I have strange problem - it looks like Charon proxy does not pass login form data.
My charon version is:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.10.RELEASE</version>
<relativePath /> <!-- lookup parent from repository -->
</parent>
My charon code is simple default Spring Boot starter without any interceptor:
package cz.tsp.kbe;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class CharonTestApplication {
public static void main(String[] args) {
SpringApplication.run(CharonTestApplication.class, args);
}
}
There is configuration - intention is to proxy http://localhost:8080/APG/ to http://172.24.36.70:58080/APG/
application.yml:
charon.mappings:
-
name: my mapping
path: /APG
destinations: http://172.24.36.70:58080
strip-path: false
charon.tracing.enabled:
Problem is with standard tomcat j_security_check form login, when login form data is sent via POST method.
I catched HTTP communication to target using wireshark.
When I access target server directly without charon proxy, the necessary form item j_username and j_password are sent and wireshart see it.
When I access server through proxy, form ites are missing and event ContentLength header is set to zero.
There is wireshark log, first POST is direct to target, second via charon proxy, (I am sending wrong password intentionally to prevent huge wireshark log by page load after login):
No. Time Source Destination Protocol Length Info
22 9.423414 172.24.5.21 172.24.36.70 HTTP 668 POST /APG/j_security_check HTTP/1.1 (application/x-www-form-urlencoded)
Frame 22: 668 bytes on wire (5344 bits), 668 bytes captured (5344 bits) on interface 0
Ethernet II, Src: Flextron_c0:3a:51 (00:21:cc:c0:3a:51), Dst: Cisco_97:8b:8f (b0:fa:eb:97:8b:8f)
Internet Protocol Version 4, Src: 172.24.5.21, Dst: 172.24.36.70
Transmission Control Protocol, Src Port: 50328, Dst Port: 58080, Seq: 1, Ack: 1, Len: 614
Hypertext Transfer Protocol
POST /APG/j_security_check HTTP/1.1\r\n
Host: 172.24.36.70:58080\r\n
Connection: keep-alive\r\n
Content-Length: 37\r\n
[Content length: 37]
Accept: */*\r\n
Origin: http://172.24.36.70:58080\r\n
X-Requested-With: XMLHttpRequest\r\n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36\r\n
Content-Type: application/x-www-form-urlencoded; charset=UTF-8\r\n
Referer: http://172.24.36.70:58080/APG/\r\n
Accept-Encoding: gzip, deflate\r\n
Accept-Language: cs,en;q=0.9,sk;q=0.8,en-US;q=0.7\r\n
Cookie: tree_width=231; JSESSIONID=26FC6E139E445D3E5172606730BD40BC\r\n
Cookie pair: tree_width=231
Cookie pair: JSESSIONID=26FC6E139E445D3E5172606730BD40BC
\r\n
[Full request URI: http://172.24.36.70:58080/APG/j_security_check]
[HTTP request 1/1]
[Response in frame: 25]
File Data: 37 bytes
HTML Form URL Encoded: application/x-www-form-urlencoded
Form item: "j_username" = "adminx"
Key: j_username
Value: adminx
Form item: "j_password" = "changeme"
Key: j_password
Value: changeme
No. Time Source Destination Protocol Length Info
25 9.427447 172.24.36.70 172.24.5.21 HTTP 96 HTTP/1.1 200 OK (application/json)
Frame 25: 96 bytes on wire (768 bits), 96 bytes captured (768 bits) on interface 0
Ethernet II, Src: Cisco_97:8b:8f (b0:fa:eb:97:8b:8f), Dst: Flextron_c0:3a:51 (00:21:cc:c0:3a:51)
Internet Protocol Version 4, Src: 172.24.36.70, Dst: 172.24.5.21
Transmission Control Protocol, Src Port: 58080, Dst Port: 50328, Seq: 150, Ack: 615, Len: 42
[2 Reassembled TCP Segments (191 bytes): #24(149), #25(42)]
Hypertext Transfer Protocol
HTTP/1.1 200 OK\r\n
Server: Apache-Coyote/1.1\r\n
Content-Type: application/json;charset=UTF-8\r\n
Content-Length: 42\r\n
[Content length: 42]
Date: Fri, 13 Apr 2018 15:42:54 GMT\r\n
\r\n
[HTTP response 1/1]
[Time since request: 0.004033000 seconds]
[Request in frame: 22]
File Data: 42 bytes
JavaScript Object Notation: application/json
Object
Member Key: error
String value: Invalid Login and/or Password
Key: error
No. Time Source Destination Protocol Length Info
36 13.476014 172.24.5.21 172.24.36.70 HTTP 801 POST /APG/j_security_check HTTP/1.1
Frame 36: 801 bytes on wire (6408 bits), 801 bytes captured (6408 bits) on interface 0
Ethernet II, Src: Flextron_c0:3a:51 (00:21:cc:c0:3a:51), Dst: Cisco_97:8b:8f (b0:fa:eb:97:8b:8f)
Internet Protocol Version 4, Src: 172.24.5.21, Dst: 172.24.36.70
Transmission Control Protocol, Src Port: 50335, Dst Port: 58080, Seq: 1, Ack: 1, Len: 747
Hypertext Transfer Protocol
POST /APG/j_security_check HTTP/1.1\r\n
host: localhost:8080\r\n
connection: keep-alive\r\n
