Visit the Below Website to access unlimited exam questions for all IT vendors and Get Oracle Certifications for FREE
http://www.free-online-exams.com
http://www.free-online-exams.com
Problem: HTTP 400 Bad Request
The WebPage Cannot be found HTTP 400
error_log : mod_security: Access denied with code 405. Pattern match "!(GET|HEAD|POST)" at REQUEST_METHOD. [uri ""] [unique_id TgiU3YKCZIcAAAEVCkI]
Symptoms:
After upgrading from 12.0.6 to 12.1.3
Problem may come from the SecFilterSelective setting
You want to access to erptest-temp which has a '-' - the '-' may be not be allowed
Security.conf file has the following configuration:
SecFilterSelective REQUEST_URI "!^/OA_HTML/oowa/aw92/" chain
SecFilterSelective ARGS_NAMES "!^([-_|#!=A-Za-z0-9/ :,.$()]){0,255}([-_|#!=A-Za-z0-9/ :,.$()]){0,255}$"
SecFilterCheckUnicodeEncoding Off
SecFilterSelective ARGS_NAMES "!^([-_|#!=A-Za-z0-9/ :,.$()]){0,255}([-_|#!=A-Za-z0-9/ :,.$()]){0,255}$"
SecFilterCheckUnicodeEncoding Off
After making a comparison between security.conf for the upgraded instance 12.1.3 and with the old instance 12.0.6, the below line differes :
12.1.3
SecFilterSelective ARGS_NAMES "!^([-_|#!=A-Za-z0-9/ :,.$()]){0,255}([-_|#!=A-Za-z0-9/ :,.$()]){0,255}$"
12.0.6
SecFilterSelective ARGS_NAMES "!^([-_@|#!=A-Za-z0-9/ \:\.\$]){0,255}$"
Log files:
Filename =error_log
See the following error:
[Mon Jun 27 12:12:12 2011] [error] [client 10.1.25.56] mod_security: Access denied with code 400. Error normalizing REQUEST_URI: Invalid URL encoding detected: invalid characters used [hostname "erptest-temp.auh.police"] [uri "/OA_HTML/jsp/fnd/fnderror.jsp?text=DE%20J*E%20*-HJD%20'DF8'E%20('DC'ED%20%DI%207H1%20'D5J'F).%201,'!%20'D'*5'D%20(E3&HD%20'DF8'E%20'D.'5%20(C"] [unique_id Tgg7XIKCZIcAAAETCDU]
[Mon Jun 27 12:25:02 2011] [error] [client 10.1.25.56] mod_security: Access denied with code 400. Error normalizing REQUEST_URI: Invalid URL encoding detected: invalid characters used [hostname "erptest-temp.auh.police"] [uri "/OA_HTML/jsp/fnd/fnderror.jsp?text=DE%20J*E%20*-HJD%20'DF8'E%20('DC'ED%20%DI%207H1%20'D5J'F).%201,'!%20'D'*5'D%20(E3&HD%20'DF8'E%20'D.'5%20(C"] [unique_id Tgg@XoKCZIcAAAEXCm4]
[Mon Jun 27 12:36:20 2011] [error] [client 10.1.25.56] mod_security: Access denied with code 400. Error normalizing REQUEST_URI: Invalid URL encoding detected: invalid characters used [hostname "erptest-temp.auh.police"] [uri "/OA_HTML/jsp/fnd/fnderror.jsp?text=DE%20J*E%20*-HJD%20'DF8'E%20('DC'ED%20%DI%207H1%20'D5J'F).%201,'!%20'D'*5'D%20(E3&HD%20'DF8'E%20'D.'5%20(C"] [unique_id TghBBIKCZIcAAAEXCnU]
[Mon Jun 27 12:36:30 2011] [error] [client 10.1.25.56] mod_security: Access denied with code 400. Error normalizing REQUEST_URI: Invalid URL encoding detected: invalid characters used [hostname "erptest-temp.auh.police"] [uri "/OA_HTML/jsp/fnd/fnderror.jsp?text=DE%20J*E%20*-HJD%20'DF8'E%20('DC'ED%20%DI%207H1%20'D5J'F).%201,'!%20'D'*5'D%20(E3&HD%20'DF8'E%20'D.'5%20(C"] [unique_id TghBDoKCZIcAAAETCEM]
[Mon Jun 27 14:29:35 2011] [error] [client 130.130.100.87] mod_security: Access denied with code 405. Pattern match "!(GET|HEAD|POST)" at REQUEST_METHOD. [uri ""] [unique_id Tghbj4KCZIcAAAEWCkY]
[Mon Jun 27 18:34:05 2011] [error] [client 130.130.100.64] mod_security: Access denied with code 405. Pattern match "!(GET|HEAD|POST)" at REQUEST_METHOD. [uri ""] [unique_id TgiU3YKCZIcAAAEVCkI]
Solution:
1.
