tracker issue : CF-3520423

select a category, or use search below
(searches all categories and all time range)
Title:

CF902 on Java JDK 7 update 17 - cfhttp tag fails to return status codes when posting data to a web service

| View in Tracker

Status/Resolution/Reason: Closed/Withdrawn/

Reporter/Name(from Bugbase): Dave Irovic / Dave Irovic (Dave Irovic)

Created: 03/14/2013

Components: Net Protocols, HTTP

Versions: 9.0.1

Failure Type: Non Functioning

Found In Build/Fixed In Build: 9.0.1 /

Priority/Frequency: Critical / All users will encounter

Locale/System: English / Win 2008 Server R2 64 bit

Vote Count: 0

Problem Description:
We have a custom PeopleSoft web service that allows us to submit an SSN value, and it would return an SSN 
key to be used within our ColdFusion application for saving the user data.  This worked flawlessly when 
Java 6 update 29 was running ColdFusion.  Once we applied the security patch for Cumulative Hot Fix 1 and 
upgraded the Java to JDK 7 update 17, this tag stopped returning response codes from the cfhttp call.

Steps to Reproduce:
See sample code attached for example of what is failing when using Java 7 update 17.

Any Workarounds:
By switching back to Java 6 update 29, the functionality works as expected again.

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	3520423

Deployment Phase:	Release Candidate

External Customer Info:
External Company:  
External Customer Name: IrovicD
External Customer Email:  
External Test Config: My Hardware and Environment details:

Virtual Machine environment with:

 2 Intel Xeon CPUs (X7550 @ 2Ghz)

 4 GB RAM

 45GB Hard Drive

Windows Server 2008 Enterprise with Service Pack 2 (32 bit)

ColdFusion 9.0.2 (32 bit) with cf902CHF1 installed

using IIS as web server for ColdFusion

Attachments:

  1. March 15, 2013 00:00:00: 1_CallWSAlt.cfm

Comments:

Can you include a more general & unambiguous reproduction case? -- Adam
Comment by External U.
15991 | March 14, 2013 06:54:04 PM GMT
@IrovicD, We are unable to observe the issue on CF901 with cumulative hotfix 4. Can you please apply the CHF4 and see if you are still experiencing the issue.
Comment by External U.
15992 | March 20, 2013 12:48:11 AM GMT
I can confirm this bug. The status data will appear in the cfhttp result block correctly. So the workaround is to turn throwonerror off and examine the cfhttp status code directly
Comment by External U.
15993 | April 03, 2013 09:04:20 AM GMT
Sorry for the late response, didn't realize the system wasn't notifying me anyone responded to this bugid. Adam, considering the web service CF is trying to access is not publicly accessible I'm not sure how to generate an example, but I will ask the developers to make something simple available you can test with. Piyush, We are running CF902 with CHF1, I didn't think I can apply that patch to 902 since it should already contain those fixes, correct? JamesC01, we were trying to avoid having to change the code to fix this if the only thing that changes is upgrading Java to a supported version. It seems this update broke CF902 since it is not automatically reading the status code values anymore. Is that what you are saying? Thanks for your responses.
Comment by External U.
15994 | July 18, 2013 01:28:25 PM GMT
Are you getting any errors or just missing response code? What happens when you dump CFHTTP? Possibly not related, but I recently reported an CF9.0.1 issue connecting with SSL SANS certificate: https://bugbase.adobe.com/index.cfm?event=bug&id=CF-3566218
Comment by External U.
15995 | July 18, 2013 04:10:49 PM GMT
Jamo, Below is the results of the dump of the httpResponse when calling the cfhttp tag: struct Charset [empty string] ErrorDetail I/O Exception: peer not authenticated Filecontent Connection Failure Header [empty string] Mimetype Unable to determine MIME type of file. Responseheader struct [empty] Statuscode Connection Failure. Status code unavailable. Text YES I am checking with the web service provider for details into the certificate on whether is has SANS entries contained in it.
Comment by External U.
15996 | October 02, 2013 04:10:35 PM GMT
The web service certificates are not using SSL Subject Alternative Names, and the certificate matches the site we are connecting to.
Comment by External U.
15997 | October 03, 2013 01:34:56 PM GMT
I have since installed Java JDK 7 update 40 and the problem continues to persist in the updated Java environment.
Comment by External U.
15998 | October 16, 2013 03:38:35 PM GMT
This requires certificate to be imported to jdk. So try to import the certificate to jdk keystore and make corresponding system property change in jvm.config file. System property to be updated: -Djavax.net.ssl.trustStore=C:\\Java\\jdk1.6.0_21\\jre\\lib\\security\\cacerts -Djavax.net.ssl.trustStorePassword=<<keystore password>> In the above entry, JDK path has to be updated according to your setup. After this change, restart the server. Even after this action, if you are able to repro the case, please let us know. Thanks.
Comment by Akhila K.
15999 | January 06, 2014 07:05:55 AM GMT
The certificate was entered into the cacerts file that ColdFusion was using, and adding these system properties didn't have any affect. After some additional investigation, it was determined that the remote server we were talking to was using Java 1.5 and it was not returning the status code value in the proper format. Once CF upgraded to Java 7, it was no longer compatible to that web service. The owner of the remote server finally upgraded their platform to Java 7 in February and the status codes are returning properly now. The problem has been resolved.
Comment by External U.
16000 | March 14, 2014 11:22:00 AM GMT