Multiple Upstream Servers Result in Error 310 (net::ERR_TOO_MANY_REDIRECTS)

[Cliff Wells]

On 03/06/2012 02:07 PM, mevans336 wrote:
> Cliff,
>
> The application performs a redirect because that was the way it was
> originally designed. It uses the ACEGI security framework. I have turned
> the ACEGI HTTP ->  HTTPS redirect off with the same behavior however.
>
> After my post, I stumbled across the ip_hash upstream variable and that
> has resolved the issue. Or at least, masked it and made things
> functional.
>
> I am aware that Nginx is talking to JBoss via HTTP, not HTTPS. Nginx is
> acting as our front-end SSL termination point, we don't have JBoss
> configured to answer SSL requests, although for security purposes, that
> is on my 'to-do' list. Right now, clients don't communicate directly
> with the JBoss servers, only Nginx, so communication over the internet
> is encrypted.
I was just making sure that was considered.  In any case I suspect 
Francis is right in his assessment, and that's why using the ip_hash 
directive solved your issue.  Good work on that.  I haven't personally 
encountered frameworks with this issue so it didn't occur to me.

> I am confused by your statement, "It's not clear why you even bother
> with the proxy_pass in this location. Just redirect to the HTTPS
> location and be done."

What I meant is that you are doing a "rewrite permanent", followed by 
the proxy_pass.  This means that either the proxy_pass will never be 
executed.  Sorry I wasn't clear.

Regards,
Cliff