Context path configuration in tomcat5.5.28
Hi, Can anyone give the step by step procedure to do context path in tomcat 5.5.28? I couldn't follow the one given in apache website. Regards, Sangeetha
Re: Context path configuration in tomcat5.5.28
tembugs tembugs wrote: Hi, Can anyone give the step by step procedure to do context path in tomcat 5.5.28? I couldn't follow the one given in apache website. Maybe, if you explain what you mean by do context path. It might be better to explain what you are trying to do, and how it is not working for you, rather than asking someone to rewrite the whole on-line documentation. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Context path configuration in tomcat5.5.28
Hi, On Mon, Mar 8, 2010 at 2:13 PM, André Warnier a...@ice-sa.com wrote: tembugs tembugs wrote: Hi, I am trying to deploy my web application in tomcat5.5.28 using multilevel path. Example, my webmodule is testapp.war and I am deploying it as module1/user1/testapp using tomcat manager. It deploys folder with the name module1#user1#testapp. My web application fails during transformation of the xml to html as it is unable to identify relative paths. Thanks, Tembugs Can anyone give the step by step procedure to do context path in tomcat 5.5.28? I couldn't follow the one given in apache website. Maybe, if you explain what you mean by do context path. It might be better to explain what you are trying to do, and how it is not working for you, rather than asking someone to rewrite the whole on-line documentation. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Best practise very secure system without any password in cleartext
Hello @ll, Some difficult task seems to be very strange to realize. We have to create an Application with an Offline Client based on Tomcat and SQL Server on Laptops. That means, that the Laptops has an local installed Webserver with Tomcat and a local installed SQL Server (Full oder Express Edition 2005). Now, in case to stolen laptops it is very unsecure to wrote the sa user with uncrypted password in some properties files. My idea was, to manage the whole communication direct with the SQL database instead of tomcat-users.xml. It is possible to make a full working system without any local stored password in the properties file? It is possible to use Windows internal Kerberos (etc) authentication with domain users etc and start the SQL Server and Tomcat Server with Serviceaccounts? Greetings Alexander
JMX query to modify attribute value
Hello, I have tried this JMX query to modify the connector properties of connector. http://localhost:8080/manager/jmxproxy/?set=Catalina:type=Connector,port=8443att=secureval=false When I again check the status of the connector with this query, http://localhost:8080/manager/jmxproxy/?qry=*:type=Connector,port=8443 the secure attribute is changes to false, but there is no change in the sever.xml file for the same connector. So, should I assume that atleast for runtime the secure attribute is false and https is disabled? Thank you
Re: Best practise very secure system without any password in cleartext
On 8 March 2010 09:55, Alexander Diedler adied...@tecracer.de wrote: We have to create an Application with an Offline Client based on Tomcat and SQL Server on Laptops. That means, that the Laptops has an local installed Webserver with Tomcat and a local installed SQL Server (Full oder Express Edition 2005). Now, in case to stolen laptops it is very unsecure to wrote the sa user with uncrypted password in some properties files. My idea was, to manage the whole communication direct with the SQL database instead of tomcat-users.xml. It is possible to make a full working system without any local stored password in the properties file? It is possible to use Windows internal Kerberos (etc) authentication with domain users etc and start the SQL Server and Tomcat Server with Serviceaccounts? You can certainly start both using service accounts and use Windows authentication - both the jTDS and Microsoft JDBC drivers support Windows authentication into SQL Server. However, I'm not sure what this buys you, as a cracker who knew what they were doing could simply add their own code to a webapp to extract whatever details they wished from the database, with the same credentials as the webapp. Of course, that webapp should not connect to SQL Server using sa, or in fact anything in the sysadmin or dbo roles. At this point, assuming you keep a different password for each machine, I cannot see why Windows authentication is significantly more secure than storing the account's password in cleartext. Also, if you are taking the laptops offline, I would be *very* cautious about using domain accounts as service accounts. Windows will cache domain credentials for some time, but not for ever. You do not want the application to fail due to losing the cached credentials. - Peter
Re: Tomcat response Blank Page
On 08/03/2010 04:37, Shirely wrote: No error log. This is the return packet No. TimeSourceDestination Protocol Info 3749 202.714770 118.142.22.3 192.168.1.109 HTTP HTTP/1.1 200 OK Sure, but that does the access log say, does it also say zero bytes sent? What happens if the line: Utility.writeToFile(/WP.txt,str +\n); throws an exception? The only line which writes output to the response is after that line, so if something stops the page before or at that line, then the response body will be empty. Admittedly, I can't think of a way for the page to stop there as a result of an exception and still send a 200 status, but it's worth exploring. Your JSP seems simple, but I can't tell exactly where it's writing the WP.txt file to, so this may also be causing a problem. p Frame 3749 (170 bytes on wire, 170 bytes captured) Ethernet II, Src: Tp-LinkT_d2:89:3a (00:25:86:d2:89:3a), Dst: Tp-LinkT_b8:40:30 (00:27:19:b8:40:30) Internet Protocol, Src: 118.142.22.3 (118.142.22.3), Dst: 192.168.1.109 (192.168.1.109) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) Total Length: 156 Identification: 0x112b (4395) Flags: 0x02 (Don't Fragment) Fragment offset: 0 Time to live: 119 Protocol: TCP (0x06) Header checksum: 0xa38a [correct] Source: 118.142.22.3 (118.142.22.3) Destination: 192.168.1.109 (192.168.1.109) Transmission Control Protocol, Src Port: http (80), Dst Port: 52568 (52568), Seq: 1, Ack: 379, Len: 116 Source port: http (80) Destination port: 52568 (52568) [Stream index: 71] Sequence number: 1(relative sequence number) [Next sequence number: 117(relative sequence number)] Acknowledgement number: 379(relative ack number) Header length: 20 bytes Flags: 0x18 (PSH, ACK) Window size: 65536 (scaled) Checksum: 0xa7be [validation disabled] [Good Checksum: False] [Bad Checksum: False] [SEQ/ACK analysis] Hypertext Transfer Protocol HTTP/1.1 200 OK\r\n [Expert Info (Chat/Sequence): HTTP/1.1 200 OK\r\n] Request Version: HTTP/1.1 Response Code: 200 Server: Apache-Coyote/1.1\r\n Transfer-Encoding: chunked\r\n Date: Mon, 08 Mar 2010 04:21:06 GMT\r\n \r\n HTTP chunked response End of chunked encoding Chunk size: 0 octets Chunk boundary 00 27 19 b8 40 30 00 25 86 d2 89 3a 08 00 45 00 .'@0.%...:..E. 0010 00 9c 11 2b 40 00 77 06 a3 8a 76 8e 16 03 c0 a8 @.w...v. 0020 01 6d 00 50 cd 58 78 1e 12 3a 3e 9b 5f d4 50 18 .m.P.Xx..:._.P. 0030 01 00 a7 be 00 00 48 54 54 50 2f 31 2e 31 20 32 ..HTTP/1.1 2 0040 30 30 20 4f 4b 0d 0a 53 65 72 76 65 72 3a 20 41 00 OK..Server: A 0050 70 61 63 68 65 2d 43 6f 79 6f 74 65 2f 31 2e 31 pache-Coyote/1.1 0060 0d 0a 54 72 61 6e 73 66 65 72 2d 45 6e 63 6f 64 ..Transfer-Encod 0070 69 6e 67 3a 20 63 68 75 6e 6b 65 64 0d 0a 44 61 ing: chunked..Da 0080 74 65 3a 20 4d 6f 6e 2c 20 30 38 20 4d 61 72 20 te: Mon, 08 Mar 0090 32 30 31 30 20 30 34 3a 32 31 3a 30 36 20 47 4d 2010 04:21:06 GM 00a0 54 0d 0a 0d 0a 30 0d 0a 0d 0a T0 Pid Ster wrote: On 06/03/2010 18:36, Shirely wrote: I already monitor it by network packet level, I found that server side have receive the reqeust. and it have response it by sending out a packet. but the response packet only have a 0 at the body part. How many bytes does the access log say it sent? Is there any error in any other log? p Shirley n828cl wrote: From: Shirely [mailto:shir...@powerelab.com] Subject: Re: Tomcat response Blank Page Then, I found that when it display blank page, it will not update the session counter and also didn't read to text file. Sounds like something in between is responding to the request, rather than it reaching the server. Try running Wireshark on each end and see if you can catch the failure. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Context path configuration in tomcat5.5.28
On 08/03/2010 08:51, tembugs tembugs wrote: Hi, On Mon, Mar 8, 2010 at 2:13 PM, André Warniera...@ice-sa.com wrote: tembugs tembugs wrote: Hi, I am trying to deploy my web application in tomcat5.5.28 using multilevel path. Example, my webmodule is testapp.war and I am deploying it as module1/user1/testapp using tomcat manager. It deploys folder with the name module1#user1#testapp. My web application fails during transformation of the xml to html as it is unable to identify relative paths. Which XML to HTML? p Thanks, Tembugs Can anyone give the step by step procedure to do context path in tomcat 5.5.28? I couldn't follow the one given in apache website. Maybe, if you explain what you mean by do context path. It might be better to explain what you are trying to do, and how it is not working for you, rather than asking someone to rewrite the whole on-line documentation. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: JMX query to modify attribute value
On 08/03/2010 10:04, Cummins College wrote: Hello, I have tried this JMX query to modify the connector properties of connector. http://localhost:8080/manager/jmxproxy/?set=Catalina:type=Connector,port=8443att=secureval=false When I again check the status of the connector with this query, http://localhost:8080/manager/jmxproxy/?qry=*:type=Connector,port=8443 the secure attribute is changes to false, but there is no change in the sever.xml file for the same connector. Why would there be? Dynamically changing Tomcat does not automatically cause the server.xml file to be updated? So, should I assume that atleast for runtime the secure attribute is false and https is disabled? Umm, yes? It depends on how YOU configured the server.xml in the first place. You should assume that at least for runtime the attributes are what you configured them to be. I'm wincing as I ask this, but why are you still trying to dynamically change this attribute? The HTTPS connector also needs either a truststore or APR compatible SSL configuration setting AS WELL as setting other properties. Simply setting 'secure=true' on a connector does NOT automatically make it an HTTPS connector. Note: the connector is not a per-user object, it is used by all users at the same time, so changing it for one user changes it for all users. Worse, as we've previously stated, the HTTP connector is now likely to be broken, so not only do you not have a working HTTPS connector, you now don't have a working HTTP connector. p - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Common Pages or parts in pages
