Hi Sajith & Pavithra,
Thanks for the response. I'll try with sticky session.
Thanks,
Lakshani.
On Fri, Aug 7, 2015 at 1:41 PM, Pavithra Madurangi <pavit...@wso2.com>
wrote:
> Yes this issue will be resolved if you use sticky session.
>
> e.g
>
> upstream idphttps {
> sticky;
> server 192.168.57.178:9444;
> server 192.168.57.179:9444;
>
> Nginx does not support sticky sessions by default. We can use
> https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng module to
> enable stickiness in nginx. It needs to re-compile the source including
> this module and need to create a re-distributable package.
>
> Regards,
> Pavithra
>
> On Fri, Aug 7, 2015 at 1:16 PM, Sajith Abeywardhana <saji...@wso2.com>
> wrote:
>
>> Hi Lakshani,
>>
>> User login process should be handle by single IDP node. When you
>> configure 2 IDP nodes nginx will route the http/s request which relevant to
>> single login process, to both IDPs. I guess that is the issue in here.
>>
>> One solution is, you can enable nginx session persistence using *sticky.*
>> Then
>> nginx identifies user sessions and routes the requests to the same upstream
>> server.
>>
>> Did you check the nginx [/var/log/nginx/]access.log? You can verify by
>> checking the access log whether the nginx route the request to both IDPs or
>> not.
>>
>>
>> *Sajith Abeywardhana* | Software Engineer
>> WSO2, Inc | lean. enterprise. middleware.
>> #20, Palm Grove, Colombo 03, Sri Lanka.
>> Mobile: +94772260485
>> Email: saji...@wso2.com | Web: www.wso2.com
>>
>> On Fri, Aug 7, 2015 at 12:08 AM, Lakshani Gamage <laksh...@wso2.com>
>> wrote:
>>
>>>
>>> Hi all,
>>>
>>> I am setting up an APPM internal deployment with following components.
>>>
>>> VM 1 : Store, Publisher, Gateway, IDP, svn
>>>
>>> VM2 : Store, Publisher, Gateway, IDP, nginx, mysql server
>>>
>>> For above setup I used PoxyPort (443 and 80) for all components. APPM
>>> internal deployment setup is working fine with one IDP.
>>>
>>> Nginx Config file of IDP for working setup as follows.
>>>
>>>
>>> upstream idphttps {
>>> server 192.168.57.178:9444;
>>> }
>>>
>>> upstream idphttp {
>>> server 192.168.57.178:9764;
>>> }
>>>
>>> #via HTTP
>>> server {
>>> listen 80;
>>> server_name idp.appm.wso2.com;
>>>
>>> location / {
>>> index index.html;
>>> proxy_set_header X-Forwarded-Host $host;
>>> proxy_set_header X-Forwarded-Server $host;
>>> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
>>>
>>> proxy_set_header Host $http_host;
>>> proxy_read_timeout 5m;
>>> proxy_send_timeout 5m;
>>>
>>> proxy_pass http://idphttp/;
>>> proxy_redirect http://idphttp/ http://idp.appm.wso2.com/;
>>> }
>>>
>>> }
>>>
>>> #via HTTPS
>>> server {
>>>
>>> listen 443;
>>> server_name idp.appm.wso2.com;
>>>
>>> ssl on;
>>> ssl_certificate /etc/nginx/ssl/nginx.crt;
>>> ssl_certificate_key /etc/nginx/ssl/nginx.key;
>>>
>>> location / {
>>> index index.html;
>>> proxy_set_header X-Forwarded-Host $host;
>>> proxy_set_header X-Forwarded-Server $host;
>>> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
>>>
>>> proxy_set_header Host $http_host;
>>> proxy_read_timeout 5m;
>>> proxy_send_timeout 5m;
>>>
>>> proxy_pass https://idphttps/;
>>> proxy_redirect https://idphttps/ https://idp.appm.wso2.com/;
>>> }
>>> }
>>>
>>>
>>>
>>> But If I use 2 IDPs, I can't login to IS server. There is no error logs
>>> also.
>>>
>>> Nginx config file of IDP as follows.
>>>
>>>
>>>
>>> upstream idphttps {
>>> server 192.168.57.178:9444;
>>> server 192.168.57.179:9444;
>>> }
>>>
>>> upstream idphttp {
>>> server 192.168.57.178:9764;
>>> server 192.168.57.179:9764;
>>> }
>>>
>>> #via HTTP
>>> server {
>>> listen 80;
>>> server_name idp.appm.wso2.com;
>>>
>>> location / {
>>> index index.html;
>>> proxy_set_header X-Forwarded-Host $host;
>>> proxy_set_header X-Forwarded-Server $host;
>>> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
>>>
>>> proxy_set_header Host $http_host;
>>> proxy_read_timeout 5m;
>>> proxy_send_timeout 5m;
>>>
>>> proxy_pass http://idphttp/;
>>> proxy_redirect http://idphttp/ http://idp.appm.wso2.com/;
>>> }
>>>
>>> }
>>>
>>> #via HTTPS
>>> server {
>>>
>>> listen 443;
>>> server_name idp.appm.wso2.com;
>>>
>>> ssl on;
>>> ssl_certificate /etc/nginx/ssl/nginx.crt;
>>> ssl_certificate_key /etc/nginx/ssl/nginx.key;
>>>
>>> location / {
>>> index index.html;
>>> proxy_set_header X-Forwarded-Host $host;
>>> proxy_set_header X-Forwarded-Server $host;
>>> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
>>>
>>> proxy_set_header Host $http_host;
>>> proxy_read_timeout 5m;
>>> proxy_send_timeout 5m;
>>>
>>> proxy_pass https://idphttps/;
>>> proxy_redirect https://idphttps/ https://idp.appm.wso2.com/;
>>> }
>>> }
>>>
>>>
>>> Both IDPs(192.168.57.178:9444, 192.168.57.179:9444) are working
>>> individually. I need both of IDPs for internal deployment setup. Is there
>>> any issue in Nginx config file for both IDP server?
>>>
>>> Thanks,
>>> Lakshani
>>>
>>> _______________________________________________
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>> _______________________________________________
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> *Pavithra Madurangi*
> Associate Technical Lead - QA.
> WSO2 Inc.: http://wso2.com/
> Mobile: 0777207357 / 0112747089
>
--
Lakshani Gamage
*Software Engineer*
Mobile : +94 (0) 71 5478184 <%2B94%20%280%29%20773%20451194>
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
