RE: Tomcat 6.0 x64
We have the 64-bit JVM. But probably not the 64-bit service runner. When starting the Tomcat service, the following error is written in the log file: [174 javajni.c] [error] %1 is not a valid Win32 application [994 prunsrv.c] [error] Failed creating java C:\Program Files\Java\jre1.5.0_20\bin\server\jvm.dll [1269 prunsrv.c] [error] ServiceStart returned 1 We want to run it as a Windows Service. How to install the 64-bit service runner and where can we download it? -Oorspronkelijk bericht- Van: peter.crowth...@googlemail.com [mailto:peter.crowth...@googlemail.com] Namens Peter Crowther Verzonden: maandag 26 oktober 2009 16:47 Aan: Tomcat Users List Onderwerp: Re: Tomcat 6.0 x64 2009/10/26 Wagenaar, R.J.T. (Ronald) ronald.wagen...@reaal.nl: Is Tomcat 6.0 supported on a x64 bit system, by example Windows Server 2003 Enterprise x64? As it is open source, it is not supported in the sense that you can file a bug report and expect a fix - but neither is the 32-bit version :-). Tomcat runs well on x64 (Windows and other OS), and the larger maximum heap size can be a big benefit for some applications. You just need to make sure you've installed the 64-bit JVM and, if you're running it as a Windows service, the 64-bit service runner. - Peter - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org *** Aan dit bericht kunnen geen rechten worden ontleend. Misbruik van deze informatie is niet toegestaan. *** No rights can be derived from this message. Abuse of the content in this e-mail is not allowed. *** - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Newbie-question: Adding directory to localhost-tomcat
Did you put anything in that directory? If not, then a 404 status is appropriate. If you did put something in little_test, what is it? You should have at least a welcome file (such as index.html) with some valid content. Hello Chuck, Hello Awarnier, thank you for your responses. I created an index.html and eveything is fine now :-) Best regards, Kai - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://www.nabble.com/Newbie-question%3A-Adding-directory-to-localhost-tomcat-tp26061944p26074023.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
tomcat6.exe tomcat6w.exe 64-bit binaries link - how to download
Hello, I wonder how to get tomcat 64-bit binaries from this link. Does not seem to work. http://svn.apache.org/viewvc/tomcat/tc6.0.x/tags/TOMCAT_6_0_16/res/procrun/ Regards, Artyom Terekhov
Re: tomcat6.exe tomcat6w.exe 64-bit binaries link - how to download
Am Tue, 27 Oct 2009 12:25:18 +0300 schrieb Terekhov Artyom (ADV) artyom.terek...@advgroup.ru: Hello, I wonder how to get tomcat 64-bit binaries from this link. Does not seem to work. http://svn.apache.org/viewvc/tomcat/tc6.0.x/tags/TOMCAT_6_0_16/res/procrun/ The link works well but svn is for developers information, not for binary download. Go to http://tomcat.apache.org/download-60.cgi if you need binaries. RU, Tobias. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: tomcat6.exe tomcat6w.exe 64-bit binaries link - how to download
Thanks, but I did not find any words there about special binaries for 64-bit Windows. Are those binaries equal for 32-bit and 64-bit JRE? Regards, Artyom Terekhov -Original Message- From: Tobias Crefeld [mailto:t...@cataneo.eu] Sent: Tuesday, October 27, 2009 12:54 PM To: users@tomcat.apache.org Subject: Re: tomcat6.exe tomcat6w.exe 64-bit binaries link - how to download Am Tue, 27 Oct 2009 12:25:18 +0300 schrieb Terekhov Artyom (ADV) artyom.terek...@advgroup.ru: Hello, I wonder how to get tomcat 64-bit binaries from this link. Does not seem to work. http://svn.apache.org/viewvc/tomcat/tc6.0.x/tags/TOMCAT_6_0_16/res/procrun/ The link works well but svn is for developers information, not for binary download. Go to http://tomcat.apache.org/download-60.cgi if you need binaries. RU, Tobias. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: So many timeout values
On 26.10.2009 23:40, Mohit Anchlia wrote: I read about timeouts but I still have following questions: 1. From 1.2.28 onwards, if I don't set the ping_mode then the request will still be sent to the BE node from workers.list even if that node is down? Forwarding http requests to a node or not is not directly related to pind_mode. Requests are forwarded to nodes, that are not in error state as long as session stickyness allows to use the node. If by request you mean a CPing, then: by default all pings are disabled. You can enable using either ping_mode or (for compatibility reasons) the old style connect_timeout and prepost_timeout. From the point of view of mod_jk a node is not down, but either in error state or not. If it is in error state no communication is sent, but after a minute it is put in probe mode, which means it will get a single rquest to find out, whether it is again ok or not. In the latter case it is put in error mode again. 2. Does socket_timeout mean how long the socket connection will be kept open? So it actually is like a session timeout? socket_timeout is a difficult beast and I generally do not recommend using it. mod_jk uses it in some special situations in order to be able to abort waiting for data. It is not directly how long a socket will e kept open. How long a socket is kept open depends on how the swocket gets used. Usually you can get away pretty good using CPing and ping_timeout, socket_connect_timeout, eventually reply_timeout with max_reply_timeouts. 3. In 1.2.28 is there a way to dynamically tell mod_jk to stop sending new requests to one of the nodes instead of stopping the worker itself? Stopping the worker in the sense of setting activation to stop is *the* right way of telling mod_jk to not sending any more requests to the worker. If you only want to disable starting new sessions you use activation set to disable. Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat6.exe tomcat6w.exe 64-bit binaries link - how to download
Terekhov Artyom (ADV) wrote: Thanks, but I did not find any words there about special binaries for 64-bit Windows. Are those binaries equal for 32-bit and 64-bit JRE? tomcat6w is for 32-bit and 64-bit tomcat6 you need 32-bit if using a 32-bit JVM and 64-bit if using a 64-bit JVM There have been various packaging improvements that will be available in 6.0.21 onwards. In the meantime, you can get the 64-bit files from a tomcat 5.5.28 download. The 64-bit versions in bin/procrun. You'll need to rename tomcat5.exe to tomcat6.exe. Mark Regards, Artyom Terekhov -Original Message- From: Tobias Crefeld [mailto:t...@cataneo.eu] Sent: Tuesday, October 27, 2009 12:54 PM To: users@tomcat.apache.org Subject: Re: tomcat6.exe tomcat6w.exe 64-bit binaries link - how to download Am Tue, 27 Oct 2009 12:25:18 +0300 schrieb Terekhov Artyom (ADV) artyom.terek...@advgroup.ru: Hello, I wonder how to get tomcat 64-bit binaries from this link. Does not seem to work. http://svn.apache.org/viewvc/tomcat/tc6.0.x/tags/TOMCAT_6_0_16/res/procrun/ The link works well but svn is for developers information, not for binary download. Go to http://tomcat.apache.org/download-60.cgi if you need binaries. RU, Tobias. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: tomcat6.exe tomcat6w.exe 64-bit binaries link - how to download
Oh, thanks a lot. Regards, Artyom Terekhov -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: Tuesday, October 27, 2009 1:16 PM To: Tomcat Users List Subject: Re: tomcat6.exe tomcat6w.exe 64-bit binaries link - how to download Terekhov Artyom (ADV) wrote: Thanks, but I did not find any words there about special binaries for 64-bit Windows. Are those binaries equal for 32-bit and 64-bit JRE? tomcat6w is for 32-bit and 64-bit tomcat6 you need 32-bit if using a 32-bit JVM and 64-bit if using a 64-bit JVM There have been various packaging improvements that will be available in 6.0.21 onwards. In the meantime, you can get the 64-bit files from a tomcat 5.5.28 download. The 64-bit versions in bin/procrun. You'll need to rename tomcat5.exe to tomcat6.exe. Mark Regards, Artyom Terekhov -Original Message- From: Tobias Crefeld [mailto:t...@cataneo.eu] Sent: Tuesday, October 27, 2009 12:54 PM To: users@tomcat.apache.org Subject: Re: tomcat6.exe tomcat6w.exe 64-bit binaries link - how to download Am Tue, 27 Oct 2009 12:25:18 +0300 schrieb Terekhov Artyom (ADV) artyom.terek...@advgroup.ru: Hello, I wonder how to get tomcat 64-bit binaries from this link. Does not seem to work. http://svn.apache.org/viewvc/tomcat/tc6.0.x/tags/TOMCAT_6_0_16/res/procrun/ The link works well but svn is for developers information, not for binary download. Go to http://tomcat.apache.org/download-60.cgi if you need binaries. RU, Tobias. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Multiple driver load in tomcat
I'm using tomcat5.5 I want to use multiple drivers in server.xml How can i use? Here is the resource entry i'm using Resource name=testdb type=javax.sql.DataSource password=sunnyd_stage driverClassName=com.microsoft.sqlserver.jdbc.SQLServerDriver:x.y.jdbc.xyzdriver maxIdle=2 maxWait=5000 username=uid url=x.y.z://1.2.3.4:5566 maxActive=4/ Can any body help? Thanks In advance -- View this message in context: http://www.nabble.com/Multiple-driver-load-in-tomcat-tp26075413p26075413.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Jre upgrade Issue with Tomcat 5.5 :java.util.zip.ZipException: error in opening zip file
Actually we got the Exception like below after the JRE 1.5 to JRE 1.6.0_16 migration. We have a list of jar files under WEB-INF/lib directory. And Exception had been thrown for all jar files but here I will paste a part of Exception stack trace. Can anyone help us to debug this issue. Actually in windows there is no issue. But in solaris we faced this issue. The Platform setup is, Jre 1.6.0_16 OS - Solaris 9 4/04 s9s_u6wos_08a SPARC Tomcat 5.5 WARNING: Could not get dir listing for /opt/CSCOpx/MDC/tomcat/webapps/ipm/WEB-INF Oct 23, 2009 6:10:45 PM org.apache.catalina.startup.TldConfig tldScanJar SEVERE: Exception processing JAR at resource path /opt/CSCOpx/MDC/tomcat/webapps/ipm/WEB-INF/lib/struts.jar in context /ipm java.util.zip.ZipException: error in opening zip file at java.util.zip.ZipFile.open(Native Method) at java.util.zip.ZipFile.init(ZipFile.java:114) at java.util.jar.JarFile.init(JarFile.java:133) at java.util.jar.JarFile.init(JarFile.java:97) at org.apache.catalina.startup.TldConfig.tldScanJar(T ldConfig.java:457) at org.apache.catalina.startup.TldConfig.execute(TldC onfig.java:307) at org.apache.catalina.core.StandardContext.processTl ds(StandardContext.java:4278) at org.apache.catalina.core.StandardContext.start(Sta ndardContext.java:4115) at org.apache.catalina.core.ContainerBase.start(Conta inerBase.java:1013) at org.apache.catalina.core.StandardHost.start(Standa rdHost.java:718) at org.apache.catalina.core.ContainerBase.start(Conta inerBase.java:1013) at org.apache.catalina.core.StandardEngine.start(Stan dardEngine.java:442) at org.apache.catalina.core.StandardService.start(Sta ndardService.java:450) at org.apache.catalina.core.StandardServer.start(Stan dardServer.java:709) at org.apache.catalina.startup.Catalina.start(Catalin a.java:551) at sun.reflect.NativeMethodAccessorImpl.invoke0(Nativ e Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Native MethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(De legatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.startup.Bootstrap.start(Bootst rap.java:294) at org.apache.catalina.startup.Bootstrap.main(Bootstr ap.java:432) -- View this message in context: http://www.nabble.com/Jre-upgrade-Issue-with-Tomcat-5.5-%3Ajava.util.zip.ZipException%3A-error-in-opening-zip-file-tp26075575p26075575.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tomcat 6 Context, docBase and path
Sorry if this is a common question, I didn't find anything like it by Google. In a Tomcat 6, I have a Context declaration in server.xml with a path and a docBase to a war file with a different name than the path: Context path=/jforum docBase=jforum-2.1.8 ... /Context When the webapp is deployed, two directories are created under webapps: webapps/jforum webapps/jforum-2.1.8 I suspect that there is a clever way to avoid this duplication, but cannot find how. -- mogul | nils weinander | hudiksvallsgatan 4 113 30 stockholm sweden | +46 8 4100 6456 | +46 709 78 28 37 | nils.weinan...@mogul.com | skype: nils.weinander | www.mogul.com - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Apache Close-Wait issue
Hi All Got an interesting problem which has occurred several times now.. Painting a brief picture ; Several applications running on Tomcat 6.0.19 (64-bit) - several cluster groups Backend SQL Server 2005 clustered DBs (several) Front end Apache Web servers, load balanced via secure network appliance Basically, we have an issue with one of the DB clusters which stops servicing requests from the app servers The app servers can continue to connect to remaining DB clusters OK. The problem is that all the web servers stop responding to external requests. Looking at the ports in use on each server, there are a number of established sessions between Apache and Tomcat, which seems OK. All of the web servers also have exactly 30 close-wait sessions with the secure network appliance. We think this is what is stopping any requests from being services by the web servers. However, even trying to browse locally on each server to the root just times out. We do not enforce keepalive or timeouts for TCP/HTTP, and we use practically all the defaults for these directives. All web servers are configures identically. I can't find any reference to a directive that may limit connections to 30. Restarting the web servers allows users to get to applications using the good databases. Does anybody have any advice on this? Cheers, Darren. Connaught plc is a FTSE 250 company. We are the UK's leading provider of integrated services operating in the compliance, social housing and public sector markets. Please visit our website to see a full list of Connaught's Registered Companies www.connaught.plc.uk/group/aboutconnaught/registeredcompanies Disclaimer: The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete this message. Connaught plc, Head Office 01392 444546
RE: Jre upgrade Issue with Tomcat 5.5 :java.util.zip.ZipException:error in opening zip file
From: selvakumar.V [mailto:selvakumar.velmuruge...@gmail.com] Subject: Jre upgrade Issue with Tomcat 5.5 :java.util.zip.ZipException:error in opening zip file And Exception had been thrown for all jar files but here I will paste a part of Exception stack trace. A common cause is a permissions problem - the Tomcat userid can't read the directories of interest. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat 6 Context, docBase and path
From: Nils Weinander [mailto:nils.weinan...@mogul.com] Subject: Tomcat 6 Context, docBase and path Sorry if this is a common question, I didn't find anything like it by Google. Reading the actual Tomcat doc and FAQ is probably more productive. In a Tomcat 6, I have a Context declaration in server.xml That's a bad idea right off; there shouldn't be any Context elements in server.xml. with a path and a docBase to a war file with a different name than the path: If you insist on having the webapp name be different than its URI path, you must keep the webapp outside of the Host appBase directory, and place the Context element in conf/Catalina/[host]/[appName].xml. The Context element must include the docBase attribute pointing to the absolute location of the webapp, and the path attribute must *not* be used. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Multiple driver load in tomcat
From: unabble [mailto:sushi...@yahoo.com] Subject: Multiple driver load in tomcat I want to use multiple drivers in server.xml How can i use? Just declare whatever you need; you can have as many Resource elements as you want as long as the name attributes are unique. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How do I debug dispatching errors?
On 26/10/2009 19:48, Josh wrote: This is Tomcat 5.5.26 under Windows XP, Java version as follows: java version 1.6.0_16 Java(TM) SE Runtime Environment (build 1.6.0_16-b01) Java HotSpot(TM) Client VM (build 14.2-b01, mixed mode, sharing) Pid wrote: Which dispatcher? Which dispatcher... can you help me out here? According to the file noted below, when I give it the URL: http://localhost:8080/CreateRelationship ...it will invoke the CreateRelationshipServlet which is com.mycorp.referral.servlets.CreateRelationshipServlet Whatever mechanism it is inside Tomcat that does this dispatching is not working as I expect it should... and it's not giving me any indication as to why. (Or, I am not able to understand any indication it may be giving me.) What is your app called, is it called ROOT? Where is your context.xml defined? Please post a sanitised (comments passwords removed if applicable) version of your server.xml. p ?xml version=1.0 encoding=ISO-8859-1? !DOCTYPE web-app PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.3//EN http://java.sun.com/dtd/web-app_2_3.dtd; web-app servlet servlet-nameLoginServlet/servlet-name servlet-classcom.mycorp.referral.servlets.LoginServlet/servlet-class !-- init-param param-namepropertyFileNameLocation/param-name param-valueC:/EclipseLib/FarmersQueue.properties/param-value /init-param -- /servlet servlet servlet-nameCreateRelationshipServlet/servlet-name servlet-classcom.mycorp.referral.servlets.CreateRelationshipServlet/servlet-class /servlet servlet servlet-nameProcessActionServlet/servlet-name servlet-classcom.mycorp.referral.servlets.ProcessActionServlet/servlet-class /servlet servlet servlet-nameUpdateRelationshipServlet/servlet-name servlet-classcom.mycorp.referral.servlets.UpdateRelationshipServlet/servlet-class /servlet servlet-mapping servlet-nameLoginServlet/servlet-name url-pattern/Login/url-pattern /servlet-mapping servlet-mapping servlet-nameCreateRelationshipServlet/servlet-name url-pattern/CreateRelationship/url-pattern /servlet-mapping servlet-mapping servlet-nameProcessActionServlet/servlet-name url-pattern/ProcessAction/url-pattern /servlet-mapping servlet-mapping servlet-nameUpdateRelationshipServlet/servlet-name url-pattern/UpdateRelationship/url-pattern /servlet-mapping welcome-file-list welcome-fileLogin.jsp/welcome-file /welcome-file-list /web-app - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [SPAM] - RE: Tomcat 6 Context, docBase and path - Found word(s) if you received this in error in the Text body
Caldarale, Charles R wrote: From: Nils Weinander [mailto:nils.weinan...@mogul.com] Subject: Tomcat 6 Context, docBase and path Sorry if this is a common question, I didn't find anything like it by Google. Reading the actual Tomcat doc and FAQ is probably more productive. Tried that too... In a Tomcat 6, I have a Context declaration in server.xml That's a bad idea right off; there shouldn't be any Context elements in server.xml. I know, but as I read the docs, that's primarily if you need to modify contexts without restarting Tomcat and this isn't needed here. Any other reasons? with a path and a docBase to a war file with a different name than the path: If you insist on having the webapp name be different than its URI path, you must keep the webapp outside of the Host appBase directory, and place the Context element in conf/Catalina/[host]/[appName].xml. The Context element must include the docBase attribute pointing to the absolute location of the webapp, and the path attribute must *not* be used. Thanks! -- mogul | nils weinander | hudiksvallsgatan 4 113 30 stockholm sweden | +46 8 4100 6456 | +46 709 78 28 37 | nils.weinan...@mogul.com | skype: nils.weinander | www.mogul.com - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Jre upgrade Issue with Tomcat 5.5 :java.util.zip.ZipException:error in opening zip file
