Red Hat Bugzilla – Bug 970261
Header corruption issue impacts loading the bpel-console when placed behind mod_ajp
Last modified: 2018-01-30 07:33:30 EST
Description of problem: The content-type header is corrupt, as are possibly others. The content type header in particular cauases issues with the following URL: /rs/identity/secure/sid Essentially, the jbossweb (Tomcat) FormAuthenticator looksup a previous request and merges it with the current request headers. However, the coyoteRequest actually maintains a copy of the one of the MessageBytes objects from the previous set of headers. During the copy process, this becomes corrupt, and can be filled with the value from a different header. This occurs during login to the bpel_console. Version-Release number of selected component (if applicable): 5.3.1 How reproducible: Consistent, but only with certain client browser/os combinations. Steps to Reproduce: 1. Setup EAP behind an httpd proxy running mod_ajp 2. Attempt to login to the bpel-console 3. The process will appear to hang, and the server will display an exception indicating an invalid content-type Expected results: Login to complete normally