Duplication of HTTP headers at first outbound call using mutual SSL-authentication
Last updated on MARCH 02, 2017
Applies to:Siebel CRM - Version 18.104.22.168  and later
Duplicate HTTP headers (such as "soapAction", "Content-Type", "Accept" and "Authorization") can be produced
int the 1st (since Siebel Siebel Server startup) outbound HTTP call (e.g. Outbound Web Service call) from Siebel CRM / EAI HTTP Transport when following conditions are met:
- OS type of Siebel Application Server is Unix
- HTTP is secured using mutual-SSL authentication
- external Web Server requests user authentication (e.g. basic HTTP Authentication)
This may lead that external Web Service provider (e.g. the SOAP Service implementation) fails to properly proceed the request (returns HTTP 500).
NOTE: the detailed tracing of the EAI Transport events will not show the duplication. This could be captured in either by a network sniffer or by external web sever logger.
The issue has been detected and reproduced for Siebel CRM running on OS Linux and connecting by SOAP/HTTP-SSL to service running on Oracle WebLogic Server 10.3.6.0.5 on OS Linux
The behaviour could not be reproduced, when Siebel CRM was running on Windows OS and on any OS type when server-only SSL authentication was used.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms