Here is the image I tried attaching. Sorry about that. https://ibin.co/2n9zIx3n9qUH.jpg
Regards, Steve Mekkelsen Madden | Systems Engineer Fellow / DBA / Certified Scrum Master | GCS | Pegasystems Inc. Office: (617) 866.6023 | Mobile: (828) 729.9948 | Email: steve.mekkelsen.mad...@pega.com | www.pega.com -----Original Message----- From: Mekkelsen Madden, Steve Sent: Wednesday, July 06, 2016 3:44 PM To: users@tomcat.apache.org Subject: RE: SSL/TLS 8.5.3 upgrade from 8.0.32 using NIO2 url encoding issues Thanks Felix. See below -----Original Message----- From: Felix Schumacher [mailto:felix.schumac...@internetallee.de] Sent: Wednesday, July 06, 2016 3:29 PM To: users@tomcat.apache.org Subject: Re: SSL/TLS 8.5.3 upgrade from 8.0.32 using NIO2 url encoding issues Am 06.07.2016 um 19:14 schrieb Mekkelsen Madden, Steve: > This particular issue has raised a lot of issues in-house and we would > greatly appreciate a response from someone having more details on why NIO2 no > longer works. > > Thanks! > > > -----Original Message----- > From: Mekkelsen Madden, Steve > Sent: Friday, July 01, 2016 12:56 PM > To: Tomcat Users List <users@tomcat.apache.org> > Subject: SSL/TLS 8.5.3 upgrade from 8.0.32 using NIO2 url encoding > issues > > Hi all, > > Is anyone aware of why after upgrading from Tomcat 8.0.32x64 (Windows) to > 8.5.3x64 using the connector protocol of: > protocol="org.apache.coyote.http11.Http11Nio2Protocol" fails with url > encoding errors? Once it was changed back to > protocol="org.apache.coyote.http11.Http11NioProtocol" all the errors stopped. > This completely broke the application and made it unusable as the xml being > returned was not decoded and resulted in sax parse exceptions with our AJAX > connections. I haven't found anything related to the protocol changing, > only the parameters for the SSL/TLS attributes which are in place and work. > It's almost like it's blocking the requests when it should be unblocking the > requests? Thanks!! Have you tried to compare the responses, that you get through the two connectors? Especially the characters before the xml prolog would be interesting. Do you get the same errors, when you are requesting the url without tls? Regards, Felix Steve: We did not try turning off TLS in this case since this is what was already enabled in Production and required due to servers being accessible outside the network. What the engineer found is that Fiddler showed all XML content (all the strings) that is being sent to and from the server were being encoded. However, the XML content in fiddler does not have the encoded content. I've attached a screenshot showing the request if that helps. > > Database Type: Oracle 12c Linux x64 > Driver used: ojdbc7.jar > Connector attribute: > <Connector port="8443" > protocol="org.apache.coyote.http11.Http11NioProtocol" > maxThreads="150" disableUploadTimeout="true" > SSLEnabled="true" > sslDefaultHost="vgcspsteste1.rpega.com"> > <SSLHostConfig hostName="ourserver.com"> > <Certificate > certificateKeystoreFile="D:\certificates\ourcert.keystore" > certificateKeystorePassword="*******" certificateKeyAlias="ourAlias" > type="RSA"/> > </SSLHostConfig> > </Connector> > An example of the error looks like the below: > 23 Jun 2016 01:28:39,731 [sl-nio2-8443-exec-11] > (ngineinterface.service.HttpAPI) ERROR: Error adopting XML from post data > com.pega.pegarules.pub.clipboard.InvalidStreamError: InvalidStream > com.pega.pegarules.data.internal.clipboard.XMLStream.newStream(String, > StorageStream) sax parse error: Content is not allowed in prolog. > From: (H64E3757ED751A9AEE78817056219F4F9:10.224.243.66) > at > com.pega.pegarules.data.internal.clipboard.XMLStream.newStream(XMLStream.java:477) > at > com.pega.pegarules.data.internal.clipboard.XMLStream.newStream(XMLStream.java:432) > at > com.pega.pegarules.data.internal.clipboard.ClipboardPageImpl.adoptXMLForm(ClipboardPageImpl.java:818) > at > com.pega.pegarules.session.internal.engineinterface.service.HttpAPI.mapInputData(HttpAPI.java:2481) > at > com.pega.pegarules.session.external.engineinterface.service.EngineAPI.activityExecutionProlog(EngineAPI.java:554) > at > com.pega.pegarules.session.external.engineinterface.service.EngineAPI.processRequestInner(EngineAPI.java:388) > at sun.reflect.GeneratedMethodAccessor90.invoke(Unknown Source) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at > com.pega.pegarules.session.internal.PRSessionProviderImpl.performTargetActionWithLock(PRSessionProviderImpl.java:1277) > at > com.pega.pegarules.session.internal.PRSessionProviderImpl.doWithRequestorLocked(PRSessionProviderImpl.java:1015) > at > com.pega.pegarules.session.internal.PRSessionProviderImpl.doWithRequestorLocked(PRSessionProviderImpl.java:848) > at > com.pega.pegarules.session.external.engineinterface.service.EngineAPI.processRequest(EngineAPI.java:331) > at > com.pega.pegarules.session.internal.engineinterface.service.HttpAPI.invoke(HttpAPI.java:817) > at > com.pega.pegarules.session.internal.engineinterface.etier.impl.EngineImpl._invokeEngine_privact(EngineImpl.java:327) > at > com.pega.pegarules.session.internal.engineinterface.etier.impl.EngineImpl.invokeEngine(EngineImpl.java:270) > at > com.pega.pegarules.session.internal.engineinterface.etier.impl.EngineImpl.invokeEngine(EngineImpl.java:247) > at > com.pega.pegarules.priv.context.JNDIEnvironment.invokeEngineInner(JNDIEnvironment.java:278) > at > com.pega.pegarules.priv.context.JNDIEnvironment.invokeEngine(JNDIEnvironment.java:223) > at > com.pega.pegarules.web.impl.WebStandardImpl.makeEtierRequest(WebStandardImpl.java:574) > at > com.pega.pegarules.web.impl.WebStandardImpl.doPost(WebStandardImpl.java:374) > at sun.reflect.GeneratedMethodAccessor89.invoke(Unknown Source) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at > com.pega.pegarules.internal.bootstrap.PRBootstrap.invokeMethod(PRBootstrap.java:338) > at > com.pega.pegarules.internal.bootstrap.PRBootstrap.invokeMethodPropagatingThrowable(PRBootstrap.java:379) > at > com.pega.pegarules.boot.internal.extbridge.AppServerBridgeToPega.invokeMethodPropagatingThrowable(AppServerBridgeToPega.java:216) > at > com.pega.pegarules.boot.internal.extbridge.AppServerBridgeToPega.invokeMethod(AppServerBridgeToPega.java:265) > at > com.pega.pegarules.internal.web.servlet.WebStandardBoot.doPost(WebStandardBoot.java:118) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:648) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) > at > org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:108) > at > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:522) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) > at > org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620) > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:349) > at > org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:1110) > at > org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) > at > org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:785) > at > org.apache.tomcat.util.net.Nio2Endpoint$SocketProcessor.doRun(Nio2Endpoint.java:1627) > at > org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) > at > org.apache.tomcat.util.net.AbstractEndpoint.processSocket(AbstractEndpoint.java:803) > at > org.apache.tomcat.util.net.Nio2Endpoint$Nio2SocketWrapper$4.completed(Nio2Endpoint.java:639) > at > org.apache.tomcat.util.net.Nio2Endpoint$Nio2SocketWrapper$4.completed(Nio2Endpoint.java:617) > at > org.apache.tomcat.util.net.SecureNio2Channel$1.completed(SecureNio2Channel.java:873) > at > org.apache.tomcat.util.net.SecureNio2Channel$1.completed(SecureNio2Channel.java:806) > at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) > at sun.nio.ch.Invoker$2.run(Invoker.java:218) > at > sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) > at java.lang.Thread.run(Thread.java:745) > Caused by: org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 1; > Content is not allowed in prolog. > at > com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:203) > at > com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:177) > at > com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:400) > at > com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:327) > at > com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(XMLScanner.java:1438) > at > com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl$PrologDriver.next(XMLDocumentScannerImpl.java:999) > at > com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:606) > at > com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:510) > at > com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:848) > at > com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:777) > at > com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141) > at > com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1213) > at > com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:643) > at > com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl.parse(SAXParserImpl.java:327) > at > com.pega.pegarules.data.internal.clipboard.XMLStream.newStream(XMLStream.java:475) > ... 60 more > > Thanks, > > Steve Mekkelsen Madden | Systems Engineer Fellow / DBA / Certified Scrum > Master | GCS | Pegasystems Inc. > Office: (617) 866.6023 | Mobile: (828) 729.9948 | Email: > steve.mekkelsen.mad...@pega.com | www.pega.com > > Pega Discovery Network | Support Community | My Support Portal | > Contact Support > > Pega Can | Evolve Your CRM | www.pega.com/PegaCan > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
