Hello everyone, thanks for looking at the problem, here's a mor complete copy of our NGINX config :
As you can see, there are two differences :
1) we don't use the AUTH PAM module, but our own (a lua script), this should not (at least in theory) make a difference, since both modules merely set a value to a variable that sets the value to the REMOTE_USER header.
2) The proxy_pass directive is done *after* calling the 4 calls to proxy_set_header,
Both configs set the headers :
proxy_set_header REMOTE_USER "$loginOnHost";
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-URL-SCHEME https;
We will setup a proxy instance that does not do authentication (always sets the variable to a hard coded REMOTE_USER), and see if the problem persists.
Meanwhile if you could confirm that you are using this mechanism :
If yes, could the problem be that "REMOTE_SESSION" is being changed at everyt call ?
if yes, I would suspect that the code on paste and or galaxy that does the "create session if none already exists" is the culprit, in this case it would be useful to debug this code, and/or add logging and/or tracing. Any pointers as to what log level to add or where in the code the decision to "create a REMOTE_SESSION if none exists " would be appreciated..