On Sun, Apr 11, 2010 at 2:45 PM, rangeli nepal <rangeli.nepal@xxxxxxxxx> wrote: > Just to verify my suspicion about the payload I set the authorization header > to my name. It works well. I mean it went well fore small pay load. > However, with the token it determines that it is a bad request before it get > the full header. > > An example of tcpdump > 14:33:57.928844 IP blueye.cis.foo.com.3190 > 10.31.30.26.http: . > 17:1377(1360) ack 1 win 65044 > 0x0000: 4500 0578 a714 4000 7d06 e80f c0a8 807a E..x..@.}......z > 0x0010: 0a1f 1e1a 0c76 0050 006b ff83 4832 346d .....v.P.k..H24m > 0x0020: 5010 fe14 86b8 0000 4175 7468 6f72 697a P.......Authoriz > 0x0030: 6174 696f 6e3a 2053 414d 4c32 2061 7373 ation:.SAML2.ass > 0x0040: 6572 7469 6f6e 3d7a 5666 6263 7170 4b45 ertion=zVfbcqpKE > 0x0050: 4832 3379 6e2b 7732 492b 7042 4e42 676f H23yn+w2I+pBNBgo > 0x0060: 6858 6478 6456 6777 4551 4546 4e2b 346a hXdxdVgwEQEFN+4j > 0x0070: 4944 4351 4267 5139 4f76 506f 4e46 6a62 IDCQBgQ9OvPoNFjb > 0x0080: 7676 7363 336b 3456 7157 556e 7537 4636 vvsc3k4VqWUnu7F6 > 0x0090: 7458 540a 4d35 3248 6e31 5563 7462 5967 tXT.M52Hn1UctbYg You've got a newline (hex 0a) in there, so httpd thinks a new header field starts afterwards, with name "M52Hn1Uct...". > 0x0020: 5018 042e 6c48 0000 4854 5450 2f31 2e31 P...lH..HTTP/1.1 > 0x0030: 2034 3030 2042 6164 2052 6571 7565 7374 .400.Bad.Request > 0x0040: 0d0a 4461 7465 3a20 5375 6e2c 2031 3120 ..Date:.Sun,.11. > 0x0050: 4170 7220 3230 3130 2031 383a 3333 3a35 Apr.2010.18:33:5 > 0x0060: 3720 474d 540d 0a53 6572 7665 723a 2041 7.GMT..Server:.A > 0x0070: 7061 6368 652f 322e 322e 3135 2028 556e pache/2.2.15.(Un > 0x0080: 6978 2920 6d6f 645f 7373 6c2f 322e 322e ix).mod_ssl/2.2. > 0x0090: 3135 204f 7065 6e53 534c 2f30 2e39 2e37 15.OpenSSL/0.9.7 > 0x00a0: 6120 6d6f 645f 6a6b 2f31 2e32 2e33 300d a.mod_jk/1.2.30. > 0x00b0: 0a43 6f6e 7465 6e74 2d4c 656e 6774 683a .Content-Length: > 0x00c0: 2034 3938 0d0a 436f 6e6e 6563 7469 6f6e .498..Connection > 0x00d0: 3a20 636c 6f73 650d 0a43 6f6e 7465 6e74 :.close..Content > 0x00e0: 2d54 7970 653a 2074 6578 742f 6874 6d6c -Type:.text/html > 0x00f0: 3b20 6368 6172 7365 743d 6973 6f2d 3838 ;.charset=iso-88 > 0x0100: 3539 2d31 0d0a 0d0a 3c21 444f 4354 5950 59-1....<!DOCTYP > 0x0110: 4520 4854 4d4c 2050 5542 4c49 4320 222d E.HTML.PUBLIC."- > 0x0120: 2f2f 4945 5446 2f2f 4454 4420 4854 4d4c //IETF//DTD.HTML > 0x0130: 2032 2e30 2f2f 454e 223e 0a3c 6874 6d6c .2.0//EN">.<html > 0x0140: 3e3c 6865 6164 3e0a 3c74 6974 6c65 3e34 ><head>.<title>4 > 0x0150: 3030 2042 6164 2052 6571 7565 7374 3c2f 00.Bad.Request</ > 0x0160: 7469 746c 653e 0a3c 2f68 6561 643e 3c62 title>.</head><b > 0x0170: 6f64 793e 0a3c 6831 3e42 6164 2052 6571 ody>.<h1>Bad.Req > 0x0180: 7565 7374 3c2f 6831 3e0a 3c70 3e59 6f75 uest</h1>.<p>You > 0x0190: 7220 6272 6f77 7365 7220 7365 6e74 2061 r.browser.sent.a > 0x01a0: 2072 6571 7565 7374 2074 6861 7420 7468 .request.that.th > 0x01b0: 6973 2073 6572 7665 7220 636f 756c 6420 is.server.could. > 0x01c0: 6e6f 7420 756e 6465 7273 7461 6e64 2e3c not.understand.< > 0x01d0: 6272 202f 3e0a 5265 7175 6573 7420 6865 br./>.Request.he > 0x01e0: 6164 6572 2066 6965 6c64 2069 7320 6d69 ader.field.is.mi > 0x01f0: 7373 696e 6720 273a 2720 7365 7061 7261 ssing.':'.separa > 0x0200: 746f 722e 3c62 7220 2f3e 0a3c 7072 653e tor.<br./>.<pre> > 0x0210: 0a4d 3532 486e 3155 6374 6259 6751 3245 .M52Hn1UctbYgQ2E Here it appears in the error response as the header field with a problem. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|