I'm trying to use nginx for proxying requests to my internal backend.
My configuration reads as follows:
location /Shibboleth.sso {
proxy_pass internal-backend; # ip
proxy_redirect off;
}
But, my redirects are always rewritten.. My backend returns a response like https://www.google.de/test and my browser receives https://www.mydomain.de/test
How do I get nginx to just forward the response?
I solved the problem. POUND (my ssl-proxy) by default automatically rewrites every location. I added
RewriteLocation 0
to the pound.cfg and finally it worked.
Here is my config:
set $s3_bucket '<BUCKETNAME>.s3.amazonaws.com';
location / {
send_timeout 5m;
proxy_read_timeout 240;
proxy_send_timeout 240;
proxy_connect_timeout 240;
proxy_http_version 1.1;
proxy_set_header Host $s3_bucket;
proxy_set_header Authorization '';
proxy_hide_header x-amz-id-2;
proxy_hide_header x-amz-request-id;
proxy_ignore_headers "Set-Cookie";
proxy_buffering off;
proxy_intercept_errors on;
proxy_redirect off;
resolver 8.8.8.8;
proxy_pass http://$s3_bucket;
}
Tested and working. It just passes the URI over to the S3 instance, allowing you to terminate the SSL connection at the proxy. Useful for firewalls and such that require a static IP; as the AWS address space is huge for white-listing purposes.
