Http Error 400 returned when using WebLogic Web Server

Document ID : KB000053903
Last Modified Date : 14/02/2018
Show Technical Document Details

Description

After logging in with the Login.fcc file that is on a Unix box the WebLogic server returns a HTTP error 400. WebLogic is reporting a malformed request.

There are no errors in the trace logs or webagent logs. In the WebLogic logs you will see entries such as:

Sample log:

  Fri May 8 14:29:59 2009 <10054124180739925> Hdrs from Client:[SM_TRANSACTIONID]=[0a14060c-2746-4a047a27-002a-d71c03ad] 
  Fri May 8 14:29:59 2009 <10054124180739925> Hdrs from Client:[SM_SDOMAIN]=[.fms.sample.com] 
  Fri May 8 14:29:59 2009 <10054124180739925> Hdrs from Client:[SM_AUTHTYPE]=[Not Protected] 
  Fri May 8 14:29:59 2009 <10054124180739925> Hdrs from Client:[SM_USER]=[QCRBTSUP 
  ] 
  Fri May 8 14:29:59 2009 <10054124180739925> Hdrs from Client:[SM_USERDN]=[cn=QCRB, ou=staff, 
  ou=Financial Service, ou=Fiscal Service, ou=Sample, o=com] 

you will notice that the final bracket for SMUSER header variable is on the next line. This is what WebLogic is interpreting as an end of line and causing the error 400.

Solution

The problem is that the login.fcc was opened on a windows machine edited and saved then sent back to a UNIX web server. This caused invalid characters to be saved in the login.fcc file and cause these issues.

This can be fixed by editing the login.fcc file and removing the invalid Control M and \r characters or running the command Dos2Unix on the login.fcc file.

Make backup of the Siteminder webagent files/folders and then perform the followings.

  1. run dos2unix against those files in order to remove the M or \r from the files.

  2. if customer use asp or jsp to post to login.fcc, then those should be checked as well. Please test with the login.fcc after running dos2unix.

The login.fcc file will look something like this after it has been edited on a windows system.

======================================================= <!-- SiteMinder 
Encoding=EUC-KR; --> M$ @username=%USER% M$ @smretries=0 M$ M$ <!-- M$ SSO 
M-7M-NM-1M-WM-@M-NM-@M-; M-@M-'M-GM-X ID/PW M-@M-TM-7M-BM-9M- M-4M-B 
M-FM-dM-@M-LM-AM-v M$ M$ author yb2u M$ version 1.1, 2002-11-11 M$ 
@updated by jelee, 2004-01-30 M$ --> M$ <!DOCTYPE HTML PUBLIC "-//W3C//DTD 
HTML 4.01 Transitional//EN"> M$ <html> M$ <head> M$ <title>LG Enterprise 
Portal - LG Electronics</title> M$ <meta http-equiv="Content-Type" 
content="text/html; charset=euc-kr"> M$ <link href="css/style.css" 
rel="stylesheet" type="text/css"> M$ <link href="css/green.css" 
rel="stylesheet" type="text/css"> M$ <script 
language="javascript"> M$ <!-- M$ var url = window.location+""; M$ var 
target = "$$target$$"; M$ M$ function resetCredFields() { M$ 
document.Login.PASSWORD.value = ""; M$ } M$ M$ function submitForm() 
{ M$ document.Login.submit(); M$ } M$ M$ function radioValue(radio) 
{ M$ var checkValue; M$ Ifor (i=0;i<radio.length;i++) { M$ I Iif 
(radio[i].checked) { M$ I I checkValue = radio[i].value; M$ I I 
break; M$ I I } M$ I } M$ I return checkValue; M$ } M$ M$ function 
popupSelfReg() { M$ //var openSelfReg = 
popupCenter('','',400,538,0,0,0,0,0,0); M$ //openSelfReg.location = 
"/selfreg/SsoBtoEselfReg.jsp?lang=" + radioValue(document.Login.lang); M$ 
//openSelfReg.focus(); M$ // 11/19 IAM M-@M-LM-AM-$M->M-pD 
M-?M-dM-CM-;/M-@M-eM-@M-1M-HM-/C M-<M-vM-AM-$ M$ cw=screen.availWidth; 
//M-HM--M-8M-i M-3M-JM-:M-q M$ ch=screen.availHeight; //M-HM--M-8M-i 
M-3M-tM-@M-L M$ M$ sw=500;//M-6M-gM-?M-o M-CM-"M-@M-G 
M-3M-JM-:M-q M$ sh=350;//M-6M-gM-?M-o M-CM-"M-@M-G M-3M-tM-@M-L M$ 
M$ ml=(cw-sw)/2;//M-0M-!M-?M-nM-5M-% M-6M-gM-?M-lM-1M-bM-@M-'M-GM-Q 
M-CM-"M-@M-G xM-@M-'M-DM-! M$ mt=(ch-sh)/2;//M-0M-!M-?M-nM-5M-% 
M-6M-gM-?M-lM-1M-bM-@M-'M-GM-Q M-CM-"M-@M-G yM-@M-'M-DM-! M$ M$ M$ 
window.open("http://lgeiam.lge.com:5500/idm/user/login2.jsp?ft=Register&lang=" 
+ radioValue(document.Login.lang),"regPop","width=" + sw + ",height=" + sh + 
",scrollbars=no,resizable=yes,left=" + ml + ",top=" + mt,0); M$ } M$ M$ 
function popupChPwd() { M$ var openChPwd = 
popupCenter('','',400,500,0,0,0,0,0,0); M$ openChPwd.location = 
"/chpwd/change_pwd.jsp?lang=" + radioValue(document.Login.lang); M$ 
openChPwd.focus(); M$ } M$ M$ function popupLostPwd() { M$ var 
openLostPwd = popupCenter('','',400,280,0,0,0,0,0,0); M$ 
openLostPwd.location = "/lostpwd/lost_pwd.jsp?lang=" + 
radioValue(document.Login.lang); M$ openLostPwd.focus(); M$ 
} M$ M$ M$ function popupHelp() { M$ var openHelp = 
window.open('','','resizable=yes,scrollbars=yes,status=0'); M$ M$ if 
(document.Login.lang[1].checked) { M$ openHelp.location = 
"/help/sso_help.ppt"; M$ } else { M$ openHelp.location = 
"/help/help.html" M$ } M$ M$ openHelp.focus(); M$ } M$ M$ M$ 
function popupAlertPwd() { M$ var openAlertPwd = 
window.open('','','resizable=no,scrollbars=no,status=0,width=483,height=589'); 
M$ M$ openAlertPwd.location = "/chpwd/alert_pwd.jsp?lang=" + 
radioValue(document.Login.lang); M$ openAlertPwd.focus(); M$ } M$ M$ 
function popupCenter(url, name, width, height, menubar, toolbar, location, 
resize, scroll,status) { M$ var str = "height=" + height + 
",innerHeight=" + height; M$ str += ",width=" + width + ",innerWidth=" + 
width; M$ if (window.screen) { M$ var ah = screen.availHeight - 
30; M$ var aw = screen.availWidth - 10; M$ var xc = (aw - 
width) / 2; M$ var yc = (ah - height) / 2; M$ str += ",left=" 
+ xc + ",screenX=" + xc; M$ str += ",top=" + yc + ",screenY=" + 
yc; M$ } M$ str+= 
",menubar="+menubar+",toolbar="+toolbar+",location="+location+",resizable="+re 
size+",scrollbars="+scroll+",status="+status; M$ return window.open(url, 
