httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bu...@dakosy.de
Subject [users@httpd] Antwort: Re: [users@httpd] Problems with Http11NioProtocol and proxy server
Date Thu, 31 Aug 2017 13:43:30 GMT
Hi Luca,

1) there is no error in error_log during that time. Maybe we need to 
change the log level?

2) In this example it's a post request to upload a file. It's the same 
request, sometimes it's working without any errors (HTTP 200) and 
sometimes an error occurs (HTTP 400 or HTTP 500).

3) Below you find the proxy config:

<VirtualHost x.x.x.x:80>
    ServerName          example.com

    DocumentRoot        /var/www/docs/empty

    RedirectMatch       .*$     https://example.com
</VirtualHost>

<VirtualHost x.x.x.x:443>
    ServerName                  example.com

    DocumentRoot                /var/www/docs/empty

    SSLEngine                   on
    SSLCipherSuite 
EECDH:EDH:!RC4!DES!3DES!DES-CBC3-SHA!EDH-RSA-DES-CBC3-SHA!ECDHE-RSA-DES-CBC3-SHA
    Header                      always set Strict-Transport-Security 
"max-age=31556926"

    SSLCertificateFile          "/etc/apache2/ssl/certs/example.crt"
    SSLCertificateKeyFile       "/etc/apache2/ssl/keys/example.key"
    SSLCertificateChainFile     "/etc/apache2/ssl/certs/example-ca.crt"

    ProxyPreserveHost On

    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} ^(HEAD|GET) [NC]
    RewriteCond %{HTTP:Range} ([0-9]*-[0-9]*)(\s*,\s*[0-9]*-[0-9]*)+ [OR]
    RewriteCond %{HTTP:Request-Range} 
([0-9]*-[0-9]*)(\s*,\s*[0-9]*-[0-9]*)+
    RewriteCond %{REQUEST_METHOD} ^OPTIONS
    RewriteRule .* - [F]
    RewriteCond %{HTTP:Connection} Upgrade [NC]
    RewriteCond %{HTTP:Upgrade} websocket [NC]
    RewriteRule /(.*) ws://y.y.y.y:8080/$1 [P,L]

    BrowserMatch ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

    ProxyRequests Off

    ProxyPass           /jmx-console    !
    ProxyPass           /web-console    !

    AddOutputFilterByType DEFLATE text/html text/xml text/css 
text/javascript application/x-javascript application/javascript

    ProxyPass           /               http://y.y.y.y:8080/
    ProxyPassReverse    /               http://y.y.y.y:8080/
</VirtualHost>

4) In case of HTTP 400/HTTP 500 the request is not reaching the access.log 
of the EAP/Tomact.

Thanks & best regards
Marco



Von:    Luca Toscano <toscano.luca@gmail.com>
An:     users@httpd.apache.org
Datum:  31.08.2017 13:44
Betreff:        Re: [users@httpd] Problems with Http11NioProtocol and 
proxy server



Hi Marco,

2017-08-29 11:07 GMT+02:00 <bulau@dakosy.de>:
Hi, 

we've build a web application with JSF 2.1 and RichFaces 4.5.13.Final 
running on JBoss EAP 6.4.12. We're also using a Apache HTTP server 2.4.7 
as a HTTPS/WSS proxy to access the application for customers. 

After we've changed the EAP http connector to 
"org.apache.coyote.http11.Http11NioProtocol" (for using websockets/push), 
ajax requests are often answered by HTTP 400 (Bad Request) or HTTP 500 
(Bad Gateway). 

We're switched back to the EAP http connector "HTTP/1.1" and everything is 
working again as expected. 

If we're accessing the EAP directly (not via proxy) there is also no 
problem. It looks like that there is a problem using Http11NioProtocol 
with Apache HTTP server as a proxy. 

Is there anyone who run into the same problem or has an idea how we can 
solove it? 

We'd need to know a couple of things to help:

1) Is there any specific error in the httpd error_log that gets logged 
when the 400/500s are returned?
2) What kind of requests are you issuing to httpd when you get a 400 and a 
500? Are they different?
3) Can you share your configuration? (at least the one for the proxy)
4) Do you find anything useful in the Tomcat logs when httpd returns the 
errors?

Luca 


Mime
View raw message