logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: HTTP/1.1 Response with httpd-2.2.4-win32-x86-ssl.zip
Author
elster



Joined: 03 Jul 2007
Posts: 3

PostPosted: Tue 03 Jul '07 9:53    Post subject: HTTP/1.1 Response with httpd-2.2.4-win32-x86-ssl.zip Reply with quote

Hello,

I use the above mentioned apache version and get always 1.0 instead of 1.1 responses. Any ideas where that comes from and how it can be changed?

Thanks a lot,
elster

GET / HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, */*
Accept-Language: en,de;q=0.8,fr;q=0.6,en-gb;q=0.4,en-us;q=0.2
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; ICM60; .NET CLR 1.0.3705; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727)
Host: carrier-sievs001.de007.icn.siemens.de:8443
Connection: Keep-Alive

HTTP/1.0 302 Found
Date: Tue, 03 Jul 2007 07:28:07 GMT
Server: Apache/2.2.4 (Win32) mod_ssl/2.2.4 OpenSSL/0.9.8e
Location: https://carrier-sievs001.de007.icn.siemens.de:8443/irj/portal/anonymous?guest_user=anonnsnmobxen
Content-Length: 280
Connection: close
Content-Type: text/html; charset=iso-8859-1

Any ideas how
Back to top
tdonovan
Moderator


Joined: 17 Dec 2005
Posts: 611
Location: Milford, MA, USA

PostPosted: Wed 04 Jul '07 5:48    Post subject: Reply with quote

Your SSL request to port 8443 is being re-directed to /irj/portal/anonymous?guest_user=anonnsnmobxen

Can you tell us what causes this redirect?

Is it something in your Apache configuration, for example the Redirect or RedirectMatch directives? mod_rewrite?

Maybe you are running an application server and it generates the redirect?

Apache 2.2.4 does not send HTTP 1.0 responses to ordinary HTTP 1.1 requests, so you must have something else in your Apache or Application Server configuration we would need to know about in order to answer your question.

-tom-
Back to top
elster



Joined: 03 Jul 2007
Posts: 3

PostPosted: Wed 04 Jul '07 9:49    Post subject: Reply with quote

Hello,

thanks for your reply.

You're right, rewrite rules are configured in ssl.conf:

# redirect to public landing page whenever only server name has been supplied
RewriteCond %{REQUEST_URI} ^/$
RewriteRule ^/$ https://%{SERVER_NAME}:%{SERVER_PORT}/irj/portal/anonymous?guest_user=%{ENV:DEFAULT_ANON_USER} [R,QSA,NE]

# redirect to GetAccess protected URL (/login) in order to get the login page displayed
RewriteCond %{REQUEST_URI} ^/irj/portal/anonymous/login$
RewriteRule .* https://%{SERVER_NAME}:%{SERVER_PORT}/login/portal [R,QSA,NE]

RewriteRule ^/irj/(.*) http://localhost:50000/irj/$1 [P]
RewriteRule ^/login/(.*) http://localhost:50000/irj/$1 [P]

The request is redirected to a SAP J2EE Engine.

Regards,
elster
Back to top
tdonovan
Moderator


Joined: 17 Dec 2005
Posts: 611
Location: Milford, MA, USA

PostPosted: Wed 04 Jul '07 14:45    Post subject: Reply with quote

Your rewrite rules appear to be incorrect.

In your example:
    * the first rule changes "/" to "https://carrier-sievs001.de007.icn.siemens.de:8443/irj/portal/anonymous?guest_user=anonnsnmobxen"
    and adds the "Location:" header to redirect the browser.

    * instead of returning this response to the browser, the subsequent rules are executed because there is no L flag on the first rule.
    (See the notes for the Redirect flag in the RewriteRule docs.)

    * the third rule recognizes "/irj" and proxies this request to "http://localhost:50000/irj/portal/anonymous?guest_user=anonnsnmobxen"
The HTTP 1.0 response is created by whatever is at localhost:50000, not by Apache.

I don't think you want to do both - Redirect and Proxy - to the same request.

-tom-
Back to top
elster



Joined: 03 Jul 2007
Posts: 3

PostPosted: Thu 05 Jul '07 11:41    Post subject: Reply with quote

Hello,

obviously it's not a problem of the SAP j2EE engine Apache redirects to.
If I call it directly, the response comes with the correct protocol version.
The response also comes with the correct protocol version as long as I call Apache without SSL. So it seems that it must have to do something with the SSL termination.

GET /irj/portal HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, */*
Accept-Language: en,de;q=0.8,fr;q=0.6,en-gb;q=0.4,en-us;q=0.2
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; ICM60; .NET CLR 1.0.3705; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727)
Host: carrier-sievs001.de007.icn.siemens.de:50000
Connection: Keep-Alive

HTTP/1.1 200 OK
Server: SAP J2EE Engine/7.00
Content-Type: text/html; charset=UTF-8
Set-Cookie: saplb_*=(J2EE8375300)8375350; Version=1; Path=/
Content-Language: en-US
expires: 0
Content-Encoding: gzip
Date: Thu, 05 Jul 2007 09:34:32 GMT
Transfer-Encoding: chunked
Set-Cookie: PortalAlias=portal; Path=/
Set-Cookie: JSESSIONID=(J2EE8375300)ID1970072650DB01366748528423078274End; Version=1; Domain=.de007.icn.siemens.de; Path=/
Back to top
tdonovan
Moderator


Joined: 17 Dec 2005
Posts: 611
Location: Milford, MA, USA

PostPosted: Thu 05 Jul '07 16:01    Post subject: Reply with quote

You may want to do this to further debug the problem:
    * Stop Apache and delete or rename all the log files in \logs

    * Add these directives to httpd.conf:* Change the existing LogLevel warn directive to LogLevel debug

    * Run the problem request
This will make your logs grow very rapidly, so you probably will not want to leave these settings for very long.
The rewrite.log file will show the details of executing your mod_rewrite rules.
The error.log file will show details of mod_proxy forwarding the request (mod_proxy is triggered by the P flag in RewriteRule).

FYI - when proxying a request, the environment variable "force-proxy-request-1.0" will cause mod_proxy to downgrade the request to HTTP 1.0 when it forwards it to another server. I think you would have noticed this directive if you have it - but maybe it is worth searching all your .conf files just to be sure. Some other environment variables which can do this are "downgrade-1.0" and "force-response-1.0".

The contents of the 280-character response (rather than just the headers) may shed some light on what is happening.
Apache generates a 302 response which starts with:
Quote:
<p>The document has moved <a href=\"{new_location}">here</a>.</p>


It seems that you should add the L flag to your first two RewriteRules so that they do not fall through to the subsequent rules.

-tom-

EDIT: I noticed that downgrade-1.0 and force-response-1.0 are set by default in httpd-ssl.conf for MSIE browsers.
This is most likely your problem if you are using Internet Explorer.

-t-
Back to top


Reply to topic   Topic: HTTP/1.1 Response with httpd-2.2.4-win32-x86-ssl.zip View previous topic :: View next topic
Post new topic   Forum Index -> Apache