OAuth authentication fails with 408 (login time exceeded)
Can someone explain why an OAuth authenticating POST would fail simply based on the format of the hostname? The failure is
HTTP/1.1 408 The time allowed for login process has been exceeded
Here are the hostname formats for example host athena:
athena.domain.com -- works
athena -- fails with 408
localhost -- fails with 408
The client in this case is a Java application, not a web browser. Everything is running on localhost. An example of a failing POST:
POST https://athena:9443/jazz/j_security_check?j_username=ADMIN&j_password=ADMIN
On a different box I have found the opposite to be the case. That is, using "hostname.domain.com" fails but using just "hostname" works.
HTTP/1.1 408 The time allowed for login process has been exceeded
Here are the hostname formats for example host athena:
athena.domain.com -- works
athena -- fails with 408
localhost -- fails with 408
The client in this case is a Java application, not a web browser. Everything is running on localhost. An example of a failing POST:
POST https://athena:9443/jazz/j_security_check?j_username=ADMIN&j_password=ADMIN
On a different box I have found the opposite to be the case. That is, using "hostname.domain.com" fails but using just "hostname" works.
One answer
To be precise, the issue you are seeing isn't really related to OAuth. You are seeing a problem with Tomcat's behavior with accepting calls to j_security_check without any context. You typically see this sort of problem if the java application is making assumptions about when to access j_security_check and is not following redirects or not managing cookies.
Can you describe what calls the java application is making, and what you are trying to do?
Can you describe what calls the java application is making, and what you are trying to do?
Can someone explain why an OAuth authenticating POST would fail simply based on the format of the hostname? The failure is
HTTP/1.1 408 The time allowed for login process has been exceeded
Here are the hostname formats for example host athena:
athena.domain.com -- works
athena -- fails with 408
localhost -- fails with 408
The client in this case is a Java application, not a web browser. Everything is running on localhost. An example of a failing POST:
POST https://athena:9443/jazz/j_security_check?j_username=ADMIN&j_password=ADMIN
On a different box I have found the opposite to be the case. That is, using "hostname.domain.com" fails but using just "hostname" works.