https://issues.apache.org/bugzilla/show_bug.cgi?id=52606
Bug #: 52606
Summary: FORM authentication POST replay broken for AJP
Product: Tomcat 7
Version: 7.0.25
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: regression
Priority: P2
Component: Connectors
AssignedTo: [email protected]
ReportedBy: [email protected]
Classification: Unclassified
Reported and discussed in the following thread on users@:
"Form Authentication POST data not preserved?"
http://markmail.org/message/pldgbe4jbnb46ha4
http://marc.info/?t=132830976900001&r=1&w=2
This supposedly has the same trigger as the issue reported in Comment 9 in bug
51940 [3], that is consuming the body of the original request before replacing
it.
[3] https://issues.apache.org/bugzilla/show_bug.cgi?id=51940#c9
In AbstractAjpProcessor$SocketInputBuffer#doRead() there is a check for
"endOfStream" flag. If the flag is set the method returns immediately and does
not use the bodyBytes field that was initialized to replay the body.
The fix is to add the following line to "REQ_SET_BODY_REPLAY" case in
AbstractAjpProcessor#action(), as confirmed on the users@ thread:
endOfStream = false;
In 6.0.x implementation of AjpProcessor$SocketInputBuffer and of replay action
is the same, but I have not tested whether this bug can be triggered there or
not.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
