Hi,

I need help in a problem related to Novell and I am not a Novell
person. So please ask me if there is any other detail that may be
required.

I have a webapp hosted on Windows 2003 server with IIS as web server
and Tomcat 4.1 as the servlet container. When accessed from a Windows
enviornment, the app goes fine. But if a system running Novell Client
4.9 tries to access this app, it crashes. I understand that this is a
problem due to an extra header NovINet in the requests coming from such
machines. This client has
features that are integrated into the Microsoft IE browser. Every
browserrequest has a header item added that identifies the Novell
NetIndentity client version. This header is added after the ones
created by IE and before the post data.

Here is a captured request that works. If you are familiar with the
HTTP protocol you will see this is a pretty simple POST request:

---------------------------------------------------
POST./inet/servlet/Controller_servlet HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/x-shockwave-flash, */*
Referer: http://203.197.236.10/inet/jsp/Redirect.jsp
Accept-Language: en-us
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0.(compatible; MSIE 6.0; Windows NT 5.1; SV1;
...NET
CLR.1.1.4322)
Host: 203.197.236.10
Content-Length: 44
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: JSESSIONID=43E5A11128B363625724F7D177405663

error_messsage=&UserID=etax&Password=etax123
----------------------------------------------------

Here is one from a machine (logged into Novell) that throws the
exception. The longer list of accepted mime types is just because this
machine has Office installed on it. The significant difference is the
header item called NOVINet with the value v1.2. This is added by the
Novell client to inform Novell services that this machine has Novell
NetIdentity installed and the version of that client. While it might
look abnormal remember there is no
guaranteed order for name value pairs in the request and any
unrecognized name value pairs should simply be ignored by the
application and web server. In other words the header is completely RFC
compliant:

--------------------------------------------------------
POST /inet/servlet/Controller_servlet HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/vnd
ms-excel, application/vnd ms-powerpoint, application/msword,
application/x-shockwave-flash, */*
Referer: http://203.197.236.10/inet/jsp/Redirect.jsp
Accept-Language: en-us
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4 0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;
...NET CLR
1.1.4322)
Host: 203.197.236.10
Content-Length: 44
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: JSESSIONID=F0B5A5E125D854F11843800513E4A192
NovINet: v1.2

error_messsage=&UserID=etax&Password=etax123
----------------------------------------------------------

Here is a Novell support article on a similar problem with a visa.com
website. The solution listed disables the Novell functionality and is
not really acceptable since you now know the problem is server side!

http://support.novell.com/cgi-in/sea...?/10078706.htm


I will appreciate if anyone could give any direction for this problem.
Please help.