CoyoteConnector: What means the attribute 'useURIValidationHack'
as Catalina 4.1.12 shows in server.xml: ... !-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8080 -- Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=9080 minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=8443 acceptCount=10 debug=0 connectionTimeout=2 useURIValidationHack=false / ... Thanks in advance, Wolfgang Stein -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Tomcat with SSL and Client certificate
Start Tomcat with the additional option -Djavax.net.debug=all and watch the console. Although you will get a lot of output, it might help you in identifying the problem. Good luck, Wolfgang Stein -Original Message- From: Frédéric LE MAISTRE [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 17, 2002 8:39 AM To: Tomcat Users List Subject: Tomcat with SSL and Client certificate I made an SSL connection between Tomcat server and IE client. It seems to work, but by the way Tomcat get an exception : Handshake failed javax.net.ssl.SSLException: error while writing to socket , although the client certificate is well recognized and SSL is enabled. Somebody knows whats wrong? Thanks Fredd -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Tomcat with SSL and Client certificate
No i am not. It was a while ago when i used the option successfully for debugging SSL on Tomcat 3.2.X. at least. Not sure whether i were running on jdk 1.3 or 1.2 It triggered a lot of output about the SSL-handshake into the WinNT console window. Don't have the Catalina startup scripts at hand, but you might try setting the option in ctatlina.bat resp. in the environment var CATALINA_OPTS or so. Cheers, Wolfgang Stein -Original Message- From: Frédéric LE MAISTRE [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 17, 2002 9:45 AM To: Tomcat Users List Subject: Re: Tomcat with SSL and Client certificate are you sure of the syntax? Because startup -Djavax.net.debug=all didn't do anything - Original Message - From: Wolfgang Stein [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, October 17, 2002 9:40 AM Subject: Re: Tomcat with SSL and Client certificate Start Tomcat with the additional option -Djavax.net.debug=all and watch the console. Although you will get a lot of output, it might help you in identifying the problem. Good luck, Wolfgang Stein -Original Message- From: Frédéric LE MAISTRE [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 17, 2002 8:39 AM To: Tomcat Users List Subject: Tomcat with SSL and Client certificate I made an SSL connection between Tomcat server and IE client. It seems to work, but by the way Tomcat get an exception : Handshake failed javax.net.ssl.SSLException: error while writing to socket , although the client certificate is well recognized and SSL is enabled. Somebody knows whats wrong? Thanks Fredd -- -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Multiple certificates in virtual host setup
Hi Donie, AFAIK you may have only cert per Tomcat, identified by alias 'tomcat'. More certs selected by differing aliases would not work due restrictions of the ssl-protocol (as some guys stated in this list). Did you already try wildcard certs, e.g. '*.subdomain.tld' or even '*.tld' ? They might be expensive, but maybe they fit your needs. Good luck, Wolfgang Stein -Original Message- From: Donie Kelly [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 09, 2002 12:03 PM To: 'Tomcat Users List' Subject: Multiple certificates in virtual host setup Hi all I have a server hosting multiple sites and each wants to use ssl. Can I use a single keystore for all sites? How do I get each site to extract the correct certificate from the keystore? Any help is appreciated. Donie -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: I need to run a servlet periodically
Hi Filip, i think this it is a bad idea, to invoke a (Runnable) servlet via start(). In what state will be the servlet context, what about the ServletRequest or the log() method for example ? I think the result will depend on server implementation details, but it is very likely to get IllegalStateExceptions at least. As already being said: a) If you need servlet functionality periodically let a cron job do servlet requests periodically b) If you don't need servlet functionality just let a cron job do the job Greetings Wolfgang Stein -Original Message- From: Cato, Christopher [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 09, 2002 3:04 PM To: '[EMAIL PROTECTED]' Subject: SV: I need to run a servlet periodically What you really need to do is to design your periodical servlet to implement Runnable. Add another servlet that starts the periodical servlet and load that servlet during startup. The periodical then does its thing and sleeps for x amount of time. Then wakes up and so on... /Christopher -Ursprungligt meddelande- Fran: Raj Saini Till: Tomcat Users List Skickat: 2002-10-07 23:24 Amne: Re: I need to run a servlet periodically To need the servlet run periodically you need a client calling the servlet periodically. Make your client to run periodically and it will cause the servlet to run. We can suggest you a solution if you let us know what exactly you want your servlet to do. Raj Saini Filip Rachunek wrote: Hello, is it possible to have a servlet in Tomcat container which is invoked automatically each gived time period? [e.g. each 10 minutes] And I would also need this special servlet to access other resources of my web application [connection pool, ...]. Thanks. Filip Rachunek -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: SSL clientAuth=optional ?!?!?
Hi, don't have the spec at hand, but have you already tried something like: ... error-page error-code401/error-code location/IfNoClientCertThenRegister/location /error-page ... security-constraint ... user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint ... /security-constraint ... in your web.wml ? You might also use a filter or front controler as an alternative. Cheers, Wolfgang -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, October 07, 2002 10:32 AM To: [EMAIL PROTECTED] Subject: SSL clientAuth=optional ?!?!? hi! first of all: i'm using tomcat 4.0.4 i need a client authentication based on a certificate. if the user is new he should be able to register and receive his personal key. when the clientAuth is set to true the user has no chance to be redirected to a register page maybe there is a path out there? is it possible with other versions of tomcat: 4.1.x? PLEASE help me! blip -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Do two listeners entail double context intialization ?