Hi All, I am working on a web application in which there is a shoppping cart element as well. I have divided the applications into 2. One is my main app (lets call it main) the other is the shopping cart app (lets call it shop). I intend to deploy both these apps in Tomcat (as individual WAR files). I have got following questions wrt this deployment option: 1) I need to maintain a common header and footer on my app pages (which will show the links of the resources of both these apps). How can I achieve this without duplicating the code? Is there some kind of shared code block which can be used when either app renders the response? If yes, then I can simply make use of it. Can the above achieved with the help of Apache web server? I will have it in front of my tomcat instance. 2) I need to maintain the security context between these two applications. I have been adviced to make use of single sign on feature. I am using Spring Security framework. I am exploring SSO with Spring security. If the group has some tried and tested ideas on this, then please share. rgds Nitin -- View this message in context: http://old.nabble.com/Common-Pages-or-parts-in-pages-tp27819853p27819853.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Question on Executor (thread pool)
Hi, My web service wraps a command-line application that is rather resource demanding. To manage the maximum number of instances that can run concurrently, it uses a (custom) thread pool. This all works fine, but my current thread pool is local to my service. Now that I have to develop similar services, I would like to share the pool instead. I was thinking of switching to Tomcat's Executor - http://tomcat.apache.org/tomcat-6.0-doc/config/executor.html - but cannot find any examples on how to use it. Hopefully, someone can help me with the following questions: If I uncomment the corresponding lines in server.xml, can I then use the default tomcatThreadPool by just instantiating org.apache.catalina.core.StandardThreadExecutor? Do I have to call start() and stop() on StandardThreadExecutor or is this handled by Tomcat? Is it possible to block on the execute() method of StandardThreadExecutor? Can you only have one Executor per Connector? My current thread pool uses java.util.concurrent.ExecutorService, which allows to submit (execute) a Callable (instead of Runnable) task. This is very convenient for returning the exit code of the command line application to my Java code. It seems to me that this isn't possible with StandardThreadExecutor or any other executor that implement the |org.apache.catalina.Executor| interface? Would it be appropriate to not use Tomcat's Executor and share my custom thread pool among all services by using Tomcat's common/shared class loader? CBy
Re: Context path configuration in tomcat5.5.28
In my servelt, I try to transform my xml data available as a string to html using the xsl files available. On Mon, Mar 8, 2010 at 5:14 PM, Pid p...@pidster.com wrote: On 08/03/2010 08:51, tembugs tembugs wrote: Hi, On Mon, Mar 8, 2010 at 2:13 PM, André Warniera...@ice-sa.com wrote: tembugs tembugs wrote: Hi, I am trying to deploy my web application in tomcat5.5.28 using multilevel path. Example, my webmodule is testapp.war and I am deploying it as module1/user1/testapp using tomcat manager. It deploys folder with the name module1#user1#testapp. My web application fails during transformation of the xml to html as it is unable to identify relative paths. Which XML to HTML? p Thanks, Tembugs Can anyone give the step by step procedure to do context path in tomcat 5.5.28? I couldn't follow the one given in apache website. Maybe, if you explain what you mean by do context path. It might be better to explain what you are trying to do, and how it is not working for you, rather than asking someone to rewrite the whole on-line documentation. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Common Pages or parts in pages
On 08/03/2010 11:59, nitingupta183 wrote: Hi All, I am working on a web application in which there is a shoppping cart element as well. I have divided the applications into 2. One is my main app (lets call it main) the other is the shopping cart app (lets call it shop). I intend to deploy both these apps in Tomcat (as individual WAR files). I have got following questions wrt this deployment option: 1) I need to maintain a common header and footer on my app pages (which will show the links of the resources of both these apps). How can I achieve this without duplicating the code? Is there some kind of shared code block which can be used when either app renders the response? If yes, then I can simply make use of it. You can achieve that by using an 'include'. Yes, an include is a shared code block. Yes you can simple make use of it. I strongly recommend that you read the Servlet Spec (GIYF) and either get a book on JSPs or find some (relatively up-to-date) tutorials online. Tomcat comes with some example applications and source code, you should examine each one of those before proceeding. p Can the above achieved with the help of Apache web server? I will have it in front of my tomcat instance. 2) I need to maintain the security context between these two applications. I have been adviced to make use of single sign on feature. I am using Spring Security framework. I am exploring SSO with Spring security. If the group has some tried and tested ideas on this, then please share. rgds Nitin - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: JMX query to modify attribute value
On 08/03/2010 10:04, Cummins College wrote: Hello, I have tried this JMX query to modify the connector properties of connector. http://localhost:8080/manager/jmxproxy/?set=Catalina:type=Connector,port=8443att=secureval=false When I again check the status of the connector with this query, http://localhost:8080/manager/jmxproxy/?qry=*:type=Connector,port=8443 the secure attribute is changes to false, but there is no change in the sever.xml file for the same connector. So, should I assume that atleast for runtime the secure attribute is false and https is disabled? Altering attributes via JMX will never update server.xml The results of changing attributes whilst a component is running will vary from having no effect, to causing a crash to having the result you want. You'll have to check the code for each attribute to see which applies. Cleaning up the write aspect of JMX access has been on the todo list for a while but hasn't happened yet. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tomcat 6.0.24 catalina log issue
Hello, I have installed the 32 bit version of Tomcat 6.0.24(apache-tomcat-6.0.24-windows-x86.zip) on Windows XP Windows Server 2003 machines. I have installed it as a service. When I start tomcat service and if I have no error during startup the catalina.log is empty. When I start tomact service and have a few errors the catalina.log prints the logs partially and stops half way. However when I stop the service all the logs gets flushed into catalina.log for both cases. Is this a know issue in this version and if so is there a fix for this ? The 6.0.20 version seems to log properly. Any help in resolving this issue would be much appreciated. Thanks Lakshmi __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
SSL with IBM JVM
I am trying the IBM JVM as a possible cure for the problem 'Tomcat dies suddenly'. A quick recap: New Dell T110 Slackware 13 - 64 bit Tomcat 6.0.24 The problem: Tomcat would die suddenly without any entry in any log but would leave a core file that indicated the JVM exited with a seg fault. I had been using the Sun JVM 1.6.0_18. I have tried 1.6.0_16 (because Taylan said his system started a similar problem when he went from 1.6.0_16 to 1.6.0_18) but not 1.6.0_9 (as Chuck suggested.) Switched to the latest IBM JVM last Friday. We run https for all applications as we deal mostly with children's data. About 10% of the users experienced problems with accessing the site. Both IE and Firefox caused problems. Switching them to http eliminated the problem but we can not run that way on a regular basis. Here is what we have done: IE - IE 6 simply doesn't work. If IE 8 is installed, removing it and reinstalling it seems to allow it to work. If both IE and Firefox are installed, both must be removed and IE 8 installed first followed by Firefox seems to allow IE 8 to work. Firefox - The 'Use TLS 1.0' must be selected but it still doesn't always seem to work. Sometimes (I can't tell you the characteristics), the customer must go through the remove and re-install process described above. I believe the remove and re-install process is likely setting some value to the one that allows the browser to work. Does anyone have any idea what that setting would be to avoid all this removing/re-installing? Thanks, Carl
RE: SSL with IBM JVM
From: Carl [mailto:c...@etrak-plus.com] Subject: SSL with IBM JVM I had been using the Sun JVM 1.6.0_18. I have tried 1.6.0_16 (because Taylan said his system started a similar problem when he went from 1.6.0_16 to 1.6.0_18) but not 1.6.0_9 (as Chuck suggested.) Minor correction: there is no 1.6.0_9; 1.6.0_7 (aka 6u7) was the last release prior to the major changes introduced in 6u10. Might be easier switching to that than the IBM JVM. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat response Blank Page
From: Pid [mailto:p...@pidster.com] Subject: Re: Tomcat response Blank Page Admittedly, I can't think of a way for the page to stop there as a result of an exception and still send a 200 status, but it's worth exploring. It's chunked output, so zero-length content is quite valid. I'm guessing whatever's been queued is just sent out - and somebody is swallowing the exception. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat 6.0.24 catalina log issue
From: lakshmi raman [mailto:rlaksh...@yahoo.com] Subject: Tomcat 6.0.24 catalina log issue When I start tomcat service and if I have no error during startup the catalina.log is empty. When I start tomact service and have a few errors the catalina.log prints the logs partially and stops half way. However when I stop the service all the logs gets flushed into catalina.log for both cases. A quick search of the archives finds this: http://marc.info/?l=tomcat-userm=126453356107398w=2 Which leads here: https://issues.apache.org/bugzilla/show_bug.cgi?id=48614 - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL with IBM JVM
Carl wrote: Switched to the latest IBM JVM last Friday. We run https for all applications as we deal mostly with children's data. About 10% of the users experienced problems with accessing the site. Both IE and Firefox caused problems. Switching them to http eliminated the problem but we can not run that way on a regular basis. Have you considered to use Apache httpd to maintain https traffic? You can use AJP or http tomcat connectors then. -- Mikolaj Rydzewski m...@ceti.pl - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Is it possible to delete a jar file from ../WEB-INF/lib when Tomcat is running?
