Visit the Below Website to access unlimited exam questions for all IT vendors and Get Oracle Certifications for FREE
http://www.free-online-exams.com
http://www.free-online-exams.com
Problem: HTTP 400 Bad
Request
The WebPage Cannot be found HTTP
400
error_log : mod_security: Access denied with code 405. Pattern match "!(GET|HEAD|POST)" at REQUEST_METHOD. [uri ""] [unique_id TgiU3YKCZIcAAAEVCkI]
Symptoms:
After upgrading from 12.0.6 to 12.1.3
Problem may come from the SecFilterSelective setting
You want to access to erptest-temp
which has a '-' - the '-' may be not be allowed
Security.conf file has the following
configuration:
SecFilterSelective REQUEST_URI
"!^/OA_HTML/oowa/aw92/" chain
SecFilterSelective ARGS_NAMES "!^([-_|#!=A-Za-z0-9/ :,.$()]){0,255}([-_|#!=A-Za-z0-9/ :,.$()]){0,255}$"
SecFilterCheckUnicodeEncoding Off
SecFilterSelective ARGS_NAMES "!^([-_|#!=A-Za-z0-9/ :,.$()]){0,255}([-_|#!=A-Za-z0-9/ :,.$()]){0,255}$"
SecFilterCheckUnicodeEncoding Off
After making a comparison between security.conf for the upgraded instance 12.1.3 and with the old instance 12.0.6, the below line differes :
12.1.3
SecFilterSelective ARGS_NAMES "!^([-_|#!=A-Za-z0-9/ :,.$()]){0,255}([-_|#!=A-Za-z0-9/ :,.$()]){0,255}$"
12.0.6
SecFilterSelective ARGS_NAMES "!^([-_@|#!=A-Za-z0-9/ \:\.\$]){0,255}$"
Log files:
Filename =error_log
See the following error:
[Mon Jun 27 12:12:12 2011] [error] [client 10.1.25.56] mod_security: Access denied with code 400. Error normalizing REQUEST_URI: Invalid URL encoding detected: invalid characters used [hostname "erptest-temp.auh.police"] [uri "/OA_HTML/jsp/fnd/fnderror.jsp?text=DE%20J*E%20*-HJD%20'DF8'E%20('DC'ED%20%DI%207H1%20'D5J'F).%201,'!%20'D'*5'D%20(E3&HD%20'DF8'E%20'D.'5%20(C"] [unique_id Tgg7XIKCZIcAAAETCDU]
[Mon Jun 27 12:25:02 2011] [error] [client 10.1.25.56] mod_security: Access denied with code 400. Error normalizing REQUEST_URI: Invalid URL encoding detected: invalid characters used [hostname "erptest-temp.auh.police"] [uri "/OA_HTML/jsp/fnd/fnderror.jsp?text=DE%20J*E%20*-HJD%20'DF8'E%20('DC'ED%20%DI%207H1%20'D5J'F).%201,'!%20'D'*5'D%20(E3&HD%20'DF8'E%20'D.'5%20(C"] [unique_id Tgg@XoKCZIcAAAEXCm4]
[Mon Jun 27 12:36:20 2011] [error] [client 10.1.25.56] mod_security: Access denied with code 400. Error normalizing REQUEST_URI: Invalid URL encoding detected: invalid characters used [hostname "erptest-temp.auh.police"] [uri "/OA_HTML/jsp/fnd/fnderror.jsp?text=DE%20J*E%20*-HJD%20'DF8'E%20('DC'ED%20%DI%207H1%20'D5J'F).%201,'!%20'D'*5'D%20(E3&HD%20'DF8'E%20'D.'5%20(C"] [unique_id TghBBIKCZIcAAAEXCnU]
[Mon Jun 27 12:36:30 2011] [error] [client 10.1.25.56] mod_security: Access denied with code 400. Error normalizing REQUEST_URI: Invalid URL encoding detected: invalid characters used [hostname "erptest-temp.auh.police"] [uri "/OA_HTML/jsp/fnd/fnderror.jsp?text=DE%20J*E%20*-HJD%20'DF8'E%20('DC'ED%20%DI%207H1%20'D5J'F).%201,'!%20'D'*5'D%20(E3&HD%20'DF8'E%20'D.'5%20(C"] [unique_id TghBDoKCZIcAAAETCEM]
[Mon Jun 27 14:29:35 2011] [error] [client 130.130.100.87] mod_security: Access denied with code 405. Pattern match "!(GET|HEAD|POST)" at REQUEST_METHOD. [uri ""] [unique_id Tghbj4KCZIcAAAEWCkY]
[Mon Jun 27 18:34:05 2011] [error] [client 130.130.100.64] mod_security: Access denied with code 405. Pattern match "!(GET|HEAD|POST)" at REQUEST_METHOD. [uri ""] [unique_id TgiU3YKCZIcAAAEVCkI]
Solution:
1.
