Hi Sajith & Pavithra, Thanks for the response. I'll try with sticky session.
Thanks, Lakshani. On Fri, Aug 7, 2015 at 1:41 PM, Pavithra Madurangi <pavit...@wso2.com> wrote: > Yes this issue will be resolved if you use sticky session. > > e.g > > upstream idphttps { > sticky; > server 192.168.57.178:9444; > server 192.168.57.179:9444; > > Nginx does not support sticky sessions by default. We can use > https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng module to > enable stickiness in nginx. It needs to re-compile the source including > this module and need to create a re-distributable package. > > Regards, > Pavithra > > On Fri, Aug 7, 2015 at 1:16 PM, Sajith Abeywardhana <saji...@wso2.com> > wrote: > >> Hi Lakshani, >> >> User login process should be handle by single IDP node. When you >> configure 2 IDP nodes nginx will route the http/s request which relevant to >> single login process, to both IDPs. I guess that is the issue in here. >> >> One solution is, you can enable nginx session persistence using *sticky.* >> Then >> nginx identifies user sessions and routes the requests to the same upstream >> server. >> >> Did you check the nginx [/var/log/nginx/]access.log? You can verify by >> checking the access log whether the nginx route the request to both IDPs or >> not. >> >> >> *Sajith Abeywardhana* | Software Engineer >> WSO2, Inc | lean. enterprise. middleware. >> #20, Palm Grove, Colombo 03, Sri Lanka. >> Mobile: +94772260485 >> Email: saji...@wso2.com | Web: www.wso2.com >> >> On Fri, Aug 7, 2015 at 12:08 AM, Lakshani Gamage <laksh...@wso2.com> >> wrote: >> >>> >>> Hi all, >>> >>> I am setting up an APPM internal deployment with following components. >>> >>> VM 1 : Store, Publisher, Gateway, IDP, svn >>> >>> VM2 : Store, Publisher, Gateway, IDP, nginx, mysql server >>> >>> For above setup I used PoxyPort (443 and 80) for all components. APPM >>> internal deployment setup is working fine with one IDP. >>> >>> Nginx Config file of IDP for working setup as follows. >>> >>> >>> upstream idphttps { >>> server 192.168.57.178:9444; >>> } >>> >>> upstream idphttp { >>> server 192.168.57.178:9764; >>> } >>> >>> #via HTTP >>> server { >>> listen 80; >>> server_name idp.appm.wso2.com; >>> >>> location / { >>> index index.html; >>> proxy_set_header X-Forwarded-Host $host; >>> proxy_set_header X-Forwarded-Server $host; >>> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; >>> >>> proxy_set_header Host $http_host; >>> proxy_read_timeout 5m; >>> proxy_send_timeout 5m; >>> >>> proxy_pass http://idphttp/; >>> proxy_redirect http://idphttp/ http://idp.appm.wso2.com/; >>> } >>> >>> } >>> >>> #via HTTPS >>> server { >>> >>> listen 443; >>> server_name idp.appm.wso2.com; >>> >>> ssl on; >>> ssl_certificate /etc/nginx/ssl/nginx.crt; >>> ssl_certificate_key /etc/nginx/ssl/nginx.key; >>> >>> location / { >>> index index.html; >>> proxy_set_header X-Forwarded-Host $host; >>> proxy_set_header X-Forwarded-Server $host; >>> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; >>> >>> proxy_set_header Host $http_host; >>> proxy_read_timeout 5m; >>> proxy_send_timeout 5m; >>> >>> proxy_pass https://idphttps/; >>> proxy_redirect https://idphttps/ https://idp.appm.wso2.com/; >>> } >>> } >>> >>> >>> >>> But If I use 2 IDPs, I can't login to IS server. There is no error logs >>> also. >>> >>> Nginx config file of IDP as follows. >>> >>> >>> >>> upstream idphttps { >>> server 192.168.57.178:9444; >>> server 192.168.57.179:9444; >>> } >>> >>> upstream idphttp { >>> server 192.168.57.178:9764; >>> server 192.168.57.179:9764; >>> } >>> >>> #via HTTP >>> server { >>> listen 80; >>> server_name idp.appm.wso2.com; >>> >>> location / { >>> index index.html; >>> proxy_set_header X-Forwarded-Host $host; >>> proxy_set_header X-Forwarded-Server $host; >>> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; >>> >>> proxy_set_header Host $http_host; >>> proxy_read_timeout 5m; >>> proxy_send_timeout 5m; >>> >>> proxy_pass http://idphttp/; >>> proxy_redirect http://idphttp/ http://idp.appm.wso2.com/; >>> } >>> >>> } >>> >>> #via HTTPS >>> server { >>> >>> listen 443; >>> server_name idp.appm.wso2.com; >>> >>> ssl on; >>> ssl_certificate /etc/nginx/ssl/nginx.crt; >>> ssl_certificate_key /etc/nginx/ssl/nginx.key; >>> >>> location / { >>> index index.html; >>> proxy_set_header X-Forwarded-Host $host; >>> proxy_set_header X-Forwarded-Server $host; >>> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; >>> >>> proxy_set_header Host $http_host; >>> proxy_read_timeout 5m; >>> proxy_send_timeout 5m; >>> >>> proxy_pass https://idphttps/; >>> proxy_redirect https://idphttps/ https://idp.appm.wso2.com/; >>> } >>> } >>> >>> >>> Both IDPs(192.168.57.178:9444, 192.168.57.179:9444) are working >>> individually. I need both of IDPs for internal deployment setup. Is there >>> any issue in Nginx config file for both IDP server? >>> >>> Thanks, >>> Lakshani >>> >>> _______________________________________________ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> _______________________________________________ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > *Pavithra Madurangi* > Associate Technical Lead - QA. > WSO2 Inc.: http://wso2.com/ > Mobile: 0777207357 / 0112747089 > -- Lakshani Gamage *Software Engineer* Mobile : +94 (0) 71 5478184 <%2B94%20%280%29%20773%20451194>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev