Solved

Problem with Tomcat/Tomee

Posted on 2014-10-30
3
512 Views
Last Modified: 2014-12-01
HI,
I am trying to troubleshoot a problem with a website running under Tomcat that is used by a few hundred users.

All but one user is using the site without issue, but the problem user is getting an error message whenever they try to access the site.

"Request Entity Too Large, The HTTP Method does not allow the data transmitted, or the data volume exceeds the capacity limit"


I can access the website while logged on to the users computer with no problems, and the user gets the same error while logged on to other pc's using both Internet Explorer or Google Chrome.

the following errors appear in the jk_iis.log

[Fri Oct 31 12:48:26.703 2014] [1492:2260] ajp_marshal_into_msgb::jk_ajp_common.c (450): failed appending the header value for header 'Authorization' of length 13
[Fri Oct 31 12:48:26.703 2014] [1492:2260] HttpExtensionProc::jk_isapi_plugin.c (2328): service() failed with http error 413


some googling led me to try adding the following to workers.properties

worker.caworker.max_packet_size=65536

this was not successful

any insights into this problem would be appreciated.

regards,
Michael
0
Comment
Question by:slaterm1961
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 27

Accepted Solution

by:
mrcoffee365 earned 500 total points
ID: 40429283
We use IIS with Tomcat without problems.  It's not a terribly common configuration, though.

You've tested to see that it's this user, and that it happens on other browsers and other computers.  My guess is that there's something wonky for this user in the Authorization header -- as the message says, so that's no surprise.

One thing that can help debug this sort of thing is a network monitor.  Windows has one, or you can install one like Ethereal (Wireshark):
http://en.wikipedia.org/wiki/Wireshark

Which version of isapi are you running?  You can try getting the latest (which is not terribly recent, but it's good to check which one you're running).  You can see that the error message is probably not packet size (although you tried changing that -- no harm, I think) because the size of 13 in the Authorization header is the error message you're getting, not packet size.
0
 

Author Comment

by:slaterm1961
ID: 40434123
It turns out that the user was a member of a great many security groups.. Half of which she didnt need to be in any longer. By pruning the uses group memberships to a more managable number i was able to solve the users problem.
0
 
LVL 27

Expert Comment

by:mrcoffee365
ID: 40474061
Great -- thanks for posting back what you found and congrats on finding a workaround.

It sounds like a windows/isapi thing, then -- isapi having problems with a large header.  Which of course it shouldn't.  This might be related to the fact that the current isapi for tomcat is a few years old.  One would hope that if you used Apache as a front end, you wouldn't have this problem.  However, authorization headers just don't get enough testing anywhere, as you've found.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Configure Web Service (server application) I. Configure security for Web Services methods First, we need to protect Session bean which implements the service: 1. Open EJB deployment descriptor (ejb-jar.xml) in the EJB project that contains you…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question