0

I am configuring a REST service in nginx. The path is

http://localhost:8000/services/abc/api/portal/transporter?date=2019-07-15T00:00:00

Can some one help to configure the path. I am trying as

location ~ ^/services/abc/api/portal/transporter/[^/]+$ {
    proxy_pass http://backendserver;
}

here transporter is a parameter. It is giving 404 error.

user19
  • 93
  • 9

1 Answers1

2

Query string isn't a subject to test for location or rewrite directives. Them both works with so-called normalized URI that doesn't include a query string part (normalized URI is /services/abc/api/portal/parameter in your example) that doesn't match ^/services/abc/api/portal/parameter/[^/]+$ regex due to the /[^/]+$ regex suffix. Why do not use just a regular location

location /services/abc/api/portal/parameter {
    proxy_pass http://backendserver;
}

If you want to match only the /services/abc/api/portal/parameter URI (with any query string), you can use an exact match location:

location = /services/abc/api/portal/parameter {
    proxy_pass http://backendserver;
}
Ivan Shatsky
  • 13,267
  • 2
  • 21
  • 37
  • Still I don't understand. Why nginx should know the parameter? Why do not use `location /services/abc/api/portal/ { proxy_pass http://backendserver; }` to serve any parameter? The only reason I can see so far is that different parameters should be served by different backends (or you should somehow transform the request before passing it to the backend). – Ivan Shatsky Oct 11 '21 at 09:23
  • Any chance some other location (maybe regex matching one) overtake the request? Try `location ^~ /services/abc/api/portal/ { proxy_pass http://backendserver; }` Your examples are still different, `http://localhost:8000/services/abc/api/portal?_wadl` won't be served by the above location (due to the trailing slash) while `http://localhost:8000/services/abc/api/portal/transporter?date=2019-07-15T00:00:00` would. – Ivan Shatsky Oct 11 '21 at 09:35
  • What is your URI? Is it `/services/abc/api/portal/parameter?arg=value` or `/services/abc/api/portal?parameter`? You provide different examples. First one should be served with `location /services/abc/api/portal/ { ... }`, the second one with `location = /services/abc/api/portal { ... }` – Ivan Shatsky Oct 11 '21 at 10:14
  • thank you ivan. my URl is /services/abc/api/portal/parameter?arg=value but it is not showing result with location /services/abc/api/portal/ . is there any other possibility to test it? – user19 Oct 11 '21 at 10:25
  • I don't know why this location doesn't work for you. Maybe you put it into the wrong `server` block or do not restart nginx properly after changing configuration or have some other location interfering with this, etc. Everything works as expected for me, as you can check [here](https://pastebin.com/M9U7BcTz). – Ivan Shatsky Oct 11 '21 at 11:18
  • Does `nginx -t` command says your configuration syntax is ok? – Ivan Shatsky Oct 11 '21 at 21:00
  • That example shows how to cut `/service` prefix from the URI before passing the request to the backend. Do you need to alter your request URI somehow? – Ivan Shatsky Oct 13 '21 at 08:34
  • You deleted your last comments, but in short `try_files` can be used in conjunction with `proxy_pass` only when you need to check existence of some file locally, and if it doesn't exists, proxy the request to the backend. It isn't your case anyway. Your error isn't related to your backend too - in that case you'll receive something like `502 Bad Gateway` instead of `404 Not Found`. As I understand, 404 error means nginx doesn't even try to proxy your request but to serve it locally. I don't see any errors in your configuration. Sorry, I don't know why it isn't working correctly. – Ivan Shatsky Oct 13 '21 at 11:15
  • I just noticed that in endpoint they has NTLM authorization. do you think it is creating problem while accessing the data? – user19 Oct 13 '21 at 11:21
  • Yes, it can be the cause. Unfortunately I don't have any experience for working with NTLM auth. Looks like only commercial nginx+ have [NTLM auth support](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#ntlm). You can also look at [this](https://stackoverflow.com/questions/46841978/nginx-proxy-pass-ntlm-authorization) SO thread. – Ivan Shatsky Oct 13 '21 at 11:42
  • Especially give an attention to [this](https://stackoverflow.com/questions/46841978/nginx-proxy-pass-ntlm-authorization#comment80632430_46841978) comment mentioning [What is a correct way(s) to allow login to an IIS site through a reverse proxy?](https://serverfault.com/questions/754351/what-is-a-correct-ways-to-allow-login-to-an-iis-site-through-a-reverse-proxy) ServerFault thread and [nginx reverse proxy with Windows authentication that uses NTLM](https://stackoverflow.com/questions/21284935/nginx-reverse-proxy-with-windows-authentication-that-uses-ntlm) StackOverflow thread. – Ivan Shatsky Oct 13 '21 at 11:53
  • I checked NTLM is hardcoded in Java. so when I am calling the service it has nothing to do with authorization. it's a simple REST service call – user19 Oct 13 '21 at 13:04