1 Reply Latest reply on Nov 20, 2009 2:52 AM by asabban

    Could Webwasher be losing POST information?

      One of our web applications is having some problems.  It's a testing platform, and the only way to get from page to page is by posting a form.  We are having a number of errors where information that should be in the POST body is being lost.

       

      We do not have any way to get from page to page using a GET request

      We are getting GET requests when we are expecting POST requests

      The HTTP_REFERER header is correctly set

      The HTTP_VIA string seems to show that the user is coming through a chain of 4 proxies.  It seems to go from squid 2.7 -> webwasher 6.8.5.4971 -> squid 2.6 -> squid 2.6.

       

      The users are not hackers - the problems are coming from schools running tests for children.

       

      Looking for information on the net, I found one thing that might have something to do with it, in a PDF entitled "Transparent Authentication Guide - Webwasher Web Gateway Security".  This says that "POST requests will fail if the ICAP server sends an redirect to the authen- tication server.

      This affects, however, only the renewal of the mapping since for the browser the request was successful, and the POST body will not be sent again after the final redirect."

       

      This sounds like it could possibly have something to do with our issue.  Could anyone help me with this, explain what the problem might be and how I might go about fixing it (or changing my web application to get around the issue).  I assume that our web application must be doing something unusual else they would have problems with every POST form on the internet.

       

      If anyone has any other suggestions I would love to hear them.

       

      Thanks,

       

       

      David

        • 1. Re: Could Webwasher be losing POST information?
          asabban

          Hello David,

           

          I do not think that the Transparent Authentication is causing the issue. This would only break POST requests if the POST requests comes in when a new authentication redirect is required, and otherwise it would work fine. Can you verify that you are using the Authentication Server? This is only used in specific scenarios and if you are not using it we can directly exclude this as a root cause for the issue.

           

          To do so check if on User Management -> Authentication Server the Listener Port 9094 is activated. If it is, please check the Mappings you have configured on User Management -> Policy Management -> Web Mapping and verify if any of the User- and Group-Mapping has the setting "Extract user/group information from" set to "Transparent Authentication".

           

          If it is not you are not using the Transparent Authentication and are not affected by that common problem.

           

          Besides that it is very difficult to say what is going wrong, I do not have an idea right out of my head. Capturing the traffic may probably help to identify an issue, can you provide some extra debug data here?

           

          I would recommend to file a ticket with support to have a dedicated engineer working on your issue, as I think this is a very customer specific problem and the community won't see similar issues and so won't be able to assist.

           

          Let me know if you have any questions.

           

          Best,

          Andre