For the Stand alone oc4j use the following
java -Doracle.oc4j.trace.finest=com.evermind.server.http -Dhttp.request.debug=true -jar oc4j.jar
09/02/05 12:58:22 FINE: EvermindHttpServletRequest.init GET /j2ee/test.jsp HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, applicat
ion/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, application/xaml+xml, applicati
on/vnd.ms-xpsdocument, application/x-ms-xbap, application/x-ms-application, application/x-silverligh
t, */*
Accept-Language: en-us
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Wi
ndows NT 5.1; SV1) ; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; FDM; .NET CLR 3.0
.04506.648; .NET CLR 3.5.21022)
Host: xxx.xx.oracle.com:8888
Connection: Keep-Alive
Cookie: JSESSIONID=2009-02-05 12:58:22.734 NOTIFICATION J2EE JSP-0008 Unable to dispatch JSP Page : Exception:java.io.
FileNotFoundException: C:\oc4j10134\j2ee\home\default-web-app\j2ee\test.jsp (The system cannot find
the path specified)
09/02/05 12:58:22 FINEST: EvermindHttpServletResponse.commit *********** RESPONSE ************
09/02/05 12:58:22 FINEST: EvermindHttpServletResponse.commit HTTP/1.1 404 Not Found
Date: Thu, 05 Feb 2009 07:28:22 GMT
Server: Oracle Containers for J2EE
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
09/02/05 12:58:22 FINEST: EvermindHttpServletResponse.commit *********** RESPONSE DONE ************
For the OAS add the following in the opmn.xml file
-Doracle.oc4j.trace.finest=com.evermind.server.http -Dajp.debug=true -Dhttp.request.debug=true
How to use mod_security module with HTTP Server to check the request and response headers
You can also use mod_security module to check the requests and responses.
Add the following at the end of the httpd.conf
On linux
LoadModule security_module libexec/mod_security.so
On Windows
LoadModule security_module modules/ApacheModuleSecurity.dll
AddModule mod_security.c
<IfModule mod_security.c>
# Turn the filtering engine On or Off
SecFilterEngine On
# Make sure that URL encoding is valid
SecFilterCheckURLEncoding On
# Unicode encoding check
SecFilterCheckUnicodeEncoding Off
# Only allow bytes from this range
SecFilterForceByteRange 0 255
# Only log suspicious requests
SecAuditEngine On
# The name of the audit log file
SecAuditLog logs/audit_log
# Debug level set to a minimum
SecFilterDebugLog logs/modsec_debug_log
SecFilterDebugLevel 0
</IfModule>
and restart the HTTP Server.
Now check the audit_log file in $ORACLE_HOME/Apache/Apache/log directory.
========================================
UNIQUE_ID: Qw2LjJhFqD0AABvSLj8
Request: 152.69.168.191 - - [25/Aug/2005:14:42:57 +0530] "GET
/test_opencursor/Controller?recordID=2&counter=1 HTTP/1.1" 200 5
Handler: oc4j-handler
----------------------------------------
GET /test_opencursor/Controller?recordID=2&counter=1 HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/x-shockwave-flash, application/vnd.ms-excel,
application/vnd.ms-powerpoint, application/msword, */*
Accept-Encoding: gzip, deflate
Accept-Language: en-us
Connection: keep-alive
Host: localhost
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)
Oracle-ECID: 1124961164:152.69.168.61:7122:0:1,0
HTTP/1.1 200 OK
Set-Cookie:
JSESSIONID=9845a83dce5dad8a271451048cb9a5fc0cb23f83960.e3uMb3eObheLe34SchaNaNu
Na41ynknvrkLOlQzNp65In0; Path=/test_opencursor
Cache-Control: private
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream
========================================
This gives the request and response.
No comments:
Post a Comment