ISSUE:

Intermittently, user with expired SM session is redirected to an error page, instead of the SM login page.

Following error is logged in the Webagent log:

[SmApache22WebFilterCtxt.cpp:530][ERROR][sm-AgentFramework-00070] Input filter pre-fetch read error - 'Content data is not available'

Network trace logged a RST from LTM/F5.

CAUSE:

A policy is defined on LTM/F5 to issue a RST when it detected malformed network packet – request/response that does not comply with HTTP Protocol (RFC2616), e.g: blank Content-Type.

We created a python script to POST same data to the webserver and successfully reproduced the deformed responses (blank Content-Type with the first response, followed closely with another response without headers), when Webagent is enabled.

Response from webserver when Webagent is enabled:

<Please see attached file for image>

Response from webserver when Webagent is disabled:

<Please see attached file for image>

Sample python script:

<Please see attached file for image>

RESOLUTION:

Set LegacyStreamingBehavior=yes resolved the issue.

ACO parameter -- LegacyStreamingBehavior specifies how content will be transferred to the server during POST requests.

When the value of this parameter is set to yes, all content types are streamed, except for the following:

- text/xml

- application/x-www-form-urlencoded

When the value of this parameter is set to no, all content types are spooled. 

WORKAROUND:

·         Disable POST preservation data – PreservePostData=no (Web Agent will not preserves POST data when redirecting requests to the login page)

·         Disable the policy on LTM/F5 that checks the HTTP request/response compliance or bypass LTM/F5.