Migrating from ColdFusion 2016 to Lucee

aspirenet · October 12, 2023, 1:02pm

@andreas I checked out IIS as per the link you sent. I added the header limit as per the document into the Request Filtering in IIS, I set it at 65536, unfortunately it still has the same issue.

As the IIS settings are the same as the cloned server which is working with ACF I don’t think that IIS is playing a role in this

andreas · November 17, 2023, 2:20am

Again, that the app is working on 8888 is the proof that this is NOT an Lucee issue!!! You need to figure out what is causing the issue in the connection inbetween IIS and Lucee.

aspirenet · October 3, 2024, 5:14pm

I’ve been developing a platform on Lucee for some time now and it’s gone really well, however I still have a site on ACF that I need to move to Lucee so I can finally shut the ACF server down. This is the site that I had the trouble with in this thread.

It’s a lot to read so I will summarize below

What I had found is that when a CFLOCATION was executed it was giving a message of Object Moved, however after some digging it was discovered this was because I had a lot of cookies (69 or so) and the headers were too large. The site works fine on ACF.

I tried fixing it but failed. This is from the thread above

The issue is my headers are too large which is causing Lucee to throw the error. This is caused by me having to write at least 69 cookies (As above I realize it is set to max at 200 in the Lucee config)

Changes that have been made are as follows

Change C:\lucee\tomcat\conf\server.xml
to (increasing to 65536)

Also in the same file increased to 65536

<Connector protocol="AJP/1.3"
    port="8009"
    secret="removedforsecurity"
    secretRequired="true"
           redirectPort="8443"
packetsize="65536" />

BonCodeAJP13.settings in C:\Windows folder added the line

<PacketSize>65536</PacketSize>

Once all of this was added I was able to get the site to work locally on port 8888, however, I am unable to get it to work beyond that, the same error/header restriction appears if I try to access it it publicly.

I have created some test code to just create a lot of cookies with UUID’s as the value. I tested how many cookies I could create before it failed. Although i got Lucee to create 182 with no issue, my site with 69 would not work, I don’t think there was more data, but perhaps other things were playing into the header size

Failed at

local ACF x 280
Server ACF x 280
Server Lucee “OBJECT MOVED” at 183

This is a fresh install so I’ll need to take care of the above, but wondering if anybody might have any ideas on what else I should be changing, or perhaps I was doing it wrong.

Thanks

Terry_Whitney · October 3, 2024, 6:11pm

AFC has some customization under the hood for their application server stack.

Your server.xml connector string should look something like this to handle your application,

<Connector protocol="AJP/1.3"
    port="8009"
    secret="removedforsecurity"
    secretRequired="true"
           redirectPort="8443"
packetsize="65536

<!-- add &  RTM -->
maxHttpResponseHeaderSize="65536"
maxHttpRequestHeaderSize="65536"
maxHttpHeaderSize="65536"
maxTrailerSize="65536"
maxExtensionSize="-1"
keepAliveTimeout="-1"
/>

aspirenet · October 4, 2024, 9:43am

Thanks @Terry_Whitney if I understood correctly the modification will now look like this

   <Connector protocol="AJP/1.3"
	    port="8009"
	   address="::1"
	    secret=""
	    secretRequired="true"
               redirectPort="8443"
packetsize="65536"

<!-- add &  RTM -->
maxHttpResponseHeaderSize="65536"
maxHttpRequestHeaderSize="65536"
maxHttpHeaderSize="65536"
maxTrailerSize="65536"
maxExtensionSize="-1"
keepAliveTimeout="-1"
/>

I changed it to the above and then reboot, but then the Tomcat would not start, it showed the following error →

Please check that a Tomcat server is running at given location and port.
Details:
No connection could be made because the target machine actively refused it [::1]:8009

You can change this message by changing TomcatConnectErrorURL setting in setting file.

Terry_Whitney · October 4, 2024, 12:16pm

Without your complete server.xml file, I will state you have a syntax error.

aspirenet · October 4, 2024, 1:05pm

server_modified.xml (9.1 KB)

Modified file attached, this is exactly as I used it short of my removing the secret.

Julian_Halliwell · October 4, 2024, 1:07pm

Try removing that line. I don’t think you can put comments inside elements.

aspirenet · October 4, 2024, 1:29pm

I removed the comments and it does start now, unfortunately I have the same error

Please check and adjust your setup:
Ensure that Tomcat is running on given host and port.
If this is a timeout error consider adjusting IIS timeout by changing executionTimeout attribute in web.config (see manual). [2024-10-04 09:29:07 ]

Object Moved

Terry_Whitney · October 4, 2024, 1:46pm

add

connectionTimeout=“60000”

Terry_Whitney · October 4, 2024, 1:59pm

in catalina.properties you may need to add:

//hack begin

// The cookie code needs these.
permission java.util.PropertyPermission
 "org.apache.catalina.STRICT_SERVLET_COMPLIANCE", "read";
permission java.util.PropertyPermission
 "org.apache.tomcat.util.http.ServerCookie.STRICT_NAMING", "read";
permission java.util.PropertyPermission
 "org.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR", "read";

