It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Guidelines | FAQ
Follow this question
Question details

×7,457
×6,032
×1,286

question asked: Aug 25 '23, 9:00 a.m.
question was seen: 1,165 times
last updated: Oct 05 '23, 5:15 a.m.

Related questions

Apache Httpd redirection declined for JTS

0
Neeraj Malik (111) | asked Aug 25 '23, 9:00 a.m.

 have issues with proxy configuration of Apache httpd with Distributed installation of IBM ELM on RHEL9. JTS Authentication works well and data copied from Production to staginng env and it's part of migration from RHEL7 to RHEL9.


configured apache ssl.config and httpd.config same as production. but version of apache httpd is different for RHEL9.

--3c6eff25-A--
[25/Aug/2023:14:22:10 +0200] ZOic8msstZBP6zlXwHVOYgAAAAQ 2.252.219.83 62117 2.253.207.43 9443
--3c6eff25-B--
POST /jts/auth/j_security_check HTTP/1.1
Host: ibmelm-test.com:9443
Connection: keep-alive
Content-Length: 25
Cache-Control: max-age=0
sec-ch-ua: "Chromium";v="116", "Not)A;Brand";v="24", "Microsoft Edge";v="116"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36 Edg/116.0.1938.54
Origin: null
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JazzFormAuth=Form; net-jazz-ajax-cookie-rememberUserId=; WASReqURL=https://:9443/jts/secure/authenticated/identity?redirectPath=%252Fjts%252F

--3c6eff25-C--
j_username=ll&j_password=
--3c6eff25-F--
HTTP/1.1 400 Bad Request
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Type: text/html;UTF-8; charset=UTF-8
Content-Language: en-US
X-Frame-Options: DENY
Content-Security-Policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; form-action 'self'; base-uri 'none'; child-src 'none'; upgrade-insecure-requests;
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),web-share=(),xr-spatial-tracking=()
Referrer-Policy: no-referrer
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: same-origin
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked

--3c6eff25-E--

--3c6eff25-H--
Apache-Error: [file "ssl_engine_kernel.c"] [line 415] [level 7] AH02034: Initial (No.1) HTTPS request received for child 4 (server ibmelm-test.dhl.com:443)
Apache-Error: [file "mod_authz_core.c"] [line 843] [level 7] AH01628: authorization result: granted (no directives)
Apache-Error: [file "mod_proxy.c"] [line 1517] [level 7] AH01143: Running scheme https handler (attempt 0)
Apache-Error: [file "mod_proxy_ajp.c"] [line 780] [level 7] AH00894: declining URL https://jts-com:9443/jts/auth/j_security_check
Apache-Error: [file "mod_proxy_fcgi.c"] [line 1055] [level 7] AH01076: url: https://jtscom:9443/jts/auth/j_security_check proxyname: (null) proxyport: 0
Apache-Error: [file "mod_proxy_fcgi.c"] [line 1060] [level 7] AH01077: declining URL https://jts.com:9443/jts/auth/j_security_check
Apache-Error: [file "proxy_util.c"] [line 2588] [level 7] AH00944: connecting https://xxxx.com:9443/jts/auth/j_security_check to jts-test-app.dhl.com:9443
Apache-Error: [file "proxy_util.c"] [line 2814] [level 7] AH00947: connected /jts/auth/j_security_check to jts-test-app.dhl.com:9443
Apache-Handler: proxy-server
Stopwatch: 1692966130877638 1336 (- - -)
Stopwatch2: 1692966130877638 1336; combined=21, p1=12, p2=6, p3=1, p4=0, p5=2, sr=0, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.3 (http://www.modsecurity.org/).
Server: Apache/2.4.53 (Red Hat Enterprise Linux)
Engine-Mode: "ENABLED"

Comments
Kenny Smith commented Aug 28 '23, 2:50 p.m.

 Are you using the WebSphere plugin? Is this IBM HTTP Server (which is based on Apache)?

Neeraj Malik commented Aug 29 '23, 2:55 a.m.

 No, we are using Apache httpd in RHEL9. 


Server version: Apache/2.4.53 (Red Hat Enterprise Linux)
Server built:   Mar 16 2023 00:00:00

One answer

Most liked answers ↑|Newest answers|Oldest answers

0
permanent link
haseeb alam (91) | answered Sep 11 '23, 2:44 p.m.
edited Sep 11 '23, 2:48 p.m.

your domain mismatch between https://jts-com:9443/jts/auth/j_security_check and https://xxxx.com:9443/jts/auth/j_security_check. 

It seems that the Apache proxy is declining to handle the URL due to this discrepancy.

Check your Apache httpd.conf to ensure that the proxy settings are correctly configured for forwarding requests to the JTS application.

Pro tip: Manually test, Use browser developer tools to inspect network requests and redirects or use any online tool like https://redirectchecker.com/ This can help you to get detail redirection report might help pinpoint the issue.
Please let me know if the still issue persists.




Your answer

Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.