[JBoss-user] [HTTPD, Servlets & JSP] - Problem with a large request body requiring basic authentica

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hello,

I am running with the following configuration on Solaris:

- An IPlanet 6.1 web server with an NSAPI redirector
- JBoss 4.0.2 with Tomcat 5.5 embedded 

On the web server certain requests are forwarded through the redirector to JBoss, and these request both require basic authentication and have data in the request body. When the request body is less than 8K (the AJP packet size) the request is processed without any problem. However, if the request body is over 8K I get a write error on the client.

Looking at the logs for the nsapi redirector I see that Tomcat does not read the entire request body (by sending a GET_BODY_CHUNK according to the AJP protocol) when an authorization negotiation is required. If I include the http authorization header in the initial request (and therefore the negotiation step is not required) it works fine, but this is not an option for us.

I couldn't find any references to this issue in the forums or bug database, but possibly I missed it. It seems like a problem with the AJP implementation in Tomcat 5.5, so possibly I should be posting this to the Tomcat groups.

Has anyone else run into this?

Any information would be appreciated.

Thanks,
Kevin Convy

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3880017#3880017

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3880017