Infinite redirect at /login

56 views
Skip to first unread message

SaveTheRbtz

unread,
Nov 11, 2009, 12:44:09 PM11/11/09
to Gitorious
I've just installed Gitorious on our development server on SLES11
using nginx-passenger

When i'm clicking login Firefox says: "The page isn't redirecting
properly. Firefox has detected that the server is redirecting the
request for this address in a way that will never complete."

And i have a whole bunch messages like:
[11/Nov/2009:20:36:31 +0300] "GET /login HTTP/1.1" 302 104 "http://
gitorious.dev.scalaxy.ru/" "Mozilla/5.0 (X11; U; FreeBSD amd64; en-US;
rv:1.9.1.3) Gecko/20090929 Firefox/3.5.3"
[11/Nov/2009:20:36:31 +0300] "GET /login HTTP/1.1" 302 104 "http://
gitorious.dev.scalaxy.ru/" "Mozilla/5.0 (X11; U; FreeBSD amd64; en-US;
rv:1.9.1.3) Gecko/20090929 Firefox/3.5.3"
[11/Nov/2009:20:36:31 +0300] "GET /login HTTP/1.1" 302 104 "http://
gitorious.dev.scalaxy.ru/" "Mozilla/5.0 (X11; U; FreeBSD amd64; en-US;
rv:1.9.1.3) Gecko/20090929 Firefox/3.5.3"
in access.log

You can check it out here: http://gitorious.dev.scalaxy.ru/

Any suggestions?

PS. config/gitorious.yml:

production:
cookie_secret: Bebddfdf
repository_base_path: "/srv/git"
extra_html_head_data:
system_message:
gitorious_client_port: 3000
gitorious_client_host: localhost
gitorious_host: gitorious.dev.scalaxy.ru
gitorious_user: git
exception_notification_emails:
mangle_email_addresses: false
public_mode: false
locale: en
archive_cache_dir: "/var/cache/gitorious-tarballs-cache"
archive_work_dir: "/var/tmp/gitorious-tarballs-work"
only_site_admins_can_create_projects: false
hide_http_clone_urls: false
is_gitorious_dot_org: false


PPS. nginx.conf:

passenger_root /usr/lib64/ruby/gems/1.8/gems/passenger-2.2.5;
passenger_ruby /usr/bin/ruby;

server {
listen 80;
listen 443 default ssl;

server_name gitorious.dev.scalaxy.ru;

ssl_certificate /etc/ssl/servercerts/servercert.pem;
ssl_certificate_key /etc/ssl/servercerts/serverkey.pem;

ssl_session_timeout 5m;

ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:
+SSLv2:+EXP;
ssl_prefer_server_ciphers on;

passenger_enabled on;
rails_spawn_method smart-lv2;

rails_env production;

root /srv/www/htdocs/public;

location ~* \.(ico|jpg|jpeg|gif|png|css|js)(\?[0-9]+)?$ {
root /srv/www/htdocs/public;
expires 30d;
}

error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;

location = /50x.html {
root html;
}

location ~ \.html\.erb$ {
deny all;
}

location ~ /\.ht {
deny all;
}
}

Marius Mårnes Mathiesen

unread,
Nov 12, 2009, 3:04:53 AM11/12/09
to gito...@googlegroups.com
On Wed, Nov 11, 2009 at 6:44 PM, SaveTheRbtz <savet...@gmail.com> wrote:

I've just installed Gitorious on our development server on SLES11
using nginx-passenger

When i'm clicking login Firefox says: "The page isn't redirecting
properly. Firefox has detected that the server is redirecting the
request for this address in a way that will never complete."
 
Hi,
I would suggest this has to do with the SSL requirement on SessionsController#new (which is mapped to /login). Since Nginx basically just proxies to a backend Rails process, the Rails process needs to know the page was requested (to Nginx) using SSL. Otherwise the Rails process assumes it's served over plain HTTP and will redirect to the same URL over https.

Rails (and thereby Gitorious) has several ways of determining whether a request was made over SSL or not, one of which is to inspect the environment variable HTTP_X_FORWARDED_PROTO. So what we want is to have Nginx set this environment variable to "https" when a request is made over SSL.

I'm no Nginx expert, but I believe the line

  proxy_set_header X_FORWARDED_PROTO https;

will add this header for you. You should make sure this header is only set when a request is in fact made over SSL. I don't know if you need to server{} blocks in your Nginx config to achieve this or if there's a conditional that does it, your Nginx skills are probably a lot better than mine.

HTH, 
Marius

--
Marius Mårnes Mathiesen
Rubyist, Shortcut AS
Tel.: (+47) 92 60 95 38.

http://shortcut.no

SaveTheRbtz

unread,
Nov 12, 2009, 7:12:35 AM11/12/09
to Gitorious
Yeah, problem should be solved, but nginx passenger(2.2.5) has some
issues. It's some how do not pass X_FORWARDED_PROTO to rails. I've
confirmed it with 'Rails.logger.error(env.inspect)'

Our ruby developer suggested workaround for this problem like adding
to config/environment.rb

class ActionController::Request
def ssl?
env['SERVER_PORT'] =~ /443/
end
end



On Nov 12, 11:04 am, Marius Mårnes Mathiesen
<marius.mathie...@gmail.com> wrote:
Reply all
Reply to author
Forward
0 new messages