@sbonar wrote:
I am trying to use a custom error file and instead I get a 408 request timeout.
My current setup is my haproxy is running behind an ELB out in AWS.
My config is:
global
log 127.0.0.1 local0
log-send-hostname
lua-load /etc/haproxy/validate_jwt.lua
debug
daemondefaults log global mode http option httplog option dontlognull option logasap timeout connect 5000 timeout client 50000 timeout server 50000 errorfile 403 /etc/haproxy/errorfiles/403error.http frontend http_front bind *:${FE_PORT} monitor-uri /api/v1/health http-request deny if !{ cook('jwt') -m found } !{ cook('cpAccountsJwt') -m found } acl valid_jwt lua.validate_jwt -m bool http-request deny if !valid_jwt http-response del-header X-Frame-Options use_backend %[req.hdr(host),lower,map_dom(/etc/haproxy/aoobm_tunnel.map)] backend be_1a9109498b16029e409542c8f08ef359-qa2 server srv0 10.205.176.203:30089 backend be_2514131711c38b63e59fb4d5a7eaf3b6-qa2 server srv1 10.205.177.110:30091 backend be_3e1adc1008eab307e752a045f0ddc299-qa2 server srv2 10.205.177.110:30083 backend be_cd35febcca3f445a40ca7bac875d483b-qa2 server srv3 10.205.176.203:30085 backend be_d8ffc844e247de743a7fbb83154effa5-qa2 server srv4 10.205.177.110:30087The 403error.http looks like:
HTTP/1.0 403 Forbidden Cache-Control: no-cache Connection: close Content-Type: text/html <html> <head> <title>Connection Permissions Error</title> </head> <body style="font-family:Trebuchet MS, Helvetica Neue, HelveticaNeue, Helvetica, Lato, Arial, Lucida Grande, sans-serif;background:#fff;pad ding: 10px 15px;"> <div style="text-align:center"> <br> <h2 style="font-size:16px"> You do not have sufficient account privleges to<br/> preform the requested action </h2> </div> </body> </htmlIn my logs I plainly see HAProxy detecting a 403:
haproxy[84]: 10.205.63.45:31677 [01/Jun/2017:00:53:16.377] http_front http_front/ 0/-1/-1/-1/+0 403 +633 - - PR-- 13/13/0/0/0 0/0 "GET / HTTP/1.1"
What the heck am I doing wrong??
Posts: 2
Participants: 1