Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-56876

Large URLs generating request entity too large errors for Audit Portlet

    Details

      Description

      Description

      Client receives a "request entity too large error" after conducting searches in the audit portlet and selecting a record. The URLs that are generated are often over 3,000 characters long. It seems their web server is sending back the error because the URLs are too long.

      Steps to reproduce

      1. Install the audit portlet and enable logging by adding these properties to the portal-ext.properties:
        com.liferay.portal.servlet.filters.audit.AuditFilter=true
        audit.message.com.liferay.portal.model.Layout.VIEW=true
        
      2. Perform some actions for the audit portlet to record: create a user and change the user's password. Create a blank site.
      3. Navigate to the audit portlet and execute a blank search. Select the first record's User ID.

      Results of Testing

      Expected Result: The URL will be of a reasonable length so it won't be rejected by the web server.
      Actual Results: A large URL such as this one will be generated:

      http://localhost:8080/group/control_panel/manage?p_p_id=1_WAR_auditportlet&p_p_lifecycle=0&p_p_state=maximized&p_p_mode=view&doAsGroupId=10195&refererPlid=10185&controlPanelCategory=configuration&_1_WAR_auditportlet_auditEventId=10825&_1_WAR_auditportlet_redirect=%2Fgroup%2Fcontrol_panel%2Fmanage%3F_1_WAR_auditportlet_formDate%3D1435788164234%26p_p_id%3D1_WAR_auditportlet%26p_p_lifecycle%3D0%26p_p_state%3Dmaximized%26p_p_mode%3Dview%26doAsGroupId%3D10195%26refererPlid%3D10185%26controlPanelCategory%3Dconfiguration%26_1_WAR_auditportlet_keywords%3D%26_1_WAR_auditportlet_advancedSearch%3Dfalse%26_1_WAR_auditportlet_andOperator%3Dtrue%26_1_WAR_auditportlet_userId%3D%26_1_WAR_auditportlet_userName%3D%26_1_WAR_auditportlet_classPK%3D%26_1_WAR_auditportlet_className%3D%26_1_WAR_auditportlet_eventType%3D%26_1_WAR_auditportlet_sessionID%3D%26_1_WAR_auditportlet_clientIP%3D%26_1_WAR_auditportlet_clientHost%3D%26_1_WAR_auditportlet_serverName%3D%26_1_WAR_auditportlet_serverPort%3D%26_1_WAR_auditportlet_%3D06%252F30%252F2015%26_1_WAR_auditportlet_startDateDay%3D30%26_1_WAR_auditportlet_startDateMonth%3D5%26_1_WAR_auditportlet_startDateYear%3D2015%26_1_WAR_auditportlet_%3D10%253A02%2BPM%26_1_WAR_auditportlet_startDateHour%3D10%26_1_WAR_auditportlet_startDateMinute%3D2%26_1_WAR_auditportlet_startDateAmPm%3D1%26_1_WAR_auditportlet_date%3Dnull%26_1_WAR_auditportlet_%3D07%252F01%252F2015%26_1_WAR_auditportlet_endDateDay%3D1%26_1_WAR_auditportlet_endDateMonth%3D6%26_1_WAR_auditportlet_endDateYear%3D2015%26_1_WAR_auditportlet_%3D10%253A02%2BPM%26_1_WAR_auditportlet_endDateHour%3D10%26_1_WAR_auditportlet_endDateMinute%3D2%26_1_WAR_auditportlet_endDateAmPm%3D1%26_1_WAR_auditportlet_date%3Dnull%26_1_WAR_auditportlet_auditEventsSearchContainerPrimaryKeys%3D10825%252C10824%252C10823%252C10821%252C10809%252C10813%252C10814%252C10816%252C10817%252C10805%252C10804%252C10803%252C10801%252C10802%252C10715&_1_WAR_auditportlet_mvcPath=%2Fview_audit_event.jsp&_1_WAR_auditportlet_backURL=%2Fgroup%2Fcontrol_panel%2Fmanage%3F_1_WAR_auditportlet_formDate%3D1435788164234%26p_p_id%3D1_WAR_auditportlet%26p_p_lifecycle%3D0%26p_p_state%3Dmaximized%26p_p_mode%3Dview%26doAsGroupId%3D10195%26refererPlid%3D10185%26controlPanelCategory%3Dconfiguration%26_1_WAR_auditportlet_keywords%3D%26_1_WAR_auditportlet_advancedSearch%3Dfalse%26_1_WAR_auditportlet_andOperator%3Dtrue%26_1_WAR_auditportlet_userId%3D%26_1_WAR_auditportlet_userName%3D%26_1_WAR_auditportlet_classPK%3D%26_1_WAR_auditportlet_className%3D%26_1_WAR_auditportlet_eventType%3D%26_1_WAR_auditportlet_sessionID%3D%26_1_WAR_auditportlet_clientIP%3D%26_1_WAR_auditportlet_clientHost%3D%26_1_WAR_auditportlet_serverName%3D%26_1_WAR_auditportlet_serverPort%3D%26_1_WAR_auditportlet_%3D06%252F30%252F2015%26_1_WAR_auditportlet_startDateDay%3D30%26_1_WAR_auditportlet_startDateMonth%3D5%26_1_WAR_auditportlet_startDateYear%3D2015%26_1_WAR_auditportlet_%3D10%253A02%2BPM%26_1_WAR_auditportlet_startDateHour%3D10%26_1_WAR_auditportlet_startDateMinute%3D2%26_1_WAR_auditportlet_startDateAmPm%3D1%26_1_WAR_auditportlet_date%3Dnull%26_1_WAR_auditportlet_%3D07%252F01%252F2015%26_1_WAR_auditportlet_endDateDay%3D1%26_1_WAR_auditportlet_endDateMonth%3D6%26_1_WAR_auditportlet_endDateYear%3D2015%26_1_WAR_auditportlet_%3D10%253A02%2BPM%26_1_WAR_auditportlet_endDateHour%3D10%26_1_WAR_auditportlet_endDateMinute%3D2%26_1_WAR_auditportlet_endDateAmPm%3D1%26_1_WAR_auditportlet_date%3Dnull%26_1_WAR_auditportlet_auditEventsSearchContainerPrimaryKeys%3D10825%252C10824%252C10823%252C10821%252C10809%252C10813%252C10814%252C10816%252C10817%252C10805%252C10804%252C10803%252C10801%252C10802%252C10715
      

      was able to reproduce on liferay-portal-ee\ee-6.2.x with audit portlet from liferay-plugins\ee-6.2.x

      code is the same on ee-7.0.x, but the audit portlet does not exist on liferay-plugins-ee/master or on liferay-plugins

      fix is to remove extraneous parameters from the row urls of the search container for audit events

        Attachments

          Activity

            People

            Assignee:
            beck.liu Beck Liu
            Reporter:
            andrew.betts Andrew Betts
            Participants of an Issue:
            Recent user:
            Esther Sanz
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Days since last comment:
              5 years, 17 weeks, 2 days ago

                Packages

                Version Package
                6.2.X EE
                7.0.0 M7