Mailing List Archive

[no subject]
Hello World,



I have a strange problem. I have an angular app deployed in http server and
for some users alone I see that one of the calls ( generate-token in this
case) is not reaching the server (which happens to be a spring boot server
deployed in websphere liberty).





1.1.1.1 - - [11/Mar/2022:09:42:50 -0400] "GET /application/dashboard
HTTP/1.1" 200 11153 0 9143 -

1.1.1.1 - - [11/Mar/2022:09:42:50 -0400] "GET
/application/5.97e05069c31d30d5372d.js HTTP/1.1" 200 16031 0 552 -

1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET /assets/images/blue.png
HTTP/1.1" 200 3887 0 469 -

1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET
/applicationurl/applicationurl/auth/generate-token/QkVUSEVMUzpBMG1hbWU5MDAy
HTTP/1.1" 200 - 0 46802 -

1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET
/application/fontawesome-webfont.20fd1704ea223900efa9.woff2?v=4.7.0
HTTP/1.1" 200 77160 0 33090 -

*1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET
/applicationurl/applicationurl/auth/generate-token/QkVUSEVMUzpBMG1hbWU5MDAy
HTTP/1.1" 200 - 0 2108 -*

*1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET
/applicationurl/applicationurl/auth/generate-token/QkVUSEVMUzpBMG1hbWU5MDAy
HTTP/1.1" 502 341 0 43550 -*



*Pertinent httpd.conf*



ServerRoot "/usr/HTTPServer"

PidFile logs/httpd.pid

Timeout 300

KeepAlive On

ReadmeName README.html

HeaderName HEADER.html

IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t

AddEncoding x-compress Z

AddEncoding x-gzip gz tgz

AddType application/x-tar .tgz

AddType image/x-icon .ico

BrowserMatch "Mozilla/2" nokeepalive

BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0

BrowserMatch "RealPlayer 4\.0" force-response-1.0

BrowserMatch "Java/1\.0" force-response-1.0

BrowserMatch "JDK/1\.0" force-response-1.0

BrowserMatch "Microsoft Data Access Internet Publishing Provider"
redirect-carefully

BrowserMatch "^WebDrive" redirect-carefully

BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully

BrowserMatch "^gnome-vfs" redirect-carefully

<VirtualHost *:1025>

ServerName XXX.com

DocumentRoot "/usr/HTTPServer/htdocs"

SSLEnable

SSLProxyEngine on

SSLServerCert XX

Keyfile /venafi/XX.kdb

# The following protocols are disabled SSLv2, SSLv3, TLSv1 & TLSv1.1

SSLProtocolDisable SSLv2

SSLProtocolDisable SSLv3

SSLProtocolDisable TLSv10

SSLProtocolDisable TLSv11

# The following protocol is enabled

SSLProtocolEnable TLSv12

# Remove all Ciphers

SSLCipherSpec ALL NONE

# Enable Approved CipherSpec's Only

SSLCipherSpec ALL +9C

SSLCipherSpec ALL +9D

SSLCipherSpec ALL +C02B

SSLCipherSpec ALL +C02C

SSLCipherSpec ALL +C02F

SSLCipherSpec ALL +C030

</VirtualHost>

SSLInsecureRenegotiation off



TraceEnable off



CoreDumpDirectory /wslogs



# Block Files with Server Side Script - file extensions

<FilesMatch
"^.*\.(sh|ksh|go|gsp|lp|op|lua|cgi|ipl|pl|php|rhtml?|py|rb?w|smx|lasso|tcl|dna|tpl|r|w)$">

Order Deny,Allow

Deny from all

</FilesMatch>



Alias /siteminderagent/pwcgi/ "/usr/local/webagent/pw/"

<Directory "/usr/local/webagent/pw/">

Options Indexes MultiViews ExecCGI

AllowOverride None

Order allow,deny

Allow from all

</Directory>

Alias /siteminderagent/pw/ "/usr/local/webagent/pw/"

<Directory "/usr/local/webagent/pw/">

Options Indexes MultiViews ExecCGI

AllowOverride None

Order allow,deny

Allow from all

</Directory>

Alias /siteminderagent/ "/usr/local/webagent/samples/"

<Directory "/usr/local/webagent/samples/">

Options Indexes MultiViews

AllowOverride None

Order allow,deny

Allow from all

</Directory>



#To Disable HTTP TRACE / TRACK Method in all Directives

RewriteEngine On

RewriteLog "/wslogs/http/rewrite.log"

RewriteLogLevel 5

RewriteCond %{REQUEST_FILENAME} -s [OR]

RewriteCond %{REQUEST_FILENAME} -l [OR]

RewriteCond %{REQUEST_FILENAME} -d

RewriteRule ^ - [NC,L]

RewriteRule ^ index.html [NC,L]





*and the .htaccess is*

<IfModule mod_rewrite.c>

RewriteEngine on

RewriteCond %{REQUEST_FILENAME} -s [OR]

RewriteCond %{REQUEST_FILENAME} -l [OR]

RewriteCond %{REQUEST_FILENAME} -d

RewriteRule ^.*$ - [NC,L]

RewriteRule ^.*$ index.html [NC,L]

</IfModule>





Any idea why this happens ? This happens only for certain users and
always. For all the other users it works well. We use siteminder before
these calls are made to authenticate the users but it redirects
appropriately and the angular app makes the above calls .



I would also like to see whether I can print the absolute url in the logs
or get more debug information about the calls.



Thx

Vaidya