Cliff,
The application performs a redirect because that was the way it was originally designed. It uses the ACEGI security framework. I have turned the ACEGI HTTP -> HTTPS redirect off with the same behavior however.
After my post, I stumbled across the ip_hash upstream variable and that has resolved the issue. Or at least, masked it and made things functional.
I am aware that Nginx is talking to JBoss via HTTP, not HTTPS. Nginx is acting as our front-end SSL termination point, we don't have JBoss configured to answer SSL requests, although for security purposes, that is on my 'to-do' list. Right now, clients don't communicate directly with the JBoss servers, only Nginx, so communication over the internet is encrypted.
I am confused by your statement, "It's not clear why you even bother with the proxy_pass in this location. Just redirect to the HTTPS location and be done." I am new to Nginx, so I followed the Nginx load balancing example (http://wiki.nginx.org/LoadBalanceExample). Is there an easier/better way to configure load balancing among multiple upstream servers?
Thank you for your input,
Matt