Cookie/Session Expired - OWA SSL Reverse Proxy
nginx-forum at nginx.us
Fri Aug 16 13:43:18 UTC 2013
Jonathan Matthews Wrote:
> On 14 August 2013 18:20, spacecwoboy <nginx-forum at nginx.us> wrote:
> > Hi.
> > Trying to configure a reverse proxy to allow external access to an
> > web access server. I am able to route traffic through the NGINX to
> the OWA
> > server, present the web page, and place the username & pw into the
> > OWA rejects valid username/pwd's with a: "Your session has timed
> > error.
> > Looking through my custom log files, somehow the session ID and the
> > values are munged in the GET & POST process through the proxy.
> There may be
> > a simple fix that I'm not able to find. Any suggestions will be
> > appreciated!
> I have a vague recollection that OWA uses a nasty form of
> authentication which *requires* that each client's end-to-end
> connection to the backend be long-lived, and only used by that one
> client (as the auth is done in the first few packets and not
> repeated). I don't know how you'd configure that in nginx.
> I may be wrong about it, however. I've never tried Nginx in front of
> OWA myself. This question comes up on the HAProxy list sometimes, and
> it seems solvable by HAP users.
Much Appreciated Jonathan - it prompted me to take some different testing
I pointed ngnix to a 'test' OWA back-end, which is a mirror of the prod
environment, less the rigid SSL certs. Authentication passed right on
through, everything was jive.
I'll likely take a different route of trunking SSL to nginx, remove the OWA
cert, then ipsec'ing the nginx server to the OWA server host-to-host.
Seems that's the fairly common approach?
( This thread helped btw:
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,241856,241939#msg-241939
More information about the nginx