More information:
Looks like this is not related the the secure nature (digitally signed) of the cookie, but the size. A cookie over about 3k will trigger this problem.
Also, it looks like Tomcat doesn't receive the request, so the problem may be in SSL. It is hard to tell, since it seems like it could be that Tomcat isn't logging in the part of the code that this is hitting.
Is this a problem in Java SSL?
Thanks for any help you can offer!
==Leonard
On Jan 5, 2005, at 10:58 AM, Leonard Sitongia wrote:
I have configured Tomcat 5.0.27 on the localhost to accept https connections (I have configured an unsigned cert under the alias "tomcat" to allow this).
I can then get to the root Tomcat page at https://localhost:8443/.
If my browser happens to have a signed cookie in it (this cookie is a signed S/MIME message that contains the signing certificate and so is 3765 bytes long - it is used by some homegrown Apache httpd apps that are unrelated to Tomcat), then Tomcat no longer responds on 8443. I can still get to the Tomcat root page with http://localhost:8080/, but when I try https://localhost:8443/ then Netscape 7 says "document contains no data" and Safari says “bad server response” (NSURLErrorDomain:-1011).
Nothing is logged by Tomcat about this. There are no error messages at any time from Tomcat.
My browser and server are on Mac OS X.
I tried puting the signing cert that is used to sign the S/MIME message into the keystore for Tomcat. That didn't help. I don't know how to put the signing key into the keystore... maybe that's inadvisable anyway?
Is this simply a matter of the size of the cookie, or will Tomcat try to do something with the cookie even though it is not intended to be used by any apps in Tomcat? What should I investigate and try to resolve this?
Thanks for your help!
==Leonard E. Sitongia Web Engineering Group National Center for Atmospheric Research P.O. Box 3000 Boulder CO 80307 USA [EMAIL PROTECTED] voice: (303)497-2454 fax: (303)497-1804
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Don't know why it is happening, but seriously doubt it's Java SSL as SSL doesn't know squat about your cookie...SSL is a layer well below http and cookies....if you can send any amount over 3k to the socket, but just the cookies are barfing out the server, then it's something on the server side besides ssl.....
Are you using anything other than tomcat (i.e. a connector and apache, or is this straight tomcat?) this wasn't exactly clear.... I see where you are using the tomcat ports, but how did the issue start (by hitting tomcat contexts through apache?) Does this happen if you are not using https...when the cookie gets sent...will it hang http? If using Apache can you test it without apache and just use tomcat to see if it still hangs. The "home grown httpd" stuff....is this standard cookies or http extension header type stuff, or something you came up with? Are you sure the cookies are being formatted correctly per the RFC's? Are they being delimited correctly \r\n?
I don't know the answer...figured I would try to give you help in thinking about the issue.
Wade
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
