-1

I have the following scenario:

A single application that will serve several different domains, on a single server, and a single context of a single Tomcat instance. (The DNS of all domains are configured and functional)

That is, I need it when the browser points to the address:

domain1.example >> redirect to >> http://127.0.0.1/websiteapp

domain2.example >> redirect to >> http://127.0.0.1/websiteapp

domainn.com.br >> redirect to >> http://127.0.0.1/websiteapp

In the application it is retrieved (via request URL) the calling domain, that is, it is my client identifier and through the domain I get the information in the database and return the configured views to that client.

I configured the NGINX (minimum configuration) like this:

server {
      listen          80;
      server_name     domain1.example domain2.example domainn.com.br;
      root /opt/tomcat2/webapps/websites;

      location / {
            proxy_pass http://127.0.0.1:8080/websitesapp;
            proxy_set_header  Host $http_host;
            proxy_set_header X-Forwarded-Host $host;
            proxy_set_header X-Forwarded-Server $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;


      }
}

Tomcat server.xml

<Context docBase="websitesapp" path="/" reloadable="true" source="org.eclipse.jst.jee.server:websitesapp"/>

In the application I retrieve the domain, and "mount" the a view with the information loaded from the database.

Is this setting correct?

Is there any way to pass the domain to tomcat more securely, ie without retrieving it by the browser's URL?

Is there any contraindication to this type of approach?

Any other approach that would be more interesting?

Leandro Paiva
  • 3
  • 3

1 Answers1

0

Except for the server_name, these server blocks are otherwise identical. You can instead use a single server block with a server_name that lists all three domains. Or twenty, if you expand later...

The $http_host is OK to use, even though the browser provided it, because it has been validated. If it did not match one of the names in server_name in one of the server blocks, it would not have been used. (Provided you have a default server, which the default configuration has).

Michael Hampton
  • 244,070
  • 43
  • 506
  • 972
  • Actually I know they are identical, I put it this way just for dittal issues. My main question is whether this approach to getting domain through browser is a good approach. (the domain is my "key" to configure that client's site) I also thought of adding a new "header" including the domain, but I do not know how to do this in nginx. I do not have good knowledge of nginx. – Leandro Paiva Aug 31 '18 at 12:23
  • There's nothing wrong with it. It sounds like you are looking for trouble where none exists. – Michael Hampton Aug 31 '18 at 12:40