Apache, Nginx, WSGI, django cookies get lost.
- by Jack M.
I'm running into a problem trying to get a Django application running in my staging environment. I'm running nginx as a reverse proxy with Apache 2.2/mod_wsgi as the target, and my Django app behind that. The problem is that the cookies are getting lost somewhere between nginx and Apache.
My nginx.conf (ripped out a few locations to keep it small):
http {
gzip on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Set-Cookie;
upstream django {
server 127.0.0.1:8080;
}
server {
listen 80;
server_name encendio.iigins.com;
location / {
proxy_pass http://django;
}
}
}
My Apache vhosts file:
<VirtualHost *:8080>
ServerName encendio.test.com
ServerAdmin [email protected]
DocumentRoot "/usr/local/www/apache22/data"
WSGIScriptAlias / /usr/local/www/apache22/data/sasquatch/wsgi_handler.py
</VirtualHost>
If I directly to http://encendio.test.com:8080/ the cookies work and I can log into the admin area. If I log into http://encendio.test.com/, the admin area tells me my browser isn't using cookies.
Now things get kind of weird.
I went so far as to look at the environ being passed into my wsgi_handler.py:
_application = django.core.handlers.wsgi.WSGIHandler()
def application(environ, start_response):
print >> sys.stderr, environ.get('HTTP_COOKIE', "No Cookie")
return _application(environ, start_response)
It shows the cookie existing in the environment:
[Mon Mar 22 12:15:50 2010] [error] csrftoken=9f2569elkj67984242f0e7a6dea0b791; sessionid=4e5432hjkds8603f26d5ffa02b10cd27
And this cookie matches up with what I see in nginx's log if I plug in $http_cookie on the end of the log. So Apache is getting the cookie in some form, but it's not ending up where Django can see it.
I'm at my wit's end for why this isn't working, so any help is greatly appreciated.
Ninja Edit:
I forgot to mention that Firefox is seeing the cookies. The oddity is that every time I attempt to log in, I get a new sessionid.