Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,293,338
Community Members
 
Community Events
165
Community Groups

Crowd + NGINX + SSL

I have set up Crowd + NGINX for reverse proxy and doing SSL.

 

Nginx:

server {
listen 80;
server_name crowd.cloud.domain.nl;
return 301 https://$server_name$request_uri;
}

server {
listen 443 ssl;
server_name crowd.cloud.domain.nl;
ssl_certificate /etc/pki/tls/certs/cloud.domain.nl.crt;
ssl_certificate_key /etc/pki/tls/private/cloud.domain.nl.key;
location / {
proxy_pass http://localhost:8095;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $remote_addr;
port_in_redirect off;
proxy_redirect http://localhost:8095 https://crowd.cloud.domain.nl/;
}
}

server.xml:

 <Connector URIEncoding="UTF-8" acceptCount="100" compressableMimeType="text/html,text/xml,application/xml,text/plain,text/css,application/json,application/javascript,application/x-javascript" compression="on" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8095" redirectPort="8443" sendReasonPhrase="true" useBodyEncodingForURI="true" proxyName="crowd.cloud.domain.nl" proxyPort="443" scheme="https"/>

<Engine defaultHost="localhost" name="Catalina">
<Host appBase="webapps" autoDeploy="true" name="localhost" unpackWARs="true">
<Context path="" docBase="../../crowd-webapp" debug="0">
<Manager pathname="" />
</Context>
</Host>

</Engine>
 

build.properties:

# Modify the attributes of this file to quickly adjust the deployment values of Crowd.

# The Hibernate database dialect to use. See https://confluence.atlassian.com/display/CROWD/Connecting+Crowd+to+a+Database
hibernate.dialect=org.hibernate.dialect.HSQLDialect

# The http port you wish to run crowd from, ie: http://localhost:8095/crowd
crowd.tomcat.connector.port=8095

# Tomcat requires a unique port for shutdown
crowd.tomcat.shutdown.port=8020

# Crowd context root
crowd.url=http://localhost:8095/

# Demo context root
demo.url=http://localhost:8095/demo

# OpenID server context root
openidserver.url=http://localhost:8095/openidserver
 

 

I can access the login page using HTTPS, but when I try to log in I am getting in a loop.

 

What is wrong with my configuration? Thanks! 

2 answers

1 accepted

I'm running into the exact same issue, only with httpd with reverse proxy instead of nginx.

For anyone running into this same problem with apache (httpd), I was able to solve it with the following changes:

In your vhost file:


ProxyRequests off
ProxyPass / http://127.0.0.1:8095/
ProxyPassReverse / http://127.0.0.1:8095/
ProxyPreserveHost on 

 

In your server.xml file, add:

address="127.0.0.1"

to your Connector.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Jira Service Management

Jira Service Management Documentation Opportunities

Hello everyone, Hope everyone is safe! A few months ago we posted an article sharing all the new articles and documentation that we, the AMER Jira Service Management team created. As mentioned ...

163 views 0 4
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you