Tomcat when doing ssl termination session isn't detected

蓝咒 提交于 2021-02-10 15:15:54

问题


Could anything be different when using nginx (nginx controller in Kubernetes cluster) to do SSL termination and sending data to apache and tomcat as plain HTTP which could prevent our app from detecting the login session?

Everything works fine expect that our app has something called DetectLogin class and it doesn't detect the user session when using nginx SSL termination. If I disable nginx SSL termination and enable SSL passthrough then our app can detect the Login session.

In the logs I see that Port 8009 AJP port is handling the detect login but it isn't detecting the session.

Our traffic flow is like LB -> Nginx controller -> Apache httpd (for static content) -> Tomcat (for serving JSP content). Apache forwards all JSP related to tomcat using AJP port using (mod_jk).

Any suggestions on troubleshooting this will help.


回答1:


@Piotr P. Karwasz Thanks for your comment I was able to figure out that nginx session cookie name was same as TOMCAT cookie name. I disabled all of the following since I was just testing if it had any effect. Disabling or changing the session-cookie-name resolved the issue.

nginx.ingress.kubernetes.io/affinity: "cookie"
nginx.ingress.kubernetes.io/session-cookie-name: "JSESSIONID"
nginx.ingress.kubernetes.io/affinity-mode: "persistent"
nginx.ingress.kubernetes.io/session-cookie-expires: "172800"
nginx.ingress.kubernetes.io/session-cookie-max-age: "172800"


来源:https://stackoverflow.com/questions/65986301/tomcat-when-doing-ssl-termination-session-isnt-detected

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!