Bug 970261

Summary: Header corruption issue impacts loading the bpel-console when placed behind mod_ajp
Product: [JBoss] JBoss Enterprise SOA Platform 5 Reporter: Jesse Sightler <jsightle>
Component: BPEL editorAssignee: Nobody <nobody>
Status: NEW --- QA Contact:
Severity: low Docs Contact:
Priority: unspecified    
Version: 5.3.1CC: soa-p-jira
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jesse Sightler 2013-06-03 20:05:38 UTC 
Description of problem:

The content-type header is corrupt, as are possibly others. The content type header in particular cauases issues with the following URL:
/rs/identity/secure/sid

Essentially, the jbossweb (Tomcat) FormAuthenticator looksup a previous request and merges it with the current request headers. However, the coyoteRequest actually maintains a copy of the one of the MessageBytes objects from the previous set of headers.

During the copy process, this becomes corrupt, and can be filled with the value from a different header.

This occurs during login to the bpel_console.

Version-Release number of selected component (if applicable):
5.3.1

How reproducible:
Consistent, but only with certain client browser/os combinations.

Steps to Reproduce:
1. Setup EAP behind an httpd proxy running mod_ajp
2. Attempt to login to the bpel-console
3. The process will appear to hang, and the server will display an exception indicating an invalid content-type


Expected results:

Login to complete normally