Spotfire Web Player becomes unavailable with error "service endpoint binding not using the HTTP protocol" due to IronPython script interfering with .NET HTTP client
Article ID: KB0070054
Updated On:
| Products | Versions |
|---|---|
| Spotfire Server | 11.1 and higher |
Description
When trying to access the Spotfire Web Player in a browser, it fails to load with the following error displayed:
screenshot
The following error is seen in the Web Player worker.host log:
INFO ;2022-08-04T17:04:12,282-03:00;2022-08-04 20:04:12,282;b7159039-d65b-47f6-9434-b1b1fe6012e3;041457687du6f3;46;<user@abc.com>;64e2487634ec3c89bb926180f311325a;Spotfire.Dxp.Services.Http.HttpRetryContext;"Cannot retry error in call to ."
System.ServiceModel.CommunicationException: An error occurred while receiving the HTTP response to https:// <server.abc.com>:9443/spotfire/ws/LoginService. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a receive. ---> IronPython.Runtime.UnboundNameException: global name 'True' is not defined
at IronPython.Runtime.Operations.PythonOps.GetVariable(CodeContext context, String name, Boolean isGlobal, Boolean lightThrow)
And the following error is seen in the Spotfire Server server.log:
ERROR 2022-08-04T17:04:12,400-0300 [<server.abc.com>, #BS-8702, #816060] wp.controller.WebPlayerExceptionController: Internal Server Error ef4f970c-5f95-4c22-8912-e5c59efdb122 (Service Error 49a1b898882b46ab8167e341b759f96a : An error occurred while receiving the HTTP response to https://<server.abc.com>:9443/spotfire/ws/LoginService. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. (Unauthorized - 49a1b898882b46ab8167e341b759f96a)): 401 An error occurred while receiving the HTTP response to https:// <server.abc.com>:9443/spotfire/ws/LoginService. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. (Unauthorized - 49a1b898882b46ab8167e341b759f96a): "<?xml version="1.0" encoding="utf-8"?><EOL><EOL><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><EOL><EOL><html xmlns="http://www.w3.org/1999/xhtml"><EOL><EOL> <head><EOL><EOL> <title>Request Error</title><EOL><EOL> <style>BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; } #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; } A:link { color: #336699; font-weight: bold; text-decoration: underline; } A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; } A:active { color: #336699; font-weight: bold; text-decoration: underline; } .heading1 { background-color: #003366; border-bottom: #336699 6px solid; color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal;margin: 0em 0em 10px -20px; padding-bottom: 8px; padding-left: 30px;padding-top: 16px;} pre { font-size:small; background-color: #e5e5cc; padding: 5px; font-family: Courier New; margin-top: 0px; border: 1px #f0f0e0 solid; white-space: pre-wrap; white-space: -pre-wrap; word-wrap: break-word; } table { border-collapse: collapse; border-spacing: 0px; font-family: Verdana;} table th { border-right: 2px white solid; border-bottom: 2px white solid; font-weight: bold; background-color: #cecf9c;} table td { border-right: 2px white solid; border-bottom: 2px white solid; background-color: #e5e5cc;}</style><EOL><EOL> </head><EOL><EOL> <body><EOL><EOL> <div id="content"><EOL><EOL> <p class="heading1">Request Error</p><EOL><EOL> <p>The server encountered an error processing the request. See server logs for more details.</p><EOL><EOL> </div><EOL><EOL> </body><EOL><EOL></html>
An error occurred while receiving the HTTP response to https:// <server.abc.com>:9443/spotfire/ws/LoginService. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details.
For example: screenshot The following error is seen in the Web Player worker.host log:
INFO ;2022-08-04T17:04:12,282-03:00;2022-08-04 20:04:12,282;b7159039-d65b-47f6-9434-b1b1fe6012e3;041457687du6f3;46;<user@abc.com>;64e2487634ec3c89bb926180f311325a;Spotfire.Dxp.Services.Http.HttpRetryContext;"Cannot retry error in call to ."
System.ServiceModel.CommunicationException: An error occurred while receiving the HTTP response to https:// <server.abc.com>:9443/spotfire/ws/LoginService. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a receive. ---> IronPython.Runtime.UnboundNameException: global name 'True' is not defined
at IronPython.Runtime.Operations.PythonOps.GetVariable(CodeContext context, String name, Boolean isGlobal, Boolean lightThrow)
And the following error is seen in the Spotfire Server server.log:
ERROR 2022-08-04T17:04:12,400-0300 [<server.abc.com>, #BS-8702, #816060] wp.controller.WebPlayerExceptionController: Internal Server Error ef4f970c-5f95-4c22-8912-e5c59efdb122 (Service Error 49a1b898882b46ab8167e341b759f96a : An error occurred while receiving the HTTP response to https://<server.abc.com>:9443/spotfire/ws/LoginService. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. (Unauthorized - 49a1b898882b46ab8167e341b759f96a)): 401 An error occurred while receiving the HTTP response to https:// <server.abc.com>:9443/spotfire/ws/LoginService. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. (Unauthorized - 49a1b898882b46ab8167e341b759f96a): "<?xml version="1.0" encoding="utf-8"?><EOL><EOL><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><EOL><EOL><html xmlns="http://www.w3.org/1999/xhtml"><EOL><EOL> <head><EOL><EOL> <title>Request Error</title><EOL><EOL> <style>BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; } #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; } A:link { color: #336699; font-weight: bold; text-decoration: underline; } A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; } A:active { color: #336699; font-weight: bold; text-decoration: underline; } .heading1 { background-color: #003366; border-bottom: #336699 6px solid; color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal;margin: 0em 0em 10px -20px; padding-bottom: 8px; padding-left: 30px;padding-top: 16px;} pre { font-size:small; background-color: #e5e5cc; padding: 5px; font-family: Courier New; margin-top: 0px; border: 1px #f0f0e0 solid; white-space: pre-wrap; white-space: -pre-wrap; word-wrap: break-word; } table { border-collapse: collapse; border-spacing: 0px; font-family: Verdana;} table th { border-right: 2px white solid; border-bottom: 2px white solid; font-weight: bold; background-color: #cecf9c;} table td { border-right: 2px white solid; border-bottom: 2px white solid; background-color: #e5e5cc;}</style><EOL><EOL> </head><EOL><EOL> <body><EOL><EOL> <div id="content"><EOL><EOL> <p class="heading1">Request Error</p><EOL><EOL> <p>The server encountered an error processing the request. See server logs for more details.</p><EOL><EOL> </div><EOL><EOL> </body><EOL><EOL></html>
Environment
All
Resolution
The root cause of this issue is custom IronPython scripts that when executed interfere with the .NET HTTP client communication which Spotfire relies on as of version 11.1 (earlier WinINet was used). IronPython scripts cannot set global .NET settings/behaviors, by using ServicePointManager for example, since those can and will affect the execution of the product causing instability.
Example script:
def AcceptAllCertifications(a,b,c,d):return True
ServicePointManager.ServerCertificateValidationCallback = AcceptAllCertifications
Before version 11.1, these scripts would not have caused system-wide issues since the modification of the global .NET HTTP settings did not affect Spotfire at that time.
The problem is that the ServicePointManager is a static, singleton class which means that if a client (an IronPython script in this case) makes a change it changes for everything (including the rest of the Spotfire application). Per the important note on the ServicePointManager Class documentation:
To avoid this issue, find and remove (or quarantine) all dxp files which contain these problematic scripts until the scripts are modified. In order to find scripts which contain the problematic usage of ServicePointManager like above, there are a couple options:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
This will cause the following error when trying to use the Web Player since it will cause the secure communication channel to fail:
Could not establish secure channel for SSL/TLS with authority 'server:9443'. (Unauthorized)): 401 Could not establish secure channel for SSL/TLS with authority 'server:9443'
Example script:
def AcceptAllCertifications(a,b,c,d):return True
ServicePointManager.ServerCertificateValidationCallback = AcceptAllCertifications
Before version 11.1, these scripts would not have caused system-wide issues since the modification of the global .NET HTTP settings did not affect Spotfire at that time.
The problem is that the ServicePointManager is a static, singleton class which means that if a client (an IronPython script in this case) makes a change it changes for everything (including the rest of the Spotfire application). Per the important note on the ServicePointManager Class documentation:
- "We don't recommend that you use the ServicePointManager class for new development. Instead, use the System.Net.Http.HttpClient class"
To avoid this issue, find and remove (or quarantine) all dxp files which contain these problematic scripts until the scripts are modified. In order to find scripts which contain the problematic usage of ServicePointManager like above, there are a couple options:
-
- [Alternate Option] Application Profiler tool - Searches all dxp files in the library, looking for scripts with a given code snippet. (Note: The Application Profiler will have to open each report it scans which can be time and resource consuming. It also cannot open dxp files that are prompted)
Important Note:
Other uses ServicePointManager might cause different issues and symptoms. For example, modifying the TLS version to TLS 1.0 explicitly with:ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
This will cause the following error when trying to use the Web Player since it will cause the secure communication channel to fail:
Could not establish secure channel for SSL/TLS with authority 'server:9443'. (Unauthorized)): 401 Could not establish secure channel for SSL/TLS with authority 'server:9443'
Issue/Introduction
This article describes how IronPython scripts which interfere with the .NET HTTP client can cause the Spotfire Web Players to fail
Additional Information
Wiki: How to find specific scripts in DXP files in the Spotfire Library using the Application Profiler
Wiki: Script and Data function trust in Spotfire 10.3 and later
External: ServicePointManager Class
Feedback
Yes
No
Powered by
