Spring Security login won't work when dealing with 2 tomcat and nginx
Have you tried to debug which backend servers the requests are actually being routed to? The nginx upstream module apparently uses round-robin load balancing, so what you're observing seems normal. You login and start a session on one backend server, and subsequently arrive at a different one which has no knowledge of the session (unless you are clustering sessions between them which I'd guess not).
Ideally you'll need to use a sticky-session load-balancer, based on the JSESSIONID cookie. I don't think nginx supports this out of the box, but you can set the ip_hash directive so that individual IP addresses always use the same backend server.