Resource configured to use "Forward Received Hostname" is not removing the port from the client requests

  • 7004852
  • 11-Nov-2009
  • 26-Apr-2012

Environment


Novell Access Manager
Novell Access Manager 3.1 Netware Access Gateway

Situation

When setting up a path based accelerator behind SSL, with no SSL from LAG to back-end webserver, an issue appears where the port is not removed from the client requests.

The following example shows the issue - note that the web server (ncsles10.lab.novell.com) is listening on TCP 8080 but is being accelerated at the proxy (lag129.lab.novell.com) on TCP 443.
 
1. Client sends a request to the proxy. The proxy forwards the request as
 
GET /servlets-examples/ HTTP/1.1
Host: ncsles10.lab.novell.com:8080
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/x-ms-applicati
on, application/x-ms-xbap, application/vnd.ms-xpsdocument, application/xaml+xml, */*
Accept-Language: en-US,en-IE;q=0.5
Ua-Cpu: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.
5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Cookie: novell_language=en-us; CoreID6=23495995982212440449949; __utma=64695856.419410920.1252432782.1252432782.125243
2782.1; __utmz=64695856.1252432782.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Via: 1.1 lag129.lab.novell.com (Access Gateway 3.1.1-247)
 
2. Get a response back from the Web server referencing objects on TCP 8080
 
Status:  200 OK
ETag: W/"5035-1204851982000"
Last-Modified: Fri, 07 Mar 2008 01:06:22 GMT
Content-Type: text/html
Content-Length: 5035
Date: Tue, 17 Nov 2009 15:59:42 GMT
Server: Apache-Coyote/1.1
// snippet of HTML code
 
<td VALIGN=TOP WIDTH="30%"><a href="http://ncsles10.lab.novell.com:8080/servlet/HelloWorldExample"><img SRC="http://ncsles10.lab.novell.com:8080/images/execute.gif"HSPACE=4 BORDER=align=TOP></a><a href="http://ncsles10.lab.novell.com:8080/servlet/HelloWorldExample">Execute</a></td>

<td WIDTH="30%"><a href="http://ncsles10.lab.novell.com:8080/servlet/helloworld.html"><img SRC="http://ncsles10.lab.novell.com:8080/images/code.gif"HSPACE=4 BORDER=0 height=24 width=24 align=TOP></a><a href="http://ncsles10.lab.novell.com:8080/servlet/helloworld.html">Source</a></td>
</tr>
3. Response from LAG back to browser
 
HTTP/1.x 200 OK
ETag: W/"5035-1204851982000"
Last-Modified: Fri, 07 Mar 2008 01:06:22 GMT
Date: Tue, 17 Nov 2009 16:13:23 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html
Content-Length: 5035
Cache-Control: no-store, no-cache
Via: 1.1 lag129.lab.novell.com (Access Gateway 3.1.1-247)

// snippet of HTML code
 
<td>Hello World</td>

<td VALIGN=TOP WIDTH="30%"><a href="http://ncsles10.lab.novell.com:8080/servlet/HelloWorldExample"><img SRC="http://ncsles10.lab.novell.com:8080/images/execute.gif"HSPACE=4 BORDER=align=TOP></a><a href="http://ncsles10.lab.novell.com:8080/servlet/HelloWorldExample">Execute</a></td>

<td WIDTH="30%"><a href="http://ncsles10.lab.novell.com:8080/servlet/helloworld.html"><img SRC="http://ncsles10.lab.novell.com:8080/images/code.gif"HSPACE=4 BORDER=0 height=24 width=24 align=TOP></a><a href="http://ncsles10.lab.novell.com:8080/servlet/helloworld.html">Source</a></td>
</tr>

Resolution

In the Host Header drop down box under the Web Servers tab for the reverse proxy, do not use "Forward Received Hostname", but rather use "Web Server Hostname" as this setting will re-write the DNS name & Port correctly.

Status

Reported to Engineering

Feedback service temporarily unavailable. For content questions or problems, please contact Support.