accept: */*\r\n
origin: http://localhost:8080\r\n
x-requested-with: XMLHttpRequest\r\n
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36\r\n
content-type: application/x-www-form-urlencoded; charset=UTF-8\r\n
referer: http://localhost:8080/APG/\r\n
accept-encoding: gzip, deflate, br\r\n
accept-language: cs,en;q=0.9,sk;q=0.8,en-US;q=0.7\r\n
cookie: JSESSIONID=ACFA48819DAC2EB3E7DE6F8C53CCE99C; JSESSIONID=2130E398133F87100F7428645AC1B981; oam.Flash.RENDERMAP.TOKEN=1cn10f4jnc\r\n
Cookie pair: JSESSIONID=ACFA48819DAC2EB3E7DE6F8C53CCE99C
Cookie pair: JSESSIONID=2130E398133F87100F7428645AC1B981
Cookie pair: oam.Flash.RENDERMAP.TOKEN=1cn10f4jnc
X-Forwarded-For: 0:0:0:0:0:0:0:1\r\n
X-Forwarded-Proto: http\r\n
X-Forwarded-Host: localhost\r\n
X-Forwarded-Port: 8080\r\n
Content-Length: 0\r\n
[Content length: 0]
\r\n
[Full request URI: http://localhost:8080/APG/j_security_check]
[HTTP request 1/1]
[Response in frame: 39]
No. Time Source Destination Protocol Length Info
39 13.478819 172.24.36.70 172.24.5.21 HTTP 96 HTTP/1.1 200 OK (application/json)
Frame 39: 96 bytes on wire (768 bits), 96 bytes captured (768 bits) on interface 0
Ethernet II, Src: Cisco_97:8b:8f (b0:fa:eb:97:8b:8f), Dst: Flextron_c0:3a:51 (00:21:cc:c0:3a:51)
Internet Protocol Version 4, Src: 172.24.36.70, Dst: 172.24.5.21
Transmission Control Protocol, Src Port: 58080, Dst Port: 50335, Seq: 150, Ack: 748, Len: 42
[2 Reassembled TCP Segments (191 bytes): #38(149), #39(42)]
Hypertext Transfer Protocol
HTTP/1.1 200 OK\r\n
Server: Apache-Coyote/1.1\r\n
Content-Type: application/json;charset=UTF-8\r\n
Content-Length: 42\r\n
[Content length: 42]
Date: Fri, 13 Apr 2018 15:42:58 GMT\r\n
\r\n
[HTTP response 1/1]
[Time since request: 0.002805000 seconds]
[Request in frame: 36]
File Data: 42 bytes
JavaScript Object Notation: application/json
Object
Member Key: error
String value: Invalid Login and/or Password
Key: error
As seen in log, POST via charon proxy missing completely form data.
I have checked (using Web Sniffer chrome extension) that the form data goes out from browser in both cases.
There is charon trace log:
2018-04-13 17:44:07.698 INFO 7460 --- [nio-8080-exec-2] c.g.m.c.c.trace.LoggingTraceInterceptor :
Trace ID: 89a425df-3f84-4023-adc5-e1e0db9adae3
Incoming HTTP request received:
- method: POST
- uri: /APG/j_security_check
- headers: {host=[localhost:8080], connection=[keep-alive], content-length=[37], accept=[*/*], origin=[http://localhost:8080], x-requested-with=[XMLHttpRequest], user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36], content-type=[application/x-www-form-urlencoded; charset=UTF-8], referer=[http://localhost:8080/APG/], accept-encoding=[gzip, deflate, br], accept-language=[cs,en;q=0.9,sk;q=0.8,en-US;q=0.7], cookie=[JSESSIONID=ACFA48819DAC2EB3E7DE6F8C53CCE99C; JSESSIONID=2130E398133F87100F7428645AC1B981; oam.Flash.RENDERMAP.TOKEN=1cn10f4jnc]}
2018-04-13 17:44:07.708 INFO 7460 --- [nio-8080-exec-2] c.g.m.c.c.trace.LoggingTraceInterceptor :
Trace ID: 89a425df-3f84-4023-adc5-e1e0db9adae3
Forwarding HTTP request started:
- mapping name: W4N mapping
- method: POST
- uri: http://172.24.36.70:58080/APG/j_security_check
- body:
- headers: {host=[localhost:8080], connection=[keep-alive], content-length=[37], accept=[*/*], origin=[http://localhost:8080], x-requested-with=[XMLHttpRequest], user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36], content-type=[application/x-www-form-urlencoded; charset=UTF-8], referer=[http://localhost:8080/APG/], accept-encoding=[gzip, deflate, br], accept-language=[cs,en;q=0.9,sk;q=0.8,en-US;q=0.7], cookie=[JSESSIONID=ACFA48819DAC2EB3E7DE6F8C53CCE99C; JSESSIONID=2130E398133F87100F7428645AC1B981; oam.Flash.RENDERMAP.TOKEN=1cn10f4jnc], X-Forwarded-For=[0:0:0:0:0:0:0:1], X-Forwarded-Proto=[http], X-Forwarded-Host=[localhost], X-Forwarded-Port=[8080]}
2018-04-13 17:44:07.791 INFO 7460 --- [nio-8080-exec-2] c.g.m.charon.core.http.RequestForwarder : Forwarding: POST /APG/j_security_check -> http://172.24.36.70:58080/APG/j_security_check 200
2018-04-13 17:44:07.792 INFO 7460 --- [nio-8080-exec-2] c.g.m.c.c.trace.LoggingTraceInterceptor :
Trace ID: 89a425df-3f84-4023-adc5-e1e0db9adae3
Forward HTTP response received:
- status: 200
- body: {"error":"Invalid Login and\/or Password"}
- headers: {Server=[Apache-Coyote/1.1], Content-Type=[application/json;charset=UTF-8], Content-Length=[42], Date=[Fri, 13 Apr 2018 15:42:58 GMT]}
What I am doing wrong?