Hello,
I have a fresh install of Plone 4.3.10. All functionality is working correctly except the acl_users object via the ZMI.
If I load <mydomain.com>/acl_users/manage_main, which uses a nginx proxy_pass to https, the error is
Cannot GET acl_users/manage_main
(Nothing is recorded in the plone event.log, and nothing hits the front-end server logs where the proxy_pass happens.)
This issue ultimately results in inability to display graceful information telling user to login to access the ZMI page for example.
Interestingly, when I navigate to the ZMI using the ip address and port, (:port/Plone/acl_users/manage_main), I can load the acl_users object.
Am I missing something in the plone configuration for acl_users?
The nginx conf contains:
upstream plone {
server myploneip:6082;
}
server {
listen myfrontendserverip:80;
server_name mydomain.com;
root /projects/standards/docroot/;
autoindex off;
open_file_cache max=1000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
location /.well-known/acme-challenge/ {
root /projects/prototype/challenges;
try_files $uri =404;
}
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen myfrontendserverip:443 ssl;
location / {
proxy_set_header X-XSS-Protection "1; mode=block";
proxy_set_header X-Content-Type-Options "nosniff";
add_header X-Frame-Options "SAMEORIGIN";
rewrite ^/(.*)/(.*)/at_download$ /$1/$2/view redirect;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://plone/VirtualHostBase/https/tsp.prototype.doxcelerate.com:443/Plone/VirtualHostRoot/;
}
}