Modify url at nginx

linsonj nginx-forum at forum.nginx.org
Mon Jul 30 06:58:56 UTC 2018 

Hello All,

We have a use case.

Our web application is deployed in tomcat7. At front, nginx is configured as
reverse proxy and all requests are passed through nginx and are forwarded to
tomcat7. Nginx serve static files directly and dynamic requests ( json ) are
forwarded to tomcat7. At backend, we have MySQL db to save the application
settings.


What we want is when client type https://test1.apphost.com , nginx see url
as test1.apphost.com. Before proxy pass request to tomcat7, it should modify
url to https://test.apphost.com so tomcat7 see client url as
test.apphost.com. Once request is processed, response is given back to nginx
and nginx give it back to end url https://test1.apphost.com


This is needed because in our application database, we use domain name to DB
name mapping. Currently one domain name mapping entry is allowed. We want to
allow multiple urls to login to our application from client side. That
means, we use modified url (domain name ) test.apphost.com in database
settings. When client type https://test1.apphost.com, nginx should modify it
to test.apphost.com which matches the database mapping settings thus allow
successful login.

We have following nginx config settings put in place.

server {
       listen 80;
       rewrite ^(.*) https://$host$1 permanent;
       error_page 500 502 503 504 /50x.html;
}


server {
listen 443 ssl default_server;

location /server {

proxy_pass http://127.0.0.1:8080/server;
proxy_connect_timeout 6000;
proxy_send_timeout 6000;
proxy_read_timeout 6000;
proxy_request_buffering off;
send_timeout 6000;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_temp_path /var/nginx/proxy_temp;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503
http_504;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Server $host;

proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_redirect off;
proxy_cache sd6;

add_header X-Proxy-Cache $upstream_cache_status;
proxy_cache_bypass $http_cache_control;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options nosniff;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains"
always;
add_header Referrer-Policy "no-referrer";
}

ssl on;
ssl_certificate /etc/nginx/ssl/example.com.bundle.crt;
ssl_certificate_key /etc/nginx/ssl/example.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384
EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256  EECDH+aRSA+RC4 EECDH
EDH+aRSA HIGH !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_session_timeout 24h;

keepalive_timeout 300;
access_log /var/log/nginx/ssl-access.log;
error_log /var/log/nginx/ssl-error.log;

}

Would be of great help if someone can advise us how can we modify the url
based on the use case explained above.
Thank you.

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,280695,280695#msg-280695

More information about the nginx mailing list