Hi, Thanks for the update. And one more quick question to you. Actually our application consists of 4 web app like webapp1,webapp2. For all the above web apps, we are using 2 jres.(jre1.5) Now what we have done is just replaced the older jre with the newer jre 1.6 version folder. And we didnt change any permission and all. And we are facing that issue in 2 application only.Rest of the applications are working fine. And do you mean that the permission relate to JRE related stuff or Application related stuff ?. thanks, Selvakumar.V Thanks -- View this message in context: http://www.nabble.com/Jre-upgrade-Issue-with-Tomcat-5.5-%3Ajava.util.zip.ZipException%3A-error-in-opening-zip-file-tp26075575p26077079.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat 6 Context, docBase and path
From: Nils Weinander [mailto:nils.weinan...@mogul.com] Subject: Re: [SPAM] - RE: Tomcat 6 Context, docBase and path - Found word(s)if you received this in error in the Text body I know, but as I read the docs, that's primarily if you need to modify contexts without restarting Tomcat and this isn't needed here. Any other reasons? Avoiding double deployments for one, as you have discovered... - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: sessions on tomcat restart in cluster
First of all please note that i really appreciate the tomcat developers work and thank them for it. However see my notes below: On Mon, Oct 26, 2009 at 9:21 PM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tsirkin, On 10/25/2009 8:10 AM, Tsirkin Evgeny wrote: Instead, it's a simple case of choosing a single node to act as the controller for the cluster. Just add a configuration parameter to the Cluster element to identify one server as the controller and have /that/ one manage the sessions when the cluster is shut down. Hang on, there's no shutdown cluster message that all nodes understand. So, let's add that. But wait, what happens if the cluster controller goes down? We need a backup for the cluster controller. Let's add a backup for the cluster controller, and then a backup for the backup, and then a backup for the backup for the backup... Actually your solution is pretty fine. Just that there is no need in controller backup - in case that the controller goes down another node should take other (that;s for example how master/slave architecturere works if the master fails - a slave takes other). Another solution would be to implement the same algorithm db clusters use i.e. have a log for changes and synchronize on that - no controller needed. Actually the master/master cluster a very common for example in db world and the algorithms for it are well known. Again ,i really appreciate the tomcat dev. work ,so if they do not have time to implement such an alg. then i understand. Now do you see why this hasn't been implemented? No i don't .A complexity of solution does not mean let's not do it. In that case we should say: Hei, writing kernel is hard ,let's not do Linux or Hei,GC is hard let leave memory management in Java to programmers However,something like this is fine: We are short in resources and this feature is _not_ that needed ,let's do something else. And yes it _ is _ agreed that this feature is _ mostly _ not very needed so if there is nobody to implement it - let the developers do something else. Evgeny - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrl6L8ACgkQ9CaO5/Lv0PDdoACfR6+VP3xSV+17TdKs2759Z0fU gjAAnA5IDckHoO8AClD7Q1X+ArGl+Qte =0cmc -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Updating Apache and mod_jk
Hello, have an older system apache 1.3, tomcat 4.1, mod_jk 1.2.2 updated to apache 2.2.10, mod_jk 1.2.28. tomcat should stay installed unchanged. restart fails with: [Tue Oct 27 08:50:19.526 2009] [14905:16384] [error] jk_map_validate_property::jk_map.c (404): The attribute 'worker.ajp14.credentials' is not supported - please check the documentation for the supported attributes. If i deactivate line worker.ajp14.credentials=myveryrandomentropy in my workers.properties apache is starting, but tomcat application seems to stuck, i got 404 errors when calling the application. How can i correct this? I also tried to compile older mod_jk 1.2.2 in my apache2 environment, but this fails because file apu_compat.h is not found at making. i do not know which packages containing this file. How to solve this issue? Thanks, Andre - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Jre upgrade Issue with Tomcat 5.5:java.util.zip.ZipException:error in opening zip file
From: selvakumar.V [mailto:selvakumar.velmuruge...@gmail.com] Subject: RE: Jre upgrade Issue with Tomcat 5.5:java.util.zip.ZipException:error in opening zip file And we are facing that issue in 2 application only.Rest of the applications are working fine. In that case, you may have corrupted jar files; try rebuilding them and see if the problem is corrected. A jar file can be processed either sequentially by reading through all the entries one by one, or randomly by accessing each entry through the central directory that's stored at the end of the jar file. This is just speculation, but if 1.5 processed jars sequentially and 1.6 uses the central directory, corruption in the directory would not have been detected in the older JRE. I haven't compared the zip/jar code between the two, so as I said, this is just a guess about what might be happening. And do you mean that the permission relate to JRE related stuff or Application related stuff ?. Application; but see the above. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Force Connection Close
Hi, I have have a question regarding the connectionTimeout. If I start a telnet session on our http-connector telnet localhost 8080 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connections never get reset. Is there a problem with the timeout value? Enclosed is my Connector configuration Connector port=8080 emptySessionPath=true enableLookups=false scheme=http secure=false acceptCount=500 debug=0 maxThreads=1000 keepAliveTimeout=700 maxKeepAliveRequests=50 threadPriority=10 compression=off connectionTimeout=6000 disableUploadTimeout=true/ Is there a way to send a RST-Package to the client after some time I know there is a option in Apache. Regards, Alex - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Error Listener start tomcat
When I deploy a war file of my jsf application to tomcat webapps directory I get an error listenerstart in my tomcat logs and when I point my browser to the location of the web page I get a runtime exception facesContext not found. Anyone seen this and can help me Sonia -- View this message in context: http://www.nabble.com/Error-Listener-start-tomcat-tp26080229p26080229.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Force Connection Close
So, you have your connection timeout set to 6000 seconds. Did you wait that long? 1 Hour 40 minutes? George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: Alexander Pirsig [mailto:a...@pirsig.net] Sent: Tuesday, October 27, 2009 9:57 AM To: users@tomcat.apache.org Subject: Force Connection Close Hi, I have have a question regarding the connectionTimeout. If I start a telnet session on our http-connector telnet localhost 8080 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connections never get reset. Is there a problem with the timeout value? Enclosed is my Connector configuration Connector port=8080 emptySessionPath=true enableLookups=false scheme=http secure=false acceptCount=500 debug=0 maxThreads=1000 keepAliveTimeout=700 maxKeepAliveRequests=50 threadPriority=10 compression=off connectionTimeout=6000 disableUploadTimeout=true/ Is there a way to send a RST-Package to the client after some time I know there is a option in Apache. Regards, Alex - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Force Connection Close
Hi George, thanks for the reply, I thought 6sec == 6000ms. Is the Documentation wrong because I found the following in http://tomcat.apache.org/tomcat-6.0-doc/config/http.html| |connectionTimeout - The number of milliseconds this *Connector* will wait, after accepting a connection, for the request URI line to be presented. The default value is 6 (i.e. 60 seconds). So 6000ms == 6sec am I right? Regards, Alex George Sexton wrote: So, you have your connection timeout set to 6000 seconds. Did you wait that long? 1 Hour 40 minutes? George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: Alexander Pirsig [mailto:a...@pirsig.net] Sent: Tuesday, October 27, 2009 9:57 AM To: users@tomcat.apache.org Subject: Force Connection Close Hi, I have have a question regarding the connectionTimeout. If I start a telnet session on our http-connector telnet localhost 8080 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connections never get reset. Is there a problem with the timeout value? Enclosed is my Connector configuration Connector port=8080 emptySessionPath=true enableLookups=false scheme=http secure=false acceptCount=500 debug=0 maxThreads=1000 keepAliveTimeout=700 maxKeepAliveRequests=50 threadPriority=10 compression=off connectionTimeout=6000 disableUploadTimeout=true/ Is there a way to send a RST-Package to the client after some time I know there is a option in Apache. Regards, Alex - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Jre upgrade Issue with Tomcat 5.5 :java.util.zip.ZipException: error in opening zip file
Am Tue, 27 Oct 2009 03:47:23 -0700 (PDT) schrieb selvakumar.V selvakumar.velmuruge...@gmail.com: WARNING: Could not get dir listing for /opt/CSCOpx/MDC/tomcat/webapps/ipm/WEB-INF What do you get if you type at the shell prompt: ls -la /opt/CSCOpx/MDC/tomcat/webapps/ipm/WEB-INF and ls -la /opt/CSCOpx/MDC/tomcat/ ? Regards, Tobias. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Force Connection Close
