0 Replies Latest reply on Aug 6, 2012 6:42 AM by vskasper

    Chunked encoded content by HTTPS problem

    vskasper
    vskasper Aug 6, 2012 6:42 AM

      Hi all!

       

      I have the next issue.

      I have a project deployed on Jboss 5.1 server. My server is communicates with clients by SOAP messages. Entry point is HttpServlet. Also there is two types of authantication: BASIC and DIGEST, also some clients can communicate without auth.

      When server is working on 8443 port with HTTPS and BASIC or DIGEST authantication I have the next problem only with clients which sends content in chunked transfer-encoding:

      1. Client sends first SOAP message to initiate new session

      2. Server responds with 401 Unathorized status code because there absent WWW-Authenticate header

      3. Client sends the next message with WWW-Authenticate header conaining credentials

      4. Server sends response with 200 OK status code

      5. Client doesn't sends anything, but must

       

      If auth is switched off all is OK on p.5 server recieves right message from client. Also if communication is on port 8080 HTTP all is OK, message from client is present on p.5. Also if I work with "non-chunked" clients all is ok.

      So problem is only in complex of the next items: https, chunked transfer encoding, BASIC or DIGEST auth

       

      After hours of researching I had found the next:

      1. if Jboss uses JSSE standart connector in jbossweb server.xml the problem is present,

      2. but if I switched on the Tomcat APR connector the problem is desappears.

      3. Also the problem is not present on Jboss 4.2.3 (on JSSE) - this is the most strange thing in this issue

      4. I had decoded ssl packets in Wireshark tcp sniffer and saw strange thing: in Jboss 5 while recieving of p.3, server sends to client one packet, which marked in sniffer by Malformed packet. In Jboss 4.2.3 it is absent

       

      On production I can not use APR connector (it is customers requirement).

       

      Can anybody explain me:

      1. What is the diffrence in HTTPS connector implementation between Jboss 4.2.3 and 5.1?

      2. What is the diffrence in processing of chunked encoded packets between 4.2.3 and 5.1?

       

      P.S.: also I had tried to update/downgrade jbossweb.jar and jbossweb-deployers.jar

       

      Big thanks for any help, I have already spent on this two weeks