tracker issue : CF-3340564

select a category, or use search below
(searches all categories and all time range)
Title:

CGI.ALL_HTTP variable does not exist (IIS, all versions)

| View in Tracker

Status/Resolution/Reason: Closed/Fixed/

Reporter/Name(from Bugbase): Michael Mongeau / Michael Mongeau (Michael Mongeau)

Created: 10/03/2012

Components: Installation/Config, Connector

Versions: 10.0

Failure Type:

Found In Build/Fixed In Build: Final / 284928

Priority/Frequency: Major / Some users will encounter

Locale/System: English / Win 2003 Server

Vote Count: 2

Problem Description:

ColdFusion 10 no longer passes through the variable CGI.ALL_HTTP when running on IIS (both 6.0 and 7.5).  This is critical for our company since we use the CA SiteMinder web access manager.  SiteMinder runs as an ISAPI filter and creates a number of CGI variables that begin with HTTP_SM.  These variables have always be accessible in ColdFusion 9 and earlier in CGI.ALL_HTTP (see examples below).   Without these variables our applications cannot identify the user that was authenticated by SiteMinder. 

I suspect this has to do with the ISAPI Redirector under Tomcat since I see there are other bug submissions involving CGI variables.

Steps to Reproduce:

Create a template that outputs #CGI.ALL_HTTP# 

Actual Result:

Under ColdFusion 10 the variable is empty.

Expected Result:

Under ColdFusion 9 and earlier CGI.ALL_HTTP is populated with a semicolon-delimited list of name/value pairs, and in our case it includes these CGI variables generated by CA SiteMinder:

HTTP_SM_AUTHTYPE = Not Protected 
HTTP_SM_CLIENT_IP = 134.111.51.193 
HTTP_SM_SDOMAIN = .domain.com 
HTTP_SM_SERVERIDENTITYSPEC = 
HTTP_SM_SERVERSESSIONID = UCbcXDhSh+FRXzV/J/0gXyN4oAI= 
HTTP_SM_TIMETOEXPIRE = 36367 
HTTP_SM_TRANSACTIONID = f3c86f86-0fac-506ca774-17d8-01ad1ae8 
HTTP_SM_USER = juser 
HTTP_SM_USERDN = CN=User\, John,OU=Employees,OU=HQ,DC=corp,DC=domain,DC=com 

Any Workarounds:

None found so far

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	3340564

Keywords:
FixTested


External Customer Info:
External Company:  
External Customer Name: MichaelXMongeau
External Customer Email:  
External Test Config: My Hardware and Environment details:

Windows 2003 VM, IIS 6.0, ColdFusion 10 Update 2

Attachments:

Comments:

This is a major issue for us. We cannot upgrade to ColdFusion 10 unless our applications are able to access the CGI variables created by SiteMinder and in the past made available in CGI.ALL_HTTP.
Comment by External U.
17752 | October 03, 2012 03:57:07 PM GMT
Through further testing I have discovered that the Siteminder-generated HTTP header variables are visible when using the GetHttpRequestData function. Example: <cfset httpreq = GetHttpRequestData()> <cfdump var="#httpreq.headers#" label="headers" abort="Yes"> All of the HTTP_SM variables exist in the headers structure, although with the leading HTTP_ removed. They just do not appear to be passed into the CGI scope.
Comment by External U.
17753 | October 09, 2012 02:27:12 PM GMT
Facing the same issue on a windows 2008 R2 (IIS 7.5), Siteminder and ColdFusion 10 environment. Has there been a resolution?
Vote by External U.
17756 | November 26, 2012 10:16:44 AM GMT
We seem to be experiencing this issue as well. Removing and reapplying SiteMinder configuration had no effect. Some header values are passed, others are not. It seems as if there is some kind of limit on the number of size of headers or some kind of filtering going on when using the IIS connector? The headers are not present in GetHttpRequestData() either. They are available from ASP.
Vote by External U.
17757 | February 13, 2013 03:07:16 PM GMT
I believe this is the related Tomcat connector bug- https://issues.apache.org/bugzilla/show_bug.cgi?id=47679 According to that, it was fixed in 1.2.32?? We are still experiencing this issue.
Comment by External U.
17754 | April 29, 2013 04:09:40 PM GMT
This Bug was fixed in ColdFusion 10 Update 11. The only problem is that the delimiter character was set to a space instead of a linefeed as in CF9. That makes it nearly impossible to parse the name:value pairs since many values have spaces in them. I have opened Bug CF-3665338 to try and get that corrected.
Comment by External U.
17755 | November 13, 2013 10:46:25 AM GMT