我有以下内容:
NAS将HTTPS请求作为HTTP转发到NGINX容器。然后NGINX容器将HTTP请求转发到我的appcontainer。
我可以访问我的appcontainer登录页面,但登录后按如下方式进行POST: Nginx access.log
POST /foo/login.do HTTP/1.1" 302 0 "https://nas.dns.server/foo/login.do
在appcontainer Tomcat的 localhost_access.log 中显示
POST /foo/doLogin.do HTTP/1.0" 302
并以HTTP的形式向NAS请求
似乎正在忽略X-Forwarded-Proto标头。
我的nginx.conf配置如下:
server {
listen 80;
server_name $hostname;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
error_log /dev/stdout info;
access_log /dev/stdout;
client_max_body_size 100M;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
send_timeout 300;
resolver 127.0.0.11 valid=30s;
sendfile on;
location /foo {
proxy_set_header Origin "";
set $appcontainer http://appcontainer:8080;
proxy_pass $appcontainer;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $https; #I’ve also tested with $scheme
}
}
谢谢
答案 0 :(得分:0)
在“网络”标签的“ Chrome开发者工具”中可以看到,对于login.do
的调用有Request URL: https://entry.proxy.url/foo/doLogin.do
,但是在Response Headers
中,我看到了生成的内容问题Location: http://proxy.entry.url/foo/login.do
必须是Location: https://proxy.entry.url/foo/login.do
。
我尝试在该位置以proxy_redirect http://entry.proxy.url/ https://csprocure.ciport.be/;
进行重定向,并且可以正常工作。
因此位置设置为:
location /foo {
proxy_set_header Origin "";
set $appcontainer http://appcontainer:8080;
proxy_redirect http://proxy.entry.url/ https://proxy.entry.url/;
proxy_pass $appcontainer;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $https; #I’ve also tested with $scheme
}