Yesterday, I was assigned a bug, in which uploading a file caused a ‘401 unauthorized’ error response. After analyzing this issue, I found that it took about 10 minutes to upload a file. The long time was caused by network latency and the large size of the file. The file uploading http request initiated by the front end javascript code carries the ‘Authorization’ header to authenticate itself in the back end server. Theoretically, the back end SSO service should be able to authenticate this http request immediately after receiving its headers. The long time uploading should not cause any issue although the authorization token expiration time is 5 minutes.
After checking the overall structure of our application, I noticed that there is an nginx server, acting as a reverse proxy between the front end web browser and the back end servers. I looked through the configuration of the nginx server and found one configuration parameter named proxy_request_buffering, which is set to value ‘on’. This means nginx will forward the http request to the back end server after it completely receives the http request from the front end web browser, which will cause the token in the ‘Authorization’ http header expired after it arrives the back end server. To change this behavior, value ‘off’ should be set for proxy_request_buffering, so that nginx should forward the http request to the back end server immediately receiving it from the web browser.
It will be easy to fix this issue after knowing this fact. I just changed the value of parameter proxy_request_buffering to ‘off’. After restarting the nginx server, I had another try and found the issue fixed.