Please check inline for my reply . Thanks. -------- Original message -------- From: Christopher Schultz <ch...@christopherschultz.net> Date: 04/23/2015 6:15 AM (GMT+08:00) To: Tomcat Users List <users@tomcat.apache.org> Subject: Re: Apache Tomcat jk connector 400 bad request
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Razi, On 4/22/15 5:45 PM, Razi wrote: > Hi Christopher, > > Thanks for looking into this. > > Any random request fails, ajax or non-ajax. > > The worker.properties is as follows:: > > worker.lbroutex.type=lb > worker.lbroutex.balance_workers=workerx,workery,workerz > worker.lbroute.sticky_session=1 > > worker.workerX.port=1234 worker.workerX.host=$$$.com > worker.workerX.type=ajp13 worker.workerX.lbfactor=1 > > As I am using jboss EAP, I am pasting the config from my > standalone.xml > > <subsystem xmlns="urn:jboss:domain:web:1.4" > default-virtual-server="default-host" instance-id="worker10" > native="false"> <connector name="http" scheme="http" > protocol="HTTP/1.1" socket-binding="http"/> <connector name="https" > scheme="http" protocol="HTTP/1.1" socket-binding="https" > secure="true"> <ssl name="ssl" key-alias="jboss" password="" > certificate-key-file="" protocol=""/> </connector> <connector > name="ajp" scheme="http" protocol="AJP/1.3" socket-binding="ajp"/> I suppose this has a default port number (8009?) and it matches what you have in worker.workerX.port? Yes You shouldn't be using any OpenSSL for the the AJP connector, so proxied requests via AJP shouldn't trigger the OpenSSL errors. A full stack trace would be very helpful. I wiill get this trace out I don't see anything immediately obvious. Do you have a firewall between httpd and Tomcat? Has it been configured to leave the connections open forever? If not, you might want to consider configuring CPING/CPONG at intervals (look at the AJP connector configuration reference and search for cping/cpong to see how to do that ). will check for the firewall and revert. If you decide to change your timeout values (I don't see a reason to do so unless you are encountering some kind of related problem, and I don't consider this to be a related problem), make sure they are consistent between mod_jk and Tomcat's AJP connector.I tried inceasing the value of webserver KeepAliveTimeout to 15 and i dont get the 400 bad request error in the test environment. But i really want to know the root cause before i move it to production. In my httpwatch i see the request going without any body ony header. Any chance the 400 responses always come from the same httpd instance or Tomcat instance? No its random any instance. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVOB1GAAoJEBzwKT+lPKRY51AQAJCuO+cuurN9CshykgXm+M2V P+oSLO3wCRrF8WhJtzDz/CfIGT6T679lQSAbMBNliVrxuu+Q+/UbAS4rHcAkO2Ou GRCb1xCX1qoSpl5qmppFsJMMMAZE7NhWP3ZkCC/FdRyj+Lb4ZJcuKmx8LaIEfuvF akWUhJD1sYAhclyYInpF78kXOyBcuP1/6dOtXtlUqZ0JuZiDGHEgdywVRJiZjzpz aTxSdz0AkL4/7svPBn5I6foV2vLUKindQjSn2L1Mjq5TsbEo3Dhe9xxSCL7dmK8u ZJ7Wp8Hi7Z3NrVMNf4YnLiChKhWN9mIhucMQMsY9nez7h2GO2P0LrVo5XRJV5R65 gzagTK1qSHjKrGJqvuBY757j3rsnG9jNEPVixg1IqIA/JIuC/CfO+eVsVsUJAQSH 3KuF3Ata098fBQAMxb9O4vegBm/JRjwJYeKXb+b+fjDIr6QFFgUBv8DNv7cultG9 zDVfZQ2vJqb+TBz5kf8gI5G0ZcwkL2+WveUt+GzvRRbAXiyTmCwIoMGDesi5VIx5 ojUcRWccXjKj6Cg3DKNqWw137/Cre+xVKgepkTjpPOQ0dyAK3G2cUuCgZhJy3OQj FPtfg4vXS5BJQLZCNVWktkLGaQqRwHTIeM7EAwvbaDh+290fZcg1vW99zqCGCLgt ksfiwrTNMLcEDPX//PrL =KsRp -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org