PK72757; 6.1.0.19: SRVE0216E: post body contains less bytes than specified

Downloadable files


Abstract

The parameters of POST request might not be accessable with the specific security configuration.

Download Description

PK72757 resolves the following problem:

ERROR DESCRIPTION:

When an application accesses the http parameters of POST request, the following error might be caught.

SRVE0133E: An error occurred while parsing parameters. java.io.IOException: SRVE0216E: post body contains less bytes than specified by content-length is thrown when the security components reads the request with getInputStream() and not setting back the raw un-encoded post data.


This condition might happen when "Use available authentication data when an unprotected URI is accessed" checkbox is checked. This panel can be reached by navigating the admin console as follows:


1. Click Security > Secure administration and applications.
2. Under Authentication, expand Web security and click General settings.

USERS AFFECTED:
All users of IBM WebSphere Application Server V6.1 on Windows/Solaris/AIX/HP/Linux.

PROBLEM DESCRIPTION:
When "Use available authentication data when an unprotected URI is accessed" checkbox in Web security - General settings panel of Administrative Console is checked, a POST request towards unprotected URI may not be processed properly. When this condition occurs, the following error message is logged: SRVE0133E: An error occurred while parsing parameters. java.io.IOException: SRVE0216E: post body contains less bytes than specified by content-length

The cause of the issue is that WebContainer code doesn't restore byte stream which contains POST parameter once the data was taken by the security code.

RECOMMENDATION:

PROBLEM CONCLUSION:
With this fix, the http parameters of the POST requests are preserved.

The fix for this APAR is currently targeted for inclusion in Fix Pack 6.1.0.23 and 7.0.0.3.

Please refer to the Recommended Updates page for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Prerequisites

Please download the UpdateInstaller below to install this fix.

URL LANGUAGE SIZE(Bytes)
UpdateInstaller US English 7250000

Installation Instructions

Please review the readme.txt for detailed installation instructions.

URL LANGUAGE SIZE(Bytes)
Readme US English 8010

Download package


Download RELEASE DATE LANGUAGE SIZE(Bytes) Download Options
What is Fix Central (FC)?
What is DD?
6.1.0.17-WS-WAS-IFPK72757 10/27/2008 US English 47132 FC FTP DD
6.1.0.21-WS-WAS-IFPK72757 12/11/2008 US English 47562 FC FTP DD
7.0.0.0-WS-WAS-IFPK72757 12/11/2008 US English 70159 FC FTP DD
7.0.0.1-WS-WAS-IFPK72757 12/11/2008 US English 71888 FC FTP DD

Technical support

Contact IBM Support using SR (http://www-306.ibm.com/software/support/probsub.html), visit the WebSphere Application Server Support Web site (http://www.ibm.com/software/webservers/appserv/was/support/), or contact 1-800-IBM-SERV(U.S. only).

Problems (APARS) fixed
PK72757

Rate this page:

(0 users)Average rating

Document information


More support for:

WebSphere Application Server
Security

Software version:

6.1.0.17, 6.1.0.19, 6.1.0.21, 7.0, 7.0.0.1

Operating system(s):

AIX, HP-UX, IBM i, Linux, Solaris, Windows

Software edition:

Base, Express, Network Deployment

Reference #:

4021045

Modified date:

2008-10-31

Translate my page

Machine Translation

Content navigation