Thanks everyone for help. Chinmoy On Thu, Mar 4, 2010 at 6:43 PM, Michael Powe mich...@trollope.org wrote: On Thu, Mar 04, 2010 at 06:26:50PM +0530, Chinmoy Chakraborty wrote: Actually I want to update the jar with the latest one inside 'lib'...and want to make our app hot-updatable. what would be a good idea for that? Hello, See: http://tomcat.apache.org/tomcat-5.5-doc/config/context.html in particular, the section on antiResourceLocking. Note the caveats. Otherwise, undeploy the app, update your jars, and redeploy. Thanks. mp On Thu, Mar 4, 2010 at 5:23 PM, Pid p...@pidster.com wrote: On 04/03/2010 10:53, Chinmoy Chakraborty wrote: Hi All, Is it possible to delete a jar file from ../WEB-INF/lib when Tomcat is running? I tried to delete the jar from 'lib' after putting following entry in catalina.policy: It might be possible, but it would be a *very* bad idea. grant codeBase file:${catalina.home}/webapps/abcd/WEB-INF/lib { permission java.io.FilePermission read, write, delete; }; but it was giving following error: java.io.FileNotFoundException: C:\AppServer\Tomcat\apache-tomcat-6.0.10\webapps\ abcd\WEB-INF\lib (Access is denied)... Guess not then. Is it smart for the application to try and delete it's own jar files? p - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- Michael Powemich...@trollope.orgNaugatuck CT USA Any fool can paint a picture, but it takes a wise person to be able to sell it.
Re: SSL with IBM JVM
On 8 March 2010 12:53, Carl c...@etrak-plus.com wrote: Switched to the latest IBM JVM last Friday. We run https for all applications as we deal mostly with children's data. About 10% of the users experienced problems with accessing the site. Both IE and Firefox caused problems. Switching them to http eliminated the problem but we can not run that way on a regular basis. Here is what we have done: IE - IE 6 simply doesn't work. If IE 8 is installed, removing it and reinstalling it seems to allow it to work. If both IE and Firefox are installed, both must be removed and IE 8 installed first followed by Firefox seems to allow IE 8 to work. Firefox - The 'Use TLS 1.0' must be selected but it still doesn't always seem to work. Sometimes (I can't tell you the characteristics), the customer must go through the remove and re-install process described above. I believe the remove and re-install process is likely setting some value to the one that allows the browser to work. Does anyone have any idea what that setting would be to avoid all this removing/re-installing? There are a number of possibilities. Could you give us any more detail on which particular doesn't work you're getting? Browser hangs? Blank pages returned? Certificate errors? Error messages from browsers or server? - Peter
Issue while stopping Tomcat 6.0.24 using java 1.6.0_18
Hi All, In our web app we use JSF1.1 (Sun's RI) . Now when our app is deployed in tomcat 6.0.24 using java version 1.6.0_18 and we start tomcat and then subsequently stop tomcat we are getting the following errors in catalina.log INFO: Stopping service Catalina Mar 8, 2010 7:02:04 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: A web application appears to have started a thread named [Timer-0] but has failed to stop it. This is very likely to create a memory leak. Mar 8, 2010 7:02:04 PM org.apache.catalina.loader.WebappClassLoader clearThreadLocalMap SEVERE: A web application created a ThreadLocal with key of type [com.sun.faces.config.ConfigureListener$1] (value [com.sun.faces.config.configurelistene...@16f8834]) and a value of type [null] (value [null]) but failed to remove it when the web application was stopped. To prevent a memory leak, the ThreadLocal has been forcibly removed. This doesn't happen with TomCat 6.0.18 using Java 1.5 or using TomCat 6.0.24 using Java1.5 . Any idea what is wrong here ? Chinmoy
Re: Issue while stopping Tomcat 6.0.24 using java 1.6.0_18
On 08/03/2010 14:08, Chinmoy Chakraborty wrote: Hi All, In our web app we use JSF1.1 (Sun's RI) . Now when our app is deployed in tomcat 6.0.24 using java version 1.6.0_18 and we start tomcat and then subsequently stop tomcat we are getting the following errors in catalina.log INFO: Stopping service Catalina Mar 8, 2010 7:02:04 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: A web application appears to have started a thread named [Timer-0] but has failed to stop it. This is very likely to create a memory leak. Mar 8, 2010 7:02:04 PM org.apache.catalina.loader.WebappClassLoader clearThreadLocalMap This is a bug in an application. If an application starts a thread, it must stop it. SEVERE: A web application created a ThreadLocal with key of type [com.sun.faces.config.ConfigureListener$1] (value [com.sun.faces.config.configurelistene...@16f8834]) and a value of type [null] (value [null]) but failed to remove it when the web application was stopped. To prevent a memory leak, the ThreadLocal has been forcibly removed. This one you can ignore. Any message of this type where the value is null is a false positive. This has been fixed in the next release. This doesn't happen with TomCat 6.0.18 using Java 1.5 or using TomCat 6.0.24 using Java1.5 . Any idea what is wrong here ? The new memory leak detection code in Tomcat has found an issue with an applciation that needs to be fixed. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL with IBM JVM
Thanks for your reply. Interesting. Your suggestion is to front Tomcat with Apache and let Apache deal with SSL. I have tried to let Tomcat do everything, including serving html pages. I am going to try Chuck's idea of Sun's JVM 1.6.0_7 first. Thanks, Carl - Original Message - From: Mikolaj Rydzewski m...@ceti.pl To: Tomcat Users List users@tomcat.apache.org Sent: Monday, March 08, 2010 8:26 AM Subject: Re: SSL with IBM JVM Carl wrote: Switched to the latest IBM JVM last Friday. We run https for all applications as we deal mostly with children's data. About 10% of the users experienced problems with accessing the site. Both IE and Firefox caused problems. Switching them to http eliminated the problem but we can not run that way on a regular basis. Have you considered to use Apache httpd to maintain https traffic? You can use AJP or http tomcat connectors then. -- Mikolaj Rydzewski m...@ceti.pl - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL with IBM JVM
Chuck, I have downloaded that JVM and brought it up on a spare server. We'll find out in the next week if it will work. Thanks, Carl - Original Message - From: Caldarale, Charles R chuck.caldar...@unisys.com To: Tomcat Users List users@tomcat.apache.org Sent: Monday, March 08, 2010 8:10 AM Subject: RE: SSL with IBM JVM From: Carl [mailto:c...@etrak-plus.com] Subject: SSL with IBM JVM I had been using the Sun JVM 1.6.0_18. I have tried 1.6.0_16 (because Taylan said his system started a similar problem when he went from 1.6.0_16 to 1.6.0_18) but not 1.6.0_9 (as Chuck suggested.) Minor correction: there is no 1.6.0_9; 1.6.0_7 (aka 6u7) was the last release prior to the major changes introduced in 6u10. Might be easier switching to that than the IBM JVM. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL with IBM JVM
Peter, Good questions. I am dumping each request to catalina.out. I see the expected sequence of requests in the log. The sequence is: - Create two frames (one for work which covers the entire visible screen and one for communicating with the server for printing, applets, etc... an applet is started in this second frame which has a width of 0.) - In the visible frame, it simply display a 'Loading your settings...' message. - In the invisible frame, it starts the applet process by copying down some jars... we never see the requests to copy the jars. - Once the jars are copied, we see a request for the actual login page... this never happens on the machines that fail to copy the jars. The fact that it fails to request the jars implies to me (remember, this is the edge of my knowledge) the handshake negotiation was not going well and never completed so the server couldn't figure out how to communicate with the workstation. We normally have about 80 users from organizations we serve. About 20% of these appear to fail. I could take them through the process described earlier. However, we have several thousand users who are customers of these organizations and we can't really get them to do the uninstall/reinstall, hope it will work process. Hope this clarifies the problem a little bit. Thanks, Carl - Original Message - From: Peter Crowther peter.crowt...@melandra.com To: Tomcat Users List users@tomcat.apache.org Sent: Monday, March 08, 2010 8:57 AM Subject: Re: SSL with IBM JVM On 8 March 2010 12:53, Carl c...@etrak-plus.com wrote: Switched to the latest IBM JVM last Friday. We run https for all applications as we deal mostly with children's data. About 10% of the users experienced problems with accessing the site. Both IE and Firefox caused problems. Switching them to http eliminated the problem but we can not run that way on a regular basis. Here is what we have done: IE - IE 6 simply doesn't work. If IE 8 is installed, removing it and reinstalling it seems to allow it to work. If both IE and Firefox are installed, both must be removed and IE 8 installed first followed by Firefox seems to allow IE 8 to work. Firefox - The 'Use TLS 1.0' must be selected but it still doesn't always seem to work. Sometimes (I can't tell you the characteristics), the customer must go through the remove and re-install process described above. I believe the remove and re-install process is likely setting some value to the one that allows the browser to work. Does anyone have any idea what that setting would be to avoid all this removing/re-installing? There are a number of possibilities. Could you give us any more detail on which particular doesn't work you're getting? Browser hangs? Blank pages returned? Certificate errors? Error messages from browsers or server? - Peter - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Servlet mapping, welcome file and trailing slashes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Gregg, On 3/5/2010 7:56 PM, GreggCarrier wrote: I'm having a frustrating problem and I can't find the right configuration for what I want. Hoping someone can offer some insight. Desired behavior: I want all requests to my webapp to be handled by one servlet except requests for index.jsp or the root of the webapp. I do not want trailing slashes to be required in order to load URLs. I can hardly find any documentation for SpringServlet in the Jersey project. :( It's likely that the SpringServlet doesn't respect the welcome-file entries in web.xml because accessing that information is not part of the servlet API. That isn't to say that the developers didn't parse web.xml themselves, but I doubt they did that: they would expect you to map only the appropriate URI patterns to SpringServlet. The examples I see are always of the form: url-pattern/something/*/url-pattern ...which suggests to me that the REST portion of your webapp might be expected to be segregated from the rest of the webapp by a particular URL prefix. I think that's rather a good idea because then you know that all requests to /something/* will always be handled as REST calls and those outside of that pattern will be non-REST requests. Hope that helps, - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuVErUACgkQ9CaO5/Lv0PBh0ACgpnoHFWxhAwCg+Utf7z1dTFkD qTwAn1s5QJai/K34ERDPxnoQi/V9e/sY =cMa3 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat response Blank Page
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Pid, On 3/8/2010 6:42 AM, Pid wrote: What happens if the line: Utility.writeToFile(/WP.txt,str +\n); throws an exception? The only line which writes output to the response is after that line, so if something stops the page before or at that line, then the response body will be empty. Admittedly, I can't think of a way for the page to stop there as a result of an exception and still send a 200 status, but it's worth exploring. This might have something to do with it: %@ page language=java import=java.text.*, java.util.*, tools.* errorPage= % The errorPage attribute is defined as a URL, so is a bit ambiguous, and may even cause /another/ error during error handling. AFAIK, page rendering errors aren't logged if an error page will be shown. Your JSP seems simple, but I can't tell exactly where it's writing the WP.txt file to, so this may also be causing a problem. +1 Also, the response isn't a 0, it's an HTTP response with no body (that is, Content-Length is 0, though not specified in the headers). - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuVE/4ACgkQ9CaO5/Lv0PByQwCgpYoD34yNpNCwU8OJIAnF89cJ hrMAn1hqhOtue4h0phsRyzoZa6BoOUat =R0bL -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Apache 2.2.3(mod_proxy_ajp) - Tomcat 6.0.13 Loadbalancing - error logs in apache
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 To whom it may concern, On 3/4/2010 12:34 AM, jkv wrote: We have a eye popping requirement to handle 15000 concurrent https users simultaneously, an I am not sure a single Apache Server and five Tomcat instances (what we now have) can take this? 15000 concurrent users or concurrent requests? The former is manageable but the latter will probably require some load balancing, as you are trying to do. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuVFYoACgkQ9CaO5/Lv0PApKgCeMJEoNmIhUKcb9gvl2R5niCsG iIUAn0kw/KlF0hnh9APwK+YlAdLXUWdR =fWLT -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Question on Executor (thread pool)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CBy, On 3/8/2010 7:03 AM, CBy wrote: My web service wraps a command-line application that is rather resource demanding. To manage the maximum number of instances that can run concurrently, it uses a (custom) thread pool. Are you on Java 1.5+? (If not, you should be). If you are, you can use one of the fine implementations of executors in java.util.concurrent, such as ThreadPoolExecutor. Now that I have to develop similar services, I would like to share the pool instead. I was thinking of switching to Tomcat's Executor - http://tomcat.apache.org/tomcat-6.0-doc/config/executor.html - but cannot find any examples on how to use it. I don't believe user code has any access to Tomcat's thread pool(s). Why not run your own thread pool(s) for this particular requirement? If I uncomment the corresponding lines in server.xml, can I then use the default tomcatThreadPool by just instantiating org.apache.catalina.core.StandardThreadExecutor? Almost certainly not. You'd have to create your own StandardThreadExecutor, configure it, and then use it. The same is true if you were to use the Java API-provided one, except you wouldn't tie yourself to Tomcat in that case. Do I have to call start() and stop() on StandardThreadExecutor or is this handled by Tomcat? If you used StandardThreadExecutor, Tomcat wouldn't be managing it: you would. Is it possible to block on the execute() method of StandardThreadExecutor? Can you only have one Executor per Connector? My current thread pool uses java.util.concurrent.ExecutorService, which allows to submit (execute) a Callable (instead of Runnable) task. This is very convenient for returning the exit code of the command line application to my Java code. It seems to me that this isn't possible with StandardThreadExecutor or any other executor that implement the |org.apache.catalina.Executor| interface? Would it be appropriate to not use Tomcat's Executor and share my custom thread pool among all services by using Tomcat's common/shared class loader? I think that would be better. On the other hand, you could create a service that runs these things on your behalf, and then connect to that. Then, you only have one thread pool in use, here. I think that will be less fragile than trying to share a thread pool across web applications. This also allows you to do thing like re-locate webapps that use the pool without having to figure out what to do next: you just connect to the same service you always did. It also makes it possible for you to load-balance such a service if necessary without figuring out how to change the clients of the service. Hope that helps, - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuVF2QACgkQ9CaO5/Lv0PArSgCgwkGmosZtlnDJUWAGyJpeEX7L QUsAoJZVO27SQITXqGQ/a193yY90650c =wdN3 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL with IBM JVM
On 08/03/2010 12:53, Carl wrote: I am trying the IBM JVM as a possible cure for the problem 'Tomcat dies suddenly'. A quick recap: New Dell T110 Slackware 13 - 64 bit Tomcat 6.0.24 The problem: Tomcat would die suddenly without any entry in any log but would leave a core file that indicated the JVM exited with a seg fault. I had been using the Sun JVM 1.6.0_18. I have tried 1.6.0_16 (because Taylan said his system started a similar problem when he went from 1.6.0_16 to 1.6.0_18) but not 1.6.0_9 (as Chuck suggested.) Switched to the latest IBM JVM last Friday. We run https for all applications as we deal mostly with children's data. About 10% of the users experienced problems with accessing the site. Both IE and Firefox caused problems. Switching them to http eliminated the problem but we can not run that way on a regular basis. Here is what we have done: IE - IE 6 simply doesn't work. If IE 8 is installed, removing it and reinstalling it seems to allow it to work. If both IE and Firefox are installed, both must be removed and IE 8 installed first followed by Firefox seems to allow IE 8 to work. Firefox - The 'Use TLS 1.0' must be selected but it still doesn't always seem to work. Sometimes (I can't tell you the characteristics), the customer must go through the remove and re-install process described above. I believe the remove and re-install process is likely setting some value to the one that allows the browser to work. Does anyone have any idea what that setting would be to avoid all this removing/re-installing? Thanks, Carl Carl, Please don't hijack threads. When you want to send an email to the list, just editing the subject line and the body isn't enough, most email clients leave the headers, (which contain the thread information), intact. p - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat response Blank Page
On 08/03/2010 15:13, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Pid, On 3/8/2010 6:42 AM, Pid wrote: What happens if the line: Utility.writeToFile(/WP.txt,str +\n); throws an exception? The only line which writes output to the response is after that line, so if something stops the page before or at that line, then the response body will be empty. Admittedly, I can't think of a way for the page to stop there as a result of an exception and still send a 200 status, but it's worth exploring. This might have something to do with it: %@ page language=java import=java.text.*, java.util.*, tools.* errorPage= % The errorPage attribute is defined as a URL, so is a bit ambiguous, and may even cause /another/ error during error handling. AFAIK, page rendering errors aren't logged if an error page will be shown. Your JSP seems simple, but I can't tell exactly where it's writing the WP.txt file to, so this may also be causing a problem. +1 Also, the response isn't a 0, it's an HTTP response with no body (that is, Content-Length is 0, though not specified in the headers). I suppose that Utility.writeToFile() could be swallowing an exception and then resetting str to an empty string, which would produce the effect the OP describes. p - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuVE/4ACgkQ9CaO5/Lv0PByQwCgpYoD34yNpNCwU8OJIAnF89cJ hrMAn1hqhOtue4h0phsRyzoZa6BoOUat =R0bL -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Question on Executor (thread pool)
Thanks for your help, Chris. With you could create a service you mean a process not managed by Tomcat? The class loader route seems less flexible but easier. I think I'll try that first. I am still curious though on when and how to use Tomcat's Executor. I someone could provide me with a nice example, I would be most grateful. CBy On 8-3-2010 16:27, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CBy, On 3/8/2010 7:03 AM, CBy wrote: My web service wraps a command-line application that is rather resource demanding. To manage the maximum number of instances that can run concurrently, it uses a (custom) thread pool. Are you on Java 1.5+? (If not, you should be). If you are, you can use one of the fine implementations of executors in java.util.concurrent, such as ThreadPoolExecutor. Now that I have to develop similar services, I would like to share the pool instead. I was thinking of switching to Tomcat's Executor - http://tomcat.apache.org/tomcat-6.0-doc/config/executor.html - but cannot find any examples on how to use it. I don't believe user code has any access to Tomcat's thread pool(s). Why not run your own thread pool(s) for this particular requirement? If I uncomment the corresponding lines in server.xml, can I then use the default tomcatThreadPool by just instantiating org.apache.catalina.core.StandardThreadExecutor? Almost certainly not. You'd have to create your own StandardThreadExecutor, configure it, and then use it. The same is true if you were to use the Java API-provided one, except you wouldn't tie yourself to Tomcat in that case. Do I have to call start() and stop() on StandardThreadExecutor or is this handled by Tomcat? If you used StandardThreadExecutor, Tomcat wouldn't be managing it: you would. Is it possible to block on the execute() method of StandardThreadExecutor? Can you only have one Executor per Connector? My current thread pool uses java.util.concurrent.ExecutorService, which allows to submit (execute) a Callable (instead of Runnable) task. This is very convenient for returning the exit code of the command line application to my Java code. It seems to me that this isn't possible with StandardThreadExecutor or any other executor that implement the |org.apache.catalina.Executor| interface? Would it be appropriate to not use Tomcat's Executor and share my custom thread pool among all services by using Tomcat's common/shared class loader? I think that would be better. On the other hand, you could create a service that runs these things on your behalf, and then connect to that. Then, you only have one thread pool in use, here. I think that will be less fragile than trying to share a thread pool across web applications. This also allows you to do thing like re-locate webapps that use the pool without having to figure out what to do next: you just connect to the same service you always did. It also makes it possible for you to load-balance such a service if necessary without figuring out how to change the clients of the service. Hope that helps, - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuVF2QACgkQ9CaO5/Lv0PArSgCgwkGmosZtlnDJUWAGyJpeEX7L QUsAoJZVO27SQITXqGQ/a193yY90650c =wdN3 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: [OT] Question on Executor (thread pool)
