NGINX没有将标头传递给websocket端点 [英] NGINX not passing headers to websocket endpoint
问题描述
我正在尝试将nginx配置为执行身份验证和Websocket的反向代理.它代理将请求传递给apache(/auth/wsgi)进行身份验证-成功后,它将代理传递给websocked后端,该后端是tomcat 8上基于Java的websocket端点.
I am trying to configure nginx as reverse proxy that does authentication and websockets. It proxy-passes request to apache (/auth/wsgi) for authentication - once that succeeds, it then proxy passes to the websocked backend, which is a java based websocket endpoint on tomcat 8.
location /basic/alerting/websocket {
auth_request /auth/wsgi;
proxy_pass http://backend.com:8080/websocket;
proxy_http_version 1.1;
proxy_set_header Upgrade "Websocket";
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
}
在apache上的身份验证成功.但是,在后端tomcat上,出现此错误:
The authentication on apache succeeds. However, on the backend tomcat, I get this error:
12572237 [http-nio-8080-exec-10]错误org.springframework.web.socket.server.support.DefaultHandshakeHandler-handleWebSocketVersionNotSupported()握手由于不支持的WebSocket版本而失败:null.支持的版本:[13]
12572237 [http-nio-8080-exec-10] ERROR org.springframework.web.socket.server.support.DefaultHandshakeHandler - handleWebSocketVersionNotSupported() Handshake failed due to unsupported WebSocket version: null. Supported versions: [13]
似乎失败是因为后端期望没有通过的标头("Sec-WebSocket-Version").我什至在Nginx日志中看到:
It seems that failure is because the backend is expecting the header ("Sec-WebSocket-Version") which is not getting passed through. I even see in the nginx logs:
2015/03/17 17:28:12 [调试] 20261#0:* 718 http代理标头:"Sec-WebSocket-Version:13"
2015/03/17 17:28:12 [debug] 20261#0: *718 http proxy header: "Sec-WebSocket-Version: 13"
在Nginx配置中我需要做些什么吗?非常感谢您的帮助.
Is there anything I need to do in the nginx config? Very much appreciate your help.
推荐答案
问题是Nginx没有传递所有"Sec-WebSocket- *"标头.然后方法
The problem is that Nginx doesn't pass all the "Sec-WebSocket-*" headers. Then the method AbstractHandshakeHandler.java#handleWebSocketVersionNotSupported() will throw the exception.
解决方法是Nginx复制所有"Sec-WebSocket- *"标头.
请求标头:Sec-WebSocket-Extensions
,Sec-WebSocket-Key
,Sec-WebSocket-Protocol
,Sec-WebSocket-Version
响应头:Sec-WebSocket-Accept
,Sec-WebSocket-Extensions
,Sec-WebSocket-Protocol
The fix is that Nginx to copy all the "Sec-WebSocket-*" headers.
Request headers: Sec-WebSocket-Extensions
, Sec-WebSocket-Key
, Sec-WebSocket-Protocol
, Sec-WebSocket-Version
Response headers: Sec-WebSocket-Accept
, Sec-WebSocket-Extensions
, Sec-WebSocket-Protocol
要复制自定义的Nginx标头,您需要执行以下操作:
To copy a custom Nginx header you need to do something like this:
proxy_set_header Sec-WebSocket-Protocol $http_sec_websocket_protocol
这篇关于NGINX没有将标头传递给websocket端点的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!