Encrypting / decrypting cookies with HAProxy
We are trying to set up a load balancer using HAProxy that will serve multiple web applications. The use case looks something like this:
- User browses foo.com/app1
- HAProxy sees that the cookie does not contain session information and is redirected to the authentication gateway (single sign up page)
- Auth gateway provides a form where if user logs in successfully, gateway redirects back to HAProxy with COOKIE saving session data
- HAProxy now sees that valid session information is present and is redirected to app1-internal.foo.com (the actual web app) with the same COOKIE that is then used by the web app.
Our doubt is at the third stage. We would like to encrypt a cookie that adds an authentication gateway (via AES or similar). The problem is, at the end of HAProxy, we can't figure out how to decrypt it as HAProxy doesn't seem to support decrypting headers (or even runs an external C / C ++ program that can decrypt it). So our questions are:
- Can we decrypt the encrypted AES headers in HAProxy itself (note that this is not an SSL connection)?
- Is HAProxy really not designed for this use case - is there a better tool for this purpose that you can suggest to us?
Thank you very much in advance!
+3
source to share
No one has answered this question yet
Check out similar questions: