开发者

nginx chaining proxy_pass

开发者 https://www.devze.com 2023-03-19 16:27 出处:网络
I am trying to build a reverse proxy service with nginx that would first validate a session cookie and proxy to the requested backend resource if valdation was successful.

I am trying to build a reverse proxy service with nginx that would first validate a session cookie and proxy to the requested backend resource if valdation was successful.

I have this config ...

# upstream services 

upstream backend_production {
    #ip_hash;
    server cumulonimbus.foo.com:81;
}
map $mycookie $mybackend {
    _SESSION_COOKIE http://backend_production/session.php;
}

# session server
server {
    listen   *:80;
    server_name devcumulonimbus cumulonimbus.foo.com;

    error_log  /var/log/nginx/session.error.log;
    access_log  /var/log/nginx/session.access.log;
    #access_log  off; # turn access_log off for speed

    root /var/www/;

    location = /favicon.ico {
      return 204;
      access_log     off;
      log_not_found  off;
    }


    location / {
        proxy_set_header    Host        $http_host;
        proxy_set_header    X-Real-IP   $remote_addr;
        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_redirect      off;
        proxy_cache off;

        # does cookie exist?
        if ($http_cookie ~* "_SESSION_COOKIE")
        {
            set $mycookie '_SESSION_COOKIE';
            proxy_pass $mybackend;

            error_page  400 403 404 500 = /denied;
            post_action /reader.php;
            break;
        }

        # no cookie
        rewrite ^(.*)$ http://cumulonimbus.foo.co开发者_运维问答m:81/login.php;
    }
    location =/reader.php {
        internal;
        proxy_pass http://backend_production/reader.php;
    }
    location /denied/ {
        internal;
        rewrite ^(.*)$ http://cumulonimbus.foo.com:81/login.php;
    }
}

I set _SESSION_COOKIE in login.php, update the cookie value in session.php and pop a page in reader.php. The problem is that I do not see the page emitted by reader.php eventhough syslog tells me it was hit (only the session.php page is displayed). nginx is the front-end, apache is the backend runnning the php services (this ienvironment is used for prototyping only).

==> /var/log/apache2/error.log <==
session_manager[4350]: CONNECTED TO SESSION MANAGER

==> /var/log/syslog <==
Jul 12 19:41:06 devcumulonimbus session_manager[4350]: CONNECTED TO SESSION MANAGER

==> /var/log/apache2/access.log <==
10.10.11.113 - - [12/Jul/2011:19:41:06 -0700] "GET /session.php HTTP/1.0" 200 454 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:5.0) Gecko/20100101 Firefox/5.0"

==> /var/log/apache2/error.log <==
web_reader[4352]: CONNECTED TO WEB READER

==> /var/log/syslog <==
Jul 12 19:41:06 devcumulonimbus web_reader[4352]: CONNECTED TO WEB READER

If I hit memcache first I can see the page.

I would also like to be able to capture the output response of the first request (first proxy_pass)? should I use the nginx lua module.

0

精彩评论

暂无评论...
验证码 换一张
取 消