ForwardAuth on Docker

Traefik Traefik v2
1

Hi, I'm trying config forward Auth and not working. The service does not pass through the auth service. See my docker-compose below

version: "3.7"
services:
  traefik:
    image: traefik:v2.2
    container_name: "traefik"
    command:
      - "--log.level=DEBUG"
      - "--api.insecure=true"                       # Traefik will listen on port 8080 by default for API request
      - "--providers.docker=true"                   # Enabling docker provider
      - "--providers.docker.exposedbydefault=false" # Do not expose containers unless explicitly told so
      - "--entrypoints.web.address=:80"             # Traefik will listen to incoming request on the port 80 (HTTP)
      - "--tracing=true"
      - "--tracing.serviceName=traefik"
      - "--tracing.jaeger=true"
      - "--tracing.jaeger.samplingServerURL=http://localhost:5778/sampling"
      - "--tracing.jaeger.samplingType=const"
      - "--tracing.jaeger.samplingParam=1.0"
      - "--tracing.jaeger.localAgentHostPort=tracing:6831"
      - "--tracing.jaeger.propagation=jaeger"
      - "--tracing.jaeger.traceContextHeaderName=uber-trace-id"
    ports:
      - "80:80"
      - "8080:8080"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"  # So that Traefik can listen to the Docker events

  tracing:
    image: jaegertracing/all-in-one
    ports:
      - "5775:5775/udp"
      - "6831:6831/udp"
      - "6832:6832/udp"
      - "5778:5778"
      - "16686:16686"
      - "14268:14268"
      - "9411:9411"
    env_file:
      - .env
    security_opt:
      - seccomp:unconfined

  auth:
    image: go-docker-image
    environment:
      - DB_PORT=5432
      - DB_HOST=docker.for.mac.host.internal
    ports:
      - '6001:6000'
    volumes:
      - ./auth/.:/app
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.auth.rule=Host(`localhost`) && PathPrefix(`/auth`)"
      - "traefik.http.routers.auth.middlewares=auth"
      - "traefik.http.routers.auth.entrypoints=web"
      - "traefik.http.middlewares.auth.stripprefix.prefixes=/auth"

  security:
    image: go-docker-image
    environment:
      - DB_PORT=5432
      - DB_HOST=docker.for.mac.host.internal
    ports:
      - '6000:6000'
    volumes:
      - ./security/.:/app
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.security.rule=Host(`localhost`) && PathPrefix(`/security`)"
      - "traefik.http.routers.security.middlewares=security"
      - "traefik.http.routers.security.entrypoints=web"
      - "traefik.http.middlewares.security.stripprefix.prefixes=/security"
      - "traefik.http.middlewares.add-security.forwardauth.address=http://localhost/auth/verify"
      - "traefik.http.middlewares.add-security.forwardauth.trustForwardHeader=true"

the idea is the auth service will be used by security or any others service to check if the request can or not be forwarded

I have something similar with traefik 1.7 and work

tks.