Clearing middle tier cache:
(R) Functional Administrator responsibility
(N) Core Services > Caching Framework > Global Configuration > Clear cache
(N) Core Services > Caching Framework > Global Configuration > Clear cache
Or manually delete all _pages caches and then regenerate all jsp as
rm -Rf $OA_HTML/_pages/*
rm -Rf $COMMON_TOP/_pages/*
rm -Rf $IAS_ORACLE_HOME/Apache/modplsql/cache/*
rm -Rf $COMMON_TOP/_pages/*
rm -Rf $IAS_ORACLE_HOME/Apache/modplsql/cache/*
Unix: # $FND_TOP/patch/115/bin/perl ojspCompile.pl --compile --flush -p 2
Windows: C:> <FND_TOP>\patch\115\bin\perl -x ojspCompile.pl --compile --flush
Windows: C:> <FND_TOP>\patch\115\bin\perl -x ojspCompile.pl --compile --flush
FYI : Clearing the _pages in R12 creates a blank login page issue, as in Release 12 the jsp files do not get compiled automatically.
If you made it be accident, use the ojspcompile.pl perl script to perform a manual pre-compilation of the JSP pages. The following command will compile all the JSP pages and build up the JSP cache again.
Unix: # $FND_TOP/patch/115/bin/perl ojspCompile.pl --compile --flush -p 2
Windows: C:> <FND_TOP>\patch\115\bin\perl -x ojspCompile.pl --compile --flush
This utility is also used by the AD utilities to perform this action, for example after patches are applied which replaced 1 or more JSP pages. Since this a manual action which also requires understanding of parameters to be passed to have the right (set of) JSP compiled this option may be error-prone.
If you made it be accident, use the ojspcompile.pl perl script to perform a manual pre-compilation of the JSP pages. The following command will compile all the JSP pages and build up the JSP cache again.
Unix: # $FND_TOP/patch/115/bin/perl ojspCompile.pl --compile --flush -p 2
Windows: C:> <FND_TOP>\patch\115\bin\perl -x ojspCompile.pl --compile --flush
This utility is also used by the AD utilities to perform this action, for example after patches are applied which replaced 1 or more JSP pages. Since this a manual action which also requires understanding of parameters to be passed to have the right (set of) JSP compiled this option may be error-prone.
make a backup of the securitiy.conf file
change
SecFilterCheckUnicodeEncoding Off
to
SecFilterCheckUnicodeEncoding On
bounce the middle tier and try.
change
SecFilterCheckUnicodeEncoding Off
to
SecFilterCheckUnicodeEncoding On
bounce the middle tier and try.
If not works, then try:
2.
Clearing middle tier cache:
make a backup of the securitiy.conf file
change
change
SecFilterSelective ARGS_NAMES "!^([-_|#!=A-Za-z0-9/ :,.$()]){0,255}([-_|#!=A-Za-z0-9/:,.$()]){0,255}$"
to
to
SecFilterSelective ARGS_NAMES "!^([-_@|#!=A-Za-z0-9/ \:\.\$]){0,255}$"
bounce the middle tier and try.
If not works, then try:
3. try the below link:
if it gave you that the system still under maintenance mode, you should disable the maintenance mode using adadmin and try again
References:
No comments:
Post a Comment