After checking the overall structure of our application, I noticed that there is an nginx server, acting as a reverse proxy between the front end web browser and the back end servers. I looked through the configuration of the nginx server and found one configuration parameter named proxy_request_buffering, which is set to value ‘on’. This means nginx will forward the http request to the back end server after it completely receives the http request from the front end web browser, which will cause the token in the ‘Authorization’ http header expired after it arrives the back end server. To change this behavior, value ‘off’ should be set for proxy_request_buffering, so that nginx should forward the http request to the back end server immediately receiving it from the web browser.
It will be easy to fix this issue after knowing this fact. I just changed the value of parameter proxy_request_buffering to ‘off’. After restarting the nginx server, I had another try and found the issue fixed.