Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

Apache Httpd redirection declined for JTS

Questions
Tags
Users
Badges
Neeraj Malik
(1134) Aug 25 '23, 9:00 a.m.

 have issues with proxy configuration of Apache httpd with Distributed installation of IBM ELM on RHEL9. JTS Authentication works well and data copied from Production to staginng env and it's part of migration from RHEL7 to RHEL9.


configured apache ssl.config and httpd.config same as production. but version of apache httpd is different for RHEL9.

--3c6eff25-A--
[25/Aug/2023:14:22:10 +0200] ZOic8msstZBP6zlXwHVOYgAAAAQ 2.252.219.83 62117 2.253.207.43 9443
--3c6eff25-B--
POST /jts/auth/j_security_check HTTP/1.1
Host: ibmelm-test.com:9443
Connection: keep-alive
Content-Length: 25
Cache-Control: max-age=0
sec-ch-ua: "Chromium";v="116", "Not)A;Brand";v="24", "Microsoft Edge";v="116"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36 Edg/116.0.1938.54
Origin: null
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JazzFormAuth=Form; net-jazz-ajax-cookie-rememberUserId=; WASReqURL=https://:9443/jts/secure/authenticated/identity?redirectPath=%252Fjts%252F

--3c6eff25-C--
j_username=ll&j_password=
--3c6eff25-F--
HTTP/1.1 400 Bad Request
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Type: text/html;UTF-8; charset=UTF-8
Content-Language: en-US
X-Frame-Options: DENY
Content-Security-Policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; form-action 'self'; base-uri 'none'; child-src 'none'; upgrade-insecure-requests;
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),web-share=(),xr-spatial-tracking=()
Referrer-Policy: no-referrer
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: same-origin
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked

--3c6eff25-E--

--3c6eff25-H--
Apache-Error: [file "ssl_engine_kernel.c"] [line 415] [level 7] AH02034: Initial (No.1) HTTPS request received for child 4 (server ibmelm-test.dhl.com:443)
Apache-Error: [file "mod_authz_core.c"] [line 843] [level 7] AH01628: authorization result: granted (no directives)
Apache-Error: [file "mod_proxy.c"] [line 1517] [level 7] AH01143: Running scheme https handler (attempt 0)
Apache-Error: [file "mod_proxy_ajp.c"] [line 780] [level 7] AH00894: declining URL https://jts-com:9443/jts/auth/j_security_check
Apache-Error: [file "mod_proxy_fcgi.c"] [line 1055] [level 7] AH01076: url: https://jtscom:9443/jts/auth/j_security_check proxyname: (null) proxyport: 0
Apache-Error: [file "mod_proxy_fcgi.c"] [line 1060] [level 7] AH01077: declining URL https://jts.com:9443/jts/auth/j_security_check
Apache-Error: [file "proxy_util.c"] [line 2588] [level 7] AH00944: connecting https://xxxx.com:9443/jts/auth/j_security_check to jts-test-app.dhl.com:9443
Apache-Error: [file "proxy_util.c"] [line 2814] [level 7] AH00947: connected /jts/auth/j_security_check to jts-test-app.dhl.com:9443
Apache-Handler: proxy-server
Stopwatch: 1692966130877638 1336 (- - -)
Stopwatch2: 1692966130877638 1336; combined=21, p1=12, p2=6, p3=1, p4=0, p5=2, sr=0, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.3 (http://www.modsecurity.org/).
Server: Apache/2.4.53 (Red Hat Enterprise Linux)
Engine-Mode: "ENABLED"

0 votes

Comments
Kenny Smith
Aug 28 '23, 2:50 p.m.

 Are you using the WebSphere plugin? Is this IBM HTTP Server (which is based on Apache)?

Neeraj Malik
Aug 29 '23, 2:55 a.m.

 No, we are using Apache httpd in RHEL9. 


Server version: Apache/2.4.53 (Red Hat Enterprise Linux)
Server built:   Mar 16 2023 00:00:00

1 answer
1,323 views
0 votes

One answer

Permanent link
haseeb alam
(91) edited
Sep 11 '23, 2:48 p.m.

your domain mismatch between https://jts-com:9443/jts/auth/j_security_check and https://xxxx.com:9443/jts/auth/j_security_check. 

It seems that the Apache proxy is declining to handle the URL due to this discrepancy.

Check your Apache httpd.conf to ensure that the proxy settings are correctly configured for forwarding requests to the JTS application.

Pro tip: Manually test, Use browser developer tools to inspect network requests and redirects or use any online tool like https://redirectchecker.com/ This can help you to get detail redirection report might help pinpoint the issue.
Please let me know if the still issue persists.




0 votes

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 7,496
× 1,326

Question asked: Aug 25 '23, 9:00 a.m.

Question was seen: 1,323 times

Last updated: Oct 05 '23, 5:15 a.m.

Confirmation Cancel Confirm