Solved

Problem with Tomcat/Tomee

Posted on 2014-10-30
3
485 Views
Last Modified: 2014-12-01
HI,
I am trying to troubleshoot a problem with a website running under Tomcat that is used by a few hundred users.

All but one user is using the site without issue, but the problem user is getting an error message whenever they try to access the site.

"Request Entity Too Large, The HTTP Method does not allow the data transmitted, or the data volume exceeds the capacity limit"


I can access the website while logged on to the users computer with no problems, and the user gets the same error while logged on to other pc's using both Internet Explorer or Google Chrome.

the following errors appear in the jk_iis.log

[Fri Oct 31 12:48:26.703 2014] [1492:2260] ajp_marshal_into_msgb::jk_ajp_common.c (450): failed appending the header value for header 'Authorization' of length 13
[Fri Oct 31 12:48:26.703 2014] [1492:2260] HttpExtensionProc::jk_isapi_plugin.c (2328): service() failed with http error 413


some googling led me to try adding the following to workers.properties

worker.caworker.max_packet_size=65536

this was not successful

any insights into this problem would be appreciated.

regards,
Michael
0
Comment
Question by:slaterm1961
  • 2
3 Comments
 
LVL 27

Accepted Solution

by:
mrcoffee365 earned 500 total points
ID: 40429283
We use IIS with Tomcat without problems.  It's not a terribly common configuration, though.

You've tested to see that it's this user, and that it happens on other browsers and other computers.  My guess is that there's something wonky for this user in the Authorization header -- as the message says, so that's no surprise.

One thing that can help debug this sort of thing is a network monitor.  Windows has one, or you can install one like Ethereal (Wireshark):
http://en.wikipedia.org/wiki/Wireshark

Which version of isapi are you running?  You can try getting the latest (which is not terribly recent, but it's good to check which one you're running).  You can see that the error message is probably not packet size (although you tried changing that -- no harm, I think) because the size of 13 in the Authorization header is the error message you're getting, not packet size.
0
 

Author Comment

by:slaterm1961
ID: 40434123
It turns out that the user was a member of a great many security groups.. Half of which she didnt need to be in any longer. By pruning the uses group memberships to a more managable number i was able to solve the users problem.
0
 
LVL 27

Expert Comment

by:mrcoffee365
ID: 40474061
Great -- thanks for posting back what you found and congrats on finding a workaround.

It sounds like a windows/isapi thing, then -- isapi having problems with a large header.  Which of course it shouldn't.  This might be related to the fact that the current isapi for tomcat is a few years old.  One would hope that if you used Apache as a front end, you wouldn't have this problem.  However, authorization headers just don't get enough testing anywhere, as you've found.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This exercise is about for the following scenario: Dmgr and One node with 2 application server. Each application server contains it owns application. Application server name as follows server1 contains app1 server2 contains app1 Prereq…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question