Uploaded image for project: 'OpenNMS'
  1. OpenNMS
  2. NMS-7866

Incorrect host in Location header when creating resources via ReST

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved (View Workflow)
    • Blocker
    • Resolution: Fixed
    • 17.0.0
    • 17.1.0
    • REST
    • Security Level: Default (Default Security Scheme)
    • None
    • Newts - Sprint 7

    Description

      In the following request/response to the ReST API:

      $ curl -v -u admin:admin -H "Content-Type: application/json" -X POST -d '{"foreign-source":"test2","node":[]}' http://127.0.0.1:8980/opennms/rest/requisitions
      *   Trying 127.0.0.1...
      * Connected to 127.0.0.1 (127.0.0.1) port 8980 (#0)
      * Server auth using Basic with user 'admin'
      > POST /opennms/rest/requisitions HTTP/1.1
      > Authorization: Basic YWRtaW46YWRtaW4=
      > User-Agent: curl/7.40.0
      > Host: 127.0.0.1:8980
      > Accept: */*
      > Content-Type: application/json
      > Content-Length: 36
      >
      * upload completely sent off: 36 out of 36 bytes
      < HTTP/1.1 303 See Other
      < Set-Cookie: JSESSIONID=f6xa2855mfd113a1zoeambgkp;Path=/opennms
      < Expires: Thu, 01 Jan 1970 00:00:00 GMT
      < Location: http://localhost:8980/opennms/rest/requisitions/test1
      < Date: Thu, 10 Sep 2015 01:12:22 GMT
      < Content-Length: 0
      < Server: Jetty(8.1.10.v20130312)
      <
      * Connection #0 to host 127.0.0.1 left intact
      

      The host in the returned Location header is set to localhost:8980, which differs from the host in the request 127.0.0.1:8980.

      As originally reported in NMS-7845 this can cause authentication errors, since existing session cookies attached to the 127.0.0.1:8980 host will no longer be used when following the redirect to localhost:8980.

      Attachments

        1. Bug.png
          Bug.png
          68 kB
        2. No-Proxy.png
          No-Proxy.png
          186 kB

        Issue Links

          Activity

            People

              j-white Jesse White
              j-white Jesse White
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: