7 Replies Latest reply on Mar 23, 2012 11:40 AM by Udo

    Apex Listener 1.1  on OC4j problem with download from apex 4.1

    Klaus Linhard
      Hello,
      in Apex 4.1 i have branch on page which calls a plsql procedure to download a blob.
      http://MyHost:8888//apex/f?p=101:3:::::P3_DOC_ID,P3_DOC_TYPE:2547406803765390,1

      Everything worked fine with apex listener 1.0 and Apex 4.0 on OC4j. Now i am on Apex 4.1 with the listener 1.1. Downloading the File from the browser is still not a problem but
      when i but that link in a little Java-Program (see below) i get the following error:

      "Exception in thread "main" java.net.ProtocolException: Server redirected too many times (20)". With the older versions i had not that problem.




      Little Java Programm:

      import java.io.IOException;
      import java.io.InputStream;
      import java.net.HttpURLConnection;
      import java.net.URL;

      public class Test
      {
      public static void main(String[] args) throws IOException
      {
      //Ggf. URL aktualisieren!!!
      URL url = new URL("http://MyHost:8888//apex/f?p=101:3:::::P3_DOC_ID,P3_DOC_TYPE:2547406803765390,1");
      HttpURLConnection connection = (HttpURLConnection) url.openConnection();
      connection.setRequestMethod("GET");
      InputStream in = connection.getInputStream(); // <-- Hier wird der Fehler geworfen!!!
      System.out.println("OK: "+in);
      }
      }

      Also to mention is when i switch on the embedded gateway, everything works fine.



      Any help would be very nice !

      Thanks Klaus

      Edited by: user1705445 on Mar 21, 2012 10:04 AM

      Edited by: user1705445 on Mar 21, 2012 10:28 AM

      Edited by: user1705445 on Mar 22, 2012 3:55 AM
        • 1. Re: Apex Listener 1.1  on OC4j problem with download from apex 4.1
          Udo
          Hello Klaus,

          I have a few questions concerning your issue:

          1. Do you see any error for this call in APEX Listener's log?
          2. Does it still work with the APEX Listener version (1.0.x) you've used with APEX 4.0?
          3. Does your APEX 4.1 instance work with your current setup besides that issue?
          4. How did you upgrade your APEX Listener deployment?
          5. And could you please provide some more information on the page you have? Best would be instructions on how to build a page that could reproduce the error. Try to find the minimum for this.

          With the help of these information it should be possible to isolate the cause and find a solution for that problem.

          -Udo
          • 2. Re: Apex Listener 1.1  on OC4j problem with download from apex 4.1
            Klaus Linhard
            Hello Udo,
            thanks for your quick response!
            I have made further test to that issue.

            1. Do you see any error for this call in APEX Listener's log?
            When i download the file with the browser the status of listener repsonds that in the statistic (Total File Downloads:     1).
            When i do the download with the little Java Program, it seems that the listener to not notice that, because there is no error and absolutly nothing
            in the log file.

            There is also an interesting thing:
            When i use the following shorten link "http://MyHost:8888/apex" in the little java programm, the same result comes up.
            "Exception in thread "main" java.net.ProtocolException: Server redirected too many times (20)"
            Thats shows that the problem has nothing do to with the branch on page, session, application_id ....


            2. Does it still work with the APEX Listener version (1.0.x) you've used with APEX 4.0?
            No, absolut exact problem with Apex Listener 1.0.2 on Apex 4.1 (not Apex 4.1.1 !)

            I made also a test with Apex Listener 1.1 in Standalone Mode. Exact the same problem appears.


            3. Does your APEX 4.1 instance work with your current setup besides that issue?
            Besides that issue the APEX 4.1 instance with Apex Listener 1.1 works fine.


            4. How did you upgrade your APEX Listener deployment?
            At the end i did a complete new installation of the oc4j and deployment on a Windows 2008 Server 64bit with a new configuration of of the Apex Listener
            For the new configuration i deleted the apex-Folder including the apex-config.xml in my case under C:\Users\Administrator\AppData\Local\Temp\2\



            5. And could you please provide some more information on the page you have? Best would be instructions on how to build a page that could reproduce the error. Try to find the minimum for this.
            See 1. the minimum is "http://MyHost:8888/apex"


            There is also one thing that might be interesting. When is start up the oc4j it respond the following warning:
            12/03/22 11:42:17 Using config file: C:\Users\ADMINI~1\AppData\Local\Temp\2\apex
            \apex-config.xml
            12/03/22 11:42:17 -- listing properties --
            12/03/22 11:42:17 PropertyCheckInterval=60
            12/03/22 11:42:17 ValidateConnection=true
            12/03/22 11:42:17 MinLimit=1
            12/03/22 11:42:17 MaxLimit=10
            12/03/22 11:42:17 InitialLimit=3
            12/03/22 11:42:17 AbandonedConnectionTimeout=900
            12/03/22 11:42:17 MaxStatementsLimit=10
            12/03/22 11:42:17 InactivityTimeout=1800
            *2012-03-22 11:42:18.008 WARNING Error while registering Oracle JDBC Diagnosabili*
            ty MBean.+
            12/03/22 11:42:18 MaxConnectionReuseCount=1000
            12/03/22 11:42:18 APEX Listener version : 1.1.3.243.11.40
            12/03/22 11:42:18 APEX Listener server info: Oracle Containers for J2EE 10g (10.
            1.3.5.0)
            12/03/22 11:42:18 Oracle Containers for J2EE 10g (10.1.3.5.0) initialized


            Thanks for your help !!
            Klaus

            Edited by: user1705445 on Mar 22, 2012 3:57 AM

            Edited by: user1705445 on Mar 22, 2012 3:57 AM
            • 3. Re: Apex Listener 1.1  on OC4j problem with download from apex 4.1
              Udo
              Hello Klaus,

              the information gathered from your answers indicate that this is not an issue with APEX Listener, and there is no relation with the warning you see for the Oracle JDBC Diagnosability MBean .

              I guess it's actually a problem with regular redirects, which is why you don't see anything in the logs.
              Considering your obeservation that "http://MyHost:8888/apex" throws the same exception I took a closer look on your code example. Calling the APEX start page the way you did will always lead to two redirects:

              0. HTTP-Code 301 (Moved Permanently); Location: /apex/
              1. HTTP-Code 302 (Moved Temporarily); Location: http://MyHost:8888/apex/f?p=4550:1:SESSIONID
              (where SESSIONID would be your sessionID)
              2. HTTP-Code 200

              The first redirect (0.) will not work with your HttpURLConnection , because it's a relative URI whereas the class you use expects an absolute URI. You could argue whether this is a shortcoming of the Java class or a bug in APEX Listener or both, because the [url http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30]HTTP/1.1 Specification for the Location header defines
              Location       = "Location" ":" absoluteURI
              but it's a common behaviour that the specification isn't always implemented thoroughly.

              The 302 redirects use the header as expected, so these wouldn't cause a problem.
              The URL you've used in your Test class could lead to a 301 (with relative URI) because you have a slash too much:
              http://MyHost:8888//apex/f?p=101:3:::::P3_DOC_ID,P3_DOC_TYPE:2547406803765390,1
              should be
              http://MyHost:8888/apex/f?p=101:3:::::P3_DOC_ID,P3_DOC_TYPE:2547406803765390,1
              to avoid that redirect.
              However, it seems your class won't succeed afterwards as long as it doesn't take care about session ids and authentication at all. Therefore, I doubt this example has worked with APEX 4.0 before, if your application used any of these. If it doesn't perhaps a change in APEX 4.1 caused this. The only one close to that area seems to be the one described in [url http://docs.oracle.com/cd/E23903_01/doc/doc.41/e21672/toc.htm#CACGICGH]Release Notes section 4.2. If this would be the cause, changig your applications Compatibility Mode to 4.0 should make your Java work again. If it doesn't you need to provide some more details on your application, e.g. how it handles session and authentication. But I think you should move this discussion to {forum:id=137}, because there seems to be no relation to APEX Listener itself.

              My personal recommendation here would be to take a look at a library like the [url http://hc.apache.org/httpcomponents-client-ga/index.html]HttpClient from Apache HttpComponents. The documentation includes a set of nice examples, including form-based login with cookie-usage, which is the default authentication mechanism used by APEX. It will also be able to follow redirects with relative URIs. Note that support for this would be far off topic for this forum.

              Anyway, I hope you get your Java application up and running as expected (again).

              -Udo

              Edited by: Udo on 22.03.2012 22:31
              • 4. Re: Apex Listener 1.1  on OC4j problem with download from apex 4.1
                Klaus Linhard
                Hi Udo,
                thanks again for your help. I did of course paste a wrong URL without Session-Id which is not correct and of course no double slash. Here is the link i use in the Java-Application.

                http://MyHost:8888/apex/f?p=101:3:SESSION_Id::::P3_DOC_ID,P3_DOC_TYPE:2547406803765390,1

                I can follow your Arguments and will try switch the compatibilty mode to 4.0.
                What i still don't understand is the fact that it works perfectly with the Embbeded Gateway under 4.1.

                Anyway i will switch that issue to the Application Express Forum

                -Klaus
                • 5. Re: Apex Listener 1.1  on OC4j problem with download from apex 4.1
                  Udo
                  Hi Klaus,
                  What i still don't understand is the fact that it works perfectly with the Embbeded Gateway under 4.1.
                  Probably it's in the way EPG creates redirects different from APEX Listener: Not compliant with the RFC for HTTP/1.1 either, but obviously usable with HttpURLConnection and URL . But I guess it's not just the Location header that play's a role here. Let's see.

