null

          Response was

          * Hostname was NOT found in DNS cache
          *   Trying 127.0.0.1...
          * Connected to localhost (127.0.0.1) port 8000 (#0)
          > GET http://httpbin.org/redirect-to?url=https://www.mywebsite.in/py/api HTTP/1.1
          > User-Agent: curl/7.35.0
          > Host: httpbin.org
          > Accept: */*
          > Proxy-Connection: Keep-Alive
          >
          * HTTP 1.0, assume close after body
          < HTTP/1.0 400 BAD REQUEST
          < Date: Fri, 07 Jul 2017 11:05:11 GMT
          < Server: WSGIServer/0.1 Python/2.7.6
          < X-Frame-Options: SAMEORIGIN
          < Content-Type: text/html
          <
          { [data not shown]
          * Closing connection 0
          

          Then I tried for the main URL :
          curl ’http://httpbin.org/redirect-to?url=https://www.mywebsite.in/’ -s -L -x localhost:8000 -v -o /dev/null

          Response was :

          * Hostname was NOT found in DNS cache
          *   Trying 127.0.0.1...
          * Connected to localhost (127.0.0.1) port 8000 (#0)
          > GET http://httpbin.org/redirect-to?url=https://www.mywebsite.in/ HTTP/1.1
          > User-Agent: curl/7.35.0
          > Host: httpbin.org
          > Accept: */*
          > Proxy-Connection: Keep-Alive
          >
          * HTTP 1.0, assume close after body
          < HTTP/1.0 400 BAD REQUEST
          < Date: Fri, 07 Jul 2017 11:06:00 GMT
          < Server: WSGIServer/0.1 Python/2.7.6
          < X-Frame-Options: SAMEORIGIN
          < Content-Type: text/html
          <
          { [data not shown]
          * Closing connection 0
          

@nipun59
What are you getting, when you run this?

curl 'http://localhost:8000/py/api/main' -s -L -v -o /dev/null

On Trying : curl ’http://localhost:8000/py/api/main’ -s -L -v -o /dev/null
Response is :

* Hostname was NOT found in DNS cache
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8000 (#0)
> GET /py/merchant/upi/callBackP2MRes?meRes="nipun" HTTP/1.1
> User-Agent: curl/7.35.0
> Host: localhost:8000
> Accept: */*
>
* HTTP 1.0, assume close after body
< HTTP/1.0 404 NOT FOUND
< Date: Mon, 10 Jul 2017 12:56:22 GMT
< Server: WSGIServer/0.1 Python/2.7.6
< X-Frame-Options: SAMEORIGIN
< Content-Type: text/html
<
{ [data not shown]
* Closing connection 0

The above one must give 404 because nginx server handles all the ’/py/’ type of requests and pass the rest on to the gunicorn server, so therefore I tried the below one.

On Trying : curl ’http://localhost:8000/api/main/’ -s -L -v -o /dev/null

* Hostname was NOT found in DNS cache
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8000 (#0)
> GET /api/main/ HTTP/1.1
> User-Agent: curl/7.35.0
> Host: localhost:8000
> Accept: */*
>
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Date: Mon, 10 Jul 2017 12:56:50 GMT
< Server: WSGIServer/0.1 Python/2.7.6
< Vary: Accept, Cookie
< X-Frame-Options: SAMEORIGIN
< Content-Type: application/json
< Allow: GET, POST, HEAD, OPTIONS
<
{ [data not shown]
* Closing connection 0
Submit an Answer