I want to enable non-enrypted HTTP-communication for most servlets of a context, but also enforce HTTPS-communication for SOME servlets of the same context. I remember some postings about multiple connectors entailing multiple context-intialization. But i'm not able to find the postings again. Was this a problem in Tomcat 3.2 or do i mix up something ? Thanks in advance Wolfgang -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Catalina doesn't like JRE, but works fine with JDK
I just installed JRE 1.3.1_04 and JDK 1.3.1_04 successively. Pointing JAVA_HOME to JDK for Tomcat 4.1.10 works fine, setting JAVA_HOME to JRE gives the error message: The JAVA_HOME environment variable is not defined correctly I found the message often in tomcat-users list but in the context of misspellings. In my case i can eliminate a misspelling. So, what makes the difference between JDK and JRE for Tomcat 4.1.10 ? -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
SSL on Tomcat standalone not working
Just a silly suggestion from my own silly experiences with Tomcat 3: If i typed http:// instead of https:// then i always got some Maybe that helps Wolfgang -Original Message- From: Ratner, Ian [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 11, 2002 5:55 PM To: 'Tomcat Users List' Subject: RE: SSL on Tomcat standalone not working I'm having the same problem. Can you let me know if you find a solution? Thanks, Ian -Original Message- From: Michael Petres [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 10, 2002 6:51 PM To: [EMAIL PROTECTED] Subject: SSL on Tomcat standalone not working I have a tomcat standalone deployment I am trying to enable SSL on. I have faithfully followed the SSL-how to. When I start tomcat the error logs indicate NO errors. The port 8443 has an HTTP connector loaded on it. The problem is that when I try to access a webapp on port 8443 (works on port 8080), the reply the browser gets is: -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Catalina doesn't like JRE, but works fine with JDK
Thanks for all your replies. Now i remember having installed JRE\lib\ext\tools.jar for TC 3.2. in the past. Following Jean-Francois' and Donie's hints i repeated this for TC 4.1. with no success. Additinally i installed javac.exe at JRE_HOME\bin and tools.jar in any lib-directory i've found ... again, no success. Following Ralph's suggestion about Tomcat/bin/setclasspath.[sh|bat] i realized that also the java debugger jdb.exe has to be in JRE\bin. Apart from the fact that SUN gives no explicit permission for redistribution of jdb.exe (in contrary to javac.exe and tools.jar), i would not expect its presence as mandatory. (at least in a production environment :-) So i commented the corresponding line out and Tomcat runs fine. I don't know much about jdb.exe and hope this works as long as i don't start Tomcat in debug mode. I'll watch out (also concerning Jean-Francois' hint about the Admin tool) May thanks for all suggestions, Wolfgang -Original Message- From: Jean-Francois Arcand [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 11, 2002 5:40 PM To: Tomcat Users List Subject: Re: AW: Catalina doesn't like JRE, but works fine with JDK The Admin tool that comes with Tomcat contains a lot of JSP and use Struts. -- Jeanfrancois -Original Message- From: Ralph Einfeldt [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 11, 2002 4:49 PM To: Tomcat Users List Subject: AW: Catalina doesn't like JRE, but works fine with JDK I don't have tomcat 4.10 at hand, but have a look at bin/setclasspath.[sh|bat] to see the requirements for the JAVA_HOME. In tomcat 4.0.3 it was just the existence of $JAVA_HOME/bin/java. (Under linux/unix this file is also checked for readability) -Original Message- From: Ralph Einfeldt [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 11, 2002 4:48 PM To: Tomcat Users List Subject: AW: Catalina doesn't like JRE, but works fine with JDK Nevertheless tomcat should run with the JRE unless tomcat doesn't have to compile jsp's at runtime. (if you don't use jsp's or use just precompiled jsp's). -Original Message- From: Jean-Francois Arcand [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 11, 2002 3:59 PM To: Tomcat Users List Subject: Re: Catalina doesn't like JRE, but works fine with JDK Actually, Jasper (the JSP compiler) use classes that comes with the JDK and are not included with the JRE. Specifically, it uses the tools.jar file included with the JDK. -- Jeanfrancois -Original Message- From: Donie Kelly [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 11, 2002 3:28 PM To: 'Tomcat Users List' Subject: RE: Catalina doesn't like JRE, but works fine with JDK Tomcat needs the JDK to compile JSP pages. The JRE does not include the compiler. Donie -Ursprüngliche Nachricht- Von: Wolfgang Stein [mailto:[EMAIL PROTECTED]] Gesendet: Mittwoch, 11. September 2002 15:29 An: [EMAIL PROTECTED] Betreff: Catalina doesn't like JRE, but works fine with JDK Pointing JAVA_HOME to JDK for Tomcat 4.1.10 works fine, setting JAVA_HOME to JRE gives the error message: The JAVA_HOME environment variable is not defined correctly I found the message often in tomcat-users list but in the context of misspellings. what makes the difference between JDK and JRE for Tomcat 4.1.10 ? -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Tomcat 3.2.4 slow with Jdk1.4 and SSL
Migrating from Jdk1.3 to Jdk1.4 we encountered a significant performance decrease on SSL-communications (server certs) between Applets and Tomcat 3.2.4. Did anybody experience similar performance losses ? Does this happen because of a low SSL implementation in jdk1.4 ? Did anybody successfully provide a faster implementation? We used jdk1.4 on client and server-side. Thanks in advance, Wolfgang -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Tomcat 3.2.4 slow with Jdk1.4 and SSL
I realize you are also a German resident and remember the download of JSSE were differing for non-US citizens. I assume we are victims of a hidden key escrow or Echelon's information gathering efforts :-) But, all joking(?) aside: This seems to be a known jdk1.4 issue. There are some related postings at the developer connection forums, e.g. http://forum.java.sun.com/thread.jsp?forum=2thread=239231) It ends up in the recommendation to use a commercial product but also states that SUN's implementation were one of the better implementations ... So, did anybody succeed in using a third party JSSE that works with tomcat and sufficient performance? Any suggestions ? Thanks in advance, Wolfgang -Original Message- From: Andreas Mohrig [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 10, 2002 2:20 PM To: 'Tomcat Users List' Subject: RE: Tomcat 3.2.4 slow with Jdk1.4 and SSL I'm using Tomcat 4.0.4 with Jdk1.4 (on both Linux-Server and Windows NT client) and worrying about a quite similar problem. The server is extremely fast (I'd say the answer takes some milliseconds) when I access it with a browser (e.g. MS IE 5.0), but it takes about 20 seconds (!) when I try a request using java code like this: URL url = new URL(https://myserver/myresource;); URLConnection con = url.openConnection(); BufferedReader reader = new BufferedReader(new InputStreamReader(con.getInputStream())); StringBuffer resultbuffer = new StringBuffer(); String result = reader.readLine(); while (result!=null) { resultbuffer.append(result); resultbuffer.append(\n); result = reader.readLine(); } reader.close(); This is true for subsequent requests as well. The content consists of about 100 bytes which should be no problem. So: yes, I'm experiencing a heavy performance problem. I can't say if it is a performance decrease, though, since I did not test with older Jdk's and jsse (perhaps I should...). Any solutions, hints or suggestions would be very welcome! greetings Andreas Mohrig -Original Message- From: Wolfgang Stein [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 10, 2002 12:15 PM To: [EMAIL PROTECTED] Subject: Tomcat 3.2.4 slow with Jdk1.4 and SSL Migrating from Jdk1.3 to Jdk1.4 we encountered a significant performance decrease on SSL-communications (server certs) between Applets and Tomcat 3.2.4. Did anybody experience similar performance losses ? Does this happen because of a low SSL implementation in jdk1.4 ? Did anybody successfully provide a faster implementation? We used jdk1.4 on client and server-side. Thanks in advance, Wolfgang -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: http session survival
