Topic: HTTP/1.1 Response with httpd-2.2.4-win32-x86-ssl.zip

[elster]

Hello,

I use the above mentioned apache version and get always 1.0 instead of 1.1 responses. Any ideas where that comes from and how it can be changed?

Thanks a lot,
elster

GET / HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, */*
Accept-Language: en,de;q=0.8,fr;q=0.6,en-gb;q=0.4,en-us;q=0.2
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; ICM60; .NET CLR 1.0.3705; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727)
Host: carrier-sievs001.de007.icn.siemens.de:8443
Connection: Keep-Alive

HTTP/1.0 302 Found
Date: Tue, 03 Jul 2007 07:28:07 GMT
Server: Apache/2.2.4 (Win32) mod_ssl/2.2.4 OpenSSL/0.9.8e
Location: https://carrier-sievs001.de007.icn.siemens.de:8443/irj/portal/anonymous?guest_user=anonnsnmobxen
Content-Length: 280
Connection: close
Content-Type: text/html; charset=iso-8859-1

Any ideas how

[tdonovan]

Your SSL request to port 8443 is being re-directed to /irj/portal/anonymous?guest_user=anonnsnmobxen

Can you tell us what causes this redirect?

Is it something in your Apache configuration, for example the Redirect or RedirectMatch directives? mod_rewrite?

Maybe you are running an application server and it generates the redirect?

Apache 2.2.4 does not send HTTP 1.0 responses to ordinary HTTP 1.1 requests, so you must have something else in your Apache or Application Server configuration we would need to know about in order to answer your question.

-tom-

[elster]

Hello,

thanks for your reply.

You're right, rewrite rules are configured in ssl.conf:

# redirect to public landing page whenever only server name has been supplied
RewriteCond %{REQUEST_URI} ^/$
RewriteRule ^/$ https://%{SERVER_NAME}:%{SERVER_PORT}/irj/portal/anonymous?guest_user=%{ENV:DEFAULT_ANON_USER} [R,QSA,NE]

# redirect to GetAccess protected URL (/login) in order to get the login page displayed
RewriteCond %{REQUEST_URI} ^/irj/portal/anonymous/login$
RewriteRule .* https://%{SERVER_NAME}:%{SERVER_PORT}/login/portal [R,QSA,NE]

RewriteRule ^/irj/(.*) http://localhost:50000/irj/$1 [P]
RewriteRule ^/login/(.*) http://localhost:50000/irj/$1 [P]

The request is redirected to a SAP J2EE Engine.

Regards,
elster

[tdonovan]

Your rewrite rules appear to be incorrect.

In your example:

* the first rule changes "/" to "https://carrier-sievs001.de007.icn.siemens.de:8443/irj/portal/anonymous?guest_user=anonnsnmobxen"
and adds the "Location:" header to redirect the browser.

* instead of returning this response to the browser, the subsequent rules are executed because there is no L flag on the first rule.
(See the notes for the Redirect flag in the RewriteRule docs.)

* the third rule recognizes "/irj" and proxies this request to "http://localhost:50000/irj/portal/anonymous?guest_user=anonnsnmobxen"

The HTTP 1.0 response is created by whatever is at localhost:50000, not by Apache.

I don't think you want to do both - Redirect and Proxy - to the same request.

-tom-

[elster]

Hello,

obviously it's not a problem of the SAP j2EE engine Apache redirects to.
If I call it directly, the response comes with the correct protocol version.
The response also comes with the correct protocol version as long as I call Apache without SSL. So it seems that it must have to do something with the SSL termination.

GET /irj/portal HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, */*
Accept-Language: en,de;q=0.8,fr;q=0.6,en-gb;q=0.4,en-us;q=0.2
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; ICM60; .NET CLR 1.0.3705; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727)
Host: carrier-sievs001.de007.icn.siemens.de:50000
Connection: Keep-Alive

HTTP/1.1 200 OK
Server: SAP J2EE Engine/7.00
Content-Type: text/html; charset=UTF-8
Set-Cookie: saplb_*=(J2EE8375300)8375350; Version=1; Path=/
Content-Language: en-US
expires: 0
Content-Encoding: gzip
Date: Thu, 05 Jul 2007 09:34:32 GMT
Transfer-Encoding: chunked
Set-Cookie: PortalAlias=portal; Path=/
Set-Cookie: JSESSIONID=(J2EE8375300)ID1970072650DB01366748528423078274End; Version=1; Domain=.de007.icn.siemens.de; Path=/

[tdonovan]

You may want to do this to further debug the problem:

* Stop Apache and delete or rename all the log files in \logs

* Add these directives to httpd.conf:
RewriteLog "{path_to_apache}/logs/rewrite.log"
RewriteLogLevel 9


* Change the existing LogLevel warn directive to LogLevel debug

* Run the problem request

This will make your logs grow very rapidly, so you probably will not want to leave these settings for very long.
The rewrite.log file will show the details of executing your mod_rewrite rules.
The error.log file will show details of mod_proxy forwarding the request (mod_proxy is triggered by the P flag in RewriteRule).

FYI - when proxying a request, the environment variable "force-proxy-request-1.0" will cause mod_proxy to downgrade the request to HTTP 1.0 when it forwards it to another server. I think you would have noticed this directive if you have it - but maybe it is worth searching all your .conf files just to be sure. Some other environment variables which can do this are "downgrade-1.0" and "force-response-1.0".

The contents of the 280-character response (rather than just the headers) may shed some light on what is happening.
Apache generates a 302 response which starts with: