Ngnix Jsession changed redirection issue

2
votes

There is a setup like one application is running on www.xyz.com and there is one report that make rest hits to an application hosted on www.abc.com.

Due to odd issue of CORS on IE8, we are making the rest hit on www.xyz.com but actually services are hosted on www.abc.com so at ngnix level we are redirecting the rest request from www.xyz.com to www.abc.com.

But after using the report on www.xzy.com app when we go to another page then session gets expired. jsessionid is changed after using the report on www.xyz.com.

Thanks in advance.


    server {
            listen 80;
            server_name www.xyz.com;
            charset utf-8;
            rewrite     ^(.*)   https://$server_name$1 permanent;
    }

    server {
            listen 443;
            ssl on;
            ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
            ssl_certificate /etc/nginx/ssl.crt/server.crt;
            ssl_certificate_key /etc/nginx/ssl.key/server.key;
            server_name www.xyz.com;
            error_log /var/log/nginx/error.log;
            charset utf-8;


            location / {
                    proxy_pass http://localhost:97;
                    proxy_set_header X-Real-IP $remote_addr;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header Host $http_host;
                    client_max_body_size 10M;
            }

            location /api/rest/b2b/v1/report/filters/program-summary {
                proxy_pass   http://localhost:90/api/rest/b2b/v1/report/filters/program-summary;
                proxy_redirect off;
                proxy_pass_request_headers on;
                 proxy_set_header X-Real-IP $remote_addr;
                 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                 proxy_set_header Host $http_host;
                client_max_body_size 10M;
                proxy_set_header X-Forwarded-Proto https;
    'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }
           location /api/rest/b2b/v1/report/headers/grid/program-summary/DATAGRID {
                proxy_pass   http://localhost:90/api/rest/b2b/v1/report/headers/grid/program-summary/DATAGRID;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
               proxy_pass_request_headers on;
               proxy_set_header Host $http_host;
                client_max_body_size 10M;
                proxy_set_header X-Forwarded-Proto https;
    'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }

            location /api/rest/b2b/v1/report/headers/grid/program-summary/SALES_REP {
                proxy_pass    http://localhost:90/api/rest/b2b/v1/report/headers/grid/program-summary/SALES_REP;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
               proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
               proxy_pass_request_headers on;
               proxy_set_header Host $http_host;
                client_max_body_size 10M;
                proxy_set_header X-Forwarded-Proto https;
    'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }
            location /api/rest/b2b/v1/report/filters/variable/program-summary {
                proxy_pass     http://localhost:90/api/rest/b2b/v1/report/filters/variable/program-summary;
                proxy_redirect off;
                 proxy_set_header X-Real-IP $remote_addr;
                 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass_request_headers on;
                proxy_set_header Host $http_host;
                proxy_set_header X-Forwarded-Proto https;
    'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }

            location /api/rest/b2b/v1/query/program-summary/barchart {
                proxy_pass  http://localhost:90/api/rest/b2b/v1/query/program-summary/barchart;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass_request_headers on;
                proxy_set_header Host $http_host;
                client_max_body_size 10M;
                proxy_set_header X-Forwarded-Proto https;
    'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }
             location /api/rest/b2b/v1/query/program-summary/datagrid {
                proxy_pass   http://localhost:90/api/rest/b2b/v1/query/program-summary/datagrid;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass_request_headers on;
                proxy_set_header Host $http_host;
                client_max_body_size 10M;
                proxy_set_header X-Forwarded-Proto https;
    'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }
             location /api/rest/b2b/v1/query/program-summary/status_pie {
                proxy_pass    http://localhost:90/api/rest/b2b/v1/query/program-summary/status_pie;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass_request_headers on;
                proxy_set_header Host $http_host;
                client_max_body_size 10M;
                proxy_set_header X-Forwarded-Proto https;
    'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }

             location /api/rest/b2b/v1/query/program-summary/summary {
                proxy_pass     http://localhost:90/api/rest/b2b/v1/query/program-summary/summary;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass_request_headers on;
                proxy_set_header Host $http_host;
                client_max_body_size 10M; 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }
            location /api/rest/b2b/v1/query/program-summary/sales_datagrid {
                proxy_pass    http://localhost:90/api/rest/b2b/v1/query/program-summary/sales_datagrid;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass_request_headers on;
                proxy_set_header Host $http_host;
                client_max_body_size 10M;
    'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }
            location  /api/rest/b2b/v2/constants/CDN_URL {
                    proxy_pass    http://localhost:90/api/rest/b2b/v2/constants/CDN_URL;
                    proxy_redirect off;
                    proxy_set_header X-Real-IP $remote_addr;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_pass_request_headers on;
                    proxy_set_header Host $http_host;
                    client_max_body_size 10M;
            }
            location ~ ^/templates/(.*)$ {
                    alias /webroot/reporting-dashboard/templates/$1;
            }

            location ~ ^/data/(.*)$ {
                    alias /webroot/reporting-dashboard/data/$1;
            }

            location ~ ^/styles/(.*)$ {
                    alias /webroot/reporting-dashboard/styles/$1;
            }

            location ~ ^/bower_components/(.*)$ {
                    alias /webroot/reporting-dashboard/bower_components/$1;
            }

            location /scripts/62219e5b.vendor.js {
                    alias /webroot/reporting-dashboard/scripts/62219e5b.vendor.js;
            }

            location /scripts/9ec589bc.plugins.js {
                    alias /webroot/reporting-dashboard/scripts/9ec589bc.plugins.js;
            }

            location /scripts/e13d4652.main.js {
                    alias /webroot/reporting-dashboard/scripts/e13d4652.main.js;
            }


            error_page   502 503 504  /vzb_50x.html;
                location = /vzb_50x.html {
                root   /tomcats/webapps/ROOT/static/errorFiles;
            }
    }
1
nginx
are you using any load-balancer in between like haproxy.Your session is not persistence .I guessthinkingmonster
not on dev environment. But yes on production.Mukesh Kumar
Can you provide your nginx configuration as issue seems to be with same if you are using session ids.thinkingmonster
@thinkingmonster. I think this is happening because JSESSION is overwritten by the www.abc.com app. How i can remove / clear the cookies in nginx?Mukesh Kumar
,try this link github.com/openresty/headers-more-nginx-module..,Test the defined configuration and let me know the results.Hope you can do mentioned minor changes.thinkingmonster

1 Answers

1
votes

Adding the proxy_hide_header Set-Cookie; in conf file has solved the problem. This basically removed the cookies from the response.

https://serverfault.com/questions/641417/nginx-not-processing-proxy-hide-header-and-proxy-ignore-headers