It's all about the answers!

Ask a question

Apache Httpd redirection declined for JTS

Neeraj Malik (11) | asked Aug 25, 9:00 a.m.

 have issues with proxy configuration of Apache httpd with Distributed installation of IBM ELM on RHEL9. JTS Authentication works well and data copied from Production to staginng env and it's part of migration from RHEL7 to RHEL9.

configured apache ssl.config and httpd.config same as production. but version of apache httpd is different for RHEL9.

[25/Aug/2023:14:22:10 +0200] ZOic8msstZBP6zlXwHVOYgAAAAQ 62117 9443
POST /jts/auth/j_security_check HTTP/1.1
Connection: keep-alive
Content-Length: 25
Cache-Control: max-age=0
sec-ch-ua: "Chromium";v="116", "Not)A;Brand";v="24", "Microsoft Edge";v="116"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ Safari/537.36 Edg/116.0.1938.54
Origin: null
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JazzFormAuth=Form; net-jazz-ajax-cookie-rememberUserId=; WASReqURL=https://:9443/jts/secure/authenticated/identity?redirectPath=%252Fjts%252F

HTTP/1.1 400 Bad Request
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Type: text/html;UTF-8; charset=UTF-8
Content-Language: en-US
X-Frame-Options: DENY
Content-Security-Policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; form-action 'self'; base-uri 'none'; child-src 'none'; upgrade-insecure-requests;
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),web-share=(),xr-spatial-tracking=()
Referrer-Policy: no-referrer
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: same-origin
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked


Apache-Error: [file "ssl_engine_kernel.c"] [line 415] [level 7] AH02034: Initial (No.1) HTTPS request received for child 4 (server
Apache-Error: [file "mod_authz_core.c"] [line 843] [level 7] AH01628: authorization result: granted (no directives)
Apache-Error: [file "mod_proxy.c"] [line 1517] [level 7] AH01143: Running scheme https handler (attempt 0)
Apache-Error: [file "mod_proxy_ajp.c"] [line 780] [level 7] AH00894: declining URL https://jts-com:9443/jts/auth/j_security_check
Apache-Error: [file "mod_proxy_fcgi.c"] [line 1055] [level 7] AH01076: url: https://jtscom:9443/jts/auth/j_security_check proxyname: (null) proxyport: 0
Apache-Error: [file "mod_proxy_fcgi.c"] [line 1060] [level 7] AH01077: declining URL
Apache-Error: [file "proxy_util.c"] [line 2588] [level 7] AH00944: connecting to
Apache-Error: [file "proxy_util.c"] [line 2814] [level 7] AH00947: connected /jts/auth/j_security_check to
Apache-Handler: proxy-server
Stopwatch: 1692966130877638 1336 (- - -)
Stopwatch2: 1692966130877638 1336; combined=21, p1=12, p2=6, p3=1, p4=0, p5=2, sr=0, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.3 (
Server: Apache/2.4.53 (Red Hat Enterprise Linux)
Engine-Mode: "ENABLED"

Kenny Smith commented Aug 28, 2:50 p.m.

 Are you using the WebSphere plugin? Is this IBM HTTP Server (which is based on Apache)?

Neeraj Malik commented Aug 29, 2:55 a.m.

 No, we are using Apache httpd in RHEL9. 

Server version: Apache/2.4.53 (Red Hat Enterprise Linux)
Server built:   Mar 16 2023 00:00:00

One answer

permanent link
haseeb alam (91) | answered Sep 11, 2:44 p.m.
edited Sep 11, 2:48 p.m.

your domain mismatch between https://jts-com:9443/jts/auth/j_security_check and 

It seems that the Apache proxy is declining to handle the URL due to this discrepancy.

Check your Apache httpd.conf to ensure that the proxy settings are correctly configured for forwarding requests to the JTS application.

Pro tip: Manually test, Use browser developer tools to inspect network requests and redirects or use any online tool like This can help you to get detail redirection report might help pinpoint the issue.
Please let me know if the still issue persists.

Your answer

Register or to post your answer.