Bug 970261 - Header corruption issue impacts loading the bpel-console when placed behind mod_ajp
Header corruption issue impacts loading the bpel-console when placed behind m...
Status: NEW
Product: JBoss Enterprise SOA Platform 5
Classification: JBoss
Component: BPEL editor (Show other bugs)
5.3.1
Unspecified Linux
unspecified Severity low
: ---
: ---
Assigned To: Shelly McGowan
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-06-03 16:05 EDT by Jesse Sightler
Modified: 2018-01-30 07:33 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jesse Sightler 2013-06-03 16:05:38 EDT
Description of problem:

The content-type header is corrupt, as are possibly others. The content type header in particular cauases issues with the following URL:
/rs/identity/secure/sid

Essentially, the jbossweb (Tomcat) FormAuthenticator looksup a previous request and merges it with the current request headers. However, the coyoteRequest actually maintains a copy of the one of the MessageBytes objects from the previous set of headers.

During the copy process, this becomes corrupt, and can be filled with the value from a different header.

This occurs during login to the bpel_console.

Version-Release number of selected component (if applicable):
5.3.1

How reproducible:
Consistent, but only with certain client browser/os combinations.

Steps to Reproduce:
1. Setup EAP behind an httpd proxy running mod_ajp
2. Attempt to login to the bpel-console
3. The process will appear to hang, and the server will display an exception indicating an invalid content-type


Expected results:

Login to complete normally

Note You need to log in before you can comment on or make changes to this bug.