name, str); M$ } M$ M$ function popupEthics() { M$ var openEthics = 
window.open('','ethics',''); M$ M$ if (document.Login.lang[1].checked) 
{ M$ openEthics.location = 
"http://www.lge.com/about/corporate/corporateculture_management.jsp"; M$ 
} else { M$ openEthics.location = "http://ethics.lg.co.kr" M$ 
} M$ M$ openEthics.focus(); M$ } M$ M$ function loginSso() { M$ 
//var targetResponseUrl = "$$target$$"; M$ //var targetResponseUrl = 
"/redirect.jsp?target=$$target$$"; M$ var targetTempUrl = ""; M$ 
var targetRealUrl = ""; M$ var targetUrlFlag = "lang=kr"; M$ M$ 
/*//2006/06/30 M-?M-5M-9M-.M-HM-- M$ var noIdMsg = "'USER 
ID'M-8M-& M-@M-TM-7M-BM-GM-XM-AM-VM-<M-<M-?M-d."; M$ var noPasswordMsg 
= "'PASSWORD'M-8M-& M-@M-TM-7M-BM-GM-XM-AM-VM-<M-<M-?M-d."; M$ 
*/ M$ M$ var noIdMsg = "Please, input 'USER ID'"; M$ var 
noPasswordMsg = "Please, input 'PASSWORD'"; M$ M$ if 
(document.Login.lang[1].checked) { M$ targetUrlFlag = "lang=en"; M$ 
noIdMsg = "Please, input 'USER ID'"; M$ noPasswordMsg = 
"Please, input 'PASSWORD'"; M$ } M$ M$ intLangIndex = 
target.indexOf("lang="); M$ M$ if (intLangIndex == -1) { M$ 
targetTempUrl = target; M$ } else { M$ targetTempUrl = 
target.substring(0, intLangIndex - 1); M$ } M$ M$ intQuestionIndex = 
targetTempUrl.indexOf("?"); M$ intOrassoIndex = 
targetTempUrl.indexOf("orasso.wwsso_app_admin.ls_login"); M$ M$ 
if(intOrassoIndex >= 0){ M$ targetRealUrl = targetTempUrl; M$ }else 
if (intQuestionIndex == -1) { M$ targetRealUrl = targetTempUrl + "?" + 
targetUrlFlag; M$ } else if(intQuestionIndex > 0){ M$ targetRealUrl 
= targetTempUrl + "&" + targetUrlFlag; M$ } M$ M$ 
document.forms["Login"].elements["target"].value = "/redirect.jsp?target=" + 
escape(targetRealUrl); M$ // 
document.forms["Login"].elements["target"].value = targetRealUrl; M$ M$ 
if (document.forms["Login"].elements["USER"].value == "") { M$ 
alert(noIdMsg); M$ 
document.forms["Login"].elements["USER"].focus(); M$ } else if 
(document.forms["Login"].elements["PASSWORD"].value == "") { M$ 
alert(noPasswordMsg); M$ 
document.forms["Login"].elements["PASSWORD"].focus(); M$ } else if 
(document.forms["Login"].elements["PASSWORD"].value == 
document.forms["Login"].elements["USER"].value) { M$ 
popupAlertPwd(); M$ } else { M$ // saveid(document.Login); M$ 
document.Login.submit(); M$ } M$ } M$ M$ function keyPress(obj, e) 
{ M$ if (e.keyCode) keycode=e.keyCode; M$ else 
keycode=e.which; M$ M$ if (keycode == 13) { M$ if (obj.name == 
"USER"){ M$ document.forms["Login"].PASSWORD.focus(); M$ 
}else{ M$ loginSso(); M$ } M$ } M$ } M$ M$ function 
MM_swapImgRestore() { //v3.0 M$ var i,x,a=document.MM_sr; 
for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; M$ } M$ M$ 
function MM_preloadImages() { //v3.0 M$ var d=document; if(d.images){ 
if(!d.MM_p) d.MM_p=new Array(); M$ var 
i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) M$ 
if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; 
d.MM_p[j++].src=a[i];}} M$ } M$ M$ function MM_findObj(n, d) { 
//v4.0 M$ var p,i,x; if(!d) d=document; 
if((p=n.indexOf("?"))>0&&parent.frames.length) { M$ 
d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);} M$ 
if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) 
x=d.forms[i][n]; M$ for(i=0;!x&&d.layers&&i<d.layers.length;i++) 
x=MM_findObj(n,d.layers[i].document); M$ if(!x && 
document.getElementById) x=document.getElementById(n); return x; M$ 
} M$ M$ function MM_swapImage() { //v3.0 M$ var 
i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; 
for(i=0;i<(a.length-2);i+=3) M$ if 
((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; 
x.src=a[i+2];} M$ } M$ Ifunction setCookie (name, value, expires) { M$ I 
document.cookie = name + "=" + escape (value) + M$ I "; path=/; expires=" 
+ expires.toGMTString(); M$ I} M$ M$ Ifunction getCookie(Name) { M$ I 
var search = Name + "=" M$ I if (document.cookie.length > 0) { // 
M-DM-mM-EM-0M-0M-! M-<M-3M-AM-$M-5M-GM->M-n M-@M-VM-4M-YM-8M-i M$ I 
offset = document.cookie.indexOf(search) M$ I if (offset != -1) { // 
M-DM-mM-EM-0M-0M-! M-AM-8M-@M-gM-GM-OM-8M-i M$ I offset += 
search.length M$ I // set index of beginning of value M$ I end = 
document.cookie.indexOf(";", offset) M$ I // M-DM-mM-EM-0 M-0M-*M-@M-G 
M-8M-6M-AM-vM-8M-7 M-@M-'M-DM-! M-@M-NM-5M-&M-=M-: M-9M-xM-HM-# 
M-<M-3M-AM-$ M$ I if (end == -1) M$ I end = 
document.cookie.length M$ I return 
unescape(document.cookie.substring(offset, end)) M$ I } M$ I } M$ I 
return ""; M$ I} M$ M$ Ifunction saveid(form) { M$ I var expdate = new 
Date(); M$ I // M-1M-bM-:M-;M-@M-{M-@M-8M-7M-N 30M-@M-OM-5M-?M->M-H 
M-1M-bM->M-oM-GM-OM-0M-T M-GM-T. M-@M-OM-<M-vM-8M-& 
M-AM-6M-@M-}M-GM-OM-7M-AM-8M-i * 30M-?M-!M-<M-- M-<M-}M-@M-ZM-8M-& 
M-AM-6M-@M-}M-GM-OM-8M-i M-5M-J M$ I if (form.checksaveid.checked) M$ I 
expdate.setTime(expdate.getTime() + 1000 * 3600 * 24 * 30); // 30M-@M-O M$ I 
else M$ I expdate.setTime(expdate.getTime() - 1); // M-DM-mM-EM-0 
M-;M-hM-AM-&M-AM-6M-0M-G M$ I setCookie("saveid", form.USER.value, 
expdate); M$ I} M$ M$ Ifunction getid(form) { M$ I 
form.checksaveid.checked = ((form.USER.value = getCookie("saveid")) != 
""); M$ I} M$ //--> M$ </script> M$ </head> M$ <body leftmargin="0" 
topmargin="0"> M$ <table width="100%" height="520" border="0" cellpadding="0" 
cellspacing="0"> M$ <tr> M$ <td height="2" colspan="3" 
class="top_bg_line"></td> M$ </tr> M$ <tr> M$ <td height="10" 
colspan="3" class="popup_bg_top"></td> M$ </tr> M$ <tr> M$ <td 
colspan="3" align="center" valign="top"> M$ <table width="660" 
border="0" cellspacing="0" cellpadding="0"> M$ <tr> M$ <td 
height="45"></td> M$ </tr> M$ <tr> M$ <td 
height="30" colspan="4"><img src="images/lge_logo.gif" width="160" 
height="38"></td> M$ </tr> M$ <tr> M$ <td 
width="357" height="322" rowspan="2" align="right"><img 
src="images/new_login.jpg" width="356" height="322"></td> M$ <td 
width="15" rowspan="2" class="bg_login_f7f7ef">&nbsp;</td> M$ <td 
height="160" align="center" bgcolor="F7F7EF"> M$ <table 
width="260" border="0" cellspacing="0" cellpadding="0"> M$ <form 
NAME="Login" METHOD="POST"> M$ <input type=hidden name=SMENC 
value="EUC-KR"> M$ <input type=hidden name=target> M$ 
<input type=hidden name=smauthreason value="$$smauthreason$$"> M$ M$ 
<tr> M$ <td align="right" 
class="login_title">&nbsp;</td> M$ <td height="10" 
colspan="2" class="font_login"><input type="radio" name="lang" value="kr" 
checked> M$ Korean M$ <input type="radio" 
name="lang" value="en"> M$ English</td> M$ 
</tr> M$ <tr> M$ <td width="67" align="right" 
class="login_title">USER ID</td> M$ <td width="118" 
align="center"> <input name="USER" type="text" class="input_textfield" 
style="width:106px;height:18px" onkeydown="keyPress(this, event)"></td> M$ 
<td width="75">&nbsp;</td> M$ </tr> M$ 
<tr> M$ <td align="right" 
class="login_title">PASSWORD</td> M$ <td align="center"> 
<input name="PASSWORD" type="password" class="input_textfield" 
style="width:106px;height:18px" onkeydown="keyPress(this, event)"></td> M$ 
<td align="right"><a href="javascript:loginSso();"><img 
src="images/login_btn_g.gif" border="0"></a></td> M$ </tr> M$ 
<!--<tr> M$ <td height="20" >&nbsp;</td> M$ 
<td height="10" colspan="2" class="font_login"><input 
type="checkbox" name="checksaveid" checked> M$ Remember my 
ID on this computer.</td> M$ </tr>--> M$ <tr> M$ 
<td height="1" colspan="3" class="dotline"><img 
