Question about the login verification code after Tomcat configures the virtual host

First, describe the problem. Test and run a Java Web site locally. Everything works normally. However, after deploying the website on the Linux server, the system prompts that the verification code is incorrect when a logon error occurs. You need to enter the verification code when logging on, and the original value of the verification code is saved to the session first. Then, click [Log On] and the verification code and the original value entered by the user will be compared. You can view the log and find it at this time, the verification code obtained from the session is null.

At first, I thought it was a code problem in inertia. After several different writing methods, this still exists. I carefully thought about the difference between the server and the local environment and locked a point, the domain name of the server is different from that of the local server. The Tomcat on the server sets the virtual host and uses nginx as the reverse proxy of the domain name. Assume that the project is siteexample. When running locally, the URL is "hettp: // localhost: 8080/siteexample". On the Linux server, in order to construct a friendly website, changed to "http://www.example.com ".

On the server,/www/apps is specified as the Tomcat project release directory. In the Tomcat server. xml file, the configuration of the VM is as follows:

<Host appBase="/www/apps" autoDeploy="true" name="www.example.com" unpackWARs="true">    <Context docBase="/www/apps/siteExample" path="" /></Host>

In the above configuration, the path attribute of the context element is set to "" to remove the project name in the URL so that the URL can be written as "http://www.example.com: 8080 ", then, use the reverse proxy of nginx to remove the port number in the URL.

Considering the differences in domain names, I carefully checked the login request and found the reason. On the JSP page, the resources we write, including the link addresses, should all be relative to the current URL address, but the request URL sent by the front-end staff at login is dead, it is written as "/siteexample/login. do ". Obviously, when running on the server, the absolute URL of the request is ". The original value of the verification code exists in the session of the "http://www.example.com", and the session obtained during the login request is "http://www.example.com/siteexample”, the original value of the verification code is naturally not obtained.

We can see that two different domain names point to web projects in the same physical location, but two different session sessions are generated. If you are interested, you can study the running principle of Tomcat.

Question about the login verification code after Tomcat configures the virtual host