The denoted HTTP method MKCALENDAR is not supported due to CVE-2011-3348 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348). Unfortunately, that method is badly needed to support up-to-date CalDAV clients.
Can you elaborate on what that CVE has to do with the MKCALENDAR method and attach a log of mod_proxy_ajp doing something wrong?
AFAIU the result of the CVE is to return HTTP_NOT_IMPLEMENTED instead of HTTP_BAD_REQUEST which marked the the active node as "in error" state to prevent the DOS. The main problem seems to be that mod_proxy_ajp responds with "No such method MKCALENDAR" to MKCALENDAR request. [Fri Dec 14 12:24:49 2012] [debug] mod_proxy_ajp.c(45): proxy: AJP: canonicalising URL //localhost:8009/servlet/dav/caldav/B731244A-5D06-4941-83F1-880A1EAE6343/ [Fri Dec 14 12:24:49 2012] [debug] proxy_util.c(1525): [client 192.168.32.238] proxy: *: found reverse proxy worker for ajp://localhost:8009/servlet/dav/caldav/B731244A-5D06-4941-83F1-880A1EAE6343/ [Fri Dec 14 12:24:49 2012] [debug] mod_proxy.c(1020): Running scheme ajp handler (attempt 0) [Fri Dec 14 12:24:49 2012] [debug] mod_proxy_ajp.c(681): proxy: AJP: serving URL ajp://localhost:8009/servlet/dav/caldav/B731244A-5D06-4941-83F1-880A1EAE6343/ [Fri Dec 14 12:24:49 2012] [debug] proxy_util.c(2011): proxy: AJP: has acquired connection for (*) [Fri Dec 14 12:24:49 2012] [debug] proxy_util.c(2067): proxy: connecting ajp://localhost:8009/servlet/dav/caldav/B731244A-5D06-4941-83F1-880A1EAE6343/ to localhost:8009 [Fri Dec 14 12:24:49 2012] [debug] proxy_util.c(2193): proxy: connected /servlet/dav/caldav/B731244A-5D06-4941-83F1-880A1EAE6343/ to localhost:8009 [Fri Dec 14 12:24:49 2012] [debug] proxy_util.c(2444): proxy: AJP: fam 2 socket created to connect to * [Fri Dec 14 12:24:49 2012] [debug] ajp_header.c(224): Into ajp_marshal_into_msgb [Fri Dec 14 12:24:49 2012] [error] ajp_marshal_into_msgb - No such method MKCALENDAR [Fri Dec 14 12:24:49 2012] [error] ajp_send_header: ajp_marshal_into_msgb failed [Fri Dec 14 12:24:49 2012] [error] (120010)APR does not understand this error code: proxy: AJP: request failed to (null) (*) [Fri Dec 14 12:24:49 2012] [debug] proxy_util.c(2029): proxy: AJP: has released connection for (*) Using Apache 2.2.16-6+squeeze10 in a setup with proxy_balancer and proxy_ajp here. Switching to proxy_http as a workaorund lets Apache accept MKCALENDAR requests.
It looks to me like mod_proxy_ajp simply cannot forward methods it doesn't know, and it didn't know about this method before the CVE fix either. If you agree, please change the subject of the bug to "add MKCALENDAR method to mod_proxy_ajp"
Sorry, subject is already appropriate!
Can you try the patch available at: http://people.apache.org/~rjung/patches/httpd-2_2_x-ajp-unknown_-methods.patch and report back? It is a straightforward port from mod_jk. If it still doesn't work: what's the backend and which version?
Thanks, i'll have a look at the patch.
We just tested the patch successfully. MKCALENDAR is working now via mod_proxy_ajp. Additionally we ran our testuite of dav tests against the patched module and couldn't find any regressions either. Thank you very much for the quick response.
Thanks for confirming the patch. Fixed in trunk with r1435178. Backport to 2.4.x proposed. When backport happens, I will also propose for 2.2.
Applied to 2.4.x in r1436400. Will be part of 2.4.4. Proposed for backport to 2.2.x.
Backported to 2.2.x today. Should be part of 2.2.24.
fixed in 2.4.4 and 2.2.24