当前位置: > Linux服务器 > nginx >

nginx代理tomcat的问题

时间:2015-01-22 00:47来源:linux.it.net.cn 作者:IT

描述:

https http
浏览器---------nginx---------tomcat

  1. 站点都是放在tomcat上,nginx只是做代理,他们目前在同一台机器上。
  2. 浏览器与nginx走https
  3. nginx与tomcat走http
  4. 对于浏览器来说,整个网站都是https协议。

  5. tomcat上有3个虚拟目录,也就是有3个web站点。
    目前分别是 site1,site2,manage

  6. 现在浏览器直接访问tomcat,这三个站点都可以走通。访问时输入的URL分别是
    http://www.test.com:8081/site1 ====这个是访问site1
    http://www.test.com:8081/site2 ====这个是访问site2
    http://www.test.com:8081/manage ====这个是访问manage

  7. 通过nginx访问这三个站点的URL分别是:
    https://www.test.com/ ====这个是访问site1
    https://www.test.com/site2 ====这个是访问site2
    https://www.test.com/manage ====这个是访问manage

问题是:通过nginx访问这几个站点的首页都能打开,但一旦进入下级目录就报错。
如,进入site1的子目录mem的网页就打不开,报404的错误。
同时,页面地址上居然出现了site1的字样,如https://www.test.com/site1/mem/mytest.jsp
按道理 site1已经被指定为根目录了,也就是被隐藏了。地址上不应该出现site1的。


附:
tomcat的server.xml

<Service name="Catalina">


<Connector port="8081" redirectPort="8443" protocol="HTTP/1.1"
maxHttpHeaderSize="8192" useBodyEncodingForURI="true"
minProcessors="100" maxProcessors="5000"
maxThreads="5000" minSpareThreads="1000" maxSpareThreads="4000"
enableLookups="false" acceptCount="3500"
connectionTimeout="60000" disableUploadTimeout="true" debug="0" uRIEncoding="GBK" />

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="conf/keystore.jks" keystorePass="erui34432"
compression="off" uRIEncoding="GBK"
clientAuth="false" sslProtocol="TLS" />

<Engine name="Catalina" defaultHost="localhost">

<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>

<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">

<Valve className="org.apache.catalina.valves.AccessLogValve" directory="/app/log"
prefix="localhost_access_log." suffix=".txt" pattern="common" resolveHosts="false"/>

</Host>
<Host name="www.test.com" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
<Context path="/site1" docBase="/app/webroot/site1" />
<Context path="/manage" docBase="/app/webroot/manage" />
<Context path="/site2" docBase="/app/webroot/site2" />

</Host>


nginx.conf

server {
listen 80 ;
server_name www.test.com;



rewrite ^ https://$server_name$request_uri? permanent;

}

# HTTPS server

server {
listen 443 ;
server_name localhost;

ssl on;
ssl_certificate cert/mysite1.cer;
ssl_certificate_key cert/mysite1.key;

ssl_session_timeout 5m;

ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!ADH:!EXPORT56:RC4+RSA:+MEDIUM;
ssl_prefer_server_ciphers on;

location / {

index index.html index.htm index.jsp;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header SSL_CERT $ssl_client_cert;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://www.test.com:8081/site1/;
}

location /manage/
{
index index.html index.htm index.jsp;
proxy_set_header Host $host;
proxy_set_header X-Real-Ip $remote_addr;
proxy_set_header SSL_CERT $ssl_client_cert;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://www.test.com:8081/manage/;
}

location /site2/
{
index index.html index.htm index.jsp;
proxy_set_header Host $host;
proxy_set_header X-Real-Ip $remote_addr;
proxy_set_header SSL_CERT $ssl_client_cert;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://www.test.com:8081/site2/;
}

}





可以在Nginx配置文件中这样配置:

location /manage/
{
...
proxy_pass http://tomcatip:8081;
}

对于静态文件可以交给Nginx处理。
location ~ .*.(gif|png|htm|js|jpg|jpeg|ico|rar|flv|css|js|zip|txt|doc|ppt|xls|pdf)?$ {
root html/htdocs/images;
index index.html index.htm;
access_log off;
expires 7d;
}

另外,我这边一般NGinx+Tomcat情况下,tomcat的server.xml文件只改下端口。host段不修改。网站程序放在tomcat的webapps下。

不过地址栏上会显示 www.site.com/manage

(责任编辑:IT)
------分隔线----------------------------
栏目列表
推荐内容