Let me demonstrate I have read the *entire* thread: You stated on 8/10/2010 at 8:16am EDT: > We also made sure there is no traffic /users using the web application during > the tcp dump taken. > How? Are you absolutely sure *no* client generated the POST request?
> ... This has happened in spite of blocking multiple button clicks on jsp page > using jscript filter. > Are you sure? As has been recommended, remove the browser and all it's javascript from the equation. Use wget or curl to manually fire just *one* request and see what happens. > My Observation as per TCP dump command, we clearly see multiple request being > sent from Apache to web server. Not in question at all... but we've not seen any evidence the requests were sourced from Apache. They could just as easily come from a client brower, a firewall or even a proxy server and passed on by Apache. Stated multiple times in various messages of this thread: > For simple test case we used 1 simple transaction Page to do the > activity For insertion, but the since 2 request to web server ,we see > 2 rows inserted in DB > > Still have the browser and it's javascript in the equation. Plus I've yet to see any evidence these requests are sourced from httpd or mod_jk. This could easily be the browser or some component between httpd and the client. You stated on 8/11/2010 at 1:07am EDT: > The same test performed on the Internal IP (http://<ip:port>/ABCD), and was > observed that the single Post request was observed with single Insertion to > DB ... compared to 2 POST request via External IO ( http://ABCD.com ) > We have only ever seen a tcp dump in between Apache httpd and jboss and only fragments at that. Certainly not enough to believe the two are requests are in any way related. The POST command, headers, etc., ... are far better evidence. You stated on 8/11/2010 at 6:37am EDT: > If needed I can even share the "Access Logs" of Apache so that the browser > details match [ IE 7+ / FFox 3+ ] are as available. > I believe at least one of us has already asked for this. Don't make me dig up the quote(s). Let me recap so I am very clear. We have not seen any evidence that these requests are from Apache and/or mod_jk. They could very easily be from: -- a misbehaving client (client in this case is very broad including hack attempts, search crawlers, browsers, etc., ...) -- firewall -- proxy server Just to make matters a little more interesting, client id signatures can easily be faked for any browser you can think of. Just because it claims to be IE doesn't mean it is. A lot of us use mod_jk to connect apache to tomcat. On the rare event this kind of issue has cropped up it seems to always be as a result of something outside apache mod_jk and tomcat. --David On 8/11/10 10:06 AM, Karthik Nanjangude wrote: > Hi > > >>> Maybe you could try a capture from the client system (the one >>> > w/ a browser open). > > As I have already posted the form [ please check last few mails exchanged ] > > If the Sample test on the web application is performed from Outer side world > [http://www.xyx.com/abcd ] > > Tcp dump captured on Apache Http Server, 2 Post request are clearly visible > with 12 sec apart. > > > > > If the Sample test on the same hosted web application performed from within > the internally IP/Port hosted [ http://xyx/abcd ] > > Tcp dump captured on JBoss [Tomcat Built in ] 1 Post request is visible > > > > > Both of the samples were verified in 2 Browsers [IE 7+ / FF3 +] more then 6 > times and the info is captured via tcp Dump. > > > >>> request with wget rather than browsers >>> > Since the Application is in Production and need some Window Time for taking > samples. > > I would definitely get back with the results by EOD 2 morrow > > > With regards > Karthik > > > -----Original Message----- > From: David Smith [mailto:d...@cornell.edu] > Sent: Wednesday, August 11, 2010 7:23 PM > To: Tomcat Users List > Subject: Re: 2 POST requests to underlying Server > > Any chance we could see a snippet of access log showing the two > requests? All I really see here is two packet captures that *look* like > they are from in between tomcat and iis (or whatever you are running as > a front-end web server). Since 10 addresses are not routeable this > looks like all internal traffic. Any chance you could verify this is > happening (or not) between the client browser and your front-end web > server? Maybe you could try a capture from the client system (the one > w/ a browser open). > > --David > > On 8/11/10 2:08 AM, Karthik Nanjangude wrote: > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
