NGINX login problem

Chuck_Kyberian · March 24, 2010, 5:51pm

Hi,
I have a problem with login to my application.
I use nginx as load-balancer and mongrel cluster as application
servers. I have 2 servers and 8 mongrels per server.
When I try to login directly on mongrel, everything is ok. But if I
use to login nginx, login sometimes failed - login and password are
nil in admin_controller and authentication failed in this case.

Do you have some idea to find solution of my problem?
Thanks…
Chuck

nginx.conf :

#user and group to run as
user yeti yeti;

worker_processes 4;

pid /var/run/nginx.pid;

events {
worker_connections 8192;
use epoll; # linux only!
}

http {
include /usr/local/nginx/mime.types;

default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] ’
'"$request" $status $body_bytes_sent “$http_referer”
’
‘"$http_user_agent" “$http_x_forwarded_for”’ ;
access_log /var/log/nginx/access.log main;

error_log /var/log/nginx/error.log notice;

sendfile on;

tcp_nopush on;
tcp_nodelay on;

client_body_temp_path /tmp 1 2;

gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript
application/xml application/xml+rss text/javascript;

nginx virtual host configuration file

to be included by nginx.conf

Load balance to mongrels

upstream mongrel_cluster {
server server1:3000;
server server1:3001;
…
server server1:3007;

server server2:3000;
server server2:3001;
…
server server2:3007;

}

Begin virtual host configuration

server {

Familiar HTTP settings

listen 443;

ssl on;

ssl_certificate /usr/local/nginx/certs/server.crt;

ssl_certificate_key /usr/local/nginx/certs/server.key;

server_name localhost;
root /home/usr/app/current/public;
access_log /var/log/nginx/localhost.access.log main;
error_page 500 502 503 504 /500.html;
client_max_body_size 50M;

First rewrite rule for handling maintenance page

if (-f $document_root/system/maintenance.html) {
rewrite ^(.*)$ /system/maintenance.html last;
break;
}

location / {

 proxy_set_header X-FORWARDED_PROTO https;

index index.html index.htm;
# Forward information about the client and host
# Otherwise our Rails app wouldn't have access to it
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_max_temp_file_size 0;
# Directly serve static content
location ~ ^/(images|javascripts|stylesheets)/ {
  expires 10y;
}
if (-f $request_filename) {
  break;
}
# Directly serve cached pages
if (-f $request_filename.html) {
  rewrite (.*) $1.html break;
}
# Otherwise let Mongrel handle the request
if (!-f $request_filename) {
  proxy_pass http://mongrel_cluster;
  break;
}

}
}
}