radius_servers
The `radius_servers` directive specifies a RADIUS server or servers for HTTP authentication within a specific location context.
Description
The radius_servers directive is used to define one or more RADIUS servers that will handle authentication requests for a given HTTP location block. This directive allows NGINX to communicate with RADIUS servers to handle user authentication by sending authentication requests to the specified servers and processing responses accordingly. The servers specified through this directive must have been previously defined using the radius_server directive, which includes the server's URL and shared secret among other configurations.
The argument for radius_servers can only take one server name as an input. The directive is utilized within an http server context, specifically under a location block. This design allows for flexibility in configuring authentication mechanisms for different routes in a web application, enabling different services to utilize authentication from various RADIUS servers based on the specific context of the location block.
It is important to note that specifying multiple radius_servers directives within the same location block is permitted, allowing for redundancy and failover configurations. This can enhance reliability in authentication workflows by distributing requests to multiple RADIUS servers, thereby increasing the chances of a successful authentication even if one server is down or unreachable.
Config Example
location /protected {
radius_servers "radius_server_1";
auth_radius "my_realm";
}Make sure to define the corresponding radius_server directives before using radius_servers in the configuration.
Only one server name can be specified per radius_servers directive; multiple server names require separate directives.
Ensure the RADIUS server is reachable and correctly configured to avoid authentication failures.