Shulou(Shulou.com)06/02 Report--

This article mainly shows you how to do nginx reverse proxy session failure, the content is simple and easy to understand, I hope you can learn, after learning, there will definitely be gains, let Xiaobian take you to see it.

A colleague asked for help: the login of the background system was successful, but it could not be successfully logged into the system. It still jumped to the login page, but there was no problem in another environment with the same set of codes.

background

It is understood that he deployed two environments using tomcat for the same project, one on the development server and one on his own machine, with exactly the same code configuration for both environments. Both sides of the same nginx reverse proxy, nginx configuration is roughly as follows

location /health/ { proxy_pass http://192.168.40.159:8081/health/; #problem-free configuration}location /health-dev/ { proxy_pass http://192.168.40.202:8080/health/; #problem-free configuration}

A reverse proxy to the development environment and a reverse proxy to the native service.

positioning

Since the code configuration is exactly the same, the problem is most likely to occur on nginx's reverse proxy.

Because the location paths on both sides are different (i.e. browser paths are different), but the server path of the reverse proxy is the same, combined with the basic principle of the session, as shown in the figure below,

When the browser opens the page for the first time, the server will create a session for this session, and pass the session id to the browser through the header of the response. The header is generally Set-Cookie: JSESSIONID=xxxxx; Path=xxxx. After the browser receives the response, if the path value in the header Set-Cookie matches the browser address path, the header value will be stored in the browser Cookie. When the browser requests the server next time, the JSESSIONID value in the Cookie will be reported to the server through the header of the request. The header is generally Cookie: JSESSIONID=xxxx; The server can locate the corresponding session through the JSESSIONID

When nginx reverse proxy is configured in this way

location /health-dev/ { proxy_pass http://192.168.40.202:8080/health/;}

When the browser accesses http://www.domian.com/health-dev, the Set-Cookie Path value returned by the server is/health (because there is a reverse proxy in the middle, the server does not know what the path before the proxy is, and it is set according to the path of the final request server), as shown in the figure.

Because the path/health-dev of the browser access address does not match the Path /health of the Set-Cookie, the browser does not store its value in the Cookie, as shown in the figure

Therefore, the browser cannot set the JSESSIONID value of the request Cookie header when requesting the server next time, and the server cannot locate the corresponding session, so it will treat it as the first request and create a new session. This is repeated, so even if you log in, the login credentials returned by the server (JSESSIONID) will not be saved and carried in the next request, causing the server to think that you are a new request. Of course, it will jump to the login page again.

solve

nginx has a command proxy_cookie_path (reference: proxy_cookie_path) to modify the path in the Set-cookie returned by the server. The format is proxy_cookie_path, the original path and the target path. We add proxy_cookie_path to the configuration as follows.

location /health-dev/ { proxy_pass http://192.168.40.202:8080/health/; proxy_cookie_path /health /health-dev;}

Restart nginx and the problem is solved.

The above is about nginx reverse proxy causes session failure how to do the content, if you have learned knowledge or skills, you can share it to let more people see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.