Fwd: Wrong $server_name variable (FastCGI phpCAS problem)

[Huan Truong]

Hi all,

We were trying to migrate Wordpress multisite from Apache to nginx and
had a pretty frustrated time trying to figure out why our our CAS
authentication did not work correctly with our setup.

In our setup, we have a whole bunch of sub-domains hosted at:

*.sites.example.edu

So we let nginx listening as follow

server_name sites.example.edu *.sites.example.edu *.example.edu;

When we tried our CAS authentication, only the CAS requests originated
from sites.example.edu worked, none of the requests originated from
*.sites.example.edu worked and resulted in a infinite redirect. I dug
in a bit and found out that PHP was requesting a wrong return service
url [1] (on Apache the return service url that PHP constructed is
mysite.sites.example.edu, while with nginx it is sites.example.edu).
It turned out that phpCAS used SERVER_NAME to determine the return
service URL, and nginx passed to PHP the wrong answer.

The fastcgi configuration is as follow:

fastcgi_param  SERVER_NAME        $server_name; # returns
sites.example.edu on http://mysite.sites.example.edu

It can be temporarily fixed by setting

fastcgi_param  SERVER_NAME        $host; # returns
mysite.sites.example.edu on http://mysite.sites.example.edu

But in this case I feel the $server_name should take the value of
mysite.sites.example.edu when the browser requests
mysite.sites.example.edu instead of sites.example.edu, the first value
it found on the server_name directive.


[1]: https://wiki.case.edu/Central_Authentication_Service#Detailed_overview








-- 
code ninja | tnhh.net | @huant