src="images/blank.gif" width="1" height="1"></td> M$ </tr> M$ 
<tr> M$ <td colspan="3"> M$ 
<table width="100%" border="0" cellspacing="0" cellpadding="0"> M$ 
<tr> M$ <td height="5" colspan="3"></td> M$ 
</tr> M$ <script language=javascript> M$ if( 
(location.hostname+"").indexOf("dmz")>=0 ){ M$ document.write( M$ 
" <tr>" + M$ " <td align=center><img 
src=images/bullet_red.gif></td>" + M$ " <td 
class=font_login><a href='JavaScript:popupLostPwd()' 
onfocus='blur()'>&nbsp;Forgot ID/Password</a>?</td>" + M$ " 
<td rowspan='2' width='130'><a href='javascript:popupEthics()' 
onfocus='blur()'><img src=/images/banner_cyber2.gif width=130 height=35 
border=0></a></td>" + M$ " </tr>" + M$ " 
<tr>" + M$ " <td align=center><img 
src=images/bullet_red.gif></td>" + M$ " <td 
class=font_login><a href='javascript:popupHelp()' 
onfocus='blur()'>&nbsp;Help</a></td>" + M$ " 
</tr>"); M$ }else { M$ document.write( M$ " <tr>" + M$ 
" <td align=center><img src=images/bullet_red.gif></td>" 
+ M$ " <td class=font_login><a 
href='JavaScript:popupSelfReg()' onfocus='blur()'>&nbsp;Register</a></td>" 
+ M$ " <td rowspan='4' width='130'><a 
href='javascript:popupEthics()' onfocus='blur()'><img 
src=/images/banner_cyber2.gif width=130 height=35 border=0></a></td>" + M$ 
" </tr>" + M$ " <tr>" + M$ " 
<td align=center><img src=images/bullet_red.gif></td>" + M$ " 
<td class=font_login><a href='JavaScript:popupLostPwd()' 
onfocus='blur()'>&nbsp;Forgot ID/Password</a>?</td>" + M$ " 
</tr>" + M$ " <tr>" + M$ " <td 
align=center><img src=images/bullet_red.gif></td>" + M$ " 
<td class=font_login><a href='JavaScript:popupChPwd()' 
onfocus='blur()'>&nbsp;Change Password</a></td>" + M$ " 
</tr>" + M$ " <tr>" + M$ " <td 
align=center><img src=images/bullet_red.gif></td>" + M$ " 
<td class=font_login><a href='javascript:popupHelp()' 
onfocus='blur()'>&nbsp;Help</a></td>" + M$ " 
</tr>"); M$ } M$ </script> M$ </table> M$ 
</td> M$ </tr> M$ </form> M$ 
</table> M$ </td> M$ <td width="15" rowspan="2" 
bgcolor="F7F7EF">&nbsp;</td> M$ </tr> M$ <tr> M$ 
<td height="162" valign="top" bgcolor="F7F7EF"> M$ <table 
width="100%" border="0" cellspacing="0" cellpadding="0"> M$ 
<tr> M$ <td height="2" class="popup_bg_top"></td> M$ 
</tr> M$ <tr> M$ <td height="15"></td> M$ 
</tr> M$ <tr> M$ <td> M$ I I I I 
<table width="100%" border="0" cellspacing="1" 
cellpadding="1"> M$ I I I I <tr> M$ I I I I <!--td 
class="bullet_red_small">&nbsp;</td--> M$ I I I I <td 
class="font_login_notice" height=140> M$ <script 
src="/notice/notice_scroll.jsp" language="JavaScript"></script> M$ I I I I 
</td> M$ </tr> M$ 
</table> M$ </td> M$ </tr> M$ 
<tr> M$ <td height="5"></td> M$ </tr> M$ 
</table> M$ </td> M$ </tr> M$ </table> M$ 
</td> M$ </tr> M$ <tr> M$ <td height="1" colspan="6" 
class="table_line_simple"></td> M$ </tr> M$ <tr> M$ <td height="47" 
colspan="6" align="center" class="bg_gray_F7F7F7"> M$ <table 
width="660" border="0" cellspacing="0" cellpadding="0"> M$ <tr> M$ 
<td width="120" height="25" align="center" ><img 
src="images/footer_lge_logo.gif" width="88" height="19"></td> M$ 
<td ><font class="footer">Copyright 2005 LG Electronics</font></td> M$ 
</tr> M$ </table> M$ </td> M$ </tr> M$ <tr> M$ <td 
height="1" colspan="6" class="table_line_simple" ></td> M$ 
</tr> M$ </table> M$ <script language="javascript"> M$ 
document.forms["Login"].elements["USER"].focus(); M$ if 
(url.indexOf("icsso.lge.com") > 0 || url.indexOf("icdmz.lge.com") > 0 || 
target.indexOf("icsso.lge.com") > 0 || target.indexOf("icdmz.lge.com") > 
0){ M$ document.forms["Login"].lang[1].checked = true ; M$ } M$ // 
getid(document.Login); M$ </script> M$ </body> M$ </html> M$ ================ 
=================================================