[jira] [Commented] (HTTPCLIENT-2228) Apache Http Client library does not sending Authorization header when routing requests to our back-end service.

Mon, 18 Jul 2022 07:41:05 -0700 


    [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-2228?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17568034#comment-17568034
 ] 

Prakash D commented on HTTPCLIENT-2228:
---------------------------------------

Let me explain the scenario, We have two components,

The first component is sending Host header so that it will be used as a virtual 
host.

As it is multithreaded environment, If multiple threads are sending Host 
headers, to the same backend (second component) with different host header 
values, Some how it is setting one thread's header value to another thread. 
This causes exceptions in the backend component. This behavior we observed with 
the load tests.

Sample log:

[2022/07/17-18:14:11,068]-[FINE   ]- [172]-[com.xxxxx.xxxxx..] virtual-host 
override set: {+}*tenant2*{+}.************

[2022/07/17-18:14:11,071]-[FINE   ]-[172]-[org.apache.http.headers]->> Host: 
{+}*tenant1*{+}.****************

 

The tenant1 is the Host header from different transaction.

> Apache Http Client library does not sending Authorization header when routing 
> requests to our back-end service. 
> ----------------------------------------------------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-2228
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2228
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>            Reporter: Prakash D
>            Priority: Critical
>         Attachments: image-2022-07-14-16-42-56-494.png, 
> image-2022-07-14-16-43-14-435.png, image-2022-07-14-16-44-10-587.png
>
>
> Apache Http Client library does not send Authorization header when routing 
> requests to our back-end service. This issue we are seeing intermittently. 
> Customers are seeing this issue very frequently in their environments.
> Authorization Header is coming:
> !image-2022-07-14-16-43-14-435.png!
> Authorization Header is missing:
> !image-2022-07-14-16-44-10-587.png!
>  
> We have upgraded our http library from 4.2.5 to 4.5.13. Still we are seeing 
> the same issue.
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to