yes apache proxying to Tomcat 6 (backend server). those xx.jsp scripts are all in tomcat 6.
apache and tomcat are on different systems. followed the ideas on documentation use proxypass and reverseproxypass and filter by location/locationmatch will post the apache config tomorrow. Sent from my iPhone On 23/01/2013, at 4:43 PM, Igor Cicimov <icici...@gmail.com> wrote: > > On Wed, Jan 23, 2013 at 3:53 PM, Kheng_Ee <kheng_ee_...@yahoo.com> wrote: >> This is Apache 2.4.3 trace/log talking to Tomcat 6 using reverse proxy >> (ajp_proxy) >> >> [Wed Jan 23 14:43:58.464172 2013] [proxy_ajp:trace5] [pid 3989] >> ajp_header.c(598): [client 57.250.242.249:24921] ajp_unmarshal_response: >> Header[0] [Set-Cookie] = [JSESSIONID=3404058BD1B5FB200B52FA6DA48 >> 8B343; Path=/dm; Secure], referer: http://xxx.com/ddd.html > > This looks like the cookie (https one) is set by the backend server in the > response header, presumably Tomcat. Since you didn't mention what are you > proxy-ing to we can just guess. Also I'll guess that the backend server > receives the traffic on SSL port.. > >> >> [Wed Jan 23 14:43:58.465125 2013] [http:trace4] [pid 3989] >> http_filters.c(806): [client 57.250.242.249:24921] Set-Cookie: >> JSESSIONID=3404058BD1B5FB200B52FA6DA488B343; Path=/dm; Secure, referer: ht >> tp://xxx.com/ddd.html >> >> [Wed Jan 23 14:44:02.194316 2013] [core:trace5] [pid 3989] protocol.c(627): >> [client 57.250.242.249:24921] Request received from client: POST >> /dm/dm.jsp;jsessionid=3404058BD1B5FB200B52FA6DA488B343 >> HTTP/1.1 >> >> [Wed Jan 23 14:44:02.194953 2013] [http:trace4] [pid 3989] >> http_request.c(305): [client 57.250.242.249:24921] Cookie: >> JSESSIONID=3404058BD1B5FB200B52FA6DA488B343, referer: https://xxx.com >> /dm/dm.jsp?language=En >> >> [Wed Jan 23 14:44:02.195547 2013] [core:trace3] [pid 3989] request.c(227): >> [client 57.250.242.249:24921] request authorized without authentication by >> access_checker_ex hook: /dm/dm.jsp;jsessionid >> =3404058BD1B5FB200B52FA6DA488B343, referer: >> https://xxx.com/dm/dm.jsp?language=En >> >> [Wed Jan 23 14:44:06.446938 2013] [http:trace4] [pid 3989] >> http_request.c(305): [client 57.250.242.249:24921] Cookie: >> JSESSIONID=3404058BD1B5FB200B52FA6DA488B343, referer: http://xxx.com/ >> ddd.html >> >> [Wed Jan 23 14:44:06.449677 2013] [proxy_ajp:trace5] [pid 3989] >> ajp_header.c(293): [client 57.250.242.249:24921] ajp_marshal_into_msgb: >> Header[7] [Cookie] = [JSESSIONID=3404058BD1B5FB200B52FA6DA488B343 >> ], referer: http://xxx.com/ddd.html >> >> [Wed Jan 23 14:44:09.543835 2013] [http:trace4] [pid 3989] >> http_request.c(305): [client 57.250.242.249:24921] Cookie: >> JSESSIONID=3404058BD1B5FB200B52FA6DA488B343, referer: https://xxx.com >> /dm/dm.jsp?language=En >> >> [Wed Jan 23 14:44:09.546812 2013] [proxy_ajp:trace5] [pid 3989] >> ajp_header.c(293): [client 57.250.242.249:24921] ajp_marshal_into_msgb: >> Header[7] [Cookie] = [JSESSIONID=3404058BD1B5FB200B52FA6DA488B343 >> ], referer: https://xxx.com/dm/dm.jsp?language=En >> >> >> >> >> >> The steps taken to produce this log are :- >> >> 1) clear the cookies on the browser and restart browser. >> 2) Go link http://xxx.com/ddd.html (script on apache). From the html, it is >> suppose to call "POST /dm/dm.jsp" >> However, for strange reason on protocol.c, this first attempt after the >> 'cookie is cleared on the browser" it is calling >> POST/dm/dm.jsp;jsessionid=3404058BD1B5FB200B52FA6DA488B343 instead and >> failed with error 404. >> >> 3) subseqent attempts, from the html.. it will call "POST /dm/dm.jsp" >> successfully. >> >> >> I wonder why after the browser's cookie is cleared, the first POST is >> embedded with jsessionid (failed) >> and subsequent POST is not embedded with jessionid (successful) > > Would be useful if you send the appropriate snippets of your apache config > including the Proxy and VirtualHost (if any) sections and your backend server > settings, if Tomcat that would be the Connector sections. >
