[cherry-pick] remove reference to auth_request off (#5937)

nginxinc · Jul 3, 2024 · 522bc0b · 522bc0b
1 parent 146daf0
commit 522bc0b
Show file tree

Hide file tree

Showing 4 changed files with 1 addition and 59 deletions.
diff --git a/docs/content/configuration/policy-resource.md b/docs/content/configuration/policy-resource.md
@@ -155,8 +155,6 @@ If the hashed keys match, the NGINX JavaScript (NJS) subrequest issues a 204 No
 
 It is possible to use the [errorPages](/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/#errorpage) property on a route, to change the default behaviour of 401 or 403 errors.
 
-An API Key policy can be disabled on a route by adding the [location snippet](/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/#using-snippets) `auth_request off;`
-
 At least one header or query param is required.
 
 The policy below configures NGINX Ingress Controller to require the API Key `password` in the header "my-header".

diff --git a/examples/custom-resources/api-key/README.md b/examples/custom-resources/api-key/README.md
@@ -6,8 +6,7 @@ a web application, configure load balancing for it via a VirtualServer, and appl
 
 ## Prerequisites
 
-1. Follow the [installation](https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-manifests/)
-   instructions to deploy the Ingress Controller. In this example we will be using a snippet to turn the policy off on a specific path so ensure that the `enable-snippets` flag is set.
+1. Follow the [installation](https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-manifests/) instructions to deploy the Ingress Controller.
 1. Save the public IP address of the Ingress Controller into a shell variable:
 
     ```console
@@ -105,18 +104,4 @@ URI: /coffee
 Request ID: 4feedb3265a0430a1f58831d016e846d
 ```
 
-If you attempt to access the /tea path, the request will be allowed without an API Key, because the auth_request directive is turned off for that path with a location snippet:
-
-```console
-curl -k --resolve cafe.example.com:$IC_HTTPS_PORT:$IC_IP https://cafe.example.com:$IC_HTTPS_PORT/tea
-```
-
-```text
-Server address: 10.244.0.5:8080
-Server name: tea-596697966f-dmq7t
-Date: 13/Jun/2024:13:16:46 +0000
-URI: /tea
-Request ID: 26e6d7dd0272eca82f31f33bf90698c9
-```
-
 Additionally you can set [error pages](https://docs.nginx.com/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/#errorpage) to handle the 401 and 403 responses.
diff --git a/examples/custom-resources/api-key/cafe-virtual-server.yaml b/examples/custom-resources/api-key/cafe-virtual-server.yaml
@@ -12,15 +12,7 @@ spec:
   - name: coffee
     service: coffee-svc
     port: 80
-  - name: tea
-    service: tea-svc
-    port: 80
   routes:
   - path: /coffee
     action:
       pass: coffee
-  - path: /tea
-    location-snippets: |
-      auth_request off;
-    action:
-      pass: tea
diff --git a/examples/custom-resources/api-key/cafe.yaml b/examples/custom-resources/api-key/cafe.yaml
@@ -30,36 +30,3 @@ spec:
     name: http
   selector:
     app: coffee
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: tea
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: tea
-  template:
-    metadata:
-      labels:
-        app: tea
-    spec:
-      containers:
-      - name: tea
-        image: nginxdemos/nginx-hello:plain-text
-        ports:
-        - containerPort: 8080
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: tea-svc
-spec:
-  ports:
-  - port: 80
-    targetPort: 8080
-    protocol: TCP
-    name: http
-  selector:
-    app: tea