My Oracle Support Banner

怎样隐藏 "/bea_wls_internal/HTTPClntSend" 这个地址? (Doc ID 2091921.1)

Last updated on DECEMBER 03, 2020

适用于:

Oracle WebLogic Server - 版本 10.3.6 和更高版本
本文档所含信息适用于所有平台

目标

当你在浏览器中访问URL "http://[server]:[port]/bea_wls_internal/HTTPClntSend", 服务器返回 error 500,  同时页面还会显示下面的 java 代码 stack trace.

Error 500--Internal Server Error

java.lang.IllegalArgumentException
at javax.servlet.http.HttpUtils.parseQueryString(HttpUtils.java:103)
at weblogic.rjvm.http.Utils.getQueryStringParameter(Utils.java:97)
at weblogic.rjvm.http.Utils.getConnectionFromID(Utils.java:55)
at weblogic.rjvm.http.TunnelSendServlet.service(TunnelSendServlet.java:16)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:184)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3732)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3696)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)

看起来是一个微小的安全隐患, 应该怎样防止它出现呢 ? 

 

解决方案

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


文档内容
目标
解决方案

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.