FIX: The HTTP Transport that Transaction Integrator uses may send an HTTP header that has an incorrect COMMAREA length and without the “Authorization: Basic” field


When you use HTTP Transport through Transaction Integrator (TI) in Microsoft Host Integration Server 2010 to communicate with an IBM mainframe, you may experience the following issues:
  1. The HTTP header that is sent to the mainframe application includes an incorrect COMMAREA length in the URI. For example, the POST request in the HTTP header may resemble the following:
    In this scenario, the COMMAREA length is 1,500 bytes. This is specified in the fourth parameter in the HTTP header. If the COMMAREA length is incorrect, the mainframe application may report the error, or the application may exit abnormally (ABEND).
  2. The HTTP header does not include the Authentication field. When this issue occurs, the mainframe application may reject the HTTP request. After this rejection, Transaction Integrator resends the HTTP request together with the "Authentication: Basic" field in the HTTP header.

    In this scenario, the HTTP request must be sent over the network two times, and the IBM host system must issue one transaction for each HTTP request.


Issue 1 occurs because the Transaction Integrator incorrectly includes the input data length for the TI application as the COMMAREA length in the HTTP header. 

Issue 2 occurs because the Transaction Integrator was updated to use the underlying network transport to send the HTTP header. The underlying network transport sends the initial HTTP request, but does not include the Authentication field, in order to determine the supported authentication types on the remote system (HTTP server). When Transaction Integrator receives the response from the remote system, it uses a support authentication type to resend the HTTP request. This behavior is by design.


Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problems that are described in this article. Apply this hotfix only to systems that are experiencing the problems described in this article. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft website: Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

The English (United States) version of this hotfix uses a Microsoft Windows Installer package to install the hotfix. The dates and the times for these files are listed in Coordinated Universal Time (UTC) in the following table. When you view the file information, the date is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
For Microsoft Host Integration Server 2010, 32-bit edition
File nameFile versionFile sizeDateTimePlatform
For Microsoft Host Integration Server 2010, 64-bit edition
File nameFile versionFile sizeDateTimePlatform
Note Because of file dependencies, the most recent fix that contains these files may also contain additional files.


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

More Information

After you apply the hotfix, Transaction Integrator includes the correct COMMAREA length in the HTTP request. The COMMAREA length indicates how much data will be returned by the mainframe application with which the Transaction Integrator application is communicating.

In addition, the Transaction Integrator HTTP transport is updated to set the PreAuthenticate property to True. This enables the HTTP header to include the Authentication property in the HTTP header on all HTTP requests to the same URI after the initial HTTP request is sent without the Authentication property. For more information about the PreAuthenticate property, refer to the following MSDN article :

Αναγνωριστικό άρθρου: 2509834 - Τελευταία αναθεώρηση: 18 Απρ 2011 - Αναθεώρηση: 1