Tomcat behind Nginx: how to proxy both HTTP and HTTPS, possibly on non-standard ports? -

-

description

we're installing application running tomcat 6 behind nginx different clients. of installations http only, https only, somewhere both. 1 of installations has http , https working on non-standard ports (8070 , 8071) due lack of public ips. application @ hand displayed iframe in app.

current behaviour

tomcat redirects https requests http (so nothing displayed in iframe due browser restrictions mixed content).

current configuration

iframe code:

<iframe src="/saiku-ui">

tomcat's server.xml:

<connector port="8080" protocol="http/1.1"/> <!-- bit later... --> <valve classname="org.apache.catalina.valves.remoteipvalve"       remoteipheader="x-forwarded-for"       protocolheader="x-forwarded-proto"     />

nginx vhost:

server {   listen 80;   listen 443 ssl spdy;    location /saiku-ui {     proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;     proxy_set_header x-real-ip $remote_addr;     proxy_set_header host $http_host;     proxy_set_header x-forwarded-proto $scheme;     proxy_pass http://saiku-server; # upstream name     proxy_redirect off;   } }  upstream saiku-server {   server ip.of.tomcat.server:8080; }

desired behaviour

  1. tomcat should listen on 1 single port both http , https requests.

    if there 2 <connector> tags harder configure nginx.

  2. tomcat should not redirect between schemas.

  3. nginx may listen on arbitrary ports (e.g. listen 8071 ssl spdy;).
  4. links, generated tomcat should either relative or include schema, host, , port provided nginx.

additional info

i've tried add schema , proxyport attributes <connector>, after tomcat redirect http https (at least it's better).

i can't google such configuration , not experienced tomcat. please help.

actually want not possible, it's required have 2 separate connector tags , 2 upstreams in nginx, so:

tomcat's server.xml:

<connector port="8080" protocol="http/1.1"            connectiontimeout="20000"            proxyport="80" />  <connector port="8443" protocol="http/1.1"            connectiontimeout="20000"            proxyport="443"            scheme="https" secure="true" />

matching nginx configuration:

server {   listen 80;   listen 443 ssl spdy;    location /saiku-ui {     proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;     proxy_set_header x-real-ip $remote_addr;     proxy_set_header host $http_host;     proxy_set_header x-forwarded-proto $scheme;     proxy_pass http://saiku-server-$scheme; # upstream name, note variable $scheme in     proxy_redirect off;   } }  upstream saiku-server-http {   server     ip.of.tomcat.server:8080; }  upstream saiku-server-https {   server     ip.of.tomcat.server:8443; }

please note tomcat receives plain http traffic on both 8080 , 8443 ports (no ssl there, it's terminated nginx), connections on 8443 port generate links must start https:// instead of http:// (via attributes scheme="https" secure="true") , insert in links ports, specified in proxyport attribute.

nginx terminate ssl , proxy secure connections 8443 port of tomcat via saiku-server-https upstream, https value of $scheme nginx request variable (see location block)


Comments

Post a Comment

Popular posts from this blog

python - TypeError: start must be a integer -

-
i trying draw 5 turtles, getting typeerror on line 25. here code: import turtle wn = turtle.screen() redrose = turtle.turtle() color = input("what background color be?") fillcolor_f = input("what color of rose be?") redrose.hideturtle() redrose.speed(30) redrose.penup() redrose.left(180) redrose.forward(175) redrose.right(90) redrose.forward(30) redrose.right(90) redrose.pendown() def drawrose(red): redrose.color("pink") redrose.fillcolor(fillcolor_f) redrose.fill(true) in range(red): redrose.forward(i) redrose.right(49) in range(5): drawrose(redrose) redrose.penup() redrose.forward(350) redrose.right(144) redrose.pendown() redrose.fill(false) drawrose(50) wn.bgcolor(color) i trying draw 5 roses, produces errors. doing in interactivepython.org. you recursively calling drawrose wrong parameter. on line 23 ( for in range(red): ) expect red integer...
Read more

c# - DevExpress RepositoryItemComboBox BackColor property ignored -

-
i have following code almost works properly; private void cbstatus_drawitem(object sender, listboxdrawitemeventargs e) { string item = e.item string; if (item != null) { switch (item) { case "1": e.appearance.forecolor = color.green; e.appearance.backcolor = color.green; break; case "2": e.appearance.forecolor = color.orange; e.appearance.backcolor = color.orange; break; case "3": e.appearance.forecolor = color.red; e.appearance.backcolor = color.red; break; } } } when dropdown shown, items forecolor correct, backcolor remains whatever backcolor of theme is; i.e. if i've got set dark theme, backcolor dark, cells in gridview, rather being green/orange/red. i've tried setting e.appearance.options.usebackcolor trying set e....
Read more

django - Creating multiple model instances in DRF3 -

-
1) create multiple model instances 1 api call, asked here: how create multiple model instances django rest framework? tried solution named in link, no success. i trying upload multiple files in 1 api call. result: files uploaded (only once overwrote perform_create) 1 instance created (if send 2 files, latter created instance). my code: class fileuploadserializer(serializers.modelserializer): def __init__(self, *args, **kwargs): many = kwargs.pop('many', true) super(fileuploadserializer, self).__init__(many=many, *args, **kwargs) class meta: model = fileupload read_only_fields = ('created', 'datafile', 'owner') class fileuploadviewset(viewsets.modelviewset): queryset = fileupload.objects.all() serializer_class = fileuploadserializer parser_classes = (multipartparser, formparser, ) def perform_create(self, serializer): file_list = self.request.data.getlist('file') ...
Read more