身份验证响应中的HTTP错误422

时间:2019-10-02 08:51:58

标签: ruby-on-rails nginx keycloak nginx-reverse-proxy nginx-config

我在使用Nginx Web服务器的计算机上运行的ruby on rails应用程序上运行。为了进行身份验证,我们使用Keycloak。当用户尝试进行身份验证时,请求将转到密钥斗篷。在从密钥库服务器进行身份验证后重定向时,当nginx接受连接时,它将在日志中显示错误HTTP / 2.0“ 4220。浏览器中还会显示http 422。

我尝试在标题下添加以下内容,但该方法无效。还尝试了一些位置/和代理/ add_header 'Access-Control-Allow-Origin' '*'

我尝试在不使用nginx的情况下运行该应用程序(使用puma),并且确实可以正常工作。 下面是我的nginx的conf文件

 default upgrade;
 ''      close;
}
server {
 listen 80;
 listen [::]:80;
 server_name example.com;
 root /home/live/public;
 # Useful for Let's Encrypt
 location /.well-known/acme-challenge/ { allow all; }
 location / { return 301 https://$host$request_uri; }
}
server {
 listen 443 ssl http2;
 listen [::]:443 ssl http2;
 server_name example.com;
 ssl_protocols TLSv1.2;
 ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
 ssl_prefer_server_ciphers on;
 ssl_session_cache shared:SSL:10m;
 ssl_certificate     /etc/letsencrypt/live/fullchain.pem;
 ssl_certificate_key /etc/letsencrypt/live/privkey.pem;
 keepalive_timeout    70;
 sendfile             on;
 client_max_body_size 80m;
 root /home/live/public;
 gzip on;
 gzip_disable "msie6";
 gzip_vary on;
 gzip_proxied any;
 gzip_comp_level 6;
 gzip_buffers 16 8k;
 gzip_http_version 1.1;
 gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
 add_header Strict-Transport-Security "max-age=31536000";
 location / {
   try_files $uri @proxy;
 }
 location ~ ^/(emoji|packs|system/accounts/avatars|system/media_attachments/files) {
   add_header Cache-Control "public, max-age=31536000, immutable";
   try_files $uri @proxy;
 }
 location /sw.js {
   add_header Cache-Control "public, max-age=0";
   try_files $uri @proxy;
 }
 location @proxy {
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header X-Forwarded-Proto https;
   proxy_set_header Proxy "";
   proxy_pass_header Server;
   proxy_pass http://127.0.0.1:3000;
   proxy_buffering off;
   proxy_redirect off;
   proxy_http_version 1.1;
   proxy_set_header Upgrade $http_upgrade;
   proxy_set_header Connection $connection_upgrade;
   tcp_nodelay on;
 }
 location /api/v1/streaming {
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header X-Forwarded-Proto https;
   proxy_set_header Proxy "";
   proxy_pass http://127.0.0.1:4000;
   proxy_buffering off;
   proxy_redirect off;
   proxy_http_version 1.1;
   proxy_set_header Upgrade $http_upgrade;
   proxy_set_header Connection $connection_upgrade;
   tcp_nodelay on;
 }
 error_page 500 501 502 503 504 /500.html;
} ```

I need nginx to pass the data getting form keycloak, back to my ruby on rails application.

0 个答案:

没有答案
相关问题
最新问题