Description
To help us debug your issue fill in the basic information below using the options provided
Serverless Java Container version: 2.1.0
Implementations: Spring Boot 3
Framework version: SpringBoot 3.3.3
Frontend service: ALB / Function URL
Deployment method: CDK
Scenario
We have a Spring Boot application deployed as an AWS Function. It uses Spring Security, and users Authorization headers to give access to the endpoints. We access this application through an ALB for production use, but for development we use a Function URL.
Expected behavior
We would expect that when we send HTTP Headers, these headers are picked up by the Spring application
Actual behavior
What we see instead, is that when using the Function URL, all works well, the header values are received by the application. However, when using the ALB route, it seems the headers are lost.
It seems the ALB is using v1 for the payload version, and the Function URL is using v2 for the payload version, causing a different execution path to be taken in the AwsSpringHttpProcessingUtils. It seems generateRequest2 is working well, but generateRequest1 seems to only set the headers when getMultiValueHeaders() are enabled? I haven't been able to find a reference where setHeaders() is used for the v1 payload version.
We've tried enabling MultiValueHeaders in the AWS target group, but when we did that, I think we ran into this issue: #1193, which hasn't been released yet, so we're a little bit stuck here.
Steps to reproduce
- Create a Java Spring application which prints headers
- Deploy it
- Access it through Function URL -> headers are printed
- Access it through ALB -> headers aren't printed (the headers seem to be empty)
This is what the payload looks like:
{
"requestContext": {
"elb": {
"targetGroupArn": "arn:aws:elasticloadbalancing:ap-southeast-2:650349367615:targetgroup/eks-internal-audit-tg/66915fabe583273f"
}
},
"httpMethod": "GET",
"path": "/audit/v1/event-registrations/headers",
"queryStringParameters": {},
"headers": {
"accept": "*/*",
"custom-header": "TestHeader",
"host": "api.internal.dev.connectid.com.au",
"user-agent": "curl/8.7.1",
"x-amzn-trace-id": "Root=1-677e191b-732189535eb8827449a7fda4",
"x-forwarded-for": "10.10.1.49",
"x-forwarded-port": "443",
"x-forwarded-proto": "https"
},
"body": "",
"isBase64Encoded": false
}
Full log output
I don't get a stacktrace when multivalue headers are disabled, but when I enable it, this is the output:
2025-01-08T17:02:38.299+11:00
{
"timestamp": "2025-01-08T06:02:38.298Z",
"message": "java.lang.NullPointerException: Cannot invoke \"com.amazonaws.serverless.proxy.model.SingleValueHeaders.get(Object)\" because the return value of \"com.amazonaws.serverless.proxy.model.AwsProxyRequest.getHeaders()\" is null: java.lang.IllegalStateException\njava.lang.IllegalStateException: java.lang.NullPointerException: Cannot invoke \"com.amazonaws.serverless.proxy.model.SingleValueHeaders.get(Object)\" because the return value of \"com.amazonaws.serverless.proxy.model.AwsProxyRequest.getHeaders()\" is null\n\tat com.amazonaws.serverless.proxy.spring.AwsSpringHttpProcessingUtils.generateHttpServletRequest(AwsSpringHttpProcessingUtils.java:97)\n\tat com.amazonaws.serverless.proxy.spring.SpringDelegatingLambdaContainerHandler.handleRequest(SpringDelegatingLambdaContainerHandler.java:68)\n\tat java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(Unknown Source)\n\tat java.base/java.lang.reflect.Method.invoke(Unknown Source)\nCaused by: java.lang.NullPointerException: Cannot invoke \"com.amazonaws.serverless.proxy.model.SingleValueHeaders.get(Object)\" because the return value of \"com.amazonaws.serverless.proxy.model.AwsProxyRequest.getHeaders()\" is null\n\tat com.amazonaws.serverless.proxy.spring.AwsSpringHttpProcessingUtils.generateRequest1(AwsSpringHttpProcessingUtils.java:129)\n\tat com.amazonaws.serverless.proxy.spring.AwsSpringHttpProcessingUtils.generateHttpServletRequest(AwsSpringHttpProcessingUtils.java:110)\n\tat com.amazonaws.serverless.proxy.spring.AwsSpringHttpProcessingUtils.generateHttpServletRequest(AwsSpringHttpProcessingUtils.java:95)\n\t... 3 more\n\n",
"level": "ERROR",
"AWSRequestId": "71321a47-f4ad-40f7-bf63-2e94c42f82d7"
}
I think that's caused by #1193, so if the fixed version could be released, it might solve our problems.