Tomcat 4.0 provides for http session persistence. Gruss, Wolfgang -Original Message- From: Jim Clayson [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 30, 2002 11:43 AM To: '[EMAIL PROTECTED]' Subject: http session survival Hi, Does tomcat provide support for http session persistence? Does an http session survive a server restart automatically? If not, what is the suggested approach for persisting http sessions in the web tier?. Thanks Jim __ ?xml:namespace prefix = o ns = urn:schemas-microsoft-com:office:office / Jim Clayson Infogain Limited tel: 01628 580600 fax: 01628 580610 email: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] web: www.infogain.com http://www.infogain.com/ Disclaimer: Neither this e-mail nor any attachment places any legal or contractual obligations on Infogain Limited. Any reproduction, disclosure or dissemination beyond the intended addressees is strictly prohibited save for the legitimate business purposes of Infogain Limited and its clients or partners. __ -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: http session survival
TC 3.2.x doesn't provide persistent sessions. Don't know about TC 3.3.x Gruss, Wolfgang -Original Message- From: Jim Clayson [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 30, 2002 12:41 PM To: 'Tomcat Users List' Subject: RE: http session survival Thanks. Do you know to what extent it exists/doesn't in tomcat 3? Jim -Original Message- From: Wolfgang Stein [mailto:[EMAIL PROTECTED]] Sent: 30 May 2002 11:12 To: [EMAIL PROTECTED] Subject: RE: http session survival Tomcat 4.0 provides for http session persistence. Gruss, Wolfgang -Original Message- From: Jim Clayson [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 30, 2002 11:43 AM To: '[EMAIL PROTECTED]' Subject: http session survival Hi, Does tomcat provide support for http session persistence? Does an http session survive a server restart automatically? If not, what is the suggested approach for persisting http sessions in the web tier?. Thanks Jim -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
OT: RE: oci8 driver problem on Linux
-Original Message- From: Reynir Hübner [mailto:[EMAIL PROTECTED]] First of all, the classes12.zip is not the same for Oracle9i and 8i, so you must ensure that you've downloaded the correct one (from otn.oracle.com). Hi, we have a problem with our jdbc-connection (sql-exception: protocol violation). We plan to use a newer jdbc driver. Oracle recommends to upgrade to the *latest* jdbc-driver (see quoting below). Do you have practical experiences that backup your suggestion to use an exact *version matching* driver ? Thanks in advance Wolfgang Stein quoting from metalink.oracle.com Last Revision Date: 21-JAN-2002 Problem Solution Upgrade the JDBC Driver to the latest version available. Note, if you are using the JDBC OCI driver, you are limited by the Oracle client version on your machine. If you are using the JDBC Thin driver, you are not constrained by the client software version and the latest JDBC Thin driver has been certified to run against all prior database versions from 7.3.3, as long as you do not try and use features related to a later database version. /quoting from metalink.oracle.com -Original Message- From: Reynir Hübner [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 23, 2002 5:16 PM To: Tomcat Users List Subject: RE: oci8 driver problem on Linux hi, maybe some of these comments you've seen in previous replies to your question. First of all, the classes12.zip is not the same for Oracle9i and 8i, so you must ensure that you've downloaded the correct one (from otn.oracle.com). You must install the Oracle Client Software to use OCI driver and set up connections and such, as it uses TNSNames.ora to create connection to the database server. There are two drivers in the classes12.zip one is the OCI and the other is the thin driver. I have used the thin driver most the time, it works fine, and I think most cases it is sufficient to use that one. remember to rename the zip file to .jar. hope it helps -reynir -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: SSL Logs
Start Tomcat with the additional option (set in tomcat.bat) -Djavax.net.debug=all and watch the console. Gruss, Wolfgang -Original Message- From: Todd Lekan [mailto:[EMAIL PROTECTED]] Sent: Friday, April 19, 2002 12:11 AM To: '[EMAIL PROTECTED]' Subject: SSL Logs My self-signed certificate works perfectly but when I restart Tomcat with a Verisign certificate, I suddenly get a server error in my browser when I try to connect. There are no errors logged on start up, in fact catalina_log contains the following: 2002-04-18 16:55:12 HttpConnector[8443] Starting background thread 2002-04-18 16:55:12 HttpProcessor[8443][0] Starting background thread 2002-04-18 16:55:12 HttpProcessor[8443][1] Starting background thread 2002-04-18 16:55:12 HttpProcessor[8443][2] Starting background thread 2002-04-18 16:55:12 HttpProcessor[8443][3] Starting background thread 2002-04-18 16:55:12 HttpProcessor[8443][4] Starting background thread I assume an error must be getting thrown somewhere right? I'm hoping someone can point where this would show up so I can figure out what tomcat doesn't like about my certificate. Thanks for any help Todd Lekan -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: tomcat https security: is it possible to steal sessions?
It depends on the circumstances. I believe one widespread risk among others might be the use of self-signed server certs to establish a secure (ssl) communication. If you use self-generated server certs, someone could do a man-in-the-middle-attack, making the client believe to communicate with the right server. (I believe 'DNS spoofing' or manipulation of etc/hosts are ways to place yourself betweena client and a server). Since the client sends the symetric encryption key to the wrong server (encrypted with the wrong public key), it does not matter anymore whether the communication were encrypted or not. All data will be visible to the malicious server (not only session ids). The malicious server could additionally establish himself a ssl connection to the originally intended server, using the previously recorded login data for example. From now on, the man in the middle could forward client data to the server and vice versa. This will all be done over ssl, making the endpoints believe in a 'secure' connection. One way to avoid trusting malicious servers is to use certs issued be an 'official' certification agency (CA). Another way might be to deliver selfsigned server certs to all clients in a secure way (by messenger for example) and ask the clients to import the server cert into their browser. Too expensive ?! Thats why official CAs exist :-) If you are concerned about someone stealing your information (as your posting suggests) and just solved the problem of trusting a malicious server, you might also wonder about malicious clients ... This will finally lead to client certs, smartcards etc. But in the end even these security mechanisms have their weakness (e.g. browser infection, social engineering). I wouldn't even totally trust in biometric techniques like fingerprints or retina analysis. Imagine a you were an authorized client meeting a criminal surgeon :-) ... I do not pass any confidential information as url parameters (ie. all forms are using post method). Using the post or get method makes no difference in man-in-the-middle attacks. Gruss, Wolfgang ___ Even paranoids have enemies -- Anonymous ___ -Ursprüngliche Nachricht- Von: Taavi Tiirik [mailto:[EMAIL PROTECTED]] Gesendet: Freitag, 15. März 2002 11:37 An: Tomcat Users List Betreff: tomcat https security: is it possible to steal sessions? Hello, What kind of security risks are there if I use tomcat over https (http connector is disabled). Would it be ok to assume that nobody can listen traffic between tomcat and browser? I do not pass any confidential information as url parameters (ie. all forms are using post method). Is it still possible to (somehow) steal session info and act as somebody else? with best wishes, Taavi -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: How to Unsubscribe?
Try to send send a mail to [EMAIL PROTECTED] Gruss, Wolfgang -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
RE: Tomcat4 standalone keystore - existing private
Looks like we will be going through apache then. Or use a utility written in java available with source from http://www.comu.de. It doesn't really import but generates a new keystore containing the cert with priv key. Since you only need one entry for a ssl server cert (alias tomcat) it is sufficient. I used it with success. Gruss, Wolfgang -Ursprüngliche Nachricht- Von: Chris Campbell [mailto:[EMAIL PROTECTED]] Gesendet: Mittwoch, 27. Februar 2002 07:53 An: 'Tomcat Users List' Betreff: RE: Tomcat4 standalone keystore - existing private key problem To answer my own question and perhaps help someone searching archives on similar problems, the page at http://www.cs.indiana.edu/~chiuk/security/ssl/jsse/certificate s/ tells me Though sufficient for some tasks, a major deficiency of the keytool utility is its inability to import a private key. Great. Looks like we will be going through apache then. ChrisC -Original Message- From: Chris Campbell Sent: Monday, February 25, 2002 12:38 PM To: '[EMAIL PROTECTED]' Subject: Tomcat4 standalone keystore - existing private key problem Hi I am trying to setup Tomcat 4.0.1 standalone to serve ssl pages certified by Verisign. I can use (self signed) certificates generated by keytool with no problem, but I can't set up the keystore to work with Verisign's. To explain a little more, the private key I have was generated by openssl (openssl genrsa -rand rand.dat -des 1024 key.pem) and is of the type: -BEGIN RSA PRIVATE KEY- Proc-Type: 4,ENCRYPTED DEK-Info: DES-CBC,91B2224E3C5D1BA5 If I try to import this into my keystore like keytool -import -file /root/key.pem I get the error 'Input not an X.509 certificate'. Importing the certificate reply from Verisign in the same way works no problem, but I know from setting up Apache that the private key is also necessary right? And for tomcat, it seems that it must be in the keystore (no other configuration options as far as I know). I think everything would work if I could just get that private key into a form that keytool understands, then into the keystore... is this possible? Thanks, ChrisC -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: SSL Client authentication with standalone Tomcat
Imagine an online banking system with some thousand clients I can't believe that you have to import each client cert into the keystore file. If you start tomcat with the -Djavax.net.debug=all option you should be able to verify that tomcat initially sends a list of trusted CAs taken from the cacert file. This file should contain one CA (or more) that signed a client certificat signing request (or groups of them). But Anton Brazhnyk's suggestion could be an alternative way. If anybody succeeded in establishing the ssl client cert handhake after importing client certs into the keystore file only, please let us know. Gruß, Wolfgang Anton Brazhnyk wrote I'm not sure its necessary, but I'd import last certificate with following command: keytool -import -trustcacerts -file my.crt -alias tomcat Wolfgang Stein wrote: As far as i understand the client-auth handshake, the server sends a list of trusted CAs to the client. This list is taken from JAVA_HOME_set_in_your_tomcat\lib\security\cacerts So you have to import your CA-cert into that file, instead of your .keystore . There is no need to import the client cert into cacerts or keystore. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Reposting: SSL Client authentication with standalone Tomcat
I repost this because it didn't show up on the list but a subsequent posting already did: The client browser scans his (previously imported) client certs for a matching cert isssuer/signer and sends (?) this to the server. This part should read: The client browser scans his (previously imported) client certs for a matching cert issuer/signer, fills / pops up a choice dialog box to select a client cert from, and sends (?) the users selection back to the server. This choice box was usually empty in MS IE. Read my previous posting Any success with Tomcat 4.0.2 and client certificates in MS IE ? Wolfgang Stein wrote: As far as i understand the client-auth handshake, the server sends a list of trusted CAs to the client. This list is take from JAVA_HOME_set_in_your_tomcat\lib\security\cacerts So you have to import your CA-cert into that file, instead of your .keystore . There is no need to import the client cert into cacerts or keystore. The client browser scans his (previously imported) client certs for a matching cert isssuer/signer and sends (?) this to the server. You will face a difference in comparism of the ca certs between nestcape / MS IE. Gruß, Wolfgang -Ursprüngliche Nachricht- Von: Brian Palmer [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 26. Februar 2002 11:58 An: [EMAIL PROTECTED] Betreff: SSL Client authentication with standalone Tomcat I'm trying to set up for a simple project client-authentication and CA abilities, using standalone tomcat and openssl. I'm not having luck. The short version is, when I enable clientAuth, I am unable to connect to the server, getting various messages (in Mozilla 0.9.8, I get no error messages but the page will not load, using openssl s_client I get a write error). Forgive me in advance for this long message, but my hope is that by explicitly stating what I'm doing, it will be easy for someone more experienced to see where I'm going wrong. I've spent much of the last 2 days searching online for information and trying different approaches; most of the problems/solutions don't give a lot of details I've done the following: Step 1: Generate the tomcat request for certificate keytool -genkey -alias tomcat -keyalg RSA keytool -certreq -alias tomcat -file my.csr Step 2: Generate the ca certificate openssl req -new -newkey rsa:512 -nodes -out ca.req \ -keyout ca.key openssl x509 -trustout -signkey ca.key -days 365 \ -req -in ca.req -out ca.crt Step 3: Sign the tomcat request to generate tomcat certificate openssl x509 -CA ca.crt -CAkey ca.key -in my.csr \ -out my.crt -req -CAcreateserial Step 4: Import both into my keystore keytool -import -file ca.crt -alias RootCert keytool -import -file my.crt -alias tomcat I can then stop and restart tomcat, and non-client-authenticated https works. I then go on to Step 5: Generate a client certificate openssl req -new -newkey rsa:512 -nodes \ -out client.req -keyout client.key openssl x509 -CA ca.crt -CAkey ca.key \ -req -in client.req \ -out client.crt I then enable clientAuth=true, and try to connect to tomcat using the openssl s_client: openssl s_client -cert client.crt -key client.key \ -connect localhost:8443 and get the following output: CONNECTED(0003) depth=1 /C=US/ST=California/L=Stanford/O=Stanford University/OU=CSD/CN=UStorit [EMAIL PROTECTED] verify error:num=19:self signed certificate in certificate chain verify return:0 write:errno=104 Any ideas? Or ideas on how to debug this? (I'm coming up against a deadline, so any hints much appreciated) -- Brian Palmer Whoever fights monsters should see to it that in the process he does not become a monster. And when you look long into an abyss, the abyss also looks into you - Nietzsche -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: SSL Client authentication with standalone Tomcat
The client browser scans his (previously imported) client certs for a matching cert isssuer/signer and sends (?) this to the server. This part should read: The client browser scans his (previously imported) client certs for a matching cert issuer/signer, fills / pops up a choice dialog box to select a client cert from, and sends (?) the users selection back to the server. This choice box was usually empty in MS IE. Read my previous posting Any success with Tomcat 4.0.2 and client certificates in MS IE ? Wolfgang Stein wrote: As far as i understand the client-auth handshake, the server sends a list of trusted CAs to the client. This list is take from JAVA_HOME_set_in_your_tomcat\lib\security\cacerts So you have to import your CA-cert into that file, instead of your .keystore . There is no need to import the client cert into cacerts or keystore. The client browser scans his (previously imported) client certs for a matching cert isssuer/signer and sends (?) this to the server. You will face a difference in comparism of the ca certs between nestcape / MS IE. Gruß, Wolfgang -Ursprüngliche Nachricht- Von: Brian Palmer [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 26. Februar 2002 11:58 An: [EMAIL PROTECTED] Betreff: SSL Client authentication with standalone Tomcat I'm trying to set up for a simple project client-authentication and CA abilities, using standalone tomcat and openssl. I'm not having luck. The short version is, when I enable clientAuth, I am unable to connect to the server, getting various messages (in Mozilla 0.9.8, I get no error messages but the page will not load, using openssl s_client I get a write error). Forgive me in advance for this long message, but my hope is that by explicitly stating what I'm doing, it will be easy for someone more experienced to see where I'm going wrong. I've spent much of the last 2 days searching online for information and trying different approaches; most of the problems/solutions don't give a lot of details I've done the following: Step 1: Generate the tomcat request for certificate keytool -genkey -alias tomcat -keyalg RSA keytool -certreq -alias tomcat -file my.csr Step 2: Generate the ca certificate openssl req -new -newkey rsa:512 -nodes -out ca.req \ -keyout ca.key openssl x509 -trustout -signkey ca.key -days 365 \ -req -in ca.req -out ca.crt Step 3: Sign the tomcat request to generate tomcat certificate openssl x509 -CA ca.crt -CAkey ca.key -in my.csr \ -out my.crt -req -CAcreateserial Step 4: Import both into my keystore keytool -import -file ca.crt -alias RootCert keytool -import -file my.crt -alias tomcat I can then stop and restart tomcat, and non-client-authenticated https works. I then go on to Step 5: Generate a client certificate openssl req -new -newkey rsa:512 -nodes \ -out client.req -keyout client.key openssl x509 -CA ca.crt -CAkey ca.key \ -req -in client.req \ -out client.crt I then enable clientAuth=true, and try to connect to tomcat using the openssl s_client: openssl s_client -cert client.crt -key client.key \ -connect localhost:8443 and get the following output: CONNECTED(0003) depth=1 /C=US/ST=California/L=Stanford/O=Stanford University/OU=CSD/CN=UStorit [EMAIL PROTECTED] verify error:num=19:self signed certificate in certificate chain verify return:0 write:errno=104 Any ideas? Or ideas on how to debug this? (I'm coming up against a deadline, so any hints much appreciated) -- Brian Palmer Whoever fights monsters should see to it that in the process he does not become a monster. And when you look long into an abyss, the abyss also looks into you - Nietzsche -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: High startup and shutdown time of tomcat 4
Hi, the startup time will even increase if you enable a SSL-connector. But you don't have to restart the whole tomcat to restart an application (compared with TC 3.2, don't know 3.3), if you use the manager app instead. You can also enable dynamic servlet reloading during development. I suppose the startup time is a tribute to the better catalina architecture, new features and servlet 2.3 spec conformity. I also removed all unused applications (e.g. examples, doc ...) to reduce the start up time. I didn't notice a slower shutdown. Gruss, Wolfgang -Ursprüngliche Nachricht- Von: Jürgen Weber [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 26. Februar 2002 19:34 An: [EMAIL PROTECTED] Betreff: High startup and shutdown time of tomcat 4 Hello, jakarta-tomcat-3.3a has a startup time of 4s (jdk 1.4, NT), wheras jakarta-tomcat-4.0.2-LE-jdk14 needs 10s. Shutdown is also much slower. The fast startup/shutdown made tomcat 3 so great for development. Why is it that catalina is so much slower in startup? Can anything be done to make it faster? Thanks, Juergen _ Testen Sie MSN Messenger für Ihren Online-Chat mit Freunden: http://messenger.msn.de -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Any success with Tomcat 4.0.2 and client certificates in MS IE ?
Did anybody ever succeed in using client certs using MS IE ? I tried with an openssl generated client cert, also tried with a Thawte Freemail client cert, all without success. MS Internet Explorer always comes up with an empty dialog box asking to select a client certificate. The client certs work fine in Netscape Communicator. I searched the archives and the WWW. A lot of people encountered the same problem. Some guy talked about differences in the ssl-handshake (search within http://groups.google.com/ for SSL Client Authentication to Tomcat Web Server ) His solution was a DN without eMail address generated with a Microsoft cert authority. I dont't have such programm and cant generate such a request with openssl. Any hints ? My boss will fire me if i spend some more weeks on that problem :-). I am tired of it, anyway. Again: Did anybody ever succeed with MS IE + client certs + Tomcat? Thanks in advance Wolfgang Stein -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: I get an exception java.io.FileNotFoundException: Tomcat 4 ssl
Seems you have to much double quotes in th entry keystoreFile=C:\WINDOWS\Profile\chucka\.keystore Gruß, Wolfgang -Ursprüngliche Nachricht- Von: Chuck Amadi [mailto:[EMAIL PROTECTED]] Gesendet: Freitag, 22. Februar 2002 14:38 An: tomcat Betreff: I get an exception java.io.FileNotFoundException: Tomcat 4 ssl When Tomcat -4.0.2 starts up I get an exception java.io.FileNotFoundException: System cannot find file etc etc I have added a keystoreFile attribute keystoreFile=C:\WINDOWS\Profile\chucka\.keystore It still claims it can't find it - Thus basically how do i add it to the keystoreFile attribute as i am missing something quite obvisouly. C:\WINDOWS\Profile\chucka\.keystore is the absolute path of my .keystore File !-- Define an SSL HTTP/1.1 Connector on port 8443 () -- Connector className=org.apache.catalina.connector.http.HttpConnector port= minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=10 debug=0 scheme=https secure=true Factory className=org.apache.catalina.net.SSLServerSocketFactory clientAuth=false keystoreFile=C:\WINDOWS\Profile\chucka\.keystore keystorePass=test123 protocol=TLS/ /Connector Any suggestions Cheers Chuck Amadi Systems Programmer -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Tomcat 3.2.2 sometimes slow. Does he DNS lookup ?
My Tomcat is sometimes very slow if clients connect from the internet. It gets faster if the remote client has an entry in the WINNT\system32\drivers\etc\hosts file. (??!) Does Tomcat make a DNS lookup ? This already happens if tomcat serves static files only. Any ideas ? Thanks in advance, Wolfgang Stein -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
TC4: stopping/starting an application works, reloading does not
Are there any known problems related to reloading of an application with the 'manager' app ? E.g. a servlet request did not load a servlet since i forgot to deploy the corresponding servlet class. After deploying it and reloading the application 'myapp' with http://localhost:8080/manager/reload?path=/myapp the servlet is still not found. After doing successively http://localhost:8080/manager/stop?path=/myapp http://localhost:8080/manager/start?path=/myapp the servlet of application 'myapp' is loaded successfully. The corresponding servlet entry/mapping in myapp/WEB-INF/web.xml was already present on the first attempt. Any similar experiences ? Wolfgang Stein
RE: Launching subprocess under Tomcat as a Service
I encountered some problems on file i/o due the fact that the WINs current working directory differs if tomcat is started as a NT service. HTH Wolfgang Stein -Original Message- From: Robert Casto [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 25, 2001 4:40 AM To: [EMAIL PROTECTED] Subject: Launching subprocess under Tomcat as a Service To all, I have a servlet that spawns a process to generate PDF reports. When I run Tomcat 3.2.3 using the startup.bat method, everything works fine. The subprocess runs, completes its task, and my Servlet returns and completes its processing. The problem comes when running Tomcat as a service using jk_nt_service.exe. My Servlet will run, all of my webpages will work, but when my Servlet spawns the subprocess to generate the PDF file, it hangs. I have tried changing the settings of the service to log in as various users with no luck. Any suggestions on how to ensure that the subprocess will execute while running Tomcat as a service. NOTE: This problem occurs whether I am using NT4 SP6 or Win2k. Robert Casto . CinciJava | Java Development and Training Robert Casto | [EMAIL PROTECTED] 513-349-JAVA | www.cincijava.com
Where are the public keys for tomcat signature files ?
How can i verify the signatures for the tomcat binaries ? Thanks in advance Wolfgang
How to disable automatic context loading in Tomcat 4 ?
How can I disable automatic context loading AKA 'Automatic Application Deployment' in Tomcat 4 ? Thanks in advance, Wolfgang Stein
RE: multiple instances of tomcat
We run two tomcats on WinNT. - Make Two tomcat directory trees e.g. Tomcat1, Tomcat2. - in each tomcat.bat set a specific TOMCAT_HOME directly e.g. set TOMCAT_HOME=D:\Tomcat1 set TOMCAT_HOME=D:\Tomcat2 instead of using a predefined System var TOMCAT_HOME. - modify each server.xml for the specific port. If you start tomcat as a NT service you have to modify in each wrapper.properties the var 'wrapper.tomcat_home' analogously Good luck, Wolfgang Stein -Original Message- From: Peter Hrastnik [mailto:[EMAIL PROTECTED]] Sent: Friday, May 04, 2001 4:05 PM To: [EMAIL PROTECTED] Subject: Re: multiple instances of tomcat It is possible: You must have two different server.xml files. In the server.xml file you can configure that port in the http connector element. You also need to have 2 startup-scripts that call tomcat with the appropriate server.xml file. You don't need Apache to do this. Bye, Peter. -- Mag. Peter Hrastnik tele.ring Telekom Service GmbH A-1030 Wien, Hainburgerstr. 33 Tel.: +43/1/931012/3277, Mobil: +43/650/6503277 teh j wrote: Hello all I was just wondering whether it would be possible to have two different tomcat processes (running on different ports) simultaneously? From looking at the 'Minimalistic Usres Guide' it seems this can be done with Apache, but can it be done with Tomcat as a standalond JSP server? thanks! Jason __ ___ http://store.yahoo.com.au - Yahoo! Store - It's time you had your business online!
Deploying a JSP among servlets
Tomcat 3.2.1 1) Is it possible to put (and access directly) a JSP among servlets located beneath WEB-INF/classes ? 2) Is it possible to package (and access directly) a JSP along with other classes located beneath WEB-INF/classes ? or 3) Is JSP access generally restricted to directories above WEB-INF ? All my servlets inherit from a superclass that provides pooled connections, sophisticated logging and collects some statistical data (time of first servlet instantiation, concurrent requests, duration of request handling etc.) The superclass is contained in a package along with a connection manager, a logger class etc. I want to build an admin web interface for that superclass (or the deriving servlets respectivly), providing output of formatted statistics and dynamic adjustment of some values (pool size, log level etc.). I would like to implement that web interface using JSP technology in a quick and dirty manner - which is sufficient for admin purposes :-) I struggled with web.xml for hours without success, but I am a JSP newbie. Thanks in advance, Wolfgang Stein
READ THIS First! Mailing-list archive and good tips
To unsubscribe from this list mailto:[EMAIL PROTECTED] To stop subscription for an alternate account (e.g. [EMAIL PROTECTED]) send an eMail to [EMAIL PROTECTED] Before posting any questions --- + We welcome open discussion of Tomcat issues at both advanced and beginner levels of expertise. However, please be respectful of other people's time. Before posting questions, do your own reading and research. As the saying goes, "There are no stupid questions"... except the ones you could have answered by yourself! Before posting a question, perform the following steps. + Be familiar with servlets in general. See: http://java.sun.com/products/servlet/ http://java.sun.com/products/jsp/ + Read any of the several published books about servlets or JSP. + Read the Servlet API 2.2 Specification. Download a copy of the spec in PostScript or Acrobat PDF formats: http://java.sun.com/products/servlet/download.html#specs The spec is currently not available online; you must download a copy. You may obtain free Acrobat PDF reader software from: http://www.adobe.com/products/acrobat/readstep.html Tomcat implements this spec, so think of it as one of Tomcat's manuals. + Read Tomcat's other documentation: http://jakarta.apache.org/tomcat/index.html + Study the Tomcat examples. First use the servlets found in the /examples context. Read their source code. Then try your own first servlets in the /examples context, and add an entry into /example/WEB-INF/web.xml + Search either of these two archives for past discussions. Contributed by Bob Tanner: http://archives.real-time.com/rte-tomcat/ Contributed by Philip J. Mikal: http://mikal.org/interests/java/tomcat/index.html Search for short phrases, such as your server error messages. Search the archive again with better or different phrases. Many beginner questions have already been asked, so please make several attempts at finding your question in the archive. + Read the FAQ: http://jakarta.apache.org/jyve-faq/Turbine/screen/DisplayTopics/ Click the Jakarta link. + Search the bug report facility http://znutar.cortexity.com: provided by Nick Bauman. + Read this mailing list regularly, not just when you have a problem. + Examine your error messages problems not directly related to Tomcat, such as CLASSPATH problems. Write, compile, and run a "Hello World" application to be sure your problem is related to servlets or Tomcat. + Ask an expert in your company, school class, or local Java users group. http://industry.java.sun.com/jug/ + Do not treat this list as a dumping ground for your problems. Think of the list as a volunteer community of people engaging in respectful discussion. == THE MORAL OF THE STORY Help yourself first. Be responsible for your own learning. Try to solve your own problem. If you are still suffering, then post to this list. == + Be aware: This mailing list may contain viruses. Don't trust anybody. If your are not absolutely sure, do not open any attachments. Do not read the postings with a JavaScript-enabled email client. Microsoft Windows users: Disable all stuff like ActiveScripting etc. in your mail reader. Be careful with attachments, especially of type .exe .vbs or some virus attachments like "livestages.txt.shs". The .shs extension disappears/is not visible under Windows but represents an executable script which will execute when opened separately. + Other resources: - An archive of the mailing list for the developers building Tomcat discussing bugs, future releases, etc. http://www.metronet.com/~wjm/tomcat/ - Sun's mailing list for general servlet information: Search its archive at: http://archives.java.sun.com/archives/servlet-interest.html Subscribe only, if you are willing to receive hundred messages per day! - Search DejaNews at http://www.deja.com/home_ps.shtml - Look at jGuru, JCentral etc. - Search the whole Web with a popular search engine. As a developer of server applications you should know all about it. :-) You can find entire websites dedicated to Java servlets. Find the online versions of Java magazines with past articles on servlets and JSP. -- end --
READ THIS First! Mailing-list archive and good tips
To unsubscribe from this list mailto:[EMAIL PROTECTED] To stop subscription for an alternate account (e.g. [EMAIL PROTECTED]) send an eMail to [EMAIL PROTECTED] Before posting any questions --- + We welcome open discussion of Tomcat issues at both advanced and beginner levels of expertise. However, please be respectful of other people's time. Before posting questions, do your own reading and research. As the saying goes, "There are no stupid questions"... except the ones you could have answered by yourself! Before posting a question, perform the following steps. + Be familiar with servlets in general. See: http://java.sun.com/products/servlet/ http://java.sun.com/products/jsp/ + Read any of the several published books about servlets or JSP. + Read the Servlet API 2.2 Specification. Download a copy of the spec in PostScript or Acrobat PDF formats: http://java.sun.com/products/servlet/download.html#specs The spec is currently not available online; you must download a copy. You may obtain free Acrobat PDF reader software from: http://www.adobe.com/products/acrobat/readstep.html Tomcat implements this spec, so think of it as one of Tomcat's manuals. + Read Tomcat's other documentation: http://jakarta.apache.org/tomcat/index.html + Study the Tomcat examples. First use the servlets found in the /examples context. Read their source code. Then try your own first servlets in the /examples context, and add an entry into /example/WEB-INF/web.xml + Search either of these two archives for past discussions. Contributed by Bob Tanner: http://archives.real-time.com/rte-tomcat/ Contributed by Philip J. Mikal: http://mikal.org/interests/java/tomcat/index.html Search for short phrases, such as your server error messages. Search the archive again with better or different phrases. Many beginner questions have already been asked, so please make several attempts at finding your question in the archive. + Read the FAQ: http://jakarta.apache.org/jyve-faq/Turbine/screen/DisplayTopics/ Click the Jakarta link. + Search the bug report facility http://znutar.cortexity.com: provided by Nick Bauman. + Read this mailing list regularly, not just when you have a problem. + Examine your error messages problems not directly related to Tomcat, such as CLASSPATH problems. Write, compile, and run a "Hello World" application to be sure your problem is related to servlets or Tomcat. + Ask an expert in your company, school class, or local Java users group. http://industry.java.sun.com/jug/ + Do not treat this list as a dumping ground for your problems. Think of the list as a volunteer community of people engaging in respectful discussion. == THE MORAL OF THE STORY Help yourself first. Be responsible for your own learning. Try to solve your own problem. If you are still suffering, then post to this list. == + Be aware: This mailing list may contain viruses. Don't trust anybody. If your are not absolutely sure, do not open any attachments. Do not read the postings with a JavaScript-enabled email client. Microsoft Windows users: Disable all stuff like ActiveScripting etc. in your mail reader. Be careful with attachments, especially of type .exe .vbs or some virus attachments like "livestages.txt.shs". The .shs extension disappears/is not visible under Windows but represents an executable script which will execute when opened separately. + Other resources: - An archive of the mailing list for the developers building Tomcat discussing bugs, future releases, etc. http://www.metronet.com/~wjm/tomcat/ - Sun's mailing list for general servlet information: Search its archive at: http://archives.java.sun.com/archives/servlet-interest.html Subscribe only, if you are willing to receive hundred messages per day! - Search DejaNews at http://www.deja.com/home_ps.shtml - Look at jGuru, JCentral etc. - Search the whole Web with a popular search engine. As a developer of server applications you should know all about it. :-) You can find entire websites dedicated to Java servlets. Find the online versions of Java magazines with past articles on servlets and JSP. -- end --
READ THIS First! Mailing-list archive and good tips
To unsubscribe from this list mailto:[EMAIL PROTECTED] To stop subscription for an alternate account (e.g. [EMAIL PROTECTED]) send an eMail to [EMAIL PROTECTED] Before posting any questions --- + We welcome open discussion of Tomcat issues at both advanced and beginner levels of expertise. However, please be respectful of other people's time. Before posting questions, do your own reading and research. As the saying goes, "There are no stupid questions"... except the ones you could have answered by yourself! Before posting a question, perform the following steps. + Be familiar with servlets in general. See: http://java.sun.com/products/servlet/ http://java.sun.com/products/jsp/ + Read any of the several published books about servlets or JSP. + Read the Servlet API 2.2 Specification. Download a copy of the spec in PostScript or Acrobat PDF formats: http://java.sun.com/products/servlet/download.html#specs The spec is currently not available online; you must download a copy. You may obtain free Acrobat PDF reader software from: http://www.adobe.com/products/acrobat/readstep.html Tomcat implements this spec, so think of it as one of Tomcat's manuals. + Read Tomcat's other documentation: http://jakarta.apache.org/tomcat/index.html + Study the Tomcat examples. First use the servlets found in the /examples context. Read their source code. Then try your own first servlets in the /examples context, and add an entry into /example/WEB-INF/web.xml + Search either of these two archives for past discussions. Contributed by Bob Tanner: http://archives.real-time.com/rte-tomcat/ Contributed by Philip J. Mikal: http://mikal.org/interests/java/tomcat/index.html Search for short phrases, such as your server error messages. Search the archive again with better or different phrases. Many beginner questions have already been asked, so please make several attempts at finding your question in the archive. + Read the FAQ (temporary(?) unavailable): http://jakarta.apache.org/jyve-faq/Turbine/screen/DisplayTopics/ Click the Jakarta link. + Search the bug report facility http://znutar.cortexity.com: provided by Nick Bauman. + Read this mailing list regularly, not just when you have a problem. + Examine your error messages problems not directly related to Tomcat, such as CLASSPATH problems. Write, compile, and run a "Hello World" application to be sure your problem is related to servlets or Tomcat. + Ask an expert in your company, school class, or local Java users group. http://industry.java.sun.com/jug/ + Do not treat this list as a dumping ground for your problems. Think of the list as a volunteer community of people engaging in respectful discussion. == THE MORAL OF THE STORY Help yourself first. Be responsible for your own learning. Try to solve your own problem. If you are still suffering, then post to this list. == + Be aware: This mailing list may contain viruses. Don't trust anybody. If your are not absolutely sure, do not open any attachments. Do not read the postings with a JavaScript-enabled email client. Microsoft Windows users: Disable all stuff like ActiveScripting etc. in your mail reader. Be careful with attachments, especially of type .exe .vbs or some virus attachments like "livestages.txt.shs". The .shs extension disappears/is not visible under Windows but represents an executable script which will execute when opened separately. + Other resources: - An archive of the mailing list for the developers building Tomcat discussing bugs, future releases, etc. http://www.metronet.com/~wjm/tomcat/ - Sun's mailing list for general servlet information: Search its archive at: http://archives.java.sun.com/archives/servlet-interest.html Subscribe only, if you are willing to receive hundred messages per day! - Search DejaNews at http://www.deja.com/home_ps.shtml - Look at jGuru, JCentral etc. - Search the whole Web with a popular search engine. As a developer of server applications you should know all about it. :-) You can find entire websites dedicated to Java servlets. Find the online versions of Java magazines with past articles on servlets and JSP. -- end --
READ THIS First! Mailing-list archive and good tips
To unsubscribe from this list mailto:[EMAIL PROTECTED] To stop subscription for an alternate account (e.g. [EMAIL PROTECTED]) send an eMail to [EMAIL PROTECTED] Before posting any questions --- + We welcome open discussion of Tomcat issues at both advanced and beginner levels of expertise. However, please be respectful of other people's time. Before posting questions, do your own reading and research. As the saying goes, "There are no stupid questions"... except the ones you could have answered by yourself! Before posting a question, perform the following steps. + Be familiar with servlets in general. See: http://java.sun.com/products/servlet/ http://java.sun.com/products/jsp/ + Read any of the several published books about servlets or JSP. + Read the Servlet API 2.2 Specification. Download a copy of the spec in PostScript or Acrobat PDF formats: http://java.sun.com/products/servlet/download.html#specs The spec is currently not available online; you must download a copy. You may obtain free Acrobat PDF reader software from: http://www.adobe.com/products/acrobat/readstep.html Tomcat implements this spec, so think of it as one of Tomcat's manuals. + Read Tomcat's other documentation: http://jakarta.apache.org/tomcat/index.html + Study the Tomcat examples. First use the servlets found in the /examples context. Read their source code. Then try your own first servlets in the /examples context, and add an entry into /example/WEB-INF/web.xml + Search either of these two archives for past discussions. Contributed by Bob Tanner: http://archives.real-time.com/rte-tomcat/ Contributed by Philip J. Mikal: http://mikal.org/interests/java/tomcat/index.html Search for short phrases, such as your server error messages. Search the archive again with better or different phrases. Many beginner questions have already been asked, so please make several attempts at finding your question in the archive. + Read the FAQ (temporary(?) unavailable): http://jakarta.apache.org/jyve-faq/Turbine/screen/DisplayTopics/ Click the Jakarta link. + Search the bug report facility http://znutar.cortexity.com: provided by Nick Bauman. + Read this mailing list regularly, not just when you have a problem. + Examine your error messages problems not directly related to Tomcat, such as CLASSPATH problems. Write, compile, and run a "Hello World" application to be sure your problem is related to servlets or Tomcat. + Ask an expert in your company, school class, or local Java users group. http://industry.java.sun.com/jug/ + Do not treat this list as a dumping ground for your problems. Think of the list as a volunteer community of people engaging in respectful discussion. == THE MORAL OF THE STORY Help yourself first. Be responsible for your own learning. Try to solve your own problem. If you are still suffering, then post to this list. == + Be aware: This mailing list may contain viruses. Don't trust anybody. If your are not absolutely sure, do not open any attachments. Do not read the postings with a JavaScript-enabled email client. Microsoft Windows users: Disable all stuff like ActiveScripting etc. in your mail reader. Be careful with attachments, especially of type .exe .vbs or some virus attachments like "livestages.txt.shs". The .shs extension disappears/is not visible under Windows but represents an executable script which will execute when opened separately. + Other resources: - An archive of the mailing list for the developers building Tomcat discussing bugs, future releases, etc. http://www.metronet.com/~wjm/tomcat/ - Sun's mailing list for general servlet information: Search its archive at: http://archives.java.sun.com/archives/servlet-interest.html Subscribe only, if you are willing to receive hundred messages per day! - Search DejaNews at http://www.deja.com/home_ps.shtml - Look at jGuru, JCentral etc. - Search the whole Web with a popular search engine. As a developer of server applications you should know all about it. :-) You can find entire websites dedicated to Java servlets. Find the online versions of Java magazines with past articles on servlets and JSP. -- end --
READ THIS First! Mailing-list archive and good tips
To unsubscribe from this list mailto:[EMAIL PROTECTED] To stop subscription for an alternate account (e.g. [EMAIL PROTECTED]) send an eMail to [EMAIL PROTECTED] Before posting any questions --- + We welcome open discussion of Tomcat issues at both advanced and beginner levels of expertise. However, please be respectful of other people's time. Before posting questions, do your own reading and research. As the saying goes, "There are no stupid questions"... except the ones you could have answered by yourself! Before posting a question, perform the following steps. + Be familiar with servlets in general. See: http://java.sun.com/products/servlet/ http://java.sun.com/products/jsp/ + Read any of the several published books about servlets or JSP. + Read the Servlet API 2.2 Specification. Download a copy of the spec in PostScript or Acrobat PDF formats: http://java.sun.com/products/servlet/download.html#specs The spec is currently not available online; you must download a copy. You may obtain free Acrobat PDF reader software from: http://www.adobe.com/products/acrobat/readstep.html Tomcat implements this spec, so think of it as one of Tomcat's manuals. + Read Tomcat's other documentation: http://jakarta.apache.org/tomcat/index.html + Study the Tomcat examples. First use the servlets found in the /examples context. Read their source code. Then try your own first servlets in the /examples context, and add an entry into /example/WEB-INF/web.xml + Search either of these two archives for past discussions. Contributed by Bob Tanner: http://archives.real-time.com/rte-tomcat/ Contributed by Philip J. Mikal: http://mikal.org/interests/java/tomcat/index.html Search for short phrases, such as your server error messages. Search the archive again with better or different phrases. Many beginner questions have already been asked, so please make several attempts at finding your question in the archive. + Read the FAQ: http://jakarta.apache.org/jyve-faq/Turbine/screen/DisplayTopics/ Click the Jakarta link. + Search the bug report facility http://znutar.cortexity.com: provided by Nick Bauman. + Read this mailing list regularly, not just when you have a problem. + Examine your error messages problems not directly related to Tomcat, such as CLASSPATH problems. Write, compile, and run a "Hello World" application to be sure your problem is related to servlets or Tomcat. + Ask an expert in your company, school class, or local Java users group. http://industry.java.sun.com/jug/ + Do not treat this list as a dumping ground for your problems. Think of the list as a volunteer community of people engaging in respectful discussion. == THE MORAL OF THE STORY Help yourself first. Be responsible for your own learning. Try to solve your own problem. If you are still suffering, then post to this list. == + Be aware: This mailing list may contain viruses. Don't trust anybody. If your are not absolutely sure, do not open any attachments. Do not read the postings with a JavaScript-enabled email client. Microsoft Windows users: Disable all stuff like ActiveScripting etc. in your mail reader. Be careful with attachments, especially of type .exe .vbs or some virus attachments like "livestages.txt.shs". The .shs extension disappears/is not visible under Windows but represents an executable script which will execute when opened separately. + Other resources: - An archive of the mailing list for the developers building Tomcat discussing bugs, future releases, etc. http://www.metronet.com/~wjm/tomcat/ - Sun's mailing list for general servlet information: Search its archive at: http://archives.java.sun.com/archives/servlet-interest.html Subscribe only, if you are willing to receive hundred messages per day! - Search DejaNews at http://www.deja.com/home_ps.shtml - Look at jGuru, JCentral etc. - Search the whole Web with a popular search engine. As a developer of server applications you should know all about it. :-) You can find entire websites dedicated to Java servlets. Find the online versions of Java magazines with past articles on servlets and JSP. -- end --