DataPower is preventing POST based HTTP redirect in accordance with RFC and displays this as part of the error in the logs:
Redirect and failed due to non idempotent request method. (RFC 2616 sec 10.3)
This technote pertains to the following errors.
Example 1: This example shows the service getting the following message: a Backside header failed to parse due to: Failed to establish a backside connection with a HTTP Redirect and failed due to non idempotent request method. (RFC 2616 sec 10.3) message.
web-application-firewall (CookieEncrypt): Backside header failed to
parse due to: Failed to establish a backside connection
12:20:53 webapp-firewall warn 60452 10.176.3.97 HTTP Redirect from
'http://10.176.3.97:8080/cgi-bin/WebObjects.exe/IndvGate.woa/5/wo/2jHo28
QYOlhC2RZ1XQ15DE5OKo8/0.1.2.27.3.SecureSignOn.1' failed due to non
idempotent request method. (RFC 2616 sec 10.3)
Example 2: This example shows an HTTP response code 302,HTTP Redirect and failed due to non idempotent request method - RFC 2616 sec 10.3 message.
Wed May 21 2008 10:39:11 [mpgw][info] mpgw(ECP-MPGW):
tid(369602)[9.65.237.170]: HTTP response code 302 for
'http://9.65.237.170:8080/forum/ucplogin.php?mode=login'
Wed May 21 2008 10:39:11 [mpgw][warn] mpgw(ECP-MPGW):
tid(369602)[9.65.237.170]: HTTP Redirect from
'http://9.65.237.170:8080/forum/ucplogin.php?mode=login' failed due to
non idempotent request method - RFC 2616 sec 10.3.
Wed May 21 2008 10:39:11 [mpgw][error] mpgw(ECP-MPGW):
tid(369602)[9.65.237.170]: Backside header failed to parse due to:
Failed to establish a backside connection
302,HTTP Redirect and failed due to non idempotent request method - RFC 2616 sec 10.3 message.
This is caused by the adherence to the HTTP RFC 2616 by the Datapower Appliance.
For additional information on the RFC you may see this page RFC2616
WebSphere DataPower XI50 and XS40
Backside header failed to parse due to: Failed to establish a backside connection failed due to non idempotent request method. (RFC 2616 sec 10.3)
To resolve the issue, the IBM WebSphere DataPower SOA appliance web application firewall can be configured to handle these "302 Redirects". Follow the steps outlined in the attached document that explain how to configure a web application firewall to handle the redirects using the attached ResetLocation.xsl stylesheet. With the specified edit for your environment, this file will handle most simple use cases and may also be edited to handle any additional requirements for your specific business solution.
Segment | Product | Component | Platform | Version | Edition |
---|---|---|---|---|---|
Business Integration | WebSphere DataPower XML Security Gateway XS40 | Not Applicable | Firmware | 4.0.1, 3.8.2, 3.8.1, 3.8, 3.7.3 | Edition Independent |
Business Integration | WebSphere DataPower SOA Appliances | General | Firmware | 4.0.1, 3.8.2, 3.8.1, 3.8, 3.7.3 | Edition Independent |