解决nginx反向代理web service的soap:address location问题

news2024/11/16 21:50:57

原webservice是部署在tomcat上，使用的http协议端口是80，基于安全原因，需要升级使用https，使用了简单的方式在最外层加nginx做反向代理，业务调用webservice接口通过nginx再去访问。nginx需要开启SSL配置证书。

现在发现一个问题是打开WSDL地址中soap:address location是一直是HTTP非HTTPS地址，这样会导致我们通过代理https调用接口会出现报错。301 Moved Permanently。考虑使用nginx的sub_filter模块来替换其中http为http

nginx具体配置如下


server {
		listen 443 ssl;
		server_name abc.163.com;
		root html;
		index index.html index.htm;
		
		ssl_certificate C:/nginx/cert/server.crt;
		ssl_certificate_key C:/nginx/cert/server.key;
		ssl_session_timeout 30m;
		
		# intermediate configuration
		ssl_protocols TLSv1.2 TLSv1.3;
		ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
		ssl_prefer_server_ciphers off;
		
		client_max_body_size 100m;
		

		# To resolve nginx 504 issue
		proxy_connect_timeout 600;
		proxy_send_timeout 600;
		proxy_read_timeout 600;

		
		
		# webservice
		location / {
			proxy_set_header Host $host:$server_port;
			proxy_pass http://192.168.31.200;
			# replace WDSL address location
			sub_filter 'location="http://' 'location="https://';
			# replace all
			sub_filter_once off;
			sub_filter_types text/xml;
		}
		
}

大功告成！