Content
Updated by Kate Honchar 11 days ago
Problematic behaviour was observed on network components after the bundled Apache Tomcat was bumped from 10.1.41 to 10.1.42 version to combat security issues. Behaviour is described here: [https://support.evolveum.com/work\_packages/10744,](https://support.evolveum.com/work_packages/10744,) tl;dr parts of the GUI are not working when accessed thru AJP-enabled reverse proxy (e.g. Apache httpd). First we thought that problem lies in the httpd config, but it turned out that it is actually on midPoint's side. Luckily we have found out what to fix in the midPoint to make AJP work again:
1. Bump bundled Tomcat to **10.1.44** version. Multi-part request settings were fixed. More info here: https://tomcat.apache.org/tomcat-10.1-doc/changelog.html
2. Introduce two new params to EmbeddedTomcatAutoConfiguration class to be loaded from application.yml:
my hardcoded setup:
ajpConnector.setMaxPartHeaderSize(1024);
ajpConnector.setMaxPartCount(300);
1. Bump bundled Tomcat to **10.1.44** version. Multi-part request settings were fixed. More info here: https://tomcat.apache.org/tomcat-10.1-doc/changelog.html
2. Introduce two new params to EmbeddedTomcatAutoConfiguration class to be loaded from application.yml:
ajpConnector.setMaxPartHeaderSize(1024);
ajpConnector.setMaxPartCount(300);