PA3.0-04 For IIS7.x Returns 500 Error Without Host Header (Doc ID 1957363.1)

Last updated on JUNE 09, 2016

Applies to:

Oracle OpenSSO - Version 8.0.2 and later
Information in this document applies to any platform.

Symptoms

Problem Description
-------------------
IIS policy agents should not require Host header as per HTTP/1.0
specification
Due to this LB health request get http error 500.
Example - GET /imart/availability_check.jsp HTTP/1.0

A. Without host header in http request as per HTTP 1.0 Spec

----------------------
# telnet iishost.in.oracle.com 80
Trying 10.xx.xx.xx...
Connected to iishost.in.oracle.com
Escape character is '^]'.
GET / HTTP/1.0
------------------------
HTTP/1.1 500 Internal Server Error



And PA debug log output is as follows.

2014-10-14 11:47:28.457   Debug 2984:1deaa50 all: GetVariable(): HTTPS = off
2014-10-14 11:47:28.457   Error 2984:1deaa50 all: GetVariable(): Server
variable HEADER_Host is not found in HttpContext.
2014-10-14 11:47:28.457   Error 2984:1deaa50 all: ProcessRequest: status:
failure (1)
2014-10-14 11:47:28.457 Warning 2984:1deaa50 all: send_error(): Agent sent a
"500 Internal Server Error" message


B.When host header is added  issue does not happen.

--------------------------------
# telnet iishost.in.oracle.com 80
Trying XX.XX.XX.XX...
Connected to iishost.in.oracle.com
Escape character is '^]'.
GET / HTTP/1.0
Host: slippy.jp.oracle.com
-------------------------------
HTTP/1.1 302 Redirect


C. And if I uninstall PA and send same request without host header, it
returns 200 OK.


Diagnostic analysis
-------------------
Investigation on Internal LAB -


A. For webserver 7 PA 3.0.4 no such issues - no error 500

$ telnet vm11.sg.oracle.com 8082
Trying 10.18.81.217...
Connected to vm11.sg.oracle.com (10.18.81.217).
Escape character is '^]'.
GET / HTTP/1.0

HTTP/1.1 302 Moved Temporarily
Server: Oracle-iPlanet-Web-Server/7.0
Date: Thu, 16 Oct 2014 10:34:55 GMT
Location:
@ http://vm11.sg.oracle.com:8080/opensso/UI/Login?goto=http%3A%2F%2Fvm117.sg.oracle.com%3A8082%2Findex.html
Content-length: 0
Connection: close
Connection closed by foreign host.

B.For PA 3.0.04 on IIS7 , error "500 Internal Server Error". Without Policy
Agent no error.


[oracle@vm117 ~]$ telnet vm811.sg.oracle.com 80
Trying 10.186.81.181...
Connected to vm811.sg.oracle.com (10.18.81.181).
Escape character is '^]'.
GET / HTTP/1.0

HTTP/1.1 500 Internal Server Error
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Thu, 16 Oct 2014 10:33:20 GMT
Connection: close
Content-Length: 1208


amAgent logs -
2014-10-16 18:38:40.852    Info 2336:b7b180 ThreadPool: ::createNewThread
Unlocking...
2014-10-16 18:38:40.852    Info 2336:1fc2870 ThreadPool: ::spin() : New
Thread entered loop. Active threads = 0 : Work queue : 0.
2014-10-16 18:38:40.852    Info 2336:1fc2870 ThreadPool: Setting
ThreadStarted
2014-10-16 18:38:40.852    Info 2336:1fc2870 ThreadPool: ::Spin Waiting...
2014-10-16 18:38:40.852    Info 2336:b7b180 ThreadPool: ::createNewThread
Returning...
2014-10-16 18:38:40.852   Debug 2336:b7b180 ThreadPool:
ThreadPool::dispatch(): Calling PR_Lock() after this line
thread_pool.cpp:192.
2014-10-16 18:38:40.852   Debug 2336:b7b180 ThreadPool:
ThreadPool::dispatch(): Successfully dispatched the work.
2014-10-16 18:38:40.852MaxDebug 2336:b7b180 ServiceEngine: Service
communication with finished successfully.
2014-10-16 18:38:40.852   Debug 2336:b7b180 all: ProcessRequest: Agent
intialized
2014-10-16 18:38:40.852   Debug 2336:b7b180 all: GetVariable(): HTTPS = off
2014-10-16 18:38:40.852   Error 2336:b7b180 all: GetVariable(): Server
variable HEADER_Host is not found in HttpContext.
2014-10-16 18:38:40.852   Error 2336:b7b180 all: ProcessRequest: status:
failure (1)
2014-10-16 18:38:40.852 Warning 2336:b7b180 all: send_error(): Agent sent a
"500 Internal Server Error" message


2014-10-16 18:38:40.852   Debug 2336:1fc2870 ThreadPool: spin() : Thread
awakened: activeThreads = 1 ; maxThreads = 10 ; workQueueSize = 1
2014-10-16 18:38:40.852    Info 2336:1fc2870 ThreadPool: ::Spin Unlocking...
2014-10-16 18:38:40.852   Debug 2336:1fc2870 ThreadPool: ::spin() : Thread
Function calling 0x226e410.

The  above logs clearly state what is missing. The Policy Agent needs to have
host header present  and  it works only  host name is provided.


Host header is mandatory for HTTP/1.1, but not for HTTP/1.0. So PA must honor
the request without host header.

Log/Config files and stack trace
--------------------------------


Workaround (if any)
-------------------
Workaround -

Added hostheader on IIS7 SITE  as per -
http://technet.microsoft.com/en-us/library/cc753195(v=ws.10).aspx
In my case hostheader value in BINDINGS  was - vm8.sg.oracle.com


Now with this workaround  , No http 500 error.


[oracle@vm117 ~]$ telnet vm811.sg.oracle.com 80
Trying 10.186.81.181...
Connected to vm811.sg.oracle.com (10.186.81.181).
Escape character is '^]'.
GET / HTTP/1.0

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 16 Oct 2014 11:32:54 GMT
Connection: close
Content-Length: 315


Changes

 None

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms