Hi Christopher,
Yes, we need Tomcat to let let the servlet send the 100 response
Apparently weblogic doesnt (or didnt) handle Expects so I added it to
milton, and it seems to work ok:
http://lists.justthe.net/pipermail/milton-users/2010-October/000791.html
What would be required from the server side is that when the client
sends the body of the request this appears to the servlet as a second
request but with the same headers as the original request, minus the
Expects header. Eg
Request1
1. Client sends headers to server, including Expect: Continue
2. Server invokes servlet
3. Servlet sees request and responds with status 100
Request2
4. Client sends body to server (ie no headers)
5. Server invokes servlet with original headers (Request2 is on same TCP
connection as Request1)
6. Servlet now has headers and body so executes the request as normal
If its too hard to carry over the headers from Request1 to Request2 then
thats not necessarily a problem, as long as there's some way for the
servlet to connect the two requests. Eg if there's some identifier for
the TCP connection, for example, that would be sufficient.
Thanks,
Brad
On 13/02/13 03:23, Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Brad,
On 2/11/13 4:02 PM, Brad McEvoy wrote:
On 12/02/13 09:53, Mark Thomas wrote:
Can anyone suggest a way to disable this "feature" short of
hacking tomcat?
You don't want to disable sending 100 Continue responses.
Ideally, you want to delay when it is sent until after any
authentication (so the 401 goes back to the client before they
send the body).
I'm not sure how feasible that would be.
Is your servlet generating the 401? It it was a standard
authenticator generating the 401 it might be doable. If it is a
user servlet then that is going to be trickier. It doesn't help
that the Servlet API has no mechanism for sending a 101.
The milton servlet handles the acknowledgement cycle, including
authorisation checks and 401 response if needed.
All thats needed is a container wide parameter to simply ignore
Expect headers. I'd be happy to poke around in tomcat's innards and
perhaps submit a patch. Would this be in the Http11Processor?
Yep, sadly the servlet API seems to have completely overlooked this
and so everyone has to figure out their own way of dealing with it
I'm speaking from a fairly ignorant position, but I'm curious: are you
asking if Tomcat could simply step out of the way in these cases and
allow the servlet to send its own response when Expect: Continue is
present in the request?
Mark, at the point in the request-processing when the 100 Continue is
sent, has the context already been chosen? If so, could we add a
configuration parameter on the context to disable auto-handling of
Expect:Continue/100-Continue, or is it not as simple as I make it out
to be? Is it even possible for a servlet to handle a 100-Continue
response entirely on its own without collusion with the container?
- -chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