From: CBy [mailto:tom...@byrman.demon.nl] Subject: Re: [OT] Question on Executor (thread pool) I am still curious though on when and how to use Tomcat's Executor. I someone could provide me with a nice example, I would be most grateful. Tomcat's thread pools used to be on a connector basis, so each had to be sized for the maximum load expected on the server. Having a single executor shared by some connectors provides a more consistent way of tuning the server as a whole, while still allowing an individual thread pool for any connector that requires it. To second Chris' comment: sharing a thread pool between Tomcat and the dedicated needs of your webapp is just asking for trouble. Don't try to force commonality on things that are unrelated, especially when it's so easy not to. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __
Re: SSL with IBM JVM
Pid, I would never hijack a thread. I started this thread from scratch by sending it to the Tomcat users group... is that not what I have done? Thanks, Carl - Original Message - From: Pid p...@pidster.com To: users@tomcat.apache.org Sent: Monday, March 08, 2010 10:41 AM Subject: Re: SSL with IBM JVM On 08/03/2010 12:53, Carl wrote: I am trying the IBM JVM as a possible cure for the problem 'Tomcat dies suddenly'. A quick recap: New Dell T110 Slackware 13 - 64 bit Tomcat 6.0.24 The problem: Tomcat would die suddenly without any entry in any log but would leave a core file that indicated the JVM exited with a seg fault. I had been using the Sun JVM 1.6.0_18. I have tried 1.6.0_16 (because Taylan said his system started a similar problem when he went from 1.6.0_16 to 1.6.0_18) but not 1.6.0_9 (as Chuck suggested.) Switched to the latest IBM JVM last Friday. We run https for all applications as we deal mostly with children's data. About 10% of the users experienced problems with accessing the site. Both IE and Firefox caused problems. Switching them to http eliminated the problem but we can not run that way on a regular basis. Here is what we have done: IE - IE 6 simply doesn't work. If IE 8 is installed, removing it and reinstalling it seems to allow it to work. If both IE and Firefox are installed, both must be removed and IE 8 installed first followed by Firefox seems to allow IE 8 to work. Firefox - The 'Use TLS 1.0' must be selected but it still doesn't always seem to work. Sometimes (I can't tell you the characteristics), the customer must go through the remove and re-install process described above. I believe the remove and re-install process is likely setting some value to the one that allows the browser to work. Does anyone have any idea what that setting would be to avoid all this removing/re-installing? Thanks, Carl Carl, Please don't hijack threads. When you want to send an email to the list, just editing the subject line and the body isn't enough, most email clients leave the headers, (which contain the thread information), intact. p - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
tomcat shutdown: catalina.sh STOP vs SIGTERM
Sometimes on a busy system I have seen that catalina.sh stop does take a long time to shutdown tomcat. We are running another monitoring service on the system that monitors tomcat and few other system services. After issuing catalina.sh and waiting for some time (up to 25 seconds) it loses patience and gives a SIGTERM to tomcat process. SIGTERM seems to bring tomcat down much faster. What is the downside of using SIGTERM, if any? It does seem to bring tomcat down in an orderly manner and much faster than catalina.sh stop.
Adding security constraint breaks sql functionality
Hi, I'm running Tomcat 6.0.20 on Windows 2003 Server, with JRE 1.6.0_14. I have a working Tomcat configuration using MySQL authentication to access to ROOT webapp. I'm using DataSourceRealm just like the one in the Tomcat docs (http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#DataSourceRealm). What I previously didn't have was a method for users to change their passwords through the web interface. I managed to figure out a way to do it using a jdbc resource and sql:query and sql:update tags in a couple JSP files. I basically started out with example code from the tomcat wiki for DataSource (datasourcedemo.war). I deployed my modified code on the server as a separate application (i.e. not in the ROOT app) under /changepass Well, the code works wonderfully when I don't have any security constraints on the application. However, when I try adding security constraints (using the same security constraints as the ROOT app), it stops working! To be more specific, Tomcat requires me to login to access the app, but the sql stuff no longer works. I reduced the problem code down to a simple SQL query which works w/o security constraints, but fails when I implement constraints. The code below (dbtest.jsp) just prints the contents of the authority table. At least, it does when I don't have security constraints. However, when I add security constraints, it instead prints only (literally): ${row.user_name} ${row.user_pass} And that's it! I imagine I'm doing something wrong (well, I'm sure there's multiple things...) -- can someone please clue me in? I obviously do not want people accessing the /changepass application w/o logging in first. (BTW, I can post the changepass code if someone cares, but it doesn't seem relevant here...) I'm not sure if it's relevant, but I'm using a different JDBC Resource for server authentication and for changepass. Obviously they are both accessing the same database, but I wanted to make sure that the login process used a read-only account, and /changepass using a different account with UPDATE privs. The authentication resource is in the GlobalNamingResources, while the /changepass resource is defined in the webapp's context.xml. BEGIN dbtest.jsp %@ page language=java contentType=text/html; charset=ISO-8859-1% %@ taglib prefix=sql uri=http://java.sun.com/jsp/jstl/sql; % %@ taglib prefix=c uri=http://java.sun.com/jsp/jstl/core; % %@ taglib prefix=fmt uri=http://java.sun.com/jsp/jstl/fmt; % !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN html head titleAssignment List/title /head body sql:setDataSource dataSource=jdbc/chngpass / table sql:query var=qryAsmts SELECT * FROM users /sql:query c:forEach var=row items=${qryAsmts.rows} tr td${row.user_name}/td td${row.user_pass}/td /tr /c:forEach /table /body /html END JSP --- BEGIN web.xml for /changepass web-app !-- Security constraint for the webapp -- security-constraint web-resource-collection web-resource-namechangepass Web/web-resource-name url-pattern/changepass/*/url-pattern /web-resource-collection auth-constraint role-nameappuser/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nameTomcat Manager Application/realm-name /login-config security-role description The role that is required to log in to APP /description role-nameappuser/role-name /security-role /web-app --- END web.xml - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat shutdown: catalina.sh STOP vs SIGTERM
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ajay, On 3/8/2010 12:53 PM, Aggarwal, Ajay wrote: Sometimes on a busy system I have seen that catalina.sh stop does take a long time to shutdown tomcat. You might want to investigate why this is happening: my Tomcat instances (we have 4 in production) take only a few seconds to shut down completely. We are running another monitoring service on the system that monitors tomcat and few other system services. After issuing catalina.sh and waiting for some time (up to 25 seconds) it loses patience and gives a SIGTERM to tomcat process. SIGTERM seems to bring tomcat down much faster. :) What is the downside of using SIGTERM, if any? I tried issuing a SIGTERM to my JVM/Tomcat process running in development, and I got some messages in the app log file that indicated that the webapp was coming down. But, I didn't get any shutting down messages in catalina.out which leads me to believe that the shutdown wasn't entirely clean. It does seem to bring tomcat down in an orderly manner and much faster than catalina.sh stop. Well, definitely faster, but I'm not sure about orderly: you should check to see what things aren't stopping and determine if they are potentially disastrous it TERMinated. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuVQt8ACgkQ9CaO5/Lv0PD8LgCdFbaGLq1nfsqJJb4dbAsKY8hT lFEAoLUQHVzXZ9KnrQ79ExupS4cyKDfD =vn8E -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat shutdown: catalina.sh STOP vs SIGTERM
On Mon, Mar 8, 2010 at 9:53 AM, Aggarwal, Ajay ajay.aggar...@stratus.com wrote: What is the downside of using SIGTERM, if any? It does seem to bring tomcat down in an orderly manner and much faster than catalina.sh stop. Yeah, seem to would be the operative phrase, I think. A leap off a tall structure might seem to be much like flying. Initially. :-) As Chris already said: check your app to see what's slow to exit, and what the consequences of an ungraceful stop might be. -- Hassan Schroeder hassan.schroe...@gmail.com twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Question on Executor (thread pool)
On 8-3-2010 17:07, Caldarale, Charles R wrote: From: CBy [mailto:tom...@byrman.demon.nl] Subject: Re: [OT] Question on Executor (thread pool) I am still curious though on when and how to use Tomcat's Executor. I someone could provide me with a nice example, I would be most grateful. Tomcat's thread pools used to be on a connector basis, so each had to be sized for the maximum load expected on the server. Having a single executor shared by some connectors provides a more consistent way of tuning the server as a whole, while still allowing an individual thread pool for any connector that requires it. To second Chris' comment: sharing a thread pool between Tomcat and the dedicated needs of your webapp is just asking for trouble. Don't try to force commonality on things that are unrelated, especially when it's so easy not to. Thanks for your advise, Chuck. To be honest, I am totally confused now. I thought it was pretty common to share precious resources across web apps. Isn't database connection pooling often implemented this way? If mine isn't, what then would be a good use case for using the shared class loader? What is so easy about writing a dedicated service for this? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: tomcat shutdown: catalina.sh STOP vs SIGTERM
