On 02/06/2023 21:00, jonmcalexan...@wellsfargo.com.INVALID wrote:
Good afternoon,
Have a team that just upgraded to 8.5.89 from 8.5.72 and started getting these
messages in the logs:
[2023/06/01][01:05:10.012] : [INIT] - EPMSend (init) - EPMSend = SOAP
[2023/06/01][01:05:10.012] : [INIT] - EPMSend (init) - SOAPPort = 8443
[2023/06/01][01:05:10.012] : [INIT] - EPMSend (init) - SOAPPath =
[2023/06/01][01:05:10.012] : [INIT] - EPMSend (init) - SOAPURL = <Tomcat Instance
URL>
...
[2023/06/01][17:31:01.157] : [EPMSEND] - EPMSend - Established Socket to send
EPM messages
[2023/06/01][17:31:01.227] : [EPMSEND] - EPMSend - Error not 200 OK. HTTP error:
"HTTP/1.1 400 Bad Request" See reply txt message in XMLPathOut directory for
g:\vdata\epmxml/001-HOU-02-20230530-0001-I-X-200-UPDATEUOW-20230601080446029.xml
[2023/06/01][17:31:01.380] : [INIT] - EPMSend (init) - EPMSend = SOAP
Is anyone aware of what could potentially be the cause?
Generally, Tomcat gets stricter enforcing the HTTP specification
requirements over time. This is for a combination of reasons:
- bugs get reported that invalid requests are not rejected
- the HTTP specs are getting stricter over time
- security issues get identified with handling of invalid requests
If you look in the Coyote section of the change log, you should find all
of the changes to HTTP request validation listed. A quick scan for
8.5.72 to 8.5.89 found:
- stricter validation of line termination
- reject requests with malformed content-length headers
- allowHostHeaderMismatch now defaults to false
- rejectIllegalHeader now defaults to true
I suspect it will be one of the last two.
If you set the system property
org.apache.juli.logging.UserDataHelper.CONFIG to INFO_ALL you'll get an
INFO level log message for every request that is rejected.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
