<html><head></head><body><div style="color:#000; background-color:#fff; font-family:Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:16px"><div id="yui_3_16_0_ym19_1_1488981749717_11099"><span id="yui_3_16_0_ym19_1_1488981749717_11187">Hello BR,</span></div><div id="yui_3_16_0_ym19_1_1488981749717_11210"><span id="yui_3_16_0_ym19_1_1488981749717_11187">Thank you for your answer and for the hints. I'll investigate further in that direction.</span></div><div id="yui_3_16_0_ym19_1_1488981749717_11283"><span id="yui_3_16_0_ym19_1_1488981749717_11187">Have a nice week</span></div> <div class="qtdSeparateBR" id="yui_3_16_0_ym19_1_1488981749717_11257"><br><br></div><div class="yahoo_quoted" id="yui_3_16_0_ym19_1_1488981749717_11178" style="display: block;"> <div style="font-family: Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 16px;" id="yui_3_16_0_ym19_1_1488981749717_11177"> <div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 16px;" id="yui_3_16_0_ym19_1_1488981749717_11176"> <div dir="ltr"><font face="Arial" size="2"> Le Mercredi 8 mars 2017 14h03, B.R. via nginx <nginx@nginx.org> a écrit :<br></font></div> <br><br> <div class="y_msg_container" id="yui_3_16_0_ym19_1_1488981749717_11175"><div id="yiv8999011764"><div id="yui_3_16_0_ym19_1_1488981749717_11174"><div dir="ltr" id="yui_3_16_0_ym19_1_1488981749717_11173"><div class="yiv8999011764gmail_default" style="font-size:small;color:rgb(51,51,153);" id="yui_3_16_0_ym19_1_1488981749717_11180">This clearly looks like an application problem and not a nginx-related one.<br clear="none"></div><div class="yiv8999011764gmail_default" style="font-size:small;color:rgb(51,51,153);">nginx does not remove cookies nor, as the configuration snippet you shared suggest, handles authentication.<br clear="none"><br clear="none"></div><div class="yiv8999011764gmail_default" style="font-size:small;color:rgb(51,51,153);" id="yui_3_16_0_ym19_1_1488981749717_11179">If you use DNS, make sure all requests are served by the instance of nginx you quote, including redirects which might happen on login (have a look at access logs).<br clear="none"></div><div class="yiv8999011764gmail_default" style="font-size:small;color:rgb(51,51,153);" id="yui_3_16_0_ym19_1_1488981749717_11172">You can also investigate the content of cookies received either from downstream or upstream if you think it is related to your problem.<br clear="none"><br clear="none"></div><div class="yiv8999011764gmail_default" style="font-size:small;color:rgb(51,51,153);">If you got a question on the nginx configuration this ML is here to help. Otherwise, you'll need to rereoute your question where appropriate.<br clear="none"></div><div class="yiv8999011764gmail_extra" id="yui_3_16_0_ym19_1_1488981749717_11328"><div><div class="yiv8999011764gmail_signature"><font size="1"><span style="color:rgb(102,102,102);">---<br clear="none"></span><b><span style="color:rgb(102,102,102);">B. R.</span></b><span style="color:rgb(102,102,102);"></span></font></div></div>
<br clear="none"><div class="yiv8999011764gmail_quote" id="yui_3_16_0_ym19_1_1488981749717_11327">On Mon, Mar 6, 2017 at 10:35 PM, Mik J via nginx <span dir="ltr"><<a rel="nofollow" shape="rect" ymailto="mailto:nginx@nginx.org" target="_blank" href="mailto:nginx@nginx.org">nginx@nginx.org</a>></span> wrote:<br clear="none"><blockquote class="yiv8999011764gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;" id="yui_3_16_0_ym19_1_1488981749717_11326"><div class="yiv8999011764yqt9646543165" id="yiv8999011764yqt24608"><div id="yui_3_16_0_ym19_1_1488981749717_11325"><div style="color:#000;background-color:#fff;font-family:Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:16px;" id="yui_3_16_0_ym19_1_1488981749717_11324"><div id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25334">Hello,</div><div id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25340"><br clear="none"></div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_29348">I have run an application behind a nginx reverse proxy and I can't make it to work</div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_31182"><br clear="none"></div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_27487">a) if I access this application using <a rel="nofollow" shape="rect" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_27486" target="_blank" onclick="return window.theMainWindow.showLinkWarning(this)" href="https://1.1.1.1/">https://1.1.1.1:443</a> it works (certificate warning)</div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_31215">b) if I access this application using <a rel="nofollow" shape="rect" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_31214" target="_blank" href="https://myapp.mydomain.org,/">https://myapp.mydomain.org,</a> I