Recently, I got a domain name. If I want to use it to directly access the project deployed on Tomcat, I have to add the project name at the beginning. After a short configuration, it succeeded. Visit once and arrive at the landing page. As a result, you can't log in. You have been logging in the interface all the time. It was originally due to the loss of cookie s. Now it is configured as follows to solve the problem perfectly:
server { listen 80; #listen somename:8080; server_name www.XXX.cn; location / { proxy_pass http://IP:8080/projectName/; proxy_cookie_path /projectName/ /; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #root html; #index index.html index.htm; } location /projectName/ { proxy_pass http://IP:8080/projectName/; proxy_cookie_path /projectName/ /; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
Proxy ﹐ cookie ﹐ path / projectName / /; is used to change the cookie path and solve the problem of cookie loss
When configuring domain name access applications, cookie loss often occurs. The reason is that the path of a common configuration cookie is (the address without proxy): http://IP:8080/projectName cookie path: / project
But in order to access the application without adding the project name, we set the location proxy address to /. So we need to change the path of the cookie. Syntax: proxy ﹣ cookie ﹣ path path replacement
Path is the path you need to replace, and replacement is the value you need to replace
proxy_set_header Host $host;
The value of the host variable is obtained according to the following priority:
1. host in the request line
2. Host header in request header
3. server name matching a request
Clearly, there are three points. Take the one with the highest priority. In a literal sense, the selection process is: if there is host information in the request line, take the host in the request line as the host variable
Value (the host and host variables are not the same thing, which is very awkward); if there is no host information in the request line, the value of the host header in the request header is taken as the value of the host variable; if there is no previous two, then
Then the host variable is the service name that matches the request.
Proxy ﹣ set ﹣ header x-real-ip $remote ﹣ addr; used to obtain the real IP address of the user
The details are as follows:
After the reverse proxy, because an intermediate layer is added between the client and the web server, the web server cannot get the ip address of the client directly. The ip address of Nginx will be obtained through the $remote [addr variable,
But Nginx can get the user's real IP. That is to say, when Nginx gets the user's real IP through the $remote ﹣ addr variable, we need to assign
Value it, as the above configuration, Nginx assigns the user's real IP to X-Real-IP, and then gets the IP at the web side request.getAttribute("X-real-ip")
Proxy ﹣ set ﹣ header x-forwarded-for $proxy ﹣ add ﹣ x ﹣ forwarded ﹣ for getting the user's real IP address
Attached are the tools for acquiring IP:
import java.io.IOException; import javax.servlet.http.HttpServletRequest; /** * Common tools for obtaining client information * */ public final class NetworkUtil { /** * Get the IP address of the request host. If you enter through the proxy, get the real IP address through the firewall; * * @param request * @return * @throws IOException */ public final static String getIpAddress(HttpServletRequest request) throws IOException { // Obtain the IP address of the request host. If you enter through the proxy, obtain the real IP address through the firewall String ip = request.getHeader("X-Forwarded-For"); if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("Proxy-Client-IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("WL-Proxy-Client-IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("HTTP_CLIENT_IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("HTTP_X_FORWARDED_FOR"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getRemoteAddr(); } } else if (ip.length() > 15) { String[] ips = ip.split(","); for (int index = 0; index < ips.length; index++) { String strIp = (String) ips[index]; if (!("unknown".equalsIgnoreCase(strIp))) { ip = strIp; break; } } } return ip; } }