Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 26F32200C02 for ; Fri, 20 Jan 2017 15:56:31 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 257CD160B55; Fri, 20 Jan 2017 14:56:31 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 6D4EC160B39 for ; Fri, 20 Jan 2017 15:56:30 +0100 (CET) Received: (qmail 92677 invoked by uid 500); 20 Jan 2017 14:56:29 -0000 Mailing-List: contact issues-help@activemq.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@activemq.apache.org Delivered-To: mailing list issues@activemq.apache.org Received: (qmail 92666 invoked by uid 99); 20 Jan 2017 14:56:29 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 20 Jan 2017 14:56:29 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 18125C0B40 for ; Fri, 20 Jan 2017 14:56:29 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -1.199 X-Spam-Level: X-Spam-Status: No, score=-1.199 tagged_above=-999 required=6.31 tests=[KAM_ASCII_DIVIDERS=0.8, KAM_LAZY_DOMAIN_SECURITY=1, RP_MATCHES_RCVD=-2.999] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id CcTytDvzygUY for ; Fri, 20 Jan 2017 14:56:28 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 266B75F54F for ; Fri, 20 Jan 2017 14:56:28 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 2ABE1E0284 for ; Fri, 20 Jan 2017 14:56:27 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 858C12528D for ; Fri, 20 Jan 2017 14:56:26 +0000 (UTC) Date: Fri, 20 Jan 2017 14:56:26 +0000 (UTC) From: "Gary Tully (JIRA)" To: issues@activemq.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Resolved] (AMQ-6571) HttpClientTransport refuses to accept cookies using `Expires' header MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Fri, 20 Jan 2017 14:56:31 -0000 [ https://issues.apache.org/jira/browse/AMQ-6571?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Gary Tully resolved AMQ-6571. ----------------------------- Resolution: Fixed Fix Version/s: 5.15.0 patch applied with thanks. > HttpClientTransport refuses to accept cookies using `Expires' header > -------------------------------------------------------------------- > > Key: AMQ-6571 > URL: https://issues.apache.org/jira/browse/AMQ-6571 > Project: ActiveMQ > Issue Type: Improvement > Components: Transport > Affects Versions: 5.14.2, 5.14.3 > Reporter: Andrew Flegg > Labels: easyfix > Fix For: 5.15.0 > > Attachments: cookie-handling.patch, cookie-handling.patch > > > h2. Background > We are using ActiveMQ's [HTTP transport|http://activemq.apache.org/http-and-https-transports-reference.html] to connect to brokers hosted in AWS, behind a load balancer. > This transport requires a sticky session (i.e. session affinity) because of the local map of clients in [{{HttpTunnelServlet.clients}}|https://github.com/apache/activemq/blob/master/activemq-http/src/main/java/org/apache/activemq/transport/http/HttpTunnelServlet.java#L60] > AWS's classic load balancer sends sticky session cookies with the {{max-age}} attribute: > {noformat} > AWSELB=2DC7[...]F155;PATH=/;MAX-AGE=36000 > {noformat} > Whereas AWS's new application load balancer, which supports a web application firewall (WAF), uses the {{Expires}} attribute: > {noformat} > AWSALB=QclQ[...]V2kP; Expires=Tue, 27 Dec 2016 09:31:43 GMT; Path=/ > {noformat} > As of [RFC 6265|https://tools.ietf.org/html/rfc6265] both {{max-age}} and {{Expires}} are valid attributes. > h2. Issue > Apache HTTP Client 4.5.2 defaults to a [cookie policy of {{best-match}}|https://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/client/params/CookiePolicy.html]. When the {{AWSALB}} cookie is received, the cookie is not handled and the ActiveMQ log contains the following: > {noformat} > 2017-01-19 12:23:58,185 | WARN | Invalid cookie header: "Set-Cookie: AWSALB=QclQ[...]V2kP; Expires=Tue, 27 Dec 2016 09:31:43 GMT; Path=/". Invalid 'expires' attribute: Tue, 27 Dec 2016 09:31:43 GMT | org.apache.http.client.protocol.ResponseProcessCookies | main > {noformat} > h2. Solution > The solution is to change the cookie policy in {{HttpClientTransport.createHttpClient()}}: > {code:java} > HttpClientParams.setCookiePolicy(params, CookiePolicy.BROWSER_COMPATIBILITY); > {code} > Patch attached. -- This message was sent by Atlassian JIRA (v6.3.4#6332)