Bug 50689

Summary: FormAuthenticator does not respond properly to 'Expect: 100-Continue' header
Product: Tomcat 6 Reporter: Richard Kennard <richard>
Component: CatalinaAssignee: Tomcat Developers Mailing List <dev>
Status: RESOLVED FIXED    
Severity: normal CC: richard
Priority: P2    
Version: 6.0.20   
Target Milestone: default   
Hardware: PC   
OS: All   
Attachments: 2011-01-30_tc6_50689.patch

Description Richard Kennard 2011-01-29 15:42:48 UTC 
Hi guys,

First, thank you for creating Tomcat! I've used it over and over again for more than a decade and it's been a wonderful help to me.

I've been tracking a bug in my app which seemed like a bug in HttpClient and now (according to the HttpClient guys) appears to be a bug in Tomcat.

Details of the bug, including analysis and test case, attached here:

   https://issues.apache.org/jira/browse/HTTPCLIENT-1048

Essentially if FormAuthenticator receives an HTTP request containing a 'Expect: 100-Continue' header, it is meant to respond with either a 100 or a 417 in order to request the body of the request. But instead, Tomcat is not responding at all. Luckily a 'fallback' use case of the spec is that the client should wait, say, 2 seconds then send the body anyway.

The result is that logging in takes much longer (2 longers versus 10ms) than expected, which can be a problem for people doing automated testing against FormAuthenticator.

Note the issue may affect use cases beyond FormAuthenticator too.

Regards,

Richard.
Comment 1 Konstantin Kolinko 2011-01-29 16:21:20 UTC 
Reproducible with the current 6.0.x with Bio and Nio HTTP connectors.

Does not happen with the current trunk with Bio and Nio HTTP connectors.
Does not happen with the 7.0.6 with Bio, Nio and APR HTTP connectors.
The relevant test was added to TC7 testsuite in r987948

So, it looks like backporting r987948 is the way to go.
Comment 2 Konstantin Kolinko 2011-01-29 16:51:26 UTC 
Created attachment 26576 [details]
2011-01-30_tc6_50689.patch

Patch for tc6.0.x. It is backport of r987948.
Confirming that it fixes the issue.
Comment 3 Richard Kennard 2011-01-30 16:47:33 UTC 
Terrific! Thanks for the quick response guys!

Richard.
Comment 4 Konstantin Kolinko 2011-02-01 22:03:37 UTC 
Fixed in 6.0, will be in 6.0.32.