When I send SIGTERM to tomcat, I actually do get 1) these messages in my catalina.out Mar 8, 2010 2:46:05 PM org.apache.catalina.core.StandardService stop INFO: Stopping service Catalina and, 2) my servlets destroy() methods do get called. That’s why I suspect that even SIGTERM seems to bring tomcat down in an orderly manner. I should mention that I am on a linux platform, running tomcat 6.0.20. As to why on a busy system, catalina.sh stop takes longer I really don't have the details. All I can say is that sometimes I don't even see the above messages for first 20-25 seconds. Could it be because catalina.sh stop has to start another JVM and then send a stop message to tomcat process over a local loop interface and on a busy system, both of these require resources which may not be available. -Ajay -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Monday, March 08, 2010 1:33 PM To: Tomcat Users List Subject: Re: tomcat shutdown: catalina.sh STOP vs SIGTERM -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ajay, On 3/8/2010 12:53 PM, Aggarwal, Ajay wrote: Sometimes on a busy system I have seen that catalina.sh stop does take a long time to shutdown tomcat. You might want to investigate why this is happening: my Tomcat instances (we have 4 in production) take only a few seconds to shut down completely. We are running another monitoring service on the system that monitors tomcat and few other system services. After issuing catalina.sh and waiting for some time (up to 25 seconds) it loses patience and gives a SIGTERM to tomcat process. SIGTERM seems to bring tomcat down much faster. :) What is the downside of using SIGTERM, if any? I tried issuing a SIGTERM to my JVM/Tomcat process running in development, and I got some messages in the app log file that indicated that the webapp was coming down. But, I didn't get any shutting down messages in catalina.out which leads me to believe that the shutdown wasn't entirely clean. It does seem to bring tomcat down in an orderly manner and much faster than catalina.sh stop. Well, definitely faster, but I'm not sure about orderly: you should check to see what things aren't stopping and determine if they are potentially disastrous it TERMinated. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuVQt8ACgkQ9CaO5/Lv0PD8LgCdFbaGLq1nfsqJJb4dbAsKY8hT lFEAoLUQHVzXZ9KnrQ79ExupS4cyKDfD =vn8E -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Installation differences between 6.0.24 and 5.5.28
I've run into this before, but didn't have time to hunt down the issue. Now I do, so here goes. I have installed both TC 6.0.24 and 5.5.28 on Windows server 2003 32-bit (into separate directories, of course). In each case, I first ran the windows installer .exe, and then unzipped the .zip package on top of it so I would have the service.bat utilities. Each one started its default service with no trouble. I then created a service for my app with each version's service.bat (different names), which starts from a separate folder on the HD. With IDENTICAL settings, both pointing to the exact same catalina_base, the 5.5 one starts fine, and 6.0 fails to start, with the following error in stderr_20100308.log: java.lang.ClassNotFoundException: org.apache.catalina.startup.Catalina at java.net.URLClassLoader$1.run(URLClassLoader.java:200) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at java.lang.ClassLoader.loadClass(ClassLoader.java:303) at java.lang.ClassLoader.loadClass(ClassLoader.java:248) at org.apache.catalina.startup.Bootstrap.init(Bootstrap.java:216) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:391) Much searching of documentation and faqs has not turned up an explanation of what I may be missing in the 6.0 installation, or what the configuration differences are between the two versions. Any suggestions? D - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Configuring SSL on Tomcat 5.5.28
On 8-3-2010 20:40, Jessica Krosschell wrote: Good afternoon, I am implementing SSL on Tomcat 5.5.28 (on a Windows Server 2008 box) for the first time as part of a BusinessObjects implementation. My client wants to use a self signed certificate and I was able to create one using the keytool utilities with a keystore, but it has already expired (it's been 90 days). How can I create a self signed certificate that lasts longer? Use -validity numberOfDays (default 90). CBy Do I need to use something like OpenSSL? I have looked on the Tomcat documentation and spent many hours googling, but I'm not completely clear on the process. I've included screenshots of my process to help describe what I'm doing. Thanks, Jessica -- Jessica (Batista) Krosschell Senior Engineer - BI Division Guident 198 Van Buren Street Suite 120 Herndon, VA 20170 Mobile: 703-597-1552 Email: jkrossch...@guident.com mailto:jkrossch...@guident.com Website: www.guident.com http://www.guident.com - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installation differences between 6.0.24 and 5.5.28
David kerber wrote: I've run into this before, but didn't have time to hunt down the issue. Now I do, so here goes. I have installed both TC 6.0.24 and 5.5.28 on Windows server 2003 32-bit (into separate directories, of course). In each case, I first ran the windows installer .exe, and then unzipped the .zip package on top of it so I would have the service.bat utilities. Each one started its default service with no trouble. I then created a service for my app with each version's service.bat (different names), which starts from a separate folder on the HD. With IDENTICAL settings, both pointing to the exact same catalina_base, the 5.5 one starts fine, and 6.0 fails to start, with the following error in stderr_20100308.log: java.lang.ClassNotFoundException: org.apache.catalina.startup.Catalina at java.net.URLClassLoader$1.run(URLClassLoader.java:200) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at java.lang.ClassLoader.loadClass(ClassLoader.java:303) at java.lang.ClassLoader.loadClass(ClassLoader.java:248) at org.apache.catalina.startup.Bootstrap.init(Bootstrap.java:216) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:391) Much searching of documentation and faqs has not turned up an explanation of what I may be missing in the 6.0 installation, or what the configuration differences are between the two versions. Any suggestions? I'll take a pot-shot : If I compare my Tomcat 5.5 and 6.0 catalina_home dirs, I see that in 5.5 there is a shared subdir, with 2 subdirs classes and lib. On the other hand, under 6.0 there is no shared subdir, only a lib. If these sub-directories were defined as being relative to catalina_base, that may explain your problem, no ? (In the sense that Tomcat6.0 is looking for a class under the catalina_base/lib subdir, but there is no such thing) (If I understand well what you say above, catalina_base is really one one and the same directory, used for both your tomcat5.5 and tomcat6.0 trials, yes ?) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: [OT] Question on Executor (thread pool)
From: CBy [mailto:tom...@byrman.demon.nl] Subject: Re: [OT] Question on Executor (thread pool) I thought it was pretty common to share precious resources across web apps. Isn't database connection pooling often implemented this way? Not in my experience - you want to keep things as separate as possible for ease of operation and maintenance. You can use a single DB connection pool across webapps, but unless the webapps are fairly tightly coupled beyond using a common database, I wouldn't. If mine isn't, what then would be a good use case for using the shared class loader? A few things come to mind: 1) Tomcat manages the resource of interest, so the classes have to be available to Tomcat code. 2) The webapps require a singleton (or equivalent static fields) on a global server basis. (I would try to avoid this situation.) 3) A native library is being used, and since native code can only be loaded once per JVM, the Java classes have to be in shared. The servlet spec is pretty clear about webapps being independent; coupling them ends up forcing administrators to take the server up and down rather than individual webapps. It also makes upgrading one webapp at a time a difficult if not impossible task. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __
Re: Installation differences between 6.0.24 and 5.5.28
2010/3/8 David kerber dcker...@verizon.net: I then created a service for my app with each version's service.bat (different names), which starts from a separate folder on the HD. With IDENTICAL settings, both pointing to the exact same catalina_base You cannot use the same catalina_base for different Tomcat versions. 1. Most of the files in conf/ are essentially different between major versions 2. Work directory must be cleared when upgrading by a minor version - so that Jasper would recompile all JSPs 3. There might be changes in default configuration files between minor versions. (E.g., new listeners in server.xml, new mime-types in web.xml, new permissions in the policy file, and so on). So it is always advisable to review the default configuration and add your on top of it. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installation differences between 6.0.24 and 5.5.28
André Warnier wrote: David kerber wrote: I've run into this before, but didn't have time to hunt down the issue. Now I do, so here goes. I have installed both TC 6.0.24 and 5.5.28 on Windows server 2003 32-bit (into separate directories, of course). In each case, I first ran the windows installer .exe, and then unzipped the .zip package on top of it so I would have the service.bat utilities. Each one started its default service with no trouble. I then created a service for my app with each version's service.bat (different names), which starts from a separate folder on the HD. With IDENTICAL settings, both pointing to the exact same catalina_base, the 5.5 one starts fine, and 6.0 fails to start, with the following error in stderr_20100308.log: java.lang.ClassNotFoundException: org.apache.catalina.startup.Catalina at java.net.URLClassLoader$1.run(URLClassLoader.java:200) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at java.lang.ClassLoader.loadClass(ClassLoader.java:303) at java.lang.ClassLoader.loadClass(ClassLoader.java:248) at org.apache.catalina.startup.Bootstrap.init(Bootstrap.java:216) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:391) Much searching of documentation and faqs has not turned up an explanation of what I may be missing in the 6.0 installation, or what the configuration differences are between the two versions. Any suggestions? I'll take a pot-shot : If I compare my Tomcat 5.5 and 6.0 catalina_home dirs, I see that in 5.5 there is a shared subdir, with 2 subdirs classes and lib. On the other hand, under 6.0 there is no shared subdir, only a lib. If these sub-directories were defined as being relative to catalina_base, that may explain your problem, no ? (In the sense that Tomcat6.0 is looking for a class under the catalina_base/lib subdir, but there is no such thing) I'll play with that and see if I can figure out anything. (If I understand well what you say above, catalina_base is really one one and the same directory, used for both your tomcat5.5 and tomcat6.0 trials, yes ?) Correct, and it's different from catalina_home. Catalina_home is each version's own installation directory, and catalina_base is set the same for both installations, at c:\TomcatClients\myapp. 5.5 works when pointing to that folder, and 6.0 does not. Thanks for the suggestions... D - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installation differences between 6.0.24 and 5.5.28
