SpringBoot - Error parsing HTTP request header (Oauth2 https endpoints)

Question

when I am trying to access OAuth HTTPS endpoints from spring boot app , i am getting below error, but HTTP endpoint works perfectly fine

Error:

2018-07-24 10:25:06.292 [DEBUG][8464][https-jsse-nio-8084-exec-8] o.apache.coyote.http11.Http11Processor: Error parsing HTTP request header

java.io.EOFException: null at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.fillReadBuffer(NioEndpoint.java:1250) at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.read(NioEndpoint.java:1190) at org.apache.coyote.http11.Http11InputBuffer.fill(Http11InputBuffer.java:717) at org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:366) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:687) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:748)

Endpoints

https://localhost:8084/my-auth/oauth/authorize 
https://localhost:8084/my-auth/oauth/token

Application YML config for ssl:

 port: 8084
    non-http-port: 8083
    context-path: /my-auth
    ssl:
      key-alias: <my cert alais>
      key-password: <my pasword>
      key-store: <my jks path>
      key-store-type: JKS
      enabled: true

Security java Config

  @Bean
   public EmbeddedServletContainerFactory servletContainer() {
        TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
            @Override
            protected void postProcessContext(Context context) {
                SecurityConstraint securityConstraint = new SecurityConstraint();
                securityConstraint.setUserConstraint("CONFIDENTIAL");
                SecurityCollection collection = new SecurityCollection();
                collection.addPattern(contextPath+"/api/v1/*");
                securityConstraint.addCollection(collection);
                context.addConstraint(securityConstraint);
            }
        };

        tomcat.addAdditionalTomcatConnectors(redirectConnector());
        return tomcat;
    }
    private Connector redirectConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setScheme("http");
        connector.setPort(unSecuredPort);
        connector.setSecure(false);
        connector.setRedirectPort(securedPort);
        return connector;
    }

POM file

    <?xml version="1.0" encoding="UTF-8"?>
<project
    xmlns="http://maven.apache.org/POM/4.0.0"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <parent>
        <artifactId>my-app-name</artifactId>
        <groupId>my.group.id</groupId>
        <version>my-version</version>
        <relativePath>../pom.xml</relativePath>
    </parent>
    <modelVersion>4.0.0</modelVersion>
    <packaging>jar</packaging>
    <artifactId>my-app-name</artifactId>
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-ldap</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.security.oauth</groupId>
            <artifactId>spring-security-oauth2</artifactId>
            <version>2.0.15.RELEASE</version>
        </dependency>
        <dependency>
            <groupId>org.thymeleaf</groupId>
            <artifactId>thymeleaf-spring4</artifactId>
        </dependency>
        <dependency>
            <groupId>com.h2database</groupId>
            <artifactId>h2</artifactId>
        </dependency>
        <dependency>
            <groupId>io.springfox</groupId>
            <artifactId>springfox-swagger2</artifactId>
        </dependency>
        <dependency>
            <groupId>io.springfox</groupId>
            <artifactId>springfox-swagger-ui</artifactId>
        </dependency>
    </dependencies>
    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
        </plugins>
    </build>
</project>

I have the same issue, using DB with OAuth2 with Spring Boot 2. `[DEBUG][10168][https-jsse-nio-8483-exec-4] o.a.tomcat.util.net.SocketWrapperBase: Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@5679dbde:org.apache.tomcat.util.net.SecureNioChannel@7522ebbe:java.nio.channels.SocketChannel[connected local=/0:0:0:0:0:0:0:1:8483 remote=/0:0:0:0:0:0:0:1:61610]], Read from buffer: [0] 2018-07-24 11:38:26.178 [DEBUG][10168][https-jsse-nio-8483-exec-4] o.apache.coyote.http11.Http11Processor: Error parsing HTTP request header java.io.EOFException: null` — Bran, Jul 24 '18 at 15:37

score 14 · Answer 1 · answered Feb 27 '19 at 12:20

It's not an error, it's a debug message.

I hit this too, and I believe the correct answer is here:

If the log level were not DEBUG, the EOF would have been silently swallowed. It's unfortunate that the message says "Unexpected EOF" since in this case it's normal.

which I found on the tomcat nabble site

The debug message here:

   catch (IOException e) {
       if (log.isDebugEnabled()) {
           log.debug(sm.getString("http11processor.header.parse"), e);
       }
       setErrorState(ErrorState.CLOSE_CONNECTION_NOW, e);
       break;
    }

in Http11Processor from Tomcat 8.5

And the EOFException which leads to it was added for this Tomcat fix: Non-blocking should throw an EOFException on EOF as well

which I found from another discussion of this "problem" in this spring-cloud github discussion

I think this is perfectly normal as this OEFException was added by our colleague per apache/tomcat@91b7859. Logging error on INFO level when ssl connection is made to non-ssl connector is a bit aggressive.

I can verify that when I changed my log level to INFO, the error message went away. Thank you! — logixplayer, May 21 '20 at 06:44
Very thorough and clear answer. Thank you for the links as well. — alegria, Dec 06 '21 at 12:08

score 0 · Answer 2 · answered Aug 30 '18 at 13:48

0

I just found a solution and the problem was with the self signed certificates for the localhost. Once you import these in your truststore for the JDK, everything should work fine.

answered Aug 30 '18 at 13:48

Bran

136
1
9

score 0 · Accepted Answer · answered Aug 30 '18 at 13:57

Thanks @bavlin

To work Oauth2 endpoints in local you have install certs in local JRE truststore

Use below command to add that in local trust store: (in command prompt)

• keytool -keystore cacerts -import -trustcacerts -file "file path to cert"

• To make it work in postman - In chrome browser , Install localhost cert to “Trusted Root Certification Authorities”

SpringBoot - Error parsing HTTP request header (Oauth2 https endpoints)

3 Answers3

Linked