My mistake. You're right. The doc says millis. I remember pointing out a bug in 5.5 that disabled the timeout for connections. Perhaps the same issue exists in 6.0. I tried searching in BugZilla but I couldn't find it. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: Alexander Pirsig [mailto:a...@pirsig.net] Sent: Tuesday, October 27, 2009 10:10 AM To: Tomcat Users List Subject: Re: Force Connection Close Hi George, thanks for the reply, I thought 6sec == 6000ms. Is the Documentation wrong because I found the following in http://tomcat.apache.org/tomcat-6.0-doc/config/http.html| |connectionTimeout - The number of milliseconds this *Connector* will wait, after accepting a connection, for the request URI line to be presented. The default value is 6 (i.e. 60 seconds). So 6000ms == 6sec am I right? Regards, Alex George Sexton wrote: So, you have your connection timeout set to 6000 seconds. Did you wait that long? 1 Hour 40 minutes? George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: Alexander Pirsig [mailto:a...@pirsig.net] Sent: Tuesday, October 27, 2009 9:57 AM To: users@tomcat.apache.org Subject: Force Connection Close Hi, I have have a question regarding the connectionTimeout. If I start a telnet session on our http-connector telnet localhost 8080 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connections never get reset. Is there a problem with the timeout value? Enclosed is my Connector configuration Connector port=8080 emptySessionPath=true enableLookups=false scheme=http secure=false acceptCount=500 debug=0 maxThreads=1000 keepAliveTimeout=700 maxKeepAliveRequests=50 threadPriority=10 compression=off connectionTimeout=6000 disableUploadTimeout=true/ Is there a way to send a RST-Package to the client after some time I know there is a option in Apache. Regards, Alex - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Updating Apache and mod_jk
On 27.10.2009 14:50, Andre Hübner wrote: Hello, have an older system apache 1.3, tomcat 4.1, mod_jk 1.2.2 updated to apache 2.2.10, mod_jk 1.2.28. tomcat should stay installed unchanged. restart fails with: [Tue Oct 27 08:50:19.526 2009] [14905:16384] [error] jk_map_validate_property::jk_map.c (404): The attribute 'worker.ajp14.credentials' is not supported - please check the documentation for the supported attributes. If i deactivate line worker.ajp14.credentials=myveryrandomentropy in my workers.properties apache is starting, but tomcat application seems to stuck, i got 404 errors when calling the application. How can i correct this? I also tried to compile older mod_jk 1.2.2 in my apache2 environment, but this fails because file apu_compat.h is not found at making. i do not know which packages containing this file. How to solve this issue? I'm afraid version 1.2.2 of mod_jk is so antique that ou will have to set up a new configuration. At that time configuration options were not kept stable. We did a good job in working with old configurations since about 3 years, but 1.2.2 is much older. Take a look at the configuration, especially at the documentation for timeouts. Quick fix: old mod_jk allowed JkMount in the global server and automatically used them in all VHosts. More recent mod_jk needs either JkMount in the VHosts you are actually using, or at least a JkMountCopy On in those VHosts or JkMountCopy All in the global server. Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Error Listener start tomcat
From: vkpandit [mailto:v.kri...@gmail.com] Subject: Error Listener start tomcat When I deploy a war file of my jsf application to tomcat webapps directory I get an error listenerstart in my tomcat logs and when I point my browser to the location of the web page I get a runtime exception facesContext not found. http://www.catb.org/~esr/faqs/smart-questions.html Tomcat version? Stack trace from the listener start error? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Force Connection Close
Okay, I found the solution but I'm not quite sure why this is happening: I'm using tomcat 6.0.20 with APR as a connector when I switch back to non apr connector everything works as aspected. scripts# time telnet 192.168.0.65 8080 Trying 192.168.0.65... Connected to 192.168.0.65. Escape character is '^]'. Connection closed by foreign host. real 0m6.016s user 0m0.000s sys 0m0.000s This I kinda strange :/ but the solution was to force tomcat to fallback to http11Protocol-non apr connector by using the protocol attribute. Now my server.xml looks like this: Connector port=8080 emptySessionPath=true protocol=org.apache.coyote.http11.Http11Protocol enableLookups=false scheme=http secure=false acceptCount=500 debug=0 maxThreads=700 maxKeepAliveRequests=50 threadPriority=10 compression=off connectionTimeout=6000 disableUploadTimeout=true/ Regards, Alex George Sexton wrote: My mistake. You're right. The doc says millis. I remember pointing out a bug in 5.5 that disabled the timeout for connections. Perhaps the same issue exists in 6.0. I tried searching in BugZilla but I couldn't find it. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: Alexander Pirsig [mailto:a...@pirsig.net] Sent: Tuesday, October 27, 2009 10:10 AM To: Tomcat Users List Subject: Re: Force Connection Close Hi George, thanks for the reply, I thought 6sec == 6000ms. Is the Documentation wrong because I found the following in http://tomcat.apache.org/tomcat-6.0-doc/config/http.html| |connectionTimeout - The number of milliseconds this *Connector* will wait, after accepting a connection, for the request URI line to be presented. The default value is 6 (i.e. 60 seconds). So 6000ms == 6sec am I right? Regards, Alex George Sexton wrote: So, you have your connection timeout set to 6000 seconds. Did you wait that long? 1 Hour 40 minutes? George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: Alexander Pirsig [mailto:a...@pirsig.net] Sent: Tuesday, October 27, 2009 9:57 AM To: users@tomcat.apache.org Subject: Force Connection Close Hi, I have have a question regarding the connectionTimeout. If I start a telnet session on our http-connector telnet localhost 8080 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connections never get reset. Is there a problem with the timeout value? Enclosed is my Connector configuration Connector port=8080 emptySessionPath=true enableLookups=false scheme=http secure=false acceptCount=500 debug=0 maxThreads=1000 keepAliveTimeout=700 maxKeepAliveRequests=50 threadPriority=10 compression=off connectionTimeout=6000 disableUploadTimeout=true/ Is there a way to send a RST-Package to the client after some time I know there is a option in Apache. Regards, Alex - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Error Listener start tomcat
Hi Chuck, I fixed it. I just recreated the demo app, and this time kept the lib directory empty. Hope somebody else gets something out of this. There are a lot of postings on error listenerstart but not a good solution. THanks, Sonia Caldarale, Charles R wrote: From: vkpandit [mailto:v.kri...@gmail.com] Subject: Error Listener start tomcat When I deploy a war file of my jsf application to tomcat webapps directory I get an error listenerstart in my tomcat logs and when I point my browser to the location of the web page I get a runtime exception facesContext not found. http://www.catb.org/~esr/faqs/smart-questions.html Tomcat version? Stack trace from the listener start error? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://www.nabble.com/Error-Listener-start-tomcat-tp26080229p26082287.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: What is the difference between running Tomcat 6 as a Windows Service vs. running from the command line?
Markus Schönhaber-10 wrote: Alan Kennedy: I need to find out what is the difference between running Tomcat 6 as a Windows Service and running it from the command line. The reason is that I'm getting a bizarre bug when a jython based servlet is run under Tomcat6-as-Service. But the bug does NOT appear when Tomcat 6 is run from the command line using bin\startup.bat. The most prominent difference I can think of is the user account Tomcat runs as. Although I have no idea why this should cause the endless recursion you are seeing, I'd (temporarily) change the user account of the Tomcat service to your personal account and see if the problem still exists. Was there a solution found for this behavior? It is happening to me as well when I try to install Liferay portal as a service (Server 2008, 64-bit JVM, Tomcat 6.0.20 zip file installed with 64-bit tomcat6 and tomcat6w.exe files substituted). I also get a stack overflow error when running as a service, but normal behavior when using startup.bat . After getting startup.bat to run, I installed the service using service install. If I run tomcat6 from the command line still as Administrator, it also fails. I was able to extract a command line that successfully runs: C:\Program Files\Java\jdk1.5.0_16\bin\java -Xmx1024m -XX:MaxPermSize=256m -Dfile.encoding=UTF8 -Duser.timezone=GMT -Djava.security.auth.login.config=C:/Tomcat/conf/jaas.config -Dorg.apache.catalina.loader.WebappClassLoader.ENABLE_CLEAR_REFERENCES=false -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.config.file=C:\Tomcat\conf\logging.properties -Djava.endorsed.dirs=C:\Tomcat\endorsed -classpath C:\Tomcat\bin\bootstrap.jar -Dcatalina.base=C:\Tomcat -Dcatalina.home=C:\Tomcat -Djava.io.tmpdir=C:\Tomcat\temp org.apache.catalina.startup.Bootstrap start Is there something I can do to troubleshoot? Thanks for any assistance, -- Earl Tom -- View this message in context: http://www.nabble.com/What-is-the-difference-between-running-Tomcat-6-as-a-Windows-Service--vs.-running-from-the-command-line--tp25960450p26083067.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
SessionID cookie not secure over SSL
Is there a setting in Tomcat 6.0.2 to make the SessionID cookie secure when created over https when using AJP 1.3 connector for IIS? JW
RE: SessionID cookie not secure over SSL
From: Joe Wallace [mailto:j...@andar360.com] Subject: SessionID cookie not secure over SSL Is there a setting in Tomcat 6.0.2 Are you really using a version of Tomcat that old (Nov 2006)? to make the SessionID cookie secure when created over https when using AJP 1.3 connector for IIS? What makes you think the cookie isn't being encrypted along with everything else sent over HTTPS? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: DBCP woes (running out of cursors).
Elli Albek wrote: 2. If your JDBC driver supports caching of prepared statements and metadata, do it in the driver and disable this in DBCP. IMO DBCP does a poor job at best in caching. We use mysql and its JDBC driver is doing an excellent job. It didn't occur to me that that was available. 3. Your JDBC driver may already be caching metadata that DBCP is caching. In this case you are caching the same data twice. Make sure it dose not happen, it is a big memory overload on the JVM. Interesting. I need to do more research. B. Avoid hot deployment of apps by shutting down tomcat before updates. This is safer, but also not 100% clean. We're actually doing that already, but for other reasons. We currently have different servers for different parts of the world and schedule down time for off-peak periods for the regions they serve. Thanks for the info. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SessionID cookie not secure over SSL
I have a filter that calls Cookie.getName and Cookie.getSecure JSESSIONID returns false even when the connection is always https. Tomcat version is 6.0.20. JW -Original Message- From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Sent: Tuesday, October 27, 2009 3:04 PM To: Tomcat Users List Subject: RE: SessionID cookie not secure over SSL From: Joe Wallace [mailto:j...@andar360.com] Subject: SessionID cookie not secure over SSL Is there a setting in Tomcat 6.0.2 Are you really using a version of Tomcat that old (Nov 2006)? to make the SessionID cookie secure when created over https when using AJP 1.3 connector for IIS? What makes you think the cookie isn't being encrypted along with everything else sent over HTTPS? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: DBCP woes (running out of cursors).
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Elli, On 10/26/2009 9:01 PM, Elli Albek wrote: 2. If your JDBC driver supports caching of prepared statements and metadata, do it in the driver and disable this in DBCP. IMO DBCP does a poor job at best in caching. We use mysql and its JDBC driver is doing an excellent job. I don't believe that DBCP caches any metadata, and there are no settings to tweak that AFAICT. 3. Your JDBC driver may already be caching metadata that DBCP is caching. In this case you are caching the same data twice. Make sure it dose not happen, it is a big memory overload on the JVM. Do you mean PreparedStatements? 4. Tomcat has a problem doing a clean shutdown of DBCP, and other JNDI resources. I traced in the debugger dangling connection pools that are created during the shutdown process. If your pool is configure to ping the connections once in a while, they can stay open for a long time, possibly forever. Our solution is custom extension that cleans up pools, which works in conjunction with our extended implementation of DBCP. This was recently discussed on this list: http://tomcat.markmail.org/search/?q=%22right+way+to+close+database+connection+pool%22+list%3Aorg.apache.tomcat.users#query:%22right%20way%20to%20close%20database%20connection%20pool%22%20list%3Aorg.apache.tomcat.users%20order%3Adate-forward+page:1+mid:xq2q5wk6skv3exoz+state:results If that link doesn't work, search MarkMail for Right way to close database connection pool which is the subject of the thread. I contributed the code for a ServletContextListener that you can use to shut down your DataSource just before the servlet context is discarded. This ought to resolve any issues you may be having, and you're of course welcome to look at my code and/or make comments. Note that this resource issue has nothing to do with commons-DBCP: it is entirely Tomcat's fault that the DataSource is allowed to live forever. I am not aware of any way to completely avoid dangling connection pool after hot deployment under load. We tried to fix this but it got too complicated, it is much easier to restart Tomcat and swallow the bitter pill. I believe tools like LambdaProbe will also allow you to shut down DataSource objects as well. If you can afford to stop your webapp, close the DataSource, then re-reploy, then this may be an option for you. Of course, if you have time to do this, you probably have time to stop Tomcat, update your WAR file, and start Tomcat again. You can still do hot deployment of war files that do not access the database, though it is possible that the same leaks will leave lots of hanging objects of other types (like email clients, JMS clients, thread pools, HttpClient, etc). These things ought to clean themselves up by using ServletContextListeners as well. Certainly, it's surprising (to me, at least) that Tomcat creates and configures a resource yet never cleans it up, but anything your webapp does also needs to be un-done by your webapp. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrnSOgACgkQ9CaO5/Lv0PC7ywCcCdxixuwTCCm1FdxlFxmu5X9u GkMAnjCcuSwqBCwSyDKd2RgwIvP+9iM4 =8NRT -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: DBCP woes (running out of cursors).
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Elli, On 10/26/2009 10:59 PM, Elli Albek wrote: To disable caching in DBCP, use configuration option: poolPreparedStatements=false Note that this is the default. Presumably, if you don't know if your prepared statements are being cached, then they are not being cached. [Side note: MySQL users should be aware that enabling server-side prepared statements on your connections will almost certainly result in disaster. See MysQL's bug database and Connector/J changelog for more information.] I don’t remember where exactly you specify it In your Resource definition in context.xml/appName.xml/server.xml This is actually something that I would like to see built into Tomcat/DBCP (property file configuration). Your system admin will thank you. It is built into Tomcat. Just read the docs for JDBC DataSources: http://tomcat.apache.org/tomcat-6.0-doc/jndi-datasource-examples-howto.html Though not specifically mentioned, any attribute set on the Resource element in your XML will be set on the DataSource that gets created. That includes things like logAbandoned, poolPreparedStatements, defaultTransactionIsolation, etc. It may not be possible to use the mysql caching algorithms, since they may use features that are not publicly available through JDBC and are part of their protocol. I don’t know the source well enough to comment on how it works internally. Also, the Connector/J code itself is released under the GPL which may or may not be compatible with the APL. Specific example of leaks: 1.Close tomcat 2.Connection pool is removed. 3.Request comes in to the war file (the one that is in the closing process) 4.Request gets processed. 5.Servlet needs a connection from DBCP. 6.Tomcat does not find the DBCP pool in JNDI, so it recreates it. 7.The newly created connection pool will not be used after this request, and will not be closed. If the pool pings the connection, it will stay open. My understanding was that: 1. Tomcat does not remove the connection pool 2. Once the shutdown process has started, no new requests will be handled by the currently-shutting-down context Could these two items give the result you are observing? It's easy enough to have your webapp close the DataSource (even though it's kinda stupid that Tomcat doesn't do it for you). After all this work, we just shut down tomcat when we update war files. I would always advocate this approach IMHO: just in case you've damaged your server at some point, starting fresh with a new deployment is a good idea. 2.Call shutdown callbacks of different APIs, give developer an option to deal with it. For example JMX shutdown process does not happen correctly. Please log a bug for any legitimate complaints that you may have. Remember that Tomcat shouldn't shut down anything that the webapp itself started. We got to the conclusion that shutting down objects in tomcat was little chaotic and no one could say in confidence that using a certain listener API will work better than another without spending a few days of tracing the code and doing lots of tests. The servlet specification makes it clear which listeners should be notified of various events in a very specific order. If Tomcat is not following these criteria, there's a bug somewhere and you should report it. If you are using Tomcat-specific listeners, they should be properly documented and working per the docs. If they are not, please file a bug and help get things fixed. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrnTD8ACgkQ9CaO5/Lv0PBR3ACeNHW25/eOTWp7F905j7nwBVBF nJ4AoJDxZKGAAD0MwBvZipyPV7lCOATi =Cle2 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SessionID cookie not secure over SSL
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe, (Can you fix your emailer to include thread-ids when replying to the list? Your replies are not properly threaded, here.) On 10/27/2009 4:12 PM, Joe Wallace wrote: I have a filter that calls Cookie.getName and Cookie.getSecure JSESSIONID returns false even when the connection is always https. Tomcat version is 6.0.20. If your cookie was created in HTTP mode, then the 'secure' flag will be set to 'false' on that cookie. Are you sure you are always in HTTP mode? Please double-check, and remember that /all JSPs will create a session unless session=false in the @page directive/. To answer your original question: there is no setting in Tomcat to get secure=true on your cookies in SSL mode. Tomcat should /always/ use a secure cookie when the cookie is created in SSL mode. You may have to re-check your Connector attributes for the AJP connector. Make sure that secure=true among others. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrnTQ8ACgkQ9CaO5/Lv0PA/GQCgnPYgzFkWNPP0Ol57BxVg4uX5 YQsAnjGCZMrB4svfzI/S/TL9mhNtjfiv =GZXQ -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Force Connection Close
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alexander, On 10/27/2009 1:29 PM, Alexander Pirsig wrote: I'm using tomcat 6.0.20 with APR as a connector when I switch back to non apr connector everything works as expected. Sounds like a bug in the connector to me. Could you log a bug in bugzilla for this? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrnTasACgkQ9CaO5/Lv0PD0BQCfeN+jX+vYDfZS5ICo4o7IuuHL TVMAmgMoijDETZvyZriPDEtGIZK1hc8m =y1BK -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: sessions on tomcat restart in cluster
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tsirkin, On 10/27/2009 9:48 AM, Tsirkin Evgeny wrote: Actually your solution is pretty fine. Just that there is no need in controller backup - in case that the controller goes down another node should take other (that;s for example how master/slave architecture works if the master fails - a slave takes other). Another solution would be to implement the same algorithm db clusters use. Patches are always welcome. A complexity of solution does not mean let's not do it. True, but it's not a feature required by the servlet specification, and it's not a feature that enough people have requested to motivate the Tomcat devs to actually implement it. However,something like this is fine: We are short in resources and this feature is _not_ that needed ,let's do something else. That's pretty much the argument. Like I said, patches are always welcome. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrnT6kACgkQ9CaO5/Lv0PDtXACgiSExipRoYv8nyoU6DW0lHTZd EygAoIiQvhm/3uYcbOyb1AWEHxNXSvi7 =Wq1d -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How do I debug dispatching errors?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Josh, On 10/20/2009 12:50 PM, Josh wrote: I have a debug statement set on the first line in the constructor of com.mycorp.referral.servlets.CreateRelationshipServlet. However, when I call the servlet with this URL: http://localhost:8081/MyApp/CreateRelationshp ... the createRelationship is not called - rather, ProcessAction is called again. How are you determining that CreateRelationship is called? If you have a log statement in the constructor for your servlet, then it ought to only be called once: when the servlet is instantiated a single time by the container. That instance will be used to service all requests that map to that servlet. Perhaps you should put a log statement in the service() method (or doGet, doPost, etc.) and see what you get, there. I have set the debug levels in server.xml and web.xml to 'DEBUG'... AFAIK, there are no Tomcat-related debug levels to be set in either server.xml or web.xml unless you are using an unsupported version of Tomcat. servlet servlet-nameCreateRelationshipServlet/servlet-name servlet-classcom.mycorp.referral.servlets.CreateRelationshipServlet/servlet-class /servlet servlet servlet-nameProcessActionServlet/servlet-name servlet-classcom.mycorp.referral.servlets.ProcessActionServlet/servlet-class /servlet [snip] servlet-mapping servlet-nameCreateRelationshipServlet/servlet-name url-pattern/CreateRelationship/url-pattern /servlet-mapping servlet-mapping servlet-nameProcessActionServlet/servlet-name url-pattern/ProcessAction/url-pattern /servlet-mapping The above looks just fine. Are you forwarding the user from CreateRelationshipServlet to ProcessActionServlet instead of redirecting them, and getting confused about the appearance of the URL? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrnUOQACgkQ9CaO5/Lv0PCMrwCdGPQKg+A4jUGis4on82sKL5q8 NJYAn3iilpKwt7ldbs1D19WXCAvo7PQs =K8Jr -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SessionID cookie not secure over SSL
I am using session cookies to track sessions. I am used to Jrun where you would specifically set the cookie to be sent only over SSL or https. This was not the default setting. I want users to connect to my web site using https then they might click a link on one of my web pages whose protocal is not secure. What is the behavior of the JSESSIONID cookie in this situation. JW -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Tuesday, October 27, 2009 3:42 PM To: Tomcat Users List Subject: Re: SessionID cookie not secure over SSL -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe, (Can you fix your emailer to include thread-ids when replying to the list? Your replies are not properly threaded, here.) On 10/27/2009 4:12 PM, Joe Wallace wrote: I have a filter that calls Cookie.getName and Cookie.getSecure JSESSIONID returns false even when the connection is always https. Tomcat version is 6.0.20. If your cookie was created in HTTP mode, then the 'secure' flag will be set to 'false' on that cookie. Are you sure you are always in HTTP mode? Please double-check, and remember that /all JSPs will create a session unless session=false in the @page directive/. To answer your original question: there is no setting in Tomcat to get secure=true on your cookies in SSL mode. Tomcat should /always/ use a secure cookie when the cookie is created in SSL mode. You may have to re-check your Connector attributes for the AJP connector. Make sure that secure=true among others. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrnTQ8ACgkQ9CaO5/Lv0PA/GQCgnPYgzFkWNPP0Ol57BxVg4uX5 YQsAnjGCZMrB4svfzI/S/TL9mhNtjfiv =GZXQ -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: So many timeout values
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mohit, On 10/26/2009 6:40 PM, Mohit Anchlia wrote: Christopher in one of his earlier replies mentioned that we don't have failover set. I am not sure why he said that because we have worker.list and also we have loadbalancer set in our worker.properties. Here is the original workers.properties you listed: worker.host2533.type=ajp13 worker.host2533.port=8009 worker.host2533.host=host2533 worker.host2533.socket_timeout=5 worker.host2533.socket_keepalive=true worker.host2533.prepost_timeout=5 worker.host2533.connect_timeout=5000 worker.host2533.retries=3 worker.host2533.recycle_timeout=900 I see that type=ajp13, not type=lb. I also don't see a worker.list in there at all. Perhaps you didn't post as much configuration as you think you did? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrnUaAACgkQ9CaO5/Lv0PDywQCfd3b03RtlQUjTc3HDAJAbyOlD a00An0h5vjYzErYfoSc3V5V6/aVSraTg =IF6M -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SessionID cookie not secure over SSL
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe, On 10/27/2009 5:00 PM, Joe Wallace wrote: I am using session cookies to track sessions. I am used to Jrun where you would specifically set the cookie to be sent only over SSL or https. This was not the default setting. I want users to connect to my web site using https then they might click a link on one of my web pages whose protocal is not secure. What is the behavior of the JSESSIONID cookie in this situation. Tomcat will create its JSESSIONID cookie like this in all cases: Cookie cookie = new Cookie(JSESSIONID, sessionId); if(request.isSecure()) cookie.setSecure(true); (Note that the code might not look exactly like this, but it behaves in this way). So, if your session was created during a non-secure request, you'll get a non-secure cookie. The solution? Make all your requests HTTPS. If you have non-secure pages, you'll need to make sure they don't call request.getSession(true) either explicitly or implicitly (say, by forgetting to set session=false for a JSP). - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrnUvIACgkQ9CaO5/Lv0PCVjACfdqIQS8CFhelJtjgOWaoHtBhc 6gAAoIrWzROh0PTIOUYe4Aobnm3YWVtp =mlkD -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Expecting jsp:param - Porting resin jsp pages to tomcat, dreamweaver editable sections / comments
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bill, On 10/26/2009 9:44 PM, Bill Barker wrote: Christopher Schultz ch...@christopherschultz.net wrote in message On the other hand, shouldn't the JSP compiler pass-through everything except for directives? HTML is a common enough use case for JSP that SGML comments ought to be tolerated in these cases. Except for the fact that section 5.4 of the (2.1) JSP spec precludes having anything except jsp:param / in the body of a jsp:include element. Allowing template text in there is then a Container-specific feature and so renders the webapp non-portable. I read 5.4 and while the text doesn't say anything about this, the formal syntax of jsp:include does: Syntax [...] jsp:include page=”urlSpec” flush=true|false { jsp:param / }* /jsp:include There, no other content appears to be allowed. However, other sections of the JSP specification are less ambiguous. For instance, section 5.15 (jsp:text) specifically says: No subelements may appear within jsp:text; for example the following fragment is invalid and must generate a translation error. The closest 5.4 comes is this: A jsp:include action may have jsp:param subelements that can provide values for some parameters in the request to be used for the inclusion. Back to section 5.15, this is an interesting tidbit: When within a JSP document, of course, the body content needs to additionally conform to the constraints of being a well-formed XML document, so the following example, although valid in a JSP page is invalid in a JSP document: The above is not qualified by anything mentioning the difference between .jsp and .jspx files or anything like that. I would expect that any SGML-style comments within a jsp:text element would, in fact, be ignored by the JSP processor when producing output since it presupposes XML semantics. Instead, the JSP compiler (in my 5.5.26 environment) produces an error for this document: jsp:text !-- This is a SGML-style comment -- /jsp:text The error is: Exception: org.apache.jasper.JasperException: /test.jsp(3,0) 'amp;lt;', when appears in the body of amp;lt;jsp:textamp;gt;, must be encapsulated within a CDATA Stack Trace: org.apache.jasper.JasperException: /test.jsp(3,0) apos;amp;lt;apos;, when appears in the body of amp;lt;jsp:textamp;gt;, must be encapsulated within a CDATA org.apache.jasper.compiler.DefaultErrorHandler.jspError(DefaultErrorHandler.java:40) This error seems consistent with the no subelements clause in S.5.15, but I see no such restriction placed on jsp:include. It would be a bug if the error happened for a page in XML syntax however. I think the JSP specification has a little multiple-personality disorder when it comes to XML-looking-syntax versus actual XML syntax. It's unfortunate, since it can really confuse people. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrnWJ8ACgkQ9CaO5/Lv0PBhkgCdHL88GleiLT4mo4wf2K3q9DTD zB8An1Lk12w/HqvPZYPxbWERfJSJauln =4VVb -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SessionID cookie not secure over SSL
Hi Chris, You wrote: Tomcat will create its JSESSIONID cookie like this in all cases: Cookie cookie = new Cookie(JSESSIONID, sessionId); if(request.isSecure()) cookie.setSecure(true); My filter calls HttpServletRequest.isSecure() which returns true It then calls Cookie.getSecure() for the JSESSIONID cookie which returns false. I am expecting this to return true since all connections have been over https. Or should I be looking elswhere? JW -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Tuesday, October 27, 2009 4:07 PM To: Tomcat Users List Subject: Re: SessionID cookie not secure over SSL -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe, On 10/27/2009 5:00 PM, Joe Wallace wrote: I am using session cookies to track sessions. I am used to Jrun where you would specifically set the cookie to be sent only over SSL or https. This was not the default setting. I want users to connect to my web site using https then they might click a link on one of my web pages whose protocal is not secure. What is the behavior of the JSESSIONID cookie in this situation. Tomcat will create its JSESSIONID cookie like this in all cases: Cookie cookie = new Cookie(JSESSIONID, sessionId); if(request.isSecure()) cookie.setSecure(true); (Note that the code might not look exactly like this, but it behaves in this way). So, if your session was created during a non-secure request, you'll get a non-secure cookie. The solution? Make all your requests HTTPS. If you have non-secure pages, you'll need to make sure they don't call request.getSession(true) either explicitly or implicitly (say, by forgetting to set session=false for a JSP). - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrnUvIACgkQ9CaO5/Lv0PCVjACfdqIQS8CFhelJtjgOWaoHtBhc 6gAAoIrWzROh0PTIOUYe4Aobnm3YWVtp =mlkD -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat monitoring
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mohamedin, On 10/24/2009 4:47 AM, Mohamedin wrote: Please recommend a monitoring tool for tomcat. I am interested in knowing the response time of each request and finding requests that take a lot of time. In short I need to figure out the bottle nicks in my site. It sounds like the AccessLogValve might suit your needs: http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html You probably want %D some place in your log pattern. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrnWxAACgkQ9CaO5/Lv0PAX5QCdHXpAK7KuRBZcKIZNnxMsmNgN FJEAnRSwXjclYANWP6bQSj7pQq1Ew79h =45Y9 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SessionID cookie not secure over SSL
Joe Wallace wrote: I am using session cookies to track sessions. I am used to Jrun where you would specifically set the cookie to be sent only over SSL or https. This was not the default setting. I want users to connect to my web site using https then they might click a link on one of my web pages whose protocal is not secure. What is the behavior of the JSESSIONID cookie in this situation. Joe, 1) assuming your setup is browsers -- IIS -- Tomcat A B which portion(s) is(/are) using HTTPS ? A ? B ? both ? 2) secure is an attribute of a cookie, written inside of the cookie by the server creating the cookie in the first place. If set, it has as consequence that a browser will only send it back to the original server with subsequent requests, if these subsequent requests happen over a HTTPS connection. In other words, if you set the secure attribute on the JSESSIONID cookie, because for instance your initial request happens over HTTPS, then you switch to a non-HTTPS part of the site, the browser is probably no longer going to send this cookie back to the server. In other words, you will, for practical purposes, lose your session. Not so, gurus ? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Expecting jsp:param - Porting resin jsp pages to tomcat, dreamweaver editable sections / comments
Christopher Schultz wrote: snip/ I think the JSP specification has a little multiple-personality disorder when it comes to XML-looking-syntax versus actual XML syntax. It's unfortunate, since it can really confuse people. My $0.03 be strict in what you produce, be forgiving in what you receive IMO allowing for the XML comments _seems_ like a good idea. None the less we're modifying that code to be more correct -- even if the specs are a little ambiguous it seems more correct to treat the entire jsp:include.../ as a single entity in this case and not slice it up with comments for whatever reasons. _M - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SessionID cookie not secure over SSL
-Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Tuesday, October 27, 2009 4:48 PM To: Tomcat Users List Subject: Re: SessionID cookie not secure over SSL Joe Wallace wrote: I am using session cookies to track sessions. I am used to Jrun where you would specifically set the cookie to be sent only over SSL or https. This was not the default setting. I want users to connect to my web site using https then they might click a link on one of my web pages whose protocal is not secure. What is the behavior of the JSESSIONID cookie in this situation. Joe, 1) assuming your setup is browsers -- IIS -- Tomcat A B which portion(s) is(/are) using HTTPS ? A ? B ? both ? 2) secure is an attribute of a cookie, written inside of the cookie by the server creating the cookie in the first place. If set, it has as consequence that a browser will only send it back to the original server with subsequent requests, if these subsequent requests happen over a HTTPS connection. In other words, if you set the secure attribute on the JSESSIONID cookie, because for instance your initial request happens over HTTPS, then you switch to a non-HTTPS part of the site, the browser is probably no longer going to send this cookie back to the server. In other words, you will, for practical purposes, lose your session. Not so, gurus ? Portion A is using IIS. IIS holds the SSL cert. I am using AJP 1.3 connector for IIS It is defined in the Tomcat Server.xml !-- Define an AJP 1.3 Connector on port -- Connector port=8109 protocol=AJP/1.3 redirectPort=443 / Joe - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SessionID cookie not secure over SSL
Joe Wallace wrote: -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Tuesday, October 27, 2009 4:48 PM To: Tomcat Users List Subject: Re: SessionID cookie not secure over SSL Joe Wallace wrote: I am using session cookies to track sessions. I am used to Jrun where you would specifically set the cookie to be sent only over SSL or https. This was not the default setting. I want users to connect to my web site using https then they might click a link on one of my web pages whose protocal is not secure. What is the behavior of the JSESSIONID cookie in this situation. Joe, 1) assuming your setup is browsers -- IIS -- Tomcat A B which portion(s) is(/are) using HTTPS ? A ? B ? both ? 2) secure is an attribute of a cookie, written inside of the cookie by the server creating the cookie in the first place. If set, it has as consequence that a browser will only send it back to the original server with subsequent requests, if these subsequent requests happen over a HTTPS connection. In other words, if you set the secure attribute on the JSESSIONID cookie, because for instance your initial request happens over HTTPS, then you switch to a non-HTTPS part of the site, the browser is probably no longer going to send this cookie back to the server. In other words, you will, for practical purposes, lose your session. Not so, gurus ? Portion A is using IIS. IIS holds the SSL cert. I am using AJP 1.3 connector for IIS It is defined in the Tomcat Server.xml !-- Define an AJP 1.3 Connector on port -- Connector port=8109 protocol=AJP/1.3 redirectPort=443 / Am I mistaken then to think that since the connection B from IIS to Tomcat is not over HTTPS but over AJP, Tomcat has no idea that HTTPS is being used ? Whatever consequences this has in the context (and which are beyond my expertise). - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Expecting jsp:param - Porting resin jsp pages to tomcat, dreamweaver editable sections / comments
2009/10/27 Pete McNeil madscient...@microneil.com: IMO allowing for the XML comments _seems_ like a good idea. 2009/10/26 Christopher Schultz ch...@christopherschultz.net: On the other hand, shouldn't the JSP compiler pass-through everything except for directives? HTML is a common enough use case for JSP that SGML comments ought to be tolerated in these cases. Just an obvious reminder: although those are SGML comments, they are not ignored by browsers. E.g. in SCRIPT, STYLE tags, or IE specific !--[if .. conditional clauses (never used and don't remember their syntax). Also I think that they might be visible through DOM (don't know whether it is actually true). Thus, those comments are just like the other text on the page. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SessionID cookie not secure over SSL
André Warnier wrote: Am I mistaken then to think that since the connection B from IIS to Tomcat is not over HTTPS but over AJP, Tomcat has no idea that HTTPS is being used ? Whatever consequences this has in the context (and which are beyond my expertise). Andre, I guess that is the question. The filter I have in Tomcat calls request.isSecure(). This returns true. (All requests have been using https) If when tomcat does this. if(request.isSecure()) cookie.setSecure(true); A call to cookie.getSecure should return true. But the same filter that returns true for request.isSecure() calls Cookie.getSecure() and it returns false. Joe -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Tuesday, October 27, 2009 5:11 PM To: Tomcat Users List Subject: Re: SessionID cookie not secure over SSL Joe Wallace wrote: -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Tuesday, October 27, 2009 4:48 PM To: Tomcat Users List Subject: Re: SessionID cookie not secure over SSL Joe Wallace wrote: I am using session cookies to track sessions. I am used to Jrun where you would specifically set the cookie to be sent only over SSL or https. This was not the default setting. I want users to connect to my web site using https then they might click a link on one of my web pages whose protocal is not secure. What is the behavior of the JSESSIONID cookie in this situation. Joe, 1) assuming your setup is browsers -- IIS -- Tomcat A B which portion(s) is(/are) using HTTPS ? A ? B ? both ? 2) secure is an attribute of a cookie, written inside of the cookie by the server creating the cookie in the first place. If set, it has as consequence that a browser will only send it back to the original server with subsequent requests, if these subsequent requests happen over a HTTPS connection. In other words, if you set the secure attribute on the JSESSIONID cookie, because for instance your initial request happens over HTTPS, then you switch to a non-HTTPS part of the site, the browser is probably no longer going to send this cookie back to the server. In other words, you will, for practical purposes, lose your session. Not so, gurus ? Portion A is using IIS. IIS holds the SSL cert. I am using AJP 1.3 connector for IIS It is defined in the Tomcat Server.xml !-- Define an AJP 1.3 Connector on port -- Connector port=8109 protocol=AJP/1.3 redirectPort=443 / Am I mistaken then to think that since the connection B from IIS to Tomcat is not over HTTPS but over AJP, Tomcat has no idea that HTTPS is being used ? Whatever consequences this has in the context (and which are beyond my expertise). - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SessionID cookie not secure over SSL
On 27.10.2009 22:10, André Warnier wrote: Joe Wallace wrote: -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Tuesday, October 27, 2009 4:48 PM To: Tomcat Users List Subject: Re: SessionID cookie not secure over SSL Joe Wallace wrote: I am using session cookies to track sessions. I am used to Jrun where you would specifically set the cookie to be sent only over SSL or https. This was not the default setting. I want users to connect to my web site using https then they might click a link on one of my web pages whose protocal is not secure. What is the behavior of the JSESSIONID cookie in this situation. Joe, 1) assuming your setup is browsers -- IIS -- Tomcat A B which portion(s) is(/are) using HTTPS ? A ? B ? both ? 2) secure is an attribute of a cookie, written inside of the cookie by the server creating the cookie in the first place. If set, it has as consequence that a browser will only send it back to the original server with subsequent requests, if these subsequent requests happen over a HTTPS connection. In other words, if you set the secure attribute on the JSESSIONID cookie, because for instance your initial request happens over HTTPS, then you switch to a non-HTTPS part of the site, the browser is probably no longer going to send this cookie back to the server. In other words, you will, for practical purposes, lose your session. Not so, gurus ? Portion A is using IIS. IIS holds the SSL cert. I am using AJP 1.3 connector for IIS It is defined in the Tomcat Server.xml !-- Define an AJP 1.3 Connector on port -- Connector port=8109 protocol=AJP/1.3 redirectPort=443 / Am I mistaken then to think that since the connection B from IIS to Tomcat is not over HTTPS but over AJP, Tomcat has no idea that HTTPS is being used ? It should know that. The AJP13 protocol transports the comunication situation observed by the web server to Tomcat which then provides it to the webapp by extracting it from the protocol in the AJP connector. See also http://tomcat.apache.org/connectors-doc/generic_howto/proxy.html Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat monitoring
I have found Lamda Probe to be quite useful and easy to use for monitoring the Tomcat container. http://www.lambdaprobe.org/ Simply deploy the probe war file to the container you want to monitor! You can detect requests that have large processing times by monitoring the connector status tab. This sometime comes in handy and is easier to use/read than a raw log file. http://www.lambdaprobe.org/d/screenshots/full/status.png Having said that, as Chris mentioned in his reply, you can also enable the required logging and have the information logged to relevant log files. Cheers Anurag http://www.lambdaprobe.org/d/screenshots/full/status.png -- Anurag Kapur Associate - Technology, Sapient Corporation. http://www.linkedin.com/in/anuragkapur http://www.google.com/profiles/anuragkapur -- Sent from Poplar, Greater London, United Kingdom On Tue, Oct 27, 2009 at 8:41 PM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mohamedin, On 10/24/2009 4:47 AM, Mohamedin wrote: Please recommend a monitoring tool for tomcat. I am interested in knowing the response time of each request and finding requests that take a lot of time. In short I need to figure out the bottle nicks in my site. It sounds like the AccessLogValve might suit your needs: http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html You probably want %D some place in your log pattern. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrnWxAACgkQ9CaO5/Lv0PAX5QCdHXpAK7KuRBZcKIZNnxMsmNgN FJEAnRSwXjclYANWP6bQSj7pQq1Ew79h =45Y9 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: DBCP woes (running out of cursors).
Thanks for your replies. I agree that Tomcat should be responsible for all objects that are configured in Tomcat, and the web app should be responsible for objects that are created by the webapp. Currently it does not happen properly in tomcat. This is not related to DBCP code, it is all Tomcat code. In terms of listeners, I saw that Tomcat executes requests while in the closing process. This may mean that after the context listener closed the pool, a new request will cause it to initialize again. We had a similar problem of things being created after shutdown started, and there are many permutations of listeners and sequences to test. Lots of debugging to do here. This again is irrespective of the listener which I am sure is closing the connection pool, it is a tomcat lifecycle issue. It is built into Tomcat. Just read the docs for JDBC DataSources: http://tomcat.apache.org/tomcat-6.0-doc/jndi-datasource-examples-howto.html I am talking about something else. Basically the XML is short: GlobalNamingResources Resource auth=Container type=javax.sql.DataSource propertiesFile=database_pool_configuration_file.properties / /GlobalNamingResources No configuration in XML other than JNDI related bindings. My understanding was that: 1. Tomcat does not remove the connection pool 2. Once the shutdown process has started, no new requests will be handled by the currently-shutting-down context Could these two items give the result you are observing? It's easy enough to have your webapp close the DataSource (even though it's kinda stupid that Tomcat doesn't do it for you). That depends on which shutdown it is. Understanding 2 is not correct from my debugging. You can have a sequence of: 1. Connection pool closed 2. Request sent to servlet This happens during tomcat shutdown and will trigger a new connection. I suspect that similar sequence exists during redeploy. I cant recall exactly what happened in this case, but I remember that it was in more than one scenario. We decided to shut down tomcat every time and forget about it, even though we do have a listener that closes pools, along the same lines as the listener that you wrote I imagine. If you want to add a listener that closes the pool, I would try adding tomcat lifecycle listener to the context. You can handle event Lifecycle.AFTER_STOP_EVENT. Try both listeners (web app and tomcat) and see which one runs last, and put the code there. You have higher probability of catching an open connection if you do it later. If the listener is configured via tomcat and not the web app, you also get a configuration that each party is responsible for cleaning up its own bugs, as opposed to web app cleaning up tomcat bugs. Then the vision of J2EE designers of separation of roles materializes :) Elli - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Jre upgrade Issue with Tomcat 5.5 :java.util.zip.ZipException: error in opening zip file
Hi, The commands list out the file directories as following, ls -la /opt/CSCOpx/MDC/tomcat/webapps/ipm/WEB-INF total 790 drwxrwxr-x 8 casuser casusers1024 Jun 2 03:53 . drwxr-x--- 14 casuser casusers1024 Jul 9 06:40 .. -rw-r- 1 casuser casusers 24629 Feb 10 2009 IPMACSHelp.html -rw-r- 1 casuser casusers 45622 Mar 27 2009 IPMNG.xml -rw-r- 1 casuser casusers7708 Mar 31 2009 IPMRoleDefinition.xm -rw-r- 1 casuser casusers5264 Apr 1 2009 IPMRoleMap.xml -rw-r- 1 casuser casusers 16116 Feb 3 2009 IPMTaskDefinition.xm -rw-r- 1 casuser casusers3556 Feb 3 2009 IPMTasks.xml drwxrwxr-x 4 casuser casusers1024 Jun 2 04:14 classes drwxr-x--- 2 casuser casusers 512 Jun 2 03:53 css drwxrwxrwx 2 casuser casusers1024 Oct 27 07:35 lib -rw-r- 1 casuser casusers 833 Jan 6 2009 liferay-display.xml -rw-r- 1 casuser casusers1879 Feb 11 2009 liferay-portlet.xml -rw-r- 1 casuser casusers 14471 Dec 30 2008 portlet.xml drwxrwxr-x 3 casuser casusers 512 Jun 2 03:50 rfw drwxrwxr-x 13 casuser casusers 512 Jun 2 03:52 screens -rw-rw-r-- 1 casuser casusers 10657 May 26 05:47 struts-bean.tld -rw-r- 1 casuser casusers 58799 Apr 7 2009 struts-config.xml -rw-rw-r-- 1 casuser casusers 53594 May 26 05:47 struts-form.tld -rw-rw-r-- 1 casuser casusers 60308 May 26 05:47 struts-html.tld -rw-rw-r-- 1 casuser casusers 17052 May 26 05:47 struts-logic.tld -rw-rw-r-- 1 casuser casusers1961 May 26 05:47 struts-template.tld -rw-rw-r-- 1 casuser casusers 51057 May 26 05:47 struts.tld -rw-r- 1 casuser casusers 849 Nov 15 2006 tasks.dtd drwxr-x--- 2 casuser casusers 512 Jun 2 03:50 tlds -rw-rw-r-- 1 casuser casusers1840 May 26 05:47 uii-blank.xml -rw-r- 1 casuser casusers 12058 Dec 31 2008 web.xml ls -la /opt/CSCOpx/MDC/tomcat/ total 54 drwxrwxr-x 14 casuser casusers 512 Jun 2 02:44 . drwxrwxr-x 12 casuser casusers 512 Oct 23 07:58 .. -rw-r- 1 casuser casusers 11357 Jul 26 2006 LICENSE drwxrwxr-x 2 casuser casusers 512 Jun 2 01:52 META-INF drwxrwxr-x 2 casuser casusers 512 Jun 8 02:42 bin drwxrwxr-x 4 casuser casusers 512 Jun 2 01:45 common drwxrwxr-x 3 casuser casusers 512 Oct 27 07:29 conf drwxrwxr-x 2 casuser casusers 512 Oct 27 07:29 logs drwxrwxr-x 3 casuser casusers 512 Jun 2 01:45 mdc lrwxrwxrwx 1 root other 28 Jun 2 02:44 rmejava - /opt/CSCOpx/lib/jre/bin/java drwxrwxr-x 3 casuser casusers 512 Jun 2 01:45 server drwxrwxr-x 4 casuser casusers 512 Jun 2 01:52 shared drwxrwxr-x 17 casuser casusers1024 Jul 9 06:40 temp drwxrwxr-x 3 casuser casusers 512 Jun 2 01:43 vms drwxrwxr-x 15 casuser casusers 512 Jun 8 02:40 webapps drwxrwxr-x 3 casuser casusers 512 Jun 2 01:45 work Tobias Crefeld-2 wrote: Am Tue, 27 Oct 2009 03:47:23 -0700 (PDT) schrieb selvakumar.V selvakumar.velmuruge...@gmail.com: WARNING: Could not get dir listing for /opt/CSCOpx/MDC/tomcat/webapps/ipm/WEB-INF What do you get if you type at the shell prompt: ls -la /opt/CSCOpx/MDC/tomcat/webapps/ipm/WEB-INF and ls -la /opt/CSCOpx/MDC/tomcat/ ? Regards, Tobias. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://www.nabble.com/Jre-upgrade-Issue-with-Tomcat-5.5-%3Ajava.util.zip.ZipException%3A-error-in-opening-zip-file-tp26075575p26089195.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Jre upgrade Issue with Tomcat 5.5 :java.util.zip.ZipException: error in opening zip file
2009/10/28 selvakumar.V selvakumar.velmuruge...@gmail.com: drwxrwxrwx 2 casuser casusers 1024 Oct 27 07:35 lib Do you have a reason why WEB-INF/lib folder is world-writable (rwxrwxrwx)? Why classes folder and some other files are world-readable? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org