HAProxy Authentication
haproxy(1) offers basic HTTP authentication.
Contents
User Lists
Users are specified on a list. A password can be either plaintext or a SHA256 hash.
userlist my_auth user alice insecure-password password123 user bob password `mkpasswd -m sha-256 password123`
Note that haproxy(1) is not optimized for hashed password authentication. At scale, a different authentication scheme must be used.
Use
The http-request auth directive can be used in both frontends and backends.
backend my_backend
acl authed http_auth(my_auth)
http-request auth unless authed
//alternatively...
http-request auth unless { http_auth(my_auth)}