Hello, i have architecture like below. before going microservice, i have 3 seperate server; spring cloud gateway (8085), spring oauth2 (cas client, 8094), cas server
client | gateway -- oauth2 server -- sso | microservices here is the request flow; - 302 http://gateway/oauth2/authorization/login-client - 401 http://authorization/oauth/authorize?response_type=... - 302 http://cas-server/cas/login?service=http://authorization - 302 http://authorization/cas/login?ticket=ST-.... - 302 http://authorization/oauth2/authorize?... - 302 http://gateway/login/oauth2/login-client... and take jwt from oauth2 server, and goes microservice with that jwt. everything works well, but *when i deploy gateway and oauth2 server behind nginx reverse proxy, the service ticket validation not working*, and i always need to relogin and relogin and ...at cas server client | nginx | (gateway -- oauth2 server )-- sso | microservices here is the request flow; - 302 http://gateway/oauth2/authorization/login-client - 401 http://authorization/oauth/authorize?response_type=... - 302 http://cas-server/cas/login?service=http://authorization - *401 http://authorization/cas/login?ticket=ST-....* i am %100 sure that this problem is about nginx. it manipulates something i dont know behind the scene, but i couldnt find. server { listen 80; server_name localhost; root C:/nginx-1.18.0/sites-enabled; location /authz { proxy_set_header Host $host; proxy_pass http://localhost:8094; } location /gateway { proxy_set_header Host $host; proxy_pass http://localhost:8085; } location /oauth2 { proxy_set_header Host $host; proxy_pass http://localhost:8085; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } do you have ideas? thanks -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/83e51119-dcda-45bf-b244-158afc110992%40apereo.org.