Konstantin Kolinko wrote: 2010/3/8 David kerber dcker...@verizon.net: I then created a service for my app with each version's service.bat (different names), which starts from a separate folder on the HD. With IDENTICAL settings, both pointing to the exact same catalina_base You cannot use the same catalina_base for different Tomcat versions. 1. Most of the files in conf/ are essentially different between major versions 2. Work directory must be cleared when upgrading by a minor version - so that Jasper would recompile all JSPs Yes, I did delete the work folder between startup attempts. 3. There might be changes in default configuration files between minor versions. (E.g., new listeners in server.xml, new mime-types in web.xml, new permissions in the policy file, and so on). That's what I'm trying to figure out, what those differences are. So it is always advisable to review the default configuration and add your on top of it. That's how I got started on this drill: I'm trying to upgrade my server to 6.0.somethingnew, but can't get it to go. D - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Configuring SSL on Tomcat 5.5.28
From: CBy [mailto:tom...@byrman.demon.nl] Subject: Re: Configuring SSL on Tomcat 5.5.28 On 8-3-2010 20:40, Jessica Krosschell wrote: I was able to create one using the keytool utilities with a keystore, but it has already expired (it's been 90 days). Use -validity numberOfDays (default 90). I have looked on the Tomcat documentation and spent many hours googling To further CBy's statement, use the keytool doc, not Google: http://java.sun.com/javase/6/docs/technotes/tools/windows/keytool.html - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Installation differences between 6.0.24 and 5.5.28
From: David kerber [mailto:dcker...@verizon.net] Subject: Re: Installation differences between 6.0.24 and 5.5.28 That's what I'm trying to figure out, what those differences are. Regardless, you cannot reliably share anything between two different Tomcat versions. Trying to do so will only give you headaches. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installation differences between 6.0.24 and 5.5.28
Caldarale, Charles R wrote: From: David kerber [mailto:dcker...@verizon.net] Subject: Re: Installation differences between 6.0.24 and 5.5.28 That's what I'm trying to figure out, what those differences are. Regardless, you cannot reliably share anything between two different Tomcat versions. Trying to do so will only give you headaches. I have no desire to do so; I only set this up to try to help me figure out why I can't get 6.0.24 to work! There's something missing from my 6.0 configuration, and trying to find it is driving me nuts... Does 6.0.x simply have trouble when catalina_home != catalina_base D - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installation differences between 6.0.24 and 5.5.28
2010/3/8 David kerber dcker...@verizon.net: Caldarale, Charles R wrote: From: David kerber [mailto:dcker...@verizon.net] Subject: Re: Installation differences between 6.0.24 and 5.5.28 That's what I'm trying to figure out, what those differences are. Regardless, you cannot reliably share anything between two different Tomcat versions. Trying to do so will only give you headaches. I have no desire to do so; I only set this up to try to help me figure out why I can't get 6.0.24 to work! There's something missing from my 6.0 configuration, and trying to find it is driving me nuts... Does 6.0.x simply have trouble when catalina_home != catalina_base No. 6.0 cannot use configuration files of 5.5. That is all. If you search archives of this list you may find a more detailed answer. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installation differences between 6.0.24 and 5.5.28
Caldarale, Charles R wrote: From: David kerber [mailto:dcker...@verizon.net] Subject: Re: Installation differences between 6.0.24 and 5.5.28 Regardless, you cannot reliably share anything between two different Tomcat versions. I have no desire to do so; ??? That contradicts your previous statement: Correct, and it's different from catalina_home. Catalina_home is each version's own installation directory, and catalina_base is set the same for both installations Can't both be true. Why not? Here are the entries on the java tab of tomcat6w: -Dcatalina.home=C:\Program Files\Apache Software Foundation\Tomcat 6.0 -Djava.endorsed.dirs=C:\Program Files\Apache Software Foundation\Tomcat 6.0\endorsed -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.config.file=C:\Program Files\Apache Software Foundation\Tomcat 6.0\conf\logging.properties -Dcatalina.base=C:\TomcatClients\Pelican -Djava.io.tmpdir=C:\TomcatClients\Pelican\temp And tomcat5w has -Dcatalina.home=C:\Program Files\Apache Software Foundation\Tomcat 5.5 -Djava.endorsed.dirs=C:\Program Files\Apache Software Foundation\Tomcat 5.5\common\endorsed -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.config.file=C:\Program Files\Apache Software Foundation\Tomcat 5.5\conf\logging.properties -Dcatalina.base=C:\TomcatClients\Pelican -Djava.io.tmpdir=C:\TomcatClients\Pelican\temp Unless there's something I'm completely misunderstanding (definitely possible!), this has catalina_base set the same for each one, and catalina_home set differently?? Does 6.0.x simply have trouble when catalina_home != catalina_base The environment variables mean nothing when Tomcat is running as a service; you have to set the appropriate system properties in the Java tab of the tomcat6w.exe program. I have no trouble when running separate home and base directories. I know; see above... I found moving from 5.5.x to 6.0.x to be exceedingly trivial; the only thing of significance that changed was the replacement of the shared, common, and server libraries with a single one. Maybe that's what I'm missing... D - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Best Practices for Deployment with separate Context XML file (Tomcat 6.0.20)
Dear all, My question focuses on the best way to deploy a Web Application to a running Tomcat instance when specifying the Context Container's configuration in a separate XML file in $CATALINA_BASE/conf/[enginename]/[hostname]/ In an ideal world I would like to be able to keep a *permanent* Application.xml, with environment specific database settings, in $CATALINA_BASE/conf/[enginename]/[hostname]/ and for deployment simply drop my Application.war into my appbase to trigger a redeploy. However, in Tomcat 6, the auto-deployment caused by the new WAR being dropped deletes the existing context XML file. My question is, what is the best way of deploying given that I need to deploy a simultaneous WAR and XML file. Copying the WAR first leaves me without the XML configuration, so do I drop the WAR file and the 'new' (i.e. identical) XML file simultaneously? Drop the XML file afterwards? Do I turn of auto-deploy altogether - and if so what's the most pain free way of doing the deployment to the running Tomcat without auto-deploy? Many thanks in advance for your advice. I case it adds useful information, I have included the background to what I'm hoping to achieve below. Regards, James (I would like my Web Application WAR to be deployable on different Tomcat instances running in different environments, and to have some configuration (namely the JNDI database config) specified by the environment it is deployed on rather than within the application itself. These settings are specified within my Context container. As I understand it there are three places where I can configure my context - in the server.xml file, in a separate XML file in $CATALINA_BASE/conf/[enginename]/[hostname]/ and in a context.xml file stored within the WAR itself. The server.xml option is now deprecated, and the within-WAR-file option breaks the goal I have outlined above, so I have gone with the separate XML file.) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Installation differences between 6.0.24 and 5.5.28
From: David kerber [mailto:dcker...@verizon.net] Subject: Re: Installation differences between 6.0.24 and 5.5.28 Why not? Here are the entries on the java tab of tomcat6w: -Dcatalina.base=C:\TomcatClients\Pelican -Djava.io.tmpdir=C:\TomcatClients\Pelican\temp And tomcat5w has -Dcatalina.base=C:\TomcatClients\Pelican -Djava.io.tmpdir=C:\TomcatClients\Pelican\temp So you are sharing things between Tomcat 5.5.28 and 6.0.24, which you said you had no desire to do. I'd strongly recommend you stop trying to do that. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
JNDI Realm question
http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#JNDIRealm http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html Using Tomcat 6.0.24 on Windows Server 2003 Standard R2 SP2 1. We use MS Active Directory, is the uid in the following example for userPattern the same as the sAMAccountName ? Realm className=org.apache.catalina.realm.JNDIRealm debug=99 connectionURL=ldap://localhost:389; userPattern=uid={0},ou=people,dc=mycompany,dc=com roleBase=ou=groups,dc=mycompany,dc=com roleName=cn roleSearch=(uniqueMember={0}) / 2. The quick start section said to create a user account for the Tomcat user, if required. That is the account Tomcat uses to browse the LDAP, I understand that, but where is it used in the Realm? Is it the connectionName and connectionPassword attributes? The way Active Directory is setup for us looks something like this: dc=mycompany,dc=com ou=mydept ou=division1 ou=division2 ou=division...n ou=service accounts (this is where we created the tomcat user account, and the role accounts for the webapp) ou=other depts, etc. I would like to set up the realm so that any user in any division, under mydept will be found. Does this look right? (aside from changing the connection url to ours) Or do I substitue the sAMAccountName for uid? Realm className=org.apache.catalina.realm.JNDIRealm debug=99 connectionURL=ldap://localhost:389; connectionName=tomcat user account name connectionPassword=tomcat user account pw userPattern=uid={0},ou=mydept,dc=mycompany,dc=com roleBase=ou=mydept,dc=mycompany,dc=com roleName=ou=service accounts,cn=ourwebapprolename,dc=mycompany,dc=com roleSearch=(uniqueMember={0}) userSubtree=true / Leo Donahue - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Best Practices for Deployment with separate Context XML file (Tomcat 6.0.20)
