Hello,
I am trying to authorize the host for each request sent to Haproxy. I have a Haproxy running inside k8s cluster. While each request landed at Haproxy I want to call a REST service to authorize host.
Issue is Agent written in Go Lang are able to get the args but the value of the args are nil.
Below is the Haproxy configuration
global
master-worker
pidfile /var/run/haproxy.pid
stats socket /var/run/haproxy.sock mode 660 level admin
log stdout format raw local0
expose-deprecated-directives
defaults unnamed_defaults_1
mode http
log global
option httplog
timeout connect 5s
timeout client 50s
timeout server 50s
userlist dataplaneapi
user admin insecure-password adminpwd
frontend http-in from unnamed_defaults_1
bind *:80
http-request set-var(txn.url) hdr(host)
http-request set-var(txn.userid) req.cook(X-User-Name)
http-request set-var(txn.x_env_raw) req.cook(X-Env)
#http-request set-var(txn.debug) var(txn.url)
log-format “DEBUG=%[var(txn.url)]”
filter spoe engine auth-agent config /usr/local/etc/haproxy/spoa-auth.cfg
http-request deny if { var(txn.allow) -m bool false }
acl is_openkm hdr(host) -i openkm.xxx.com
use_backend openkm if is_openkm
default_backend servers
backend openkm from unnamed_defaults_1
mode http
server openkm xx.xx.xx.xx:5006
backend servers from unnamed_defaults_1
server server1 xx.xx.xx.xx:5006 check
backend spoa-auth-backend from unnamed_defaults_1
mode spop
server spoa1 arnab-haproxy-spoa:9000
Below is the configuration for spoa-auth.cfg
[auth-agent]
spoe-agent auth-agent
messages auth-msg
option var-prefix auth
timeout hello 2s
timeout idle 30s
timeout processing 3s
use-backend spoa-auth-backend
log global
spoe-message auth-msg
args url=var(txn.url) userid=var(txn.userid) envraw=var(xn.x_env_raw)
event on-frontend-http-request
Sample log in the agent
2025/11/30 18:07:04 URL:
2025/11/30 18:07:06 handle request EngineID: ‘1ec9be45-4928-4c1d-b36c-e129f520dd31’, StreamID: ‘11’, FrameID: ‘1’ with 1 messages