// Applications using WebSocket need to be able to access these packages
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.websocket";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.websocket.server";

};
//hack end

That above goes approximate line 173, right after you see this:
// Precompiled JSPs need access to these packages.
permission java.lang.RuntimePermission “accessClassInPackage.org.apache.jasper.el”;
permission java.lang.RuntimePermission “accessClassInPackage.org.apache.jasper.runtime”;
permission java.lang.RuntimePermission
“accessClassInPackage.org.apache.jasper.runtime.*”;

aspirenet · October 4, 2024, 2:06pm

Unfortunately none of the above fixed the issue. I have attached the files that I’m using to test. You call the cookie.cfm and it’ll fail on the cflocation, if you clear the cache and reduce the number of cookies it creates in the loop, it’ll work

cookie.cfm (333 Bytes)
displaycookies.cfm (103 Bytes)

aspirenet · October 4, 2024, 2:18pm

I accidently overlooked the instructions on where to locate it.

I went back and checked and did not see the code you were referring to
catalina.properties (7.2 KB)

Terry_Whitney · October 4, 2024, 2:27pm

sorry, catalina.policy.

Bad notes.

aspirenet · October 4, 2024, 2:44pm

Got it.

I put the code after the few lines of code below // Precompiled JSPs need access to these packages.

Unfortunately, same issue

Terry_Whitney · October 4, 2024, 2:56pm

in your code, cfcookie should have “name” attribute

hence

<cfoutput>
<CFLOOP INDEX="TheCookie" FROM="100" TO="183">
    <!--- Ensure the cookie name follows valid naming conventions --->
    <CFCOOKIE name="A#TheCookie#B" value="#TheCookie#-#CreateUUID()#" expires="1">
</CFLOOP>

<br>hi 


<cftry>
    <!--- Loop through and set cookies --->
    <CFLOOP INDEX="TheCookie" FROM="100" TO="183">
        <CFCOOKIE name="A#TheCookie#B" 
                  value="#TheCookie#-#CreateUUID()#" 
                  expires="1" 
                  domain="yourdomain.com" <!--- Add your domain here --->
                  path="/" <!--- Ensure it's available site-wide --->
        >
    </CFLOOP>
    
    <!--- Redirect after cookies are set --->
    <CFLOCATION URL="/displaycookies.cfm" addtoken="false">

<cfcatch type="any">
    <!--- Error handling --->
    <cfdump var="#cfcatch#">
</cfcatch>
</cftry>


<CFLOCATION URL="http://localhost:8888/displaycookies.cfm">
</cfoutput>

in server.xml
in connector, not APJ
put

maxHttpHeaderSize="655360"

aspirenet · October 4, 2024, 3:33pm

You lost me, my CFCOOKIE does have NAME=

Terry_Whitney · October 4, 2024, 4:20pm

See the above code, it works with adding an insanely large value to the connector.

How tomcat works,

connector (internal)
Then
Plugin Connector (AJP, ectra)

Internally your code wants some stupidly large value for cookies. Your application log should be filled with errors relating to the large size of the header.

Cookie, Path Name… (Yes I am that tired)
set it to something, IDC what, domain should be set as well,

Doing that, restarting Lucee results in

“cookie[a160b] = 160-595A3BBF-5592-4C91-B6AD78EEB321F7BE
cookie[a132b] = 132-5E737BB4-0144-44FF-8F13FBF2EB00AB42
cookie[a144b] = 144-A182FA91-3448-4B59-B4D4318FCA0F70B2
cookie[a156b] = 156-1F0468C6-EB6E-4FDD-9EB6CBB0E7D48D00
cookie[a168b] = 168-84E77966-DE4A-47E8-9CBCE0D6E2385E33
cookie[a172b] = 172-65D82716-272C-4A0C-AA5D9D1622F21D98
cookie[a120b] = 120-16B49617-CFF5-4CF3-A83F89BE8ECCBDAC
cookie[a115b] = 115-E1DCACDA-6062-433B-89B01D76164DF0B5
cookie[a103b] = 103-BC6423DE-B519-472D-9DF3ADF82BDFD0E9
cookie[a127b] = 127-0B799744-F79B-4E70-B55094CA024D417F
cookie[a139b] = 139-06D4444A-4026-4726-A743DBB2B14FF004…”

aspirenet · October 4, 2024, 5:03pm

@Terry_Whitney You’ve lost me a little

Are you saying it’s the way I am creating the cookies that is causing the problem (I hope not as I’d have to go through a lot of code on the platform that I need to move off ACF where it works, to Lucee)

I just took a look at the site I want to move and I am using name, domain and expires

Thanks

Terry_Whitney · October 4, 2024, 5:13pm

Yes, the way you are using cookies is highly irregular.

Session variables would be better than trying to throw everything across cookies.

Either way, if it works it works.

I do not write the “best code”, I write horribly sloppy code in tag format and it just “works”.