tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mathias Herberts <>
Subject Weird mod_jk / Tomcat behavior
Date Thu, 13 Jan 2005 20:03:48 GMT

I've been running Tomcat 3.3 with Apache frontend servers for quite some 
time now without any problems. Recently I switched to Tomcat 4.1.30, 
Apache 1.3.33 and Jakarta Tomcat Connectors 4.1.30.

The site is ran on two servers with load balanced AJP 1.3 workers 
handled by mod_jk. The JDK used is Sun's 1.4.2 on Linux x86.

Recently we started noticing weird behaviors when the site was heavily 
loaded (several tens of requests per second being sent to Tomcat). There 
is an authentication servlet which is accessed using a POST request 
which passes both a username and password to the servlet. Those infos 
are used to check the authentication and retrieve the user context.

The weird behavior we started to notice was that some users would send 
an authentication request and be redirected to the site with the user 
context of another user. At first we thought there was a problem of 
mixed session IDs, but it appears this was not the case. Our suspicion 
is now on the AJP 1.3 link between mod_jk and Tomcat. The AJP 1.3 
protocol sends the request type and header in a different packet than 
the request body, therefore our guess is that for a reason yet unknown 
the AJP Connector on the Tomcat side receives the wrong request body, as 
this body is carrying the user and password info, the authentication is 
done with the wrong user data and therefore the context being loaded for 
the user is that of another one.

Has anybody experienced such a behavior with POST requests being sent 
incorrectly from mod_jk to Tomcat? I saw bug 30551 which talks about 
POST requests but no other mention of those in any other connector bug.

The analysis of the mod_jk code could not lead us to any potential 
problem so we suspect there might be a problem on the Tomcat side, maybe 
because of an incompatibility between the JDK and Tomcat 4.1.30.

Any experience on this part of the Tomcat source code would be greatly 


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message