I see - thanks. It sounds like I can’t use a non-root location with Nginx server as well, for the same reason.
So the ideal solution would be for OH2 to have its own authentication. I heard some work is done in that direction - do you know if it close to be implemented?