bladex3.01版本单点登录问题

Blade 已结

关注举报

 2  313

15686819@qq.com 剑圣 2023-05-06 15:52

一、该问题的重现步骤是什么？

nginx配置

server {

listen 8100;

server_name auth;

location / {

proxy_set_header Host $host:$server_port;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_buffering off;

proxy_pass http://gcip-auth:8100;

}

2. website.js

// 第三方系统授权地址

authUrl: 'http://localhost/blade-auth/oauth/render',

// 报表设计器地址(cloud端口为8108,boot端口为80)

reportUrl: 'http://localhost:8108/ureport',

// 单点登录系统认证(blade-auth服务的地)

ssoUrl: 'http://192.168.3.46:8100/oauth/authorize?client_id=saber&response_type=code&redirect_uri=',

// 单点登录回调地址(Saber服务的地址)

redirectUri: 'http://192.168.3.46:9085',

//需要单点登录的aicc的登录页面

aiccSsoUrl: 'http://192.168.3.46:8100/oauth/authorize?client_id=aicc&response_type=code&redirect_uri=http://192.168.3.46:9086',

3.定制化部分

由于是多系统调用，弹出部分的页面省略了，都是直接设置值进去

4、页面跳转流程

目前系统是先登录基础平台 http://192.168.3.46:9085，然后自动跳转到（sso）http://192.168.3.46:8100/oauth/login，

登录基础平台，之后再从基础平台跳转到aicc，目前本地不通过nginx的时候，跳转能正常，但是通过nginx，就经常跳转不过去，偶尔几次能跳转，

不知道从什么思路去检查。

2条回答

zhx1994 (最佳回答者)

2023-05-06 17:56

完整的nginx配置贴一下，9085和9086是什么端口来的

0 讨论(1)
评论:

提交评论
- 加载中...
15686819@qq.com

2023-05-06 18:37
# user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
#include /usr/share/nginx/modules/*.conf;

events {
worker_connections 1024;
}

http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

access_log /var/log/nginx/access.log main;

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;

# 开启gzip压缩
# gzip on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_types image/svg+xml text/plain text/xml text/css text/javascript application/xml application/xhtml+xml application/rss+xml application/javascript application/x-javascript application/x-font-ttf application/vnd.ms-fontobject font/opentype font/ttf font/eot font/otf image/jpeg image/gif image/png image/x-icon;

proxy_send_timeout 30000;
proxy_read_timeout 30000;
client_max_body_size 200m;

# include /etc/nginx/mime.types;
include mime.types;
default_type application/octet-stream;

# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
# include /etc/nginx/conf.d/*.conf;

server {
listen 8100;
server_name auth;
location / {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_pass http://gcip-auth:8100;
}
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /data/www;

# client_max_body_size 10m;
# Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;

location / {
try_files $uri $uri/ @router;
index index.html index.htm;
}

location @router {
rewrite ^.*$ /index.html last;
}

location ^~ /aicc {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
rewrite ^/aicc/(.*)$ /$1 break;
proxy_pass http://192.168.3.46:9086;
}
location ^~ /sso {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
rewrite ^/sso/(.*)$ /$1 break;
proxy_pass http://192.168.3.46:8100;
}
location ^~ /api {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
rewrite ^/api/(.*)$ /$1 break;
proxy_pass http://gcpi-gateway:80;
}

location ^~ /api1 {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
rewrite ^/api1/(.*)$ /$1 break;
proxy_pass http://gcpi-gateway:80;
}

location ^~ /api2 {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
rewrite ^/api2/(.*)$ /$1 break;
proxy_pass http://gcpi-gateway:80;
}
}
}

9085 是基础平台 http://192.168.3.46:9085 登录端口
9086 是 aicc 系统的登录端口
```
principal is null
我的是nginx配置里加了这两个参数解决的

client_header_buffer_size 128k;  
large_client_header_buffers 4 256k;
```
回答: 2023-05-09 19:59

没有解决，继续
0 讨论(0)
评论:

提交评论
- 加载中...

bladex3.01版本单点登录问题

回答: 2023-05-09 19:59