service() failed with http error 413 - error log message from isapi_redirect.log file

[ann ramos <ra...@yahoo.com>]

Hi, 


We are using HP Service Manager 9.2 system.  The web client tier was set up using Windows 2008 R2 64-bit, IIS 7.5, Tomcat 6 and Isapi Redirector 1.2.30.
The client is accessing the site by https because we had created a certificate and binded it to the IIS.  Here are the steps that I used:
	1. Go to IIS.
	2. Go to Server Certificate.
	3. Choose complete certificate request.
	4. Upload the certificate file with the cer extension.
	5. Go to Default Website.
	6. Bind it to HTTPS and point it to the certificate that you just uploaded in #4.
Everything is working fine.  User can access the system through web.  I noticed the following messages (attached fle ) from the isapi_redirect.log file.

Would appreciate it if someone can provide additional information about the message and some ways/ideas on stopping them from occurring.

My apologies if the information that I have provided is not complete.  Let me know so I can add some more details.


Thanks and regards!

Ann

Re: service() failed with http error 413 - error log message from isapi_redirect.log file

[Ann Yahoo <ra...@yahoo.com>]

Yes, I have also increased the one in the server.xml of te tomcat instance.

Haven't tried using it as an http just to see if its going to make a difference. I'm going to ask the users. Thanks.



On 17/07/2012, at 4:59 PM, Rainer Jung <ra...@kippdata.de> wrote:

> On 17.07.2012 06:15, ann ramos wrote:
>> Thanks Tim for your quick reply.
>> 
>> 
>> I have already increased the max_packet_size to the maximum allowable value way way before and it still comes up:
>> 
>> worker.wlb.max_packet_size=65536
> 
> You need to increase the size on the Tomcat side to.
> 
>> Just the  "Request Entity Too Large" error is the one that I want to concentrate on at the moment.
> 
> Can you try using http instead of https? This way we could decide whether it is more likely a problem of forwarding SSL info in the AJP header packet (the 8K resp. 64K thing) or whether some huge header or similar is actually coming from your client.
> 
> Regards,
> 
> Rainer
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: service() failed with http error 413 - error log message from isapi_redirect.log file

[Rainer Jung <ra...@kippdata.de>]

On 17.07.2012 06:15, ann ramos wrote:
> Thanks Tim for your quick reply.
>
>
> I have already increased the max_packet_size to the maximum allowable value way way before and it still comes up:
>
> worker.wlb.max_packet_size=65536

You need to increase the size on the Tomcat side to.

> Just the  "Request Entity Too Large" error is the one that I want to concentrate on at the moment.

Can you try using http instead of https? This way we could decide 
whether it is more likely a problem of forwarding SSL info in the AJP 
header packet (the 8K resp. 64K thing) or whether some huge header or 
similar is actually coming from your client.

Regards,

Rainer


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: service() failed with http error 413 - error log message from isapi_redirect.log file

[ann ramos <ra...@yahoo.com>]

Thanks Tim for your quick reply.  


I have already increased the max_packet_size to the maximum allowable value way way before and it still comes up:

worker.wlb.max_packet_size=65536

Yeah, I noticed the message about the hacking thing.  The website only runs 
internally.  I found a good explanation of that message on the net, 
something about the HP SM software trying to access a file(s) directly 
under the WEB-INF folder.  So I don't worry about that message for now.
Just the  "Request Entity Too Large" error is the one that I want to concentrate on at the moment.


________________________________
 From: Tim Watts <ti...@cliftonfarm.org>
To: users@tomcat.apache.org 
Sent: Tuesday, 17 July 2012 2:06 PM
Subject: Re: service() failed with http error 413 - error log message from isapi_redirect.log file
 
Hi Ann,

On Mon, 2012-07-16 at 19:18 -0700, ann ramos wrote:
> Hi, 
> 
> 
> 
> We are using HP Service Manager 9.2 system.  The web client tier was
> set up using Windows 2008 R2 64-bit, IIS 7.5, Tomcat 6 and Isapi
> Redirector 1.2.30.
> The client is accessing the site by https because we had created a
> certificate and binded it to the IIS.  Here are the steps that I used:
> 
>      1. Go to IIS.
>      2. Go to Server Certificate.
>      3. Choose complete certificate request.
>      4. Upload the certificate file with the cer extension.
>      5. Go to Default Website.
>      6. Bind it to HTTPS and point it to the certificate that you just
>         uploaded in #4.
> Everything is working fine.  User can access the system through web.
> I noticed the following messages (attached fle ) from the
> isapi_redirect.log file.
> 
> 
> Would appreciate it if someone can provide additional information
> about the message and some ways/ideas on stopping them from occurring.
> 
As the log message suggests, 413 is a standard HTTP error code.  Quote
from http://www.faqs.org/rfcs/rfc2616.html:

