Hello, i have architecture like below. before going microservice, i have 3 seperate server; spring cloud gateway (8085), spring oauth2 (cas client, 8094), cas server
client | gateway -- oauth2 server -- sso | microservices here is the request flow; - 302 http://gateway/oauth2/authorization/login-client - 401 http://authorization/oauth/authorize?response_type=... - 302 http://cas-server/cas/login?service=http://authorization - 302 http://authorization/cas/login?ticket=ST-.... - 302 http://authorization/oauth2/authorize?... - 302 http://gateway/login/oauth2/login-client... and take jwt from oauth2 server, and goes microservice with that jwt. everything works well, but *when i deploy gateway and oauth2 server behind nginx reverse proxy, the service ticket validation not working*, and i always need to relogin and relogin and ...at cas server client | nginx | (gateway -- oauth2 server )-- sso | microservices here is the request flow; - 302 http://gateway/oauth2/authorization/login-client - 401 http://authorization/oauth/authorize?response_type=... - 302 http://cas-server/cas/login?service=http://authorization - *401 http://authorization/cas/login?ticket=ST-....* i am %100 sure that this problem is about nginx. it manipulates something i dont know behind the scene, but i couldnt find. server { listen 80; server_name localhost; root C:/nginx-1.18.0/sites-enabled; location /authz { proxy_set_header Host $host; proxy_pass http://localhost:8094; } location /gateway { proxy_set_header Host $host; proxy_pass http://localhost:8085; } location /oauth2 { proxy_set_header Host $host; proxy_pass http://localhost:8085; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } do you have ideas? thanks -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/83e51119-dcda-45bf-b244-158afc110992%40apereo.org.