I’m sure this is probably just a misconfiguration or a misunderstanding
of
nginx proxying. I’m looking to replace apache as my ssl/proxy server
for a
Jboss/tcServer backend. Unfortunately, I have a java web start app that
builds the jnlp files dynamically based on the scheme, protocol and
server
info passed back to it. I’m not getting the https (port 443) passed
back as
expected. I thought it was the application so I googled and found a
some
quick and dirty jsp pages that let me test the responses being passed
back.
For the apache server, I see the following:
Scheme: https
Name: my.example.com
Port: 443
Nginx responses show (regardless of how I try to connect):
Scheme: http
Name: my.example.com
Port: 80
I’m fairly new to nginx but I’ve read and googled fairly extensively to
no
avail.
I’m trying to do similar to the following:
location /myJWSapp/ {
proxy_pass http://127.0.0.1:8080;
proxy_redirect off;
proxy_set_header Host
$http_host;
proxy_set_header X-Forwarded-By
$server_addr:$server_port;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
I can see the url in the jnlp file Also, for some reason the jnlp file
is
now being truncated at 10k (I’ve googled this to no avail as well).
This is
making it even more difficult to debug this issue.
Posted at Nginx Forum:
This apparently handles the proxying differently. Guess it’s back to
Apache
since it handles it readily and has AJP support.
Posted at Nginx Forum:
Hi,
Nginx responses show (regardless of how I try to connect):
Scheme: http
Name: my.example.com
Port: 80
[…]
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-By $server_addr:$server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
Are you sure Apache uses exactly the same headers when passing
the request to the backend? Compare the frontend/backend traffic
with apache and nginx, and adjust the nginx configuration accordingly.
Nginx will do what you configure; but I guess the values above
are not really inspected by your backend.
Guess it’s back to Apache since it handles it readily and has AJP support.
Take a look at nginx_ajp_module:
Regards,
Lukas
On 19 June 2013 14:19, solitaryr [email protected] wrote:
Thanks, Lucas. We looked at the headers being passed back (that’s what the
jsp was for). Even with http completely disabled and https only available,
they were still passed as http:80 by nGinx…but Apache passed them through.
I don’t understand what you mean by “passed as http:80”, but I think
your problem will be fixable if you can provide more detailed
information.
Please post ascii dumps (tcpdump -nnn -A -s0 -i
port 8080) of a request/response under nginx and then under apache,
showing all HTTP headers in both directions. In that tcpdump example,
I’m assuming your backend is listening for HTTP traffic on port 8080 -
you may need to change that.
Of course, redact anything you like, but please indicate where you’ve
redacted something rather than just removing it.
Jonathan
Jonathan M.
Oxford, London, UK
http://www.jpluscplusm.com/contact.html
Thanks, Lucas. We looked at the headers being passed back (that’s what
the
jsp was for). Even with http completely disabled and https only
available,
they were still passed as http:80 by nGinx…but Apache passed them
through.
We tried this on two separate environments.
I looked at the ajp module. Unfortunately, it’s not in any repository
and
custom builds are frowned upon for our systems.
Posted at Nginx Forum: