nginx配置cas单点登录(参考用)
之前做了个项目是分布式的,登录只能用单点登录,需要部署到学校服务器上,但是学校只给一个服务器,一个域名,端口就只开放80跟443,弄了好久都弄不好(可能是我太菜了),然后没办法又去找学校要了个域名,蛮久之前了,具体怎么弄得我也忘了。nginx像下面这么配置就成功了,可以参考看看,说不定有帮助。
cas服务器好像配置了俩次,一个监控443,一个监控80,哪个有用我还真不知道,网站正常之后就没有管过,或者正是俩种都需要吧。
worker_processes 1;
error_log logs/error.log;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
client_header_buffer_size 6m;
client_max_body_size 6m;
sendfile on;
keepalive_timeout 65;
upstream biz_proxy{
ip_hash;
server IP地址:8080;
}
upstream cas_proxy{
ip_hash;
server IP地址:10080;
}
server {
listen 80;
server_name cas服务器的域名;
access_log logs/host.access.log;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header schoolCode $subdomain;
#这边是你需要跳转的IP加端口
proxy_pass http://cas_proxy;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
}
location /nginxerror.png {
root html;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 80;
server_name 你服务器域名;
access_log logs/host.access.log;
if ($host ~* (\b(?!(www)\b)[\w-]+)\.nuaa.edu.cn) {
set $subdomain $1;
set $suburl $request_uri;
}
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header schoolCode $subdomain;
#这边是你需要跳转的IP加端口
proxy_pass http://biz_proxy;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
if ($suburl ~ ^/$){
#这边是需要跳转哪个模块
rewrite ^(.*)/ /xydc/ break;
}
}
location /nginxerror.png {
root html;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 443 ssl;
server_name 域名;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#这边是你需要跳转的IP加端口
proxy_pass https://cas_proxy;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
}
}
}