nginx -> Tomcat with folder path - too many redirects

Question

I'm trying to use nginx as a reverse proxy for two Tomcat Instances, each in their own VM. The problem is: when i start to add a folder-path to the proxy_pass argument, i get a 310 error: Too many redirects.

What am i doing wrong? Any advice is appreciated. The first server just works fine, but as mentioned before, the second, with the added folderpath wont work.

Here is my nginx config:

server {
  listen 80;
  server_name oc.domain.tld;
  location / {

       proxy_pass http://172.16.81.73;
       proxy_set_header Host $host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 }
}

server {
  listen 80;
  server_name test.domain.tld;
  location / {
       proxy_pass http://172.16.75.99/OpenClinica/;
       proxy_set_header Host $host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }
}

server {
   listen       80  default_server;
   server_name  _;
   return       444;
}

edit: there is no SSL enabled at the moment (both tomcat & nginx)

edit2: my rewrite log is empty (if i switch it on, debugging on notice level)
I just discovered this lines in my nginx log(the GET .../login/login line is repeated for about 20 times:

190.215.166.212 - - [04/May/2013:22:29:21 -0400] "GET /OpenClinica/pages/login/login HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.65 Safari/537.31"
190.215.166.212 - - [04/May/2013:22:29:21 -0400] "GET /OpenClinica/pages/login/login HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.65 Safari/537.31"
190.215.166.212 - - [04/May/2013:22:29:25 -0400] "-" 400 0 "-" "-"
190.215.166.212 - - [04/May/2013:22:29:25 -0400] "-" 400 0 "-" "-"

It seems, that nginx requests ....login/login in a loop. So the problem is perhaps on the tomcat side?

Answer 1

I think what is likely to be happening is that the redirect is happening on the Tomcat side, rather than the Nginx side, so I think you may not have given us enough information to figure this out.

However you can investigate this problem easily by enabling the rewrite log for Nginx by adding:

rewrite_log on;

You would then be able to see exactly what it is re-writing and if/where it is getting into a loop, if it's in the Nginx side.

EDIT

I just discovered this lines in my nginx log(the GET .../login/login line is repeated for about 20 times: GET /OpenClinica/pages/login/login GET /OpenClinica/pages/login/login

That definitely sounds like the redirect is occurring purely inside Tomcat rather than it being an internal Nginx redirect as the requests are being passed between them correctly, but your browser can see that it's being redirected to the same place all the time.

I can't be sure of the exact details without seeing all of the relevant code but it looks like some code is doing the equivalent of:

1. Is the user logged in or on the login page at /pages/login/login ?
2. Nope - redirect them to the login page at /pages/login/login

Because Nginx is proxying the request to:

http://172.16.75.99/OpenClinica/;

It always adds OpenClinica to the start of the URL so the Java application thinks it's never /pages/login/login, so it keeps redirecting.

You can fix this either by making the Java redirect be smarter or by changing the proxy setup to remove the OpenClinica path i.e.

proxy_pass http://172.16.75.99

Without a trailing slash to make the URL path be passed through to the Tomcat server exactly as the user requested it.

(You may also be able to set this by setting the appBase path for the application in Tomcat, so that it knows to expect URL paths starting with OpenClinica - but I'm not a Tomcat expert.)