PK02899: HTTPCONNECTION IS NOT CLOSED IN THE EVENT OF AN I/O EXCEPTION.

APAR status
Closed as program error.

Error description
Some data remains on the socket input stream and leads to a
failure in a subsequent request.  The result of the data
remaining on the input stream can lead to the following request
failing with illegal POST data.
Local fix
Disabling the keepalive connections between the plugin and
application server.
Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server users using a   *
*                 webserver/plugin and with connections that   *
*                 have KeepAlive enabled.                      *
****************************************************************
* PROBLEM DESCRIPTION: When a webserver/plugin is used as the  *
*                      front end to Application Server and     *
*                      the Http Transport is configured to     *
*                      reuse the connections between the       *
*                      plugin and Transport ( KeepAlive        *
*                      enabled ), it is normal for WAS to      *
*                      receive requests from multiple          *
*                      clients on the same socket. When one    *
*                      client times out while sending data,    *
*                      for instance on a POST request, it's    *
*                      possible for some of the data to be     *
*                      left in the socket receive buffer.      *
*                      If the socket is kept alive and used    *
*                      for a subsequent request, the data      *
*                      left from the first request will be     *
*                      read and processed for the next         *
*                      request. Usually this will lead to a    *
*                      '501' error because the POST data       *
*                      does not match a valid request          *
*                      method. Depending on how this error     *
*                      is handled by the servlet, the old      *
*                      data can be sent back to the new        *
*                      client as part of the error message.    *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
When the WAS plugin is handling a POST request, it will send
the request line and request headers to the AppServer and wait
to send the POST data until receiving a 100 continue response.
It will do this even if the client has not sent all the POST
data to the plugin. Upon reading the request line and headers,
the HttpTransport invokes the servlet engine to dispatch the
requested application. The application then tries to read the
POST data, times out reading the socket, and completes handling
the request. Since the HttpTransport is using persistent
connections, it then does a socket read to obtain the next
request fromt the plugin. However, since the plugin has not
finished sending the POST data, it has not read the response
from the first request and does not realize that the request
has been completed with an error. After completing the send of
the POST data, the response is processed and then the next
request is received and sent to the AppServer.
On the HttpTransport side, the POST data is read as the
beginning of a new request, and data is continued to be read
until a CR/NL signifying the end of the request headers is
found. In this problem, that occurred after reading the headers
for the second request. The POST data, being the first data
read  for the second request, is then interpreted as a request
method and the request fails with a 501 error, invalid method.
Problem conclusion
The HttpTransport has been changed to flag the connection when
a read time out occurs. After completing the handling of the
request, the socket will be closed due to the I/O error. This
will prevent data from a new request from being concatenated to
leftover data from the previous request.
Temporary fix Comments
APAR information
APAR number PK02899
Reported component name WEBSPHERE AE SO
Reported component ID 5630A2202
Reported release 400
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Submitted date 2005-03-22
Closed date 2005-03-22
Last modified date 2005-03-22

APAR is sysrouted FROM one or more of the following:
PQ85432

APAR is sysrouted TO one or more of the following:

Modules/Macros
utils          

Fix information
Fixed component name WEBSPHERE AE SO
Fixed component ID 5630A2202

Applicable component levels
R400 PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PK02899
IBM Group: Software Group
Modified date: Mar 22, 2005