A servlet engine (Jetty) is running behind an Apache Httpd server, forwarded using mod_proxy_http
. This is running a small servlet that accepts PUT
requests and is authenticated using HTTP Basic authentication (handled within Jetty).
When doing a direct (non-proxied) PUT
request with curl
, using the wrong authentication credentials, the server returns a 401 status code as expected:
curl -v -T testfile -u user:WRONG_PASSWORD http://localhost:8080/myservlet/
This interrupts the requests as soon as the status code is received, so curl doesn't upload the whole body, but stops early (HTTP error before end of send, stop sending
).
* About to connect() to localhost port 8080 (#0)
* Trying 127.0.0.1... connected
* Server auth using Basic with user 'user'
> PUT /myservlet/testfile HTTP/1.1
> Authorization: Basic xxxxxxxxxxxxxxxxx
> User-Agent: curl/7.22.0
> Host: localhost:8080
> Accept: */*
> Content-Length: 3672
> Expect: 100-continue
>
< HTTP/1.1 401 Unauthorized
< Date: xxxxxxxxxxxxxxxx
* Authentication problem. Ignoring this.
< WWW-Authenticate: basic realm="Test Realm"
< Content-Length: 0
< Server: Jetty(7.4.5.v20110725)
* HTTP error before end of send, stop sending
<
* Closing connection #0
In contrast, when behind mod_proxy_http
, there's a 100 Continue
response sent almost straight away by Apache Httpd, which curl does interpret as continue
, so it sends the entire request (We are completely uploaded and fine
) before it eventually gets the 401
response.
* Trying 127.0.0.1... connected
* Server auth using Basic with user 'user'
> PUT /myservlet/testfile HTTP/1.1
> Authorization: Basic xxxxxxxxxxxxxxxxx
> User-Agent: curl/7.22.0
> Host: localhost
> Accept: */*
> Content-Length: xxxxxx
> Expect: 100-continue
>
< HTTP/1.1 100 Continue
* We are completely uploaded and fine
< HTTP/1.1 401 Unauthorized
< Date: xxxxxxxxxxxxxxxx
< Server: Jetty(7.4.5.v20110725)
* Authentication problem. Ignoring this.
< WWW-Authenticate: basic realm="Test Realm"
< Content-Length: 0
< Via: 1.1 localhost
< Content-Type: xxxxxxxxxxxxxx
<
* Connection #0 to host localhost left intact
* Closing connection #0
Is there a way to prevent mod_proxy_http
from using the 100 Continue
code and to make it wait for the 401
status code from the backend server before sending its first response?
I've tried to follow the following suggestion from this question, but this didn't solve the problem (it wasn't quite the same problem anyway):
ProxyPass /myservlet/ http://localhost:8080/myservlet/
<Location /myservlet/>
RequestHeader unset Expect early
</Location>
0 Answers