Last Modified: Dec 10, 2018
See more info
Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.1.0, 220.127.116.11, 18.104.22.168, 22.214.171.124
14.0.0, 126.96.36.199, 13.0.1
Opened: Dec 05, 2017
If the first request for a session is a POST, APM will save the POST to replay after the policy completes. When the POST is restored after policy completion and released to the backend, the headers are the same as the most recent client request, not the original POST. In particular, the Content-Length header will not match the original POST.
Backend servers may complain of an incomplete HTTP POST due to a mismatching Content-Length header.
First request for the session is a POST.
Now, the system takes all headers from the original POST, except the Authorization header that Kerberos RBA needs, which is taken from the most recent client request.