BestHub
Sign in
Backend Development 8 min read

Resolving HTTPS Redirect and Session Consistency Issues with Nginx, Docker, and Memcached

This article explains why an Nginx reverse‑proxy configuration that proxies HTTPS requests to a backend server causes the browser URL to change, how to fix the redirect by using HTTPS in the proxy, and how to achieve session consistency across multiple Tomcat instances by deploying Memcached with Docker and adjusting Tomcat’s session manager.

Top Architect
Top Architect
Top Architect
Resolving HTTPS Redirect and Session Consistency Issues with Nginx, Docker, and Memcached

When a location block such as location /test { proxy_pass http://www.baidu.com/; } is used, Nginx forwards the request to the backend HTTP URL, receives a redirect response, and the browser’s address bar changes, meaning the request no longer passes through Nginx’s load‑balancing layer.

The fix is simply to replace the http scheme with https in the proxy_pass directive so that the client remains behind Nginx and the redirect does not occur.

Another problem arises when Nginx proxies to dynamic backends such as Tomcat: the session may not be sticky, causing different requests to be handled by different servers and breaking user state.

To demonstrate the issue, two Docker containers running Tomcat are set up with IPs 172.20.1.101 and 172.20.1.102 . Each server hosts a simple index.jsp that prints the server IP and the session ID, e.g.:

from 172.20.1.101
session=<%=session.getId()%>

Accessing http://172.20.1.101:8080/ and http://172.20.1.102:8080/ shows different session IDs, and refreshing the page changes the ID because Nginx does not enforce session affinity.

The Nginx configuration adds an upstream group and a proxy location:

upstream tomcat {
    server 172.20.1.101:8080;
    server 172.20.1.102:8080;
}

server {
    ...
    location /cat {
        proxy_pass http://tomcat/;
    }
}

To achieve session consistency, a Redis or Memcached store is introduced. Memcached is installed inside the Nginx container with:

yum install -y memcached

and started using:

memcached -d -m 128m -p 11211 -l 172.20.1.10 -u root -P /tmp/

Tomcat’s context.xml is modified to use the Memcached‑backed session manager:

<Manager className="de.javakaffee.web.msm.MemcachedBackupSessionManager"
    memcachedNodes="n1:172.20.1.10:11211"
    sticky="false"
    sessionBackupAsync="false"
    lockingMode="auto"
    requestUriIgnorePattern=".*\.(ico|png|gif|jpg|css|js)$"
    sessionBackupTimeout="1000"
    transcoderFactoryClass="de.javakaffee.web.msm.serializer.kryo.KryoTranscoderFactory" />

The required Maven dependencies are listed, for example:

<dependency>
    <groupId>de.javakaffee</groupId>
    <artifactId>memcached-session-manager</artifactId>
    <version>1.8.2</version>
</dependency>

After redeploying the configuration and restarting Nginx ( ./nginx -s reload ), accessing http://172.20.1.10/cat shows a stable session ID, confirming that session affinity is now guaranteed.

The article concludes by inviting readers to discuss the solution, share questions, and explore related resources.

dockerload-balancingNginxTomcatHTTPSMemcachedsession
Top Architect
Written by

Top Architect

Top Architect focuses on sharing practical architecture knowledge, covering enterprise, system, website, large‑scale distributed, and high‑availability architectures, plus architecture adjustments using internet technologies. We welcome idea‑driven, sharing‑oriented architects to exchange and learn together.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment