We have been having occasional content-length mismatch
errors which we now suspect may be linked to Tomcat 4 or the mod_jk
connector. I am trying to find out if this is a known problem and if so
which version of Tomcat and/or mod_jk we need to upgrade too. I have
been looking through the bugs database but have been unable to find it
with any certainty. Could someone help please?
The problem : content length mismatches (due to the parameters from 2
different POST requests being mixed up?)
Versions : Tomcat 4.1, Java 1.5.0 on HP-UX. I do not have the version of
mod_jk used on that machine at present but can obtain it.
Could someone tell me if this is a known problem and point
me to its details? If it is a problem with Tomcat/mod_jk could someone
tell me which version it was fixed in?
More Details on the problem
The reason we now suspect Tomcat 4 or mod_jk is because it
appears that the POST parameters from 2 different requests have been
mixed up. This has been recreated internally by a script which was
firing requests for a JSP page Welcome.jsp every 30 seconds with the
same set of POST parameters ALAN=WILLIAMS&TEST=1 (length = 20). An error
was reported in a servlet which expected a content length of 183. The
Tomcat logs reported that the parameters it received were
ALAN=WILLIAMS&TEST=1 (length =20). Somehow it was accessing the
parameters for a request for a different URL from a different user. The
excerpt from the Tomcat log is below.
2010-09-02 10:02:46 HttpRequestBase.parseParameters content length
mismatch
URL: http://10.16.99.102:16513/RSTES2/servlet/MyServlet Content
Length: 183
Read: 20
Bytes Read: ALAN=WILLIAMS&TEST=1 (These parameters were
for Welcome.jsp not the servlet)
I suspect that both requests were sent correctly and have
become entangled. The requests did not originate at the same time. The
access logs show that the last request for the JSP page was 24 seconds
earlier. It's as if the details from an old request were picked up when
processing a new one.
10.16.200.54 - - [02/Sep/2010:10:02:22 +0100] "POST
/RSTES2/jsp/login/Welcome.jsp HTTP/1.0" 200 5631 (most recent request
for JSP page by the script)
10.99.1.4 - - [02/Sep/2010:10:02:24 +0100] "POST
/RSTES2/servlet/MyServlet HTTP/1.1" 200 42505 (a single user using the
system normally)
10.99.1.4 - - [02/Sep/2010:10:02:30 +0100] "POST /RSTES2/servlet/
MyServlet HTTP/1.1" 200 42505 (a single user using the system normally)
10.99.1.4 - - [02/Sep/2010:10:02:35 +0100] "POST /RSTES2/servlet/
MyServlet HTTP/1.1" 200 42505 (a single user using the system normally)
10.99.1.4 - - [02/Sep/2010:10:02:41 +0100] "POST /RSTES2/servlet/
MyServlet HTTP/1.1" 200 42505 (a single user using the system normally)
10.99.1.4 - - [02/Sep/2010:10:02:43 +0100] "POST /RSTES2/servlet/
MyServlet HTTP/1.1" 200 206 (a single user using the system normally)
(error occurred at 10:02:46 as above)
10.99.1.4 - - [02/Sep/2010:10:02:47 +0100] "POST /RSTES2/servlet/
MyServlet HTTP/1.1" 200 42505 (a single user using the system normally)
10.16.200.54 - - [02/Sep/2010:10:02:52 +0100] "POST
/RSTES2/jsp/login/Welcome.jsp HTTP/1.0" 200 5631 (a later request for
the JSP page by the script)
Alan
Alan Williams, Senior Analyst/Programmer, 3i Infotech - Western Europe
Tel. Direct: + 44 (0)121 260 3346 | Email:
alan.willi...@3i-infotech.eu | www.3i-infotech.com
This message is intended for the named recipient only and may be
privileged and/or confidential. If you are not the intended or named
recipient or have received this email in error then you should not copy,
forward or disclose it to any other person. The views and opinions
expressed in this e-mail are those of the sender and may not represent
the views and opinions of 3i Infotech (Western Europe) Limited
(registered number 2760212, with its registered office at Level 35, 25
Canada Square, Canary Wharf, London, E14 5LQ) or any subsidiary or
affiliated company within the 3i Infotech group of companies. If you
have received this email in error you should destroy it or contact
postmas...@3i-infotech.eu so that we may take appropriate action.
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
