nginxconfiguration:
server { listen 443 ssl; server_name crowd.example.com; access_log off; client_max_body_size 10M; ssl_certificate /etc/nginx/ssl/crowd.example.com.crt; ssl_certificate_key /etc/nginx/ssl/crowd.example.com.key; location / { proxy_pass http://localhost:8095/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; port_in_redirect off; proxy_redirect https://crowd.example.com/ /; } } 来自server.xml的人群相关部分:
<Service name="Catalina"> <Connector acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8095" redirectPort="8443" useBodyEncodingForURI="true" URIEncoding="UTF-8" proxyName="crowd.example.com" proxyPort="443" scheme="https" secure="true"/> <Engine defaultHost="localhost" name="Catalina"> <Host appBase="webapps" autoDeploy="true" name="localhost" unpackWARs="true"/> </Engine> <Connector port="8009" enableLookups="false" redirectPort="8443" protocol="AJP/1.3" /> </Service>
这是我的crowd.properties:
session.lastvalidation=session.lastvalidation session.tokenkey=session.tokenkey crowd.server.url=http\://localhost\:8095/crowd/services/ application.name=crowd http.timeout=30000 session.isauthenticated=session.isauthenticated application.login.url=http\://localhost\:8095/crowd session.validationinterval=0 application.password=fslLXYfj9DehGTmGjLqZbX
去login https://crowd.example.com/crowd会导致redirect周期。 您可以访问login页面。 (另外, https: //crowd.example.com/也可以。)在FF中使用Firebug来看,我发现它在https://crowd.commercialfire.com/crowd/console/login.action和https: //crowd.commercialfire.com/crowd/console/defaultstartpage.action 。
假设nginx在同一台机器上,请在nginx上试试这个代理configuration:
location / { proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://127.0.0.1:8095/; proxy_redirect off; proxy_connect_timeout 300; }
并将address="127.0.0.1"添加到server.xml文件中的连接器定义(带有proxyName的主连接器定义)