Hi Jack,
Hi everyone,
I'm having trouble setting up Xwiki behind my Reverse Proxy.
As a reverse proxy I have to use IIS. With ARR and URL Rewrite. The rewrite
rules are on the default web site and rwrite to
http://localhost:port/xwiki
(this will later be changed to https)
Now if I log into my Xwki with a user or an admin, if I click on any link
the account isn't logged in anymore.
I don't have this problem with several other applications (for instance
YouTrack or Nexus), nor does it occur if I bypass the proxy.
Any ideas would be welcomed.
Is XWiki running as a cluster, so the session needs to be sticky?
One problem I can think of is that the session cookie keeping the login is set for the
wrong domain.
You can check in the browsers "developer tools" for a "Set-Cookie"
header coming in from the server.
The alternative is the XWiki-cluster experiences your user's requests coming in from
different IPs.
Set the "xwiki.authentication.validationKey" and
"xwiki.authentication.encryptionKey" in xwiki.cfg.
If you keep them at their (commented) defaults, XWiki uses an autogenerated key which uses
the client-IP
and this causes the user to get logged out if the client IP changes.
hope this helps
Clemens
Have a nice day,
Jack
--
View this message in context:
http://xwiki.475771.n2.nabble.com/User-Session-not-sticky-behind-IIS8-Rever…
Sent from the XWiki- Users mailing list archive at
Nabble.com.
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users