get access to the login page</div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25472"> location ^~ / {<br id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25460" clear="none"> proxy_pass <a rel="nofollow" shape="rect" target="_blank" onclick="return window.theMainWindow.showLinkWarning(this)" href="https://1.1.1.1/" id="yui_3_16_0_ym19_1_1488981749717_11329">https://1.1.1.1:443</a>;<br id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25461" clear="none"> proxy_redirect off;<br id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25462" clear="none"> proxy_set_header Host $http_host;<br id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25463" clear="none"> proxy_set_header X-Real-IP $remote_addr;<br id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25464" clear="none"> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;<br id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25465" clear="none"> proxy_hide_header X-Frame-Options;</div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_31162"> proxy_hide_header X-Content-Security-Policy;<br id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_29390" clear="none"> proxy_hide_header X-Content-Type-Options;<br id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_29391" clear="none"> proxy_hide_header X-WebKit-CSP;<br id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_29392" clear="none"> proxy_hide_header content-security-policy;<br id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_29393" clear="none"> proxy_hide_header x-xss-protection;<br id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_29394" clear="none"> proxy_set_header X-NginX-Proxy true;<br id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25467" clear="none"> proxy_ssl_session_reuse off;<br id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25470" clear="none"> }<br id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_25471" clear="none">c) I log in in the page and after some time (2/3 seconds) the application logs me out</div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_31181"><br clear="none"></div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_33014">When I log in directly case a) I notice that I have (firebug)<br clear="none"></div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_33015">CookieSaveStateCookie=root; APPSESSIONID= 070ABC6AE433D2CAEDCFFB1E430744 16; testcookieenabled</div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_34790"><br clear="none"></div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_34800">Whereas when I log in in case c) I have</div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_34812">APPSESSIONID= 070ABC6AE433D2CAEDCFFB1E430744 16; testcookieenabled</div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_36634"><br clear="none"></div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_36639"><br clear="none"></div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_36658">So I feel there's a problem with the session or something like that.</div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_36659">PS: There is only one backend server and I can't run plain http (disable https)<br clear="none"></div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_36660"><br clear="none"></div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_36674">Does anyone has an idea ?<br clear="none"></div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_36711"><br clear="none"></div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_34813"><br clear="none"></div><div dir="ltr" id="yiv8999011764m_-2656838923286785348yui_3_16_0_ym19_1_1488827941214_34786"><br clear="none"></div></div></div></div><br clear="none">______________________________ _________________<br clear="none">
nginx mailing list<br clear="none">
<a rel="nofollow" shape="rect" ymailto="mailto:nginx@nginx.org" target="_blank" href="mailto:nginx@nginx.org">nginx@nginx.org</a><br clear="none">
<a rel="nofollow" shape="rect" target="_blank" href="http://mailman.nginx.org/mailman/listinfo/nginx">http://mailman.nginx.org/ mailman/listinfo/nginx</a><br clear="none"></blockquote></div><br clear="none"></div></div></div></div><br><div class="yqt9646543165" id="yqt23320">_______________________________________________<br clear="none">nginx mailing list<br clear="none"><a shape="rect" ymailto="mailto:nginx@nginx.org" href="mailto:nginx@nginx.org">nginx@nginx.org</a><br clear="none"><a shape="rect" href="http://mailman.nginx.org/mailman/listinfo/nginx" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx</a></div><br><br></div> </div> </div> </div></div></body></html>