Migrating from ColdFusion 2016 to Lucee

aspirenet · September 25, 2023, 3:32pm

So, I’ve managed to get a domain on there that was not in use and had a valid SSL.

I ran the code that I attached above to create some cookies with UUID for values, and the same issue occurred

I then went to C:\lucee\tomcat\conf and edited the server.xml file, changing the following values from 16384 to 65536, and rebooted the server… it didn’t fix it

<Connector port="8888" protocol="HTTP/1.1"
           connectionTimeout="20000"
           redirectPort="8443" maxHttpHeaderSize="65536" //>

The only thing I might be missing is the BonCodeAJP13.settings file in the C:\windows folder, where @andreas had mentioned “Then change the AJP Boncode PacketSize in the Boncode Settings (see BonCode Apache Tomcat AJP 1.3 Connector)” however, I don’t see any reference to packsize in there.

David_Raschper · September 26, 2023, 6:33am

Did you access the tomcat directly via 8888 or you connect via IIS via AJP.
My/Your example above is for the direct tomcat access via 8888.

If you access via ajp you need to set packetsize like andreas mentioned before.
That usally the connector with the port 8009.
Apache Tomcat 8 Configuration Reference (8.5.93) - The AJP Connector (there you find the packetsize attribute).

Julian_Halliwell · September 26, 2023, 8:16am

You need to add an element to the BonCodeAJP13.settings XML

<PacketSize>65536</PacketSize>

See the BonCode Apache Tomcat AJP 1.3 Connector docs for more detail.

aspirenet · September 26, 2023, 10:34am

Got it. PackSize added to the BON file. Rebooted (btw I have odd behaviour on 8888 if I just stop the service and restart it, I get a welcome to your lucee installation page, the root appears to change, only a reboot seems to fix it)

We’re getting somewhere with this. Using port 8888 it works! In the link @Julian_Halliwell provided above I also see that it maxes at 200 cookies by default so for my particular situation that might be something worth looking at.

The problem is that it won’t work outside of port 8888, it has the same issue, so I guess that somewhere else I need to amend to 65536 or perhaps add additional entries?

Julian_Halliwell · September 26, 2023, 11:04am

Try adding packetSize="65536" to the AJP connector definition in your Tomcat server.xml. It looks similar to the HTTP connector you modified before but with protocol="AJP/1.3", and probably on port 8009.

aspirenet · September 26, 2023, 1:14pm

Added. Rebooted. Same issue

Terry_Whitney · September 26, 2023, 1:19pm

playing devils advocate here,
what exactly are you using IIS for with lucee?
If you’re not using any IIS specific application hooks, I would suggest ditching it, as apache (or nginx) are faster, more resource efficient and far less of a security risk that IIS.

Julian_Halliwell · September 26, 2023, 1:31pm

How many cookies are you setting? The default maximum Tomcat allows via AJP is apparently 200. If you are setting more than that then perhaps increasing it via the maxCookieCount attribute in the AJP connector might help?

aspirenet · September 26, 2023, 1:35pm

@Terry_Whitney understood, but I’m used to IIS and don’t want to change too much at once, maybe in the future, but I don’t want to go through the pain of using anything else right now. I am already juggling more than I’d like while working on a new project.

aspirenet · September 26, 2023, 1:35pm

@Julian_Halliwell yes, I noticed that. The platform that I need to get working is 69 cookies, an odd one might sneak in along the way. The test I am doing is for 100 test cookies with the UUID value. I did notice that in the link of parameters that I could change from default

Terry_Whitney · September 27, 2023, 3:24pm

understood.

IIS has reverse proxy functionality

install application-request routing and url-rewrite, if you have not already
after you restart the service you can add a url rewirte
then you can add cfc/cfm/cfml as rewrites for your website
rewrite url: http://yourluceeinstall:8888/

docs:

aspirenet · September 28, 2023, 9:26am

I do have re-write installed already, I use it to rewrite if the user is not on the WWW. and also from HTTP to HTTPS.

Not sure how I’d use it to fix this problem, although I do know I don’t have this issue on ACF. The simple fix does appear to be a reboot, a little odd how a stop start causes this to change

aspirenet · October 6, 2023, 12:15pm

Does anybody have any ideas on how I might get this working externally? Right now I’ve only managed to get it to work on 8888

Terry_Whitney · October 6, 2023, 4:16pm

Your Action is set to Rewrite so it is rewriting the URL.

In IIS Manager:

Right-click Server Farms, click “Create Server Farm”. Give it some name, like LuceeRocks
Put the fully-qualified domain name to your Tomcat instance in the “Server name or address” field
Click “Advanced settings…”, expand “applicationRequestRouting” and change httpPort to 8888
Click “Yes” when prompted to create a rewrite rule
Click the newly created farm under “Server Farms” in the pane on the left side of the window
Open “Routing Rules” on the Server Farm feature view page
Click the “URL Rewrite…” link on the right pane
Remove the old attempted Tomcat rewrite rule
Click “Add Rule(s)…” at the top of the right pane, choose “Blank rule”
Give it a name
In the Match URL pane:
Requested URL: Matches the Pattern
Using: Regular Expressions
Pattern: *
Expand the Conditions pane, click “Add”
Condition input: {HTTP_HOST}
Check if input string: Matches the pattern
Pattern: you.lucee.domain
Check Ignore Case
In the Action pane:
Action type: Route to Server Farm
Scheme: http://
Server farm: (the name of your server or whateveryouwannacallit)
Path: {R:1} (Note you may need to edit this)
Click “Apply” on the right pane and your

andreas · October 7, 2023, 4:18am

Could you please elaborate a little? Describe what and how its not working? Please describe exactly what you are experiencing.

aspirenet · October 8, 2023, 11:51am

Thanks for the lengthy instructions on the re-write although I’m not sure what it’s actually doing and therefore how it fixes the issue.

The issue is that the headers were too large due to the 69+ cookies, however as above I made various tweaks to the Lucee config files and it started working on port 8888 when I tested it locally on the server. However I’m struggling to understand how to increase the header size to 65535 for public ports so that the site works for everybody.

aspirenet · October 11, 2023, 9:48am

I thought it might be a good idea to summarize this

The issue is my headers are too large which is causing Lucee to throw the error. This is caused by me having to write at least 69 cookies (As above I realize it is set to max at 200 in the Lucee config)

Changes that have been made are as follows

Change C:\lucee\tomcat\conf\server.xml

to (increasing to 65536)

<Connector port="8888" protocol="HTTP/1.1"
           connectionTimeout="20000"
           redirectPort="8443" maxHttpHeaderSize="65536" />

Also in the same file increased to 65536

<Connector protocol="AJP/1.3"
    port="8009"
    secret="removedforsecurity"
    secretRequired="true"
           redirectPort="8443"
packetsize="65536" />

BonCodeAJP13.settings in C:\Windows folder added the line <PacketSize>65536</PacketSize>

Once all of this was added I was able to get the site to work locally on port 8888, however, I am unable to get it to work beyond that, the same error/header restriction appears if I try to access it it publicly

That’s where I am currently stuck.

martin · October 11, 2023, 11:06am

You could try looking into the default header limits in IIS and try to increase them accordingly like you have done on BonCode and Tomcat. Maybe IIS is truncating them in some way???

aspirenet · October 11, 2023, 11:18am

I don’t believe it’s an IIS issue, I have the site running on an IIS server with no problem. I cloned the server, uninstalled CF and put lucee on the clone, so the IIS settings are the same, and work.

andreas · October 11, 2023, 5:14pm

I would at least take a look into/try it out