BestHub
Sign in
Backend Development 7 min read

Resolving HTTPS Redirect and Session Consistency Issues with Nginx, Tomcat, and Memcached

This guide explains why Nginx proxying to an HTTP backend causes the browser URL to change, how to fix the redirect by using HTTPS, and how to achieve session consistency across multiple Tomcat instances by integrating Memcached for shared session storage.

Architect's Guide
Architect's Guide
Architect's Guide
Resolving HTTPS Redirect and Session Consistency Issues with Nginx, Tomcat, and Memcached

When Nginx is configured with a location block such as location /test { proxy_pass http://www.baidu.com/; } , accessing /test results in a redirect to Baidu; the browser URL changes because Nginx returns a redirect response and the client subsequently requests https://www.baidu.com/ directly, bypassing Nginx.

To prevent this URL change, simply replace http with https in the proxy_pass directive.

When Nginx is used as a reverse proxy for dynamic back‑ends like Tomcat, session consistency can be lost because successive requests may be routed to different backend servers, causing different SessionId values.

The article demonstrates this issue using Docker containers. Two servers (IP 172.20.1.101 and 172.20.1.102 ) run Tomcat with a simple index.jsp that prints the client IP and the session ID:

[root@c5477d71795c ROOT]# pwd
/var/lib/tomcat/webapps/ROOT
[root@c5477d71795c ROOT]# cat index.jsp
from 172.20.1.101
session=<%=session.getId()%>
[root@c5477d71795c ROOT]# pwd
/var/lib/tomcat/webapps/ROOT
[root@c5477d71795c ROOT]# cat index.jsp
from 172.20.1.102
session=<%=session.getId()%>

After configuring Nginx with an upstream group and a /cat location that proxies to the Tomcat group:

upstream tomcat {
    server 172.20.1.101:8080;
    server 172.20.1.102:8080;
}

server {
    ...
    location /cat {
        proxy_pass http://tomcat/;
    }
}

Reloading Nginx and accessing http://172.20.1.10/cat shows that the from field and the session value change on each refresh, indicating that Nginx does not guarantee session stickiness.

The recommended solution is to store session data in a shared in‑memory store such as Redis or Memcached. The article uses Memcached, installed inside the Nginx container:

yum install -y memcached

Start Memcached with:

memcached -d -m 128m -p 11211 -l 172.20.1.10 -u root -P /tmp/

Modify Tomcat’s context.xml to use MemcachedBackupSessionManager :

# vi /etc/tomcat/context.xml

Required Maven dependencies for the session manager are added, for example:

<dependency>
    <groupId>de.javakaffee.msm</groupId>
    <artifactId>memcached-session-manager</artifactId>
    <version>1.8.2</version>
</dependency>
... (other related dependencies) ...

After rebuilding and redeploying Tomcat with these changes, accessing http://172.20.1.10/cat repeatedly shows that the SessionId remains constant, confirming that session consistency is now achieved.

dockerload-balancingNginxTomcatMemcachedSession Persistence
Architect's Guide
Written by

Architect's Guide

Dedicated to sharing programmer-architect skills—Java backend, system, microservice, and distributed architectures—to help you become a senior architect.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment