<div dir="ltr"><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">This clearly looks like an application problem and not a nginx-related one.<br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">nginx does not remove cookies nor, as the configuration snippet you shared suggest, handles authentication.<br><br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">If you use DNS, make sure all requests are served by the instance of nginx you quote, including redirects which might happen on login (have a look at access logs).<br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">You can also investigate the content of cookies received either from downstream or upstream if you think it is related to your problem.<br><br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">If you got a question on the nginx configuration this ML is here to help. Otherwise, you'll need to rereoute your question where appropriate.<br></div><div class="gmail_extra"><div><div class="gmail_signature" data-smartmail="gmail_signature"><font size="1"><span style="color:rgb(102,102,102)">---<br></span><b><span style="color:rgb(102,102,102)">B. R.</span></b><span style="color:rgb(102,102,102)"></span></font></div></div>
<br><div class="gmail_quote">On Mon, Mar 6, 2017 at 10:35 PM, Mik J via nginx <span dir="ltr"><<a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div style="color:#000;background-color:#fff;font-family:Helvetica Neue,Helvetica,Arial,Lucida Grande,sans-serif;font-size:16px"><div id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25334">Hello,</div><div id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25340"><br></div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_29348">I have run an application behind a nginx reverse proxy and I can't make it to work</div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_31182"><br></div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_27487">a) if I access this application using <a href="https://1.1.1.1/" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_27486" target="_blank">https://1.1.1.1:443</a> it works (certificate warning)</div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_31215">b) if I access this application using <a href="https://myapp.mydomain.org,/" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_31214" target="_blank">https://myapp.mydomain.org,</a> I get access to the login page</div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25472"> location ^~ / {<br id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25460"> proxy_pass <a href="https://1.1.1.1:443" target="_blank">https://1.1.1.1:443</a>;<br id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25461"> proxy_redirect off;<br id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25462"> proxy_set_header Host $http_host;<br id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25463"> proxy_set_header X-Real-IP $remote_addr;<br id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25464"> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;<br id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25465"> proxy_hide_header X-Frame-Options;</div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_31162"> proxy_hide_header X-Content-Security-Policy;<br id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_29390"> proxy_hide_header X-Content-Type-Options;<br id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_29391"> proxy_hide_header X-WebKit-CSP;<br id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_29392"> proxy_hide_header content-security-policy;<br id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_29393"> proxy_hide_header x-xss-protection;<br id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_29394"> proxy_set_header X-NginX-Proxy true;<br id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25467"> proxy_ssl_session_reuse off;<br id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25470"> }<br id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25471">c) I log in in the page and after some time (2/3 seconds) the application logs me out</div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_31181"><br></div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_33014">When I log in directly case a) I notice that I have (firebug)<br></div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_33015">CookieSaveStateCookie=root; APPSESSIONID=<wbr>070ABC6AE433D2CAEDCFFB1E430744<wbr>16; testcookieenabled</div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_34790"><br></div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_34800">Whereas when I log in in case c) I have</div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_34812">APPSESSIONID=<wbr>070ABC6AE433D2CAEDCFFB1E430744<wbr>16; testcookieenabled</div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_36634"><br></div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_36639"><br></div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_36658">So I feel there's a problem with the session or something like that.</div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_36659">PS: There is only one backend server and I can't run plain http (disable https)<br></div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_36660"><br></div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_36674">Does anyone has an idea ?<br></div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_36711"><br></div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_34813"><br></div><div dir="ltr" id="m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_34786"><br></div></div></div><br>______________________________<wbr>_________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/<wbr>mailman/listinfo/nginx</a><br></blockquote></div><br></div></div>