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
10.4.14 413 Request Entity Too Large

   The server is refusing to process a request because the request
   entity is larger than the server is willing or able to process. The
   server MAY close the connection to prevent the client from continuing
   the request.

   If the condition is temporary, the server SHOULD include a Retry-
   After header field to indicate that it is temporary and after what
   time the client MAY try again.
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

Based on messages like this from the log you attached:

        ajp_marshal_into_msgb::jk_ajp_common.c (469): failed appending the header value

it sounds like you might need to bump 'max_packet_size' in your
workers.properties.  See 

        http://tomcat.apache.org/connectors-doc/reference/workers.html

for details.

HOWEVER, did you notice this in the log?

        [Mon Jul 16 15:19:37.365 2012] [3420:6708] [emerg]
        HttpFilterProc::jk_isapi_plugin.c (1921):
        [/sm9/dv/META-INF/services/javax.xml.transform.TransformerFactory] points to the web-inf or meta-inf directory. Somebody tries to hack into the site!!!

Someone may be trying to exploit buffer overruns on your site.


> 
> My apologies if the information that I have provided is not complete.
> Let me know so I can add some more details.
> 
> 
> 
> Thanks and regards!
> 
> 
> Ann
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org

Re: service() failed with http error 413 - error log message from isapi_redirect.log file

[Tim Watts <ti...@cliftonfarm.org>]

Hi Ann,

On Mon, 2012-07-16 at 19:18 -0700, ann ramos wrote:
> Hi, 
> 
> 
> 
> We are using HP Service Manager 9.2 system.  The web client tier was
> set up using Windows 2008 R2 64-bit, IIS 7.5, Tomcat 6 and Isapi
> Redirector 1.2.30.
> The client is accessing the site by https because we had created a
> certificate and binded it to the IIS.  Here are the steps that I used:
> 
>      1. Go to IIS.
>      2. Go to Server Certificate.
>      3. Choose complete certificate request.
>      4. Upload the certificate file with the cer extension.
>      5. Go to Default Website.
>      6. Bind it to HTTPS and point it to the certificate that you just
>         uploaded in #4.
> Everything is working fine.  User can access the system through web.
> I noticed the following messages (attached fle ) from the
> isapi_redirect.log file.
> 
> 
> Would appreciate it if someone can provide additional information
> about the message and some ways/ideas on stopping them from occurring.
> 
As the log message suggests, 413 is a standard HTTP error code.  Quote
from http://www.faqs.org/rfcs/rfc2616.html:

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
10.4.14 413 Request Entity Too Large

   The server is refusing to process a request because the request
   entity is larger than the server is willing or able to process. The
   server MAY close the connection to prevent the client from continuing
   the request.

   If the condition is temporary, the server SHOULD include a Retry-
   After header field to indicate that it is temporary and after what
   time the client MAY try again.
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

Based on messages like this from the log you attached:

        ajp_marshal_into_msgb::jk_ajp_common.c (469): failed appending the header value

it sounds like you might need to bump 'max_packet_size' in your
workers.properties.  See 

        http://tomcat.apache.org/connectors-doc/reference/workers.html

for details.

HOWEVER, did you notice this in the log?

        [Mon Jul 16 15:19:37.365 2012] [3420:6708] [emerg]
        HttpFilterProc::jk_isapi_plugin.c (1921):
        [/sm9/dv/META-INF/services/javax.xml.transform.TransformerFactory] points to the web-inf or meta-inf directory. Somebody tries to hack into the site!!!

Someone may be trying to exploit buffer overruns on your site.


> 
> My apologies if the information that I have provided is not complete.
> Let me know so I can add some more details.
> 
> 
> 
> Thanks and regards!
> 
> 
> Ann
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org