Edit on GitHub5.4. Proxy Configuration for Tomcat
For integration tasks you may need a proxy server. This part describes the configuration of Nginx HTTP-server as a proxy for CUBA application.
|
If you set up a proxy, do not forget to set cuba.webAppUrl value. |
- Tomcat Setup
-
If Tomcat is used behind a proxy server - it should be configured as well, so that Tomcat can properly dispatch proxy server’s headers.
First, add
Valveto Tomcat configurationconf/server.xml, copy and paste the following code:<Valve className="org.apache.catalina.valves.RemoteIpValve" remoteIpHeader="X-Forwarded-For" requestAttributesEnabled="true" internalProxies="127\.0\.0\.1"/>There is another setting you should consider to change in the
conf/server.xmlfile -AccessLogValvepattern attribute. Add%{x-forwarded-for}ito the pattern, so that Tomcat access log records both original source IP address and IP address(-es) of proxy server(s):<Valve className="org.apache.catalina.valves.AccessLogValve" ... pattern="%h %{x-forwarded-for}i %l %u %t "%r" %s %b" />Then restart Tomcat:
sudo service tomcat8 restart- NGINX
-
For Nginx there are 2 configurations described below. All examples were tested on Ubuntu 18.04.
For example, your web application works on
http://localhost:8080/app.Run command to install Nginx:
sudo apt-get install nginxNavigate to
http://localhostand ensure that Nginx works, you will see Nginx welcome page.Now you may delete the symlink to default Nginx site:
rm /etc/nginx/sites-enabled/default
Next, configure your proxy one of the options selected below.
- Direct Proxy
-
In this case the requests are handled by proxy, transparently passing to the application.
Create Nginx site configuration file
/etc/nginx/sites-enabled/direct_proxy:server { listen 80; server_name localhost; location /app/ { proxy_set_header Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-Proto $scheme; # Required to send real client IP to application server proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; # Optional timeouts proxy_read_timeout 3600; proxy_connect_timeout 240; proxy_http_version 1.1; # Required for WebSocket: proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_pass http://127.0.0.1:8080/app/; } }and restart Nginx
sudo service nginx restartNow you can access your site via
http://localhost/app.
- Redirect to Path
-
This example describes how to change the application’s URL path from /app to /, as if the application were deployed in the root context (similar to /ROOT). This will allow you to access the application at
http://localhost.Create Nginx site configuration file
/etc/nginx/sites-enabled/root_proxy:server { listen 80; server_name localhost; location / { proxy_set_header Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-Proto $scheme; # Required to send real client IP to application server proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; # Optional timeouts proxy_read_timeout 3600; proxy_connect_timeout 240; proxy_http_version 1.1; # Required for WebSocket: proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_pass http://127.0.0.1:8080/app/; # Required for folder redirect proxy_cookie_path /app /; proxy_set_header Cookie $http_cookie; proxy_redirect http://localhost/app/ http://localhost/; } }and restart Nginx
sudo service nginx restartNow you can access your site via
http://localhost.
|
Please note that similar deployment instructions are valid for Jetty, |