IBM Support

ISAM WebSEAL responds with 400 Bad Request for HTTP DELETE with body content

Troubleshooting


Problem

The client sends HTTP DELETE requests to a backend server vie ISAM WebSEAL. This HTTP DELETE requests contain a json body. When ISAM WebSEAL receives an HTTP DELETE with a body, it automatically refuses the request with a HTTP 400 BAD REQUEST response. The exact same HTTP DELETE request without a body is allowed through by ISAM WebSEAL.

Cause

By default WebSEAL will return a HTTP 400 Bad Requesr error if a DELETE request contains a body. The configuration option "http-delete-allow-body" provides an alternative to this default behavior.

If the option is enabled:
[content]
http-delete-allow-body = yes

WebSEAL will allow a body with the DELETE method. However, it will be ignored.


This option is not required and by default WebSEAL will continue to return a HTTP 400 Bad Error error.

Resolving The Problem

Modify the ISAM WebSEAL configuration and set:
[content]
http-delete-allow-body = yes

WebSEAL will allow a body with the DELETE method.

[{"Product":{"code":"SSPREK","label":"Tivoli Access Manager for e-business"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"WebSEAL","Platform":[{"code":"PF025","label":"Platform Independent"},{"code":"PF004","label":"Appliance"}],"Version":"All versions","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

More support for:
Tivoli Access Manager for e-business

Software version:
All versions

Operating system(s):
Appliance

Document number:
543449

Modified date:
16 June 2018

UID

swg21977876

Manage My Notification Subscriptions

Page Feedback