Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
Level
0 / 0 points
Next:
badges earned

Your Points Tracker
Challenges
Leaderboard
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Recognition
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Kudos
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

nginx reverse proxy https access to confluence causes redirect loop

Our group is using the following atlassian products: JIRA, Confluence, Fisheye, Bamboo, Crowd with single sign on.

To provide secure access from public networks, we would like to use nginx as a reverse proxy providing https access. So far we have managed to configure JIRA, Bamboo and Fisheye to work with nginx. Our basic configuration for the applications is the following:

server {

server_name <server_name>;

listen 80;

listen 443 ssl;

ssl_certificate <path_to_certificate> ;

ssl_certificate_key <path_to_certificate_key> ;

location ^~ /bamboo {

if ($ssl_protocol = ) {

return 301 https://$server_name$request_uri;

}

proxy_set_header X-Forwarded-Host $host;

proxy_set_header X-Forwarded-Server $host;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_pass http://localhost:8085;

}

(all application has a location section almost identical to the one above, with the exception of the local port and location prefix)

Unfortunately we ran into a problem when we reconfigured Confluence to work in this fashion. The tomcat server used by confluence produces a redirect loop. The most puzzling in this is that, it redirect to a url that is in no way set in any of Confluence's configuration files, and I couldn't find a reference to it in Confluence's database.

Confluence's Connector in <confluence_install>/conf/server.xml is the following:

<connector <="" p="">

acceptCount=100

connectionTimeout=20000

disableUploadTimeout=true

enableLookups=false

maxHttpHeaderSize=8192

maxSpareThreads=75

maxThreads=150

minSpareThreads=25

port=8090

protocol=HTTP/1.1

useBodyEncodingForURI=true

scheme=https

proxyName=<proxy_name>

proxyPort=443/>

Context configuration on the same file is the following:

<context path="/confluence" docbase="../confluence" debug="1" reloadable="false" usehttponly="true">

<manager pathname="/">

<resource name="mail/GmailSMTPServer" <="" p="">

auth=Container

type=javax.mail.Session

mail.smtp.host=<smtp_host>

mail.smtp.port=<smtp_port>

mail.smtp.auth=true

mail.smtp.user=<user>

password=<password>

mail.smtp.starttls.enable=true

mail.transport.protocol=smtp

mail.smtp.socketFactory.class=javax.net.SocketFactory

/>

<resource name="jdbc/confDS" <="" p="">

auth=Container

type=javax.sql.DataSource

username=<username>

password=<password>

maxActive=100

maxIdle=10

driverClassName=org.postgresql.Driver

url=<jdbc_url>

validationQuery=Select 1

/>

</context>

What could cause the redirect loop ?

3 answers

1 accepted

0 votes
Answer accepted
The http connector that Tomcat uses had to be marked as secure with secure="true". Otherwise, it redirected to https, which in turn was redirected to the http port by nginx, thus causing the redirect loop.
Add this to the server.xml:
     secure="true"
     scheme="https"
     proxyName="mycompany.com"
     proxyPort="443"

Note that the application cannot be configured to handle SSL connection (each application will work in one port, without SSL support). The only part that will work with SSL support is the NGINX when talking to the world, not with your local network.

[Apps] ---->> HTTP ----->>[NGINX]-------->>HTTPS------->>(World).

Lucas Lima

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Confluence

⚡️NEW Group for Confluence Cloud Admins

Calling all Confluence Cloud Admins!  We created a new Community Group to support your unique needs as Confluence admins. This is a group where you can ask questions, access resou...

109 views 2 9
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you