Uploaded image for project: 'JBoss Core Services'
  1. JBoss Core Services
  2. JBCS-463

mod_proxy_http cannot handle mid-request responses

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Critical Critical
    • None
    • httpd 2.4.23 SP3 GA
    • httpd, mod_cluster
    • None
    • Workaround Exists
    • Hide

      -Use AJP

      Show
      -Use AJP
    • Hide

      1. deploy post-timeout.war
      2. Set up httpd in front to proxy to tomcat via http:

      ProxyPass / http://localhost:8080/

      3. Attempt a larger post (few mbs) through the proxy and note the 502 instead of a 401:

      curl -vvvk --data @largefile 127.0.0.1/post-timeout/

      Show
      1. deploy post-timeout.war 2. Set up httpd in front to proxy to tomcat via http: ProxyPass / http://localhost:8080/ 3. Attempt a larger post (few mbs) through the proxy and note the 502 instead of a 401: curl -vvvk --data @largefile 127.0.0.1/post-timeout/

      mod_proxy_http lacks full duplex request/response handling, which causes issues in some cases. For instance this scenario:

      1. httpd receives large POST to proxy with no AUTHORIZATION header
      2. It is sent to the Tomcat app, which has a BASIC auth config, resulting in a 401 response
      3. Tomcat provides the 401 while httpd is still proxying in request data and closes the connection.
      4. The connection close causes httpd's continuing request send to fail. It ignores the 401 response from tomcat and provides a 502 error instead:

      [Thu Mar 08 10:21:01.497877 2018] [proxy:error] [pid 8863] (104)Connection reset by peer: [client 127.0.0.1:42124] AH01084: pass request body failed to 127.0.0.1:8080 (127.0.0.1)
[Thu Mar 08 10:21:01.497911 2018] [proxy_http:error] [pid 8863] [client 127.0.0.1:42124] AH01097: pass request body failed to 127.0.0.1:8080 (127.0.0.1) from 127.0.0.1 ()

        1. post-timeout.war
          4 kB
          Aaron Ogburn

              rhn-engineering-jclere Jean-Frederic Clere
              rhn-support-aogburn Aaron Ogburn
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: