Thanks for looking into this issue. > What is the exact header & body of the 302 redirect from Tomcat in #2?
2010/08/12 20:20:17:750 CEST [DEBUG] wire - << "HTTP/1.1 302 Moved Temporarily[EOL]" 2010/08/12 20:20:17:750 CEST [DEBUG] wire - << "Server: Apache-Coyote/1.1[EOL]" 2010/08/12 20:20:17:750 CEST [DEBUG] wire - << "Location: http://localhost:8080/test/secure/[EOL]"; 2010/08/12 20:20:17:750 CEST [DEBUG] wire - << "Content-Length: 0[EOL]" 2010/08/12 20:20:17:750 CEST [DEBUG] wire - << "Date: Thu, 12 Aug 2010 18:20:17 GMT[EOL]" 2010/08/12 20:20:17:750 CEST [DEBUG] wire - << "[EOL]" 2010/08/12 20:20:17:750 CEST [DEBUG] headers - << HTTP/1.1 302 Moved Temporarily 2010/08/12 20:20:17:750 CEST [DEBUG] headers - << Server: Apache-Coyote/1.1 2010/08/12 20:20:17:750 CEST [DEBUG] headers - << Location: http://localhost:8080/test/secure/ 2010/08/12 20:20:17:750 CEST [DEBUG] headers - << Content-Length: 0 2010/08/12 20:20:17:750 CEST [DEBUG] headers - << Date: Thu, 12 Aug 2010 18:20:17 GMT > Given that the client performs steps 3 & 4, can you check what's being *sent* > by the client, not what's being received by Tomcat? Client sent data step3 (request redirect uri): 2010/08/12 20:20:17:750 CEST [DEBUG] wire - >> "POST /test/secure/ HTTP/1.1[EOL]" 2010/08/12 20:20:17:750 CEST [DEBUG] wire - >> "Content-Length: 18[EOL]" 2010/08/12 20:20:17:750 CEST [DEBUG] wire - >> "Content-Type: application/x-www-form-urlencoded; charset=UTF-8[EOL]" 2010/08/12 20:20:17:750 CEST [DEBUG] wire - >> "Host: localhost:8080[EOL]" 2010/08/12 20:20:17:750 CEST [DEBUG] wire - >> "Connection: Keep-Alive[EOL]" 2010/08/12 20:20:17:750 CEST [DEBUG] wire - >> "User-Agent: Apache-HttpClient/4.0.1 (java 1.5)[EOL]" 2010/08/12 20:20:17:750 CEST [DEBUG] wire - >> "Expect: 100-Continue[EOL]" 2010/08/12 20:20:17:750 CEST [DEBUG] wire - >> "Cookie: JSESSIONID=DA224C1B02E94524187858267D70A830[EOL]" 2010/08/12 20:20:17:765 CEST [DEBUG] wire - >> "Cookie2: $Version=1[EOL]" 2010/08/12 20:20:17:765 CEST [DEBUG] wire - >> "[EOL]" 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> POST /test/secure/ HTTP/1.1 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> Content-Length: 18 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> Content-Type: application/x-www-form-urlencoded; charset=UTF-8 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> Host: localhost:8080 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> Connection: Keep-Alive 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.0.1 (java 1.5) 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> Expect: 100-Continue 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> Cookie: JSESSIONID=DA224C1B02E94524187858267D70A830 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> Cookie2: $Version=1 2010/08/12 20:20:17:781 CEST [DEBUG] wire - << "HTTP/1.1 100 Continue[EOL]" 2010/08/12 20:20:17:781 CEST [DEBUG] wire - << "[EOL]" 2010/08/12 20:20:17:781 CEST [DEBUG] headers - << HTTP/1.1 100 Continue 2010/08/12 20:20:17:781 CEST [DEBUG] wire - >> "testName=testValue" 2010/08/12 20:20:17:781 CEST [DEBUG] wire - << "HTTP/1.1 200 OK[EOL]" .... Client sent data step4 (re-requesting the same uri): 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "POST /test/secure/ HTTP/1.1[EOL]" 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "Content-Length: 18[EOL]" 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "Content-Type: application/x-www-form-urlencoded; charset=UTF-8[EOL]" 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "Host: localhost:8080[EOL]" 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "Connection: Keep-Alive[EOL]" 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "User-Agent: Apache-HttpClient/4.0.1 (java 1.5)[EOL]" 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "Expect: 100-Continue[EOL]" 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "Cookie: JSESSIONID=A5FB87E6199EADB2AB18010DA295EC99[EOL]" 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "Cookie2: $Version=1[EOL]" 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "[EOL]" 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> POST /test/secure/ HTTP/1.1 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> Content-Length: 18 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> Content-Type: application/x-www-form-urlencoded; charset=UTF-8 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> Host: localhost:8080 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> Connection: Keep-Alive 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.0.1 (java 1.5) 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> Expect: 100-Continue 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> Cookie: JSESSIONID=A5FB87E6199EADB2AB18010DA295EC99 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> Cookie2: $Version=1 2010/08/12 20:20:17:796 CEST [DEBUG] wire - << "HTTP/1.1 100 Continue[EOL]" 2010/08/12 20:20:17:796 CEST [DEBUG] wire - << "[EOL]" 2010/08/12 20:20:17:796 CEST [DEBUG] headers - << HTTP/1.1 100 Continue 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "testName=testValue" 2010/08/12 20:20:17:796 CEST [DEBUG] wire - << "HTTP/1.1 501 Not Implemented[EOL]" ... > Are you sure the client isn't making that error? > What is the client code which makes the request here? I'm not entirely sure about the client code, but posted it to the HTTPComponents list and regarding the logs provided above, the client behaviour seems to be ok. My client code is the following: //SOURCE START DefaultHttpClient httpclient = new DefaultHttpClient(); HttpPost httpost = new HttpPost(new URI("http://localhost:8080/test/secure/";)); List <NameValuePair> nvps = new ArrayList <NameValuePair>(); nvps.add(new BasicNameValuePair("j_username", "tomcat")); nvps.add(new BasicNameValuePair("j_password", "tomcat")); httpost.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8)); HttpResponse response = httpclient.execute(httpost); System.out.println("Response Status: " + response.getStatusLine()); response.getEntity().consumeContent(); httpost.setURI(new URI("http://localhost:8080/test/secure/j_security_check";)); response = httpclient.execute(httpost); HttpEntity entity = response.getEntity(); System.out.println("Response Status: " + response.getStatusLine()); int code = response.getStatusLine().getStatusCode()/100; if(code == 3) { String location = response.getFirstHeader("location").getValue(); System.out.println("==> REDIRECT to "+location); entity.consumeContent(); httpost.setURI(new URI(location)); List <NameValuePair> params = new ArrayList <NameValuePair>(); params.add(new BasicNameValuePair("testName", "testValue")); httpost.setEntity(new UrlEncodedFormEntity(params, HTTP.UTF_8)); for(int i=0; i<5; i++) { response = httpclient.execute(httpost); System.out.println("Response Status: " + response.getStatusLine()); entity = response.getEntity(); entity.consumeContent(); } } httpclient.getConnectionManager().shutdown(); //SOURCE END best regards Hans 2010/8/13 Pid <p...@pidster.com>: > On 13/08/2010 10:07, Hans Wahn wrote: >> Hello Tomcat-Users, >> >> I'm facing a strange issue when using HttpComponents with successive >> POST requests against a simple Tomcat 7 servlet (Form-based POST >> Authentication is enabled). After a sucessfull authentication, the >> client requests the same protected resource a few times in a row, but >> the second request always returns a "501 Method not implemented" >> status. All other requests succeed. >> >> The following communication takes place: >> 1. Client requests a protected resource; Tomcat returns the login page >> (HTTP200) >> 2. Client provides the user credentials and calls the login resource; >> Tomcat returns a redirect (HTTP302) >> 3. Client sets the location from the redirect for the next >> request(identical to URI from #1) and requests it; Tomcat returns the >> page (HTTP200) >> 4. Client requests the same resource again; Tomcat returns a HTTP501 - >> Method not implemented >> 5. Client requests the same resource again; Tomcat returns the page (HTTP200) >> 6. Client requests the same resource again; Tomcat returns the page (HTTP200) >> 7. Client requests the same resource again; Tomcat returns the page (HTTP200) >> >> >> The access log message regarding the 501 says: >> '"testName=testValuePOST /test/secure/ HTTP/1.1" 501 1278', which may > > What is the exact header & body of the 302 redirect from Tomcat in #2? > > Given that the client performs steps 3 & 4, can you check what's being > *sent* by the client, not what's being received by Tomcat? > > Are you sure the client isn't making that error? > > What is the client code which makes the request here? > > > p > >> indicate that the entity data and the HTTP-method name somehow got >> mixed up!? Strangely the HTTP501 does not appear in case of a JSP for >> the requested resource, only if facing a form-based POST >> authentication Servlet in Tomcat 7. The servlet does only implement >> post and get(which calls the doPost) and returns just a string. The >> client code should be fine since I already posted this issue on the >> HTTPComponents mailing list and the data sent over the wire seems to >> be right. >> I'd like to attach the zipped webapp dir along with the simple client >> souce code, but along with the HTTPComponents libraries it's ~450KB >> and I don't know the attachment policy of this list. How can I provide >> further helpfull information? >> >> >> Thanks for helping in advance >> best regards >> Hans >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> > > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
