Hello list,
I have configured nginx as a reverse proxy to our hudson build server as
follows:
[b]server {
listen 80;
server_name koala.proxy.internal;
location /hudson/ {
proxy_pass http://build.example.com/hudson/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header Host $http_host;
proxy_redirect off;
}[/b]
The backend hudson server is configured to authenticate users with
Active Directory using
the hudson active directory plugin.
Everything works fine, except that when I click the logout button,
nothing happens, and
I am still logged in, wheras the expected behaviour is, I should be
logged out and taken
to the login page.
The request and response headers in firebug show these:
Response:
[b]HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 01 Sep 2010 02:40:57 GMT
Connection: keep-alive
Set-Cookie: ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE=""; Path=/hudson
Location: http://koala.proxy.internal/hudson/
Content-Length: 0
Expires: Thu, 02 Sep 2010 02:40:57 GMT
Cache-Control: max-age=86400[/b]
Request:
[b]GET /hudson/logout HTTP/1.1
Host: koala.proxy.internal
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.8)
Gecko/20100722 Firefox/3.6.8
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://koala.proxy.internal/hudson/people/
Cookie: screenResolution=1280x720;
JSESSIONID=8957FA425BC89DE784266DAACAD45135[/b]
Below are the headers from the hudson server, when I access it directly
and click the logout
button:
Response:
[b]HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Expires: 0
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Date: Wed, 01 Sep 2010 05:00:33 GMT[/b]
Request:
[b]GET /hudson/login?from=%2Fhudson%2F HTTP/1.1
Host: build.example.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.8)
Gecko/20100722 Firefox/3.6.8
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://build.example.com/hudson/
Cookie: screenResolution=1280x720;
JSESSIONID=105C0A7031B817E0321336310FC8D6E1[/b]
As I understand from the headers,when I click logout, the GET request
should be for "/hudson/login?from=%2Fhudson%2F"
and not for "/hudson/logout" as is happening through the reverse proxy.
I have tried many things to get it working but to no avail.Would really
appreciate if someone
could guide me here.
Thanks,
Mogaroy
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,125909,125909#msg-125909
on 2010-09-01 07:46
on 2010-09-07 07:56
For anyone who may be facing similar issues, I solved my problem by adding '[b]add_header Pragma "no-cache"'[/b] to my configuration. http://agiletesting.blogspot.com/2010/06/commong-nginx-configuration-options.html Thanks, Mogaroy Posted at Nginx Forum: http://forum.nginx.org/read.php?2,125909,127855#msg-127855
on 2010-09-07 08:00
On Tue, Sep 07, 2010 at 01:54:54AM -0400, mogaroy wrote: > For anyone who may be facing similar issues, I solved my problem by > adding '[b]add_header Pragma "no-cache"'[/b] to my configuration. > > http://agiletesting.blogspot.com/2010/06/commong-nginx-configuration-options.html "Pragma: no-cache" is a client request header line. Although I saw an advise to add this line to a response many times, I'm not sure that browser or transient proxy server understands the header line in the response. -- Igor Sysoev http://sysoev.ru/en/
on 2010-09-07 08:41
Right Igor, checking further, found that the above solution works well with Firefox but not with IE. Any help please? Thanks, Mogaroy Posted at Nginx Forum: http://forum.nginx.org/read.php?2,125909,127861#msg-127861
on 2010-09-07 09:56
Fixed it for IE as well with this: [b]add_header Cache-Control "no-cache";[/b] Thanks, Mogaroy Posted at Nginx Forum: http://forum.nginx.org/read.php?2,125909,127876#msg-127876
on 2010-09-07 10:22
On Tue, Sep 07, 2010 at 03:54:55AM -0400, mogaroy wrote: > Fixed it for IE as well with this: > > [b]add_header Cache-Control "no-cache";[/b] Yes, this is right way. However, this configuration is wrong: location / { root /var/www; include cache-control.conf; index index.html index.htm; } cache-control.conf: # default cache 1 day expires +1d; if ($request_uri ~* "^/services/.*$") { expires +0d; add_header Pragma "no-cache"; } if ($request_uri ~* "^/(index.html)?$") { expires +1h; } It may work in some case and may not work in others. It should be rewritten as: root /var/www; index index.html index.htm; location = / { expires +1h; } location = /index.html { expires +1h; } location / { index index.html index.htm; expires +1d; } location /services/ { index index.html index.htm; expires -1; } -- Igor Sysoev http://sysoev.ru/en/
on 2010-09-07 10:26
On Tue, Sep 07, 2010 at 12:21:37PM +0400, Igor Sysoev wrote: > location / { > if ($request_uri ~* "^/services/.*$") { > > > location / { > index index.html index.htm; > expires +1d; > } > > location /services/ { > index index.html index.htm; > expires -1; > } Indecies in locations are not needed since they are inherited from the server level: root /var/www; index index.html index.htm; location = / { expires +1h; } location = /index.html { expires +1h; } location / { expires +1d; } location /services/ { expires -1; } -- Igor Sysoev http://sysoev.ru/en/
Enable email notification
Enable multi-page viewPlease log in before posting. Registration is free and takes only a minute.
Existing account
(Switch to SSL-encrypted connection)
NEW: Do you have a Google/GoogleMail or Yahoo account? No registration required!
Log in with Google account | Log in with Yahoo account
Log in with Google account | Log in with Yahoo account
No account? Register here.