Duplication of HTTP headers at first outbound call using mutual SSL-authentication
(Doc ID 1641476.1)
Last updated on APRIL 03, 2019
Applies to:Siebel CRM - Version 220.127.116.11  and later
Duplicate HTTP headers (such as "soapAction", "Content-Type", "Accept" and "Authorization") can be produced
int the 1st (since Siebel Siebel Server startup) outbound HTTP call (e.g. Outbound Web Service call) from Siebel CRM / EAI HTTP Transport when following conditions are met:
- OS type of Siebel Application Server is Unix
- HTTP is secured using mutual-SSL authentication
- external Web Server requests user authentication (e.g. basic HTTP Authentication)
This may lead that external Web Service provider (e.g. the SOAP Service implementation) fails to properly proceed the request (returns HTTP 500).
NOTE: the detailed tracing of the EAI Transport events will not show the duplication. This could be captured in either by a network sniffer or by external web sever logger.
The issue has been detected and reproduced for Siebel CRM running on OS Linux and connecting by SOAP/HTTP-SSL to service running on Oracle WebLogic Server 10.3.6.0.5 on OS Linux
The behaviour could not be reproduced, when Siebel CRM was running on Windows OS and on any OS type when server-only SSL authentication was used.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!