                  Taking the example "APEX Home Page", I get the following series of redirects with APEX 4.0.2
                  1. HTTP-Code 302 Found; Location: /apex/apex
                  2. HTTP-Code 302 Found; Location: f?p=4550:1:SESSIONID1
                  3. HTTP-Code 302 Found; Location: f?p=4550:1:SESSIONID2
                  4. HTTP-Code 200 OK

                  This is one step more than in APEX Listener with 4.1, but APEX Listener with that 4.0.2 instance produces the same number of redirects, which makes me believe that this is part of the changes withing APEX. Just to document that testcase (AL-APEX 4.0.2):
                  0. HTTP-Code 301 Moved Permanently; Location: /apex/
                  1. HTTP-Code 302 Moved Temporarily; Location: http://MyHost:8888/apex/f?p=4550:1:SESSIONID1
                  2. HTTP-Code 302 Moved Temporarily; Location: http://MyHost:8888/apex/f?p=4550:1:SESSIONID2
                  3. HTTP-Code 200 OK

                  where the first redirect (0.) happens of course only when calling +/apex+ instead of +/apex/+ (Note: I edited my post above to have this numbering scheme there as well).

                  So, I'm still not sure setting Compatibility Mode to 4.0 will actually solve the problem, as your code probably didn't work with 4.0 using APEX Listener. I just took your example and let it run against my test instance, comparing the request chains. Your HTTP client doesn't support cookies needed for APEX Listeners session mapping. Since each request without that session cookie will be treated as a new request, it will get an additional redirect with a new session cookie and a new session ID. This is where the loop starts - for both APEX 4.0 and 4.1.
                  EPG, on the other side, seems not to depend on the session cookie.

                  To summarize: It's not the redirect implementation itself but the session cookie handling that causes this redirect loop. You could decide to either stay with EPG for your Java client or, as suggested before, use a better HTTP client library capable of working with cookies. Of course you could implement cookie handling yourself, but I don't think reinventing the wheel would do any good.

                  -Udo

                  P.S.:
                  If you decide to open a thread in APEX forum for this, please post the follow-up link here and mark this thread as answered.
                  If my summary is answer enough for your question, please also mark this thread as answered and any helpful or correct answer accordingly so other users searching for a similar problem can spot relevant posts easily.

                  Thanks!

                  Edited by: Udo on 22.03.2012 23:42
                  • 6. Re: Apex Listener 1.1  on OC4j problem with download from apex 4.1
                    Klaus Linhard
                    Hi Udo,
                    you are right ! Changing the Combatibility Mode to 4.0 is not the solution.
                    My HTTP client library is not compliant with RFC for HTTP/1.1 and that seems to be the problem and the difference related to the session cookie handling between the Embedded Gateway and Apex Listener explains why it works with the Embedded Gate and not with Apex Listener.

                    But there is still one (the last) question:
                    Why it worked (and that it worked iam 100% shure) with Apex Listener 1.02 together with Apex 4.0 ??

                    Thank you Udo for your really helpfull statements !!

                    - Klaus
                    • 7. Re: Apex Listener 1.1  on OC4j problem with download from apex 4.1
                      Udo
                      Hi Klaus,
                      My HTTP client library is not compliant with RFC for HTTP/1.1
                      I think this is a misunderstanding. I guess your client is compliant with that RFC, but both EPG and APEX Listener are not. But this seems just to concern the Location header in Redirects and only causes problems with 301 redirects with your client. It seems that 302 redirects are handled correctly.
                      the difference related to the session cookie handling between the Embedded Gateway and Apex Listener explains why it works with the Embedded Gate and not with Apex Listener.
                      Which is the actual cause for the problem. Your client does not send those cookies with the request. This is a lack of functionality in that client (namely functionality you'd have to implement yourself when using that class). So your client is not compliant with HTTP-Cookie RFC, which is a different standard then HTTP itself.
                      Why it worked (and that it worked iam 100% shure) with Apex Listener 1.02 together with Apex 4.0 ??
                      I apologize that I made a wrong assumption on that one. I just digged out the old APEX Listener version and tested. It seems as if APEX Listener used jsessionid for internal session handling. This has probably been dropped due to possible security issues with that functionality, and since APEX has it's own session handling anyway, I assume the internal handling has been coupled to that session cookie. Unfortunately, your client doesn't support it and hence APEX Listener (after 1.0) isn't able to track your (web server) session and creates a new one for every request, which also leads to a new APEX session - and hence a redirect to the URL with that session id.

                      I think it's very unlikely that APEX Listener will go back to a different session mapping for security reasons, which leaves you up to (at least) the following three options:

                      1. Go back to APEX Listener 1.0.2 (not recommended)
                      2. Implement Cookie Handling yourself
                      3. Use a different HTTP client library that supports cookie handling (recommended and suggested before)

                      This was a very informative investigation for me as well. Thanks for bringing up that issue! ;)

                      -Udo

                      (As mentioned before, it is very helpful for others to mark your thread as answered and helpful or correct answers accordingly. Thanks!)