Clearing middle tier
cache:
(R) Functional Administrator
responsibility
(N) Core Services > Caching Framework > Global Configuration > Clear cache
(N) Core Services > Caching Framework > Global Configuration > Clear cache
Or manually delete all _pages
caches and then regenerate all jsp as
rm -Rf
$OA_HTML/_pages/*
rm -Rf $COMMON_TOP/_pages/*
rm -Rf $IAS_ORACLE_HOME/Apache/modplsql/cache/*
rm -Rf $COMMON_TOP/_pages/*
rm -Rf $IAS_ORACLE_HOME/Apache/modplsql/cache/*
Unix: # $FND_TOP/patch/115/bin/perl
ojspCompile.pl --compile --flush -p 2
Windows: C:> <FND_TOP>\patch\115\bin\perl -x ojspCompile.pl --compile --flush
Windows: C:> <FND_TOP>\patch\115\bin\perl -x ojspCompile.pl --compile --flush
FYI : Clearing the _pages in R12 creates
a blank login page issue, as in Release 12 the jsp files do not get compiled
automatically.
If you made it be accident, use the ojspcompile.pl perl script to perform a manual pre-compilation of the JSP pages. The following command will compile all the JSP pages and build up the JSP cache again.
Unix: # $FND_TOP/patch/115/bin/perl ojspCompile.pl --compile --flush -p 2
Windows: C:> <FND_TOP>\patch\115\bin\perl -x ojspCompile.pl --compile --flush
This utility is also used by the AD utilities to perform this action, for example after patches are applied which replaced 1 or more JSP pages. Since this a manual action which also requires understanding of parameters to be passed to have the right (set of) JSP compiled this option may be error-prone.
If you made it be accident, use the ojspcompile.pl perl script to perform a manual pre-compilation of the JSP pages. The following command will compile all the JSP pages and build up the JSP cache again.
Unix: # $FND_TOP/patch/115/bin/perl ojspCompile.pl --compile --flush -p 2
Windows: C:> <FND_TOP>\patch\115\bin\perl -x ojspCompile.pl --compile --flush
This utility is also used by the AD utilities to perform this action, for example after patches are applied which replaced 1 or more JSP pages. Since this a manual action which also requires understanding of parameters to be passed to have the right (set of) JSP compiled this option may be error-prone.
make a backup of the securitiy.conf
file
change
SecFilterCheckUnicodeEncoding Off
to
SecFilterCheckUnicodeEncoding On
bounce the middle tier and try.
change
SecFilterCheckUnicodeEncoding Off
to
SecFilterCheckUnicodeEncoding On
bounce the middle tier and try.
If not works, then try:
2.
Clearing middle tier
cache:
make a backup of the securitiy.conf
file
change
change
SecFilterSelective ARGS_NAMES
"!^([-_|#!=A-Za-z0-9/
:,.$()]){0,255}([-_|#!=A-Za-z0-9/:,.$()]){0,255}$"
to
to
SecFilterSelective ARGS_NAMES
"!^([-_@|#!=A-Za-z0-9/ \:\.\$]){0,255}$"
bounce the middle tier and
try.
If not works, then try:
3. try the below link:
if it gave you that the system still
under maintenance mode, you should disable the maintenance mode using adadmin
and try again
References:
No comments:
Post a Comment