Too Many Redirects
Jonathan Matthews
contact at jpluscplusm.com
Sat Feb 2 18:58:30 UTC 2013
On 2 February 2013 15:34, billmanhillman <nginx-forum at nginx.us> wrote:
> Francis Daly Wrote:
> -------------------------------------------------------
>> On Fri, Feb 01, 2013 at 07:27:31PM -0500, billmanhillman wrote:
>>
>> Hi there,
>>
>> > I created another HTTP/1.1 connector in tomcat listening on another
>> port
>> > 8443. I then separated the server settings in nginx for both http
>> and
>> > https.
>> >
>> > I had the http server def proxy_pass to http://localhost:8080
>> > I had the https server def proxy_pass to http://localhost:8443
>> >
>> > I also put headers notifying tomcat the request was coming from http
>> or
>> > https.
>>
>> You changed the nginx config so that tomcat could be able to tell
>> whether
>> the original request was https or not.
>
> Agreed.
>
>>
>> Did you change the tomcat config so that it would recognise this
>> signal,
>> and would accept that "originally https" was enough to consider it
>> as secure?
>
> The connection is secured on the Nginx side. Tomcat should be able to handle
> this since I'm just swapping out overblown apache for Nginx and it worked
> fine on apache before switching to Nginx. I've tried X-Proxy-For and
> X-Real-IP headers. Am I missing any other headers?
You haven't mentioned X-Forwarded-For (IP address) or
X-Forwarded-Proto ("http" or "https"), both of which I routinely set
up, but why don't you just swap out tomcat for a simple netcat
listener in a non-prod environment. Then you can just see what Apache
passes through to it, and don't have to try and understand the Apache
setup - just replicate it precisely in nginx.
Then you can start to understand the setup and modify its behaviour ...
Jonathan
--
Jonathan Matthews // Oxford, London, UK
http://www.jpluscplusm.com/contact.html
More information about the nginx
mailing list