From: James Matthews [mailto:jxmatth...@gmail.com] Subject: Best Practices for Deployment with separate Context XML file (Tomcat 6.0.20) My question focuses on the best way to deploy a Web Application to a running Tomcat instance when specifying the Context Container's configuration in a separate XML file in $CATALINA_BASE/conf/ [enginename]/[hostname]/ Don't keep the application in the Host appBase - locate it outside of Tomcat's directory structure, and use the docBase attribute of the Context element to tell Tomcat where to find it. Replace the .war file at your leisure, and then do a touch of the .xml file to trigger an application redeployment. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installation differences between 6.0.24 and 5.5.28
Caldarale, Charles R wrote: From: David kerber [mailto:dcker...@verizon.net] Subject: Re: Installation differences between 6.0.24 and 5.5.28 Why not? Here are the entries on the java tab of tomcat6w: -Dcatalina.base=C:\TomcatClients\Pelican -Djava.io.tmpdir=C:\TomcatClients\Pelican\temp And tomcat5w has -Dcatalina.base=C:\TomcatClients\Pelican -Djava.io.tmpdir=C:\TomcatClients\Pelican\temp So you are sharing things between Tomcat 5.5.28 and 6.0.24, which you said you had no desire to do. I'd strongly recommend you stop trying to do that. I don't *want* to do this!! I'm only doing it as a troubleshooting attempt, trying to figure out why I can't get 6.0.x to start. Obviously there's something different in the configuration requirements, but I can't figure out what it is. That's why I asked for some suggestions as to where to find configuration differences between the two major versions. Right now, I'm in the middle of doing a line-by-line comparison of the default configuration files that the two installations set up. D - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Best Practices for Deployment with separate Context XML file (Tomcat 6.0.20)
Hi Chuck, I am attempting to follow your instructions, but I am not having much luck, can I just check I am understanding you correctly. 1) I have created a folder with absolute path: /home/farthing/appservers/userapps 2) In this folder I have placed my WAR file, Application.war 3) In /home/farthing/appservers/apache-tomcat-6.0.20/conf/Catalina/localhost I have placed a file called Application.xml (contents of file below). ?xml version=1.0 encoding=UTF-8? Context path=/Application docBase=/home/farthing/appservers/userapps Resource name=jdbc/postgres auth=Container type=javax.sql.DataSource driverClassName=org.postgresql.Driver url=jdbc:postgresql://localhost:5432/XX username=YY password=ZZ maxActive=20 maxIdle=10 maxWait=-1/ /Context Each time I 'touch' Application.xml all I get in catalina.out is: Mar 8, 2010 4:46:13 PM org.apache.catalina.startup.HostConfig checkResources INFO: Undeploying context [/Application] And the application does not deploy at any point. Can you spot where I'm going wrong? Many thanks, James -Original Message- From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Sent: Monday, March 08, 2010 4:18 PM To: Tomcat Users List Subject: RE: Best Practices for Deployment with separate Context XML file (Tomcat 6.0.20) From: James Matthews [mailto:jxmatth...@gmail.com] Subject: Best Practices for Deployment with separate Context XML file (Tomcat 6.0.20) My question focuses on the best way to deploy a Web Application to a running Tomcat instance when specifying the Context Container's configuration in a separate XML file in $CATALINA_BASE/conf/ [enginename]/[hostname]/ Don't keep the application in the Host appBase - locate it outside of Tomcat's directory structure, and use the docBase attribute of the Context element to tell Tomcat where to find it. Replace the .war file at your leisure, and then do a touch of the .xml file to trigger an application redeployment. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: JNDI Realm question
Good Afternoon Leo i would suggest using wildcard searches using the objectclass,cn,objectcategory or sn as specified here http://msdn.microsoft.com/en-us/library/aa746475(VS.85).aspx once you have a valid LDAP query then confgure the tc realm Note: i would suggest using LDAP_MATCHING_RULE_IN_CHAIN for MatchingRuleOID which allows you to pull all the attributes that match the value for that subtree hth Martin Gainty __ do not disrupt, alter or modify this transmission. From: leodona...@mail.maricopa.gov To: users@tomcat.apache.org Date: Mon, 8 Mar 2010 14:11:50 -0700 Subject: JNDI Realm question http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#JNDIRealm http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html Using Tomcat 6.0.24 on Windows Server 2003 Standard R2 SP2 1. We use MS Active Directory, is the uid in the following example for userPattern the same as the sAMAccountName ? Realm className=org.apache.catalina.realm.JNDIRealm debug=99 connectionURL=ldap://localhost:389; userPattern=uid={0},ou=people,dc=mycompany,dc=com roleBase=ou=groups,dc=mycompany,dc=com roleName=cn roleSearch=(uniqueMember={0}) / 2. The quick start section said to create a user account for the Tomcat user, if required. That is the account Tomcat uses to browse the LDAP, I understand that, but where is it used in the Realm? Is it the connectionName and connectionPassword attributes? The way Active Directory is setup for us looks something like this: dc=mycompany,dc=com ou=mydept ou=division1 ou=division2 ou=division...n ou=service accounts (this is where we created the tomcat user account, and the role accounts for the webapp) ou=other depts, etc. I would like to set up the realm so that any user in any division, under mydept will be found. Does this look right? (aside from changing the connection url to ours) Or do I substitue the sAMAccountName for uid? Realm className=org.apache.catalina.realm.JNDIRealm debug=99 connectionURL=ldap://localhost:389; connectionName=tomcat user account name connectionPassword=tomcat user account pw userPattern=uid={0},ou=mydept,dc=mycompany,dc=com roleBase=ou=mydept,dc=mycompany,dc=com roleName=ou=service accounts,cn=ourwebapprolename,dc=mycompany,dc=com roleSearch=(uniqueMember={0}) userSubtree=true / Leo Donahue - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org _ Hotmail: Powerful Free email with security by Microsoft. http://clk.atdmt.com/GBL/go/201469230/direct/01/
RE: Adding security constraint breaks sql functionality
From: Robert Jacobson [mailto:vvnxbdd...@snkmail.com] Subject: Adding security constraint breaks sql functionality --- BEGIN web.xml for /changepass web-app !-- Security constraint for the webapp -- security-constraint web-resource-collection web-resource-namechangepass Web/web-resource-name url-pattern/changepass/*/url-pattern Not sure what else is going on, but the above is incorrect for your webapp - the context name is *not* part of the url-pattern. What you're protecting with the above is requests to: http://host/changepass/changepass/[whatever] login-config auth-methodBASIC/auth-method realm-nameTomcat Manager Application/realm-name Is that the proper Realm reference? Might want to post an expurgated copy of your Realm declaration. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __
RE: Best Practices for Deployment with separate Context XML file (Tomcat 6.0.20)
From: James Matthews [mailto:jxmatth...@gmail.com] Subject: RE: Best Practices for Deployment with separate Context XML file (Tomcat 6.0.20) Context path=/Application Take out the path attribute - it's not allowed. docBase=/home/farthing/appservers/userapps The above should be /home/farthing/appservers/userapps/Application.war. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installation differences between 6.0.24 and 5.5.28
David kerber wrote: Caldarale, Charles R wrote: From: David kerber [mailto:dcker...@verizon.net] Subject: Re: Installation differences between 6.0.24 and 5.5.28 Why not? Here are the entries on the java tab of tomcat6w: -Dcatalina.base=C:\TomcatClients\Pelican -Djava.io.tmpdir=C:\TomcatClients\Pelican\temp And tomcat5w has -Dcatalina.base=C:\TomcatClients\Pelican -Djava.io.tmpdir=C:\TomcatClients\Pelican\temp So you are sharing things between Tomcat 5.5.28 and 6.0.24, which you said you had no desire to do. I'd strongly recommend you stop trying to do that. I don't *want* to do this!! I'm only doing it as a troubleshooting attempt, trying to figure out why I can't get 6.0.x to start. Obviously there's something different in the configuration requirements, but I can't figure out what it is. That's why I asked for some suggestions as to where to find configuration differences between the two major versions. Right now, I'm in the middle of doing a line-by-line comparison of the default configuration files that the two installations set up. This is becoming increasingly shrill on all sides. Let's all calm down a bit. But I'm afraid it will take some typing.. David, maybe what you do not understand, is that what you are doing to test your migration, is at the base of your problem in making it work. You /are/ using the same catalina_base (and the same physical directory structure and files below it), for both Tomcat 5.5 and Tomcat 6.0. And what each one of them expects below his catalina_base is not identical in the two cases. I mentioned earlier that Tomcat 5.5, under its catalina_base dir, is expecting a subdirectory shared, containing 2 subdirectories lib and classes (with some things in them). Well, guess what ? Tomcat 6.0 does not expect this subdirectory shared under its catalina_base. But it does expect a subdirectory lib directtly under its catalina_base. The reason why your Tomcat 5.5 works fine, from your common catalina_base, is that it finds what it wants there. The reason why Tomcat6 is not happy, is that under that same physical directory, it does not find what it wants. And that is because you probably set up this catalina_base directory according to the pattern of your (previous, existing) tomcat 5.5 catalina_base. Now, I am saying this with not a lot of knowledge to back this up. But according to the other people here, there are more differences between what Tomcat 5.5 has below its catalina_base, and what Tomcat 6.0 has there. So you should /not/ try to use the same physical directory as catalina_base for both, because it will get you in a lot of trouble, independently of the difference shared vs lib. You should set up a /separate/ catalina_base directory for your Tomcat 6.0, modeled on what you find under the original catalina_home of your original Tomcat 6.0. Similarly, you should start the conf directory files of your Tomcat 6.0 instance on the base of the original conf of Tomcat6.0, and then make the needed changes in it to accomodate your applications. You should /not/ try to use the same server.xml (and other conf files) for both Tomcat5.5 and Tomcat 6.0. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
which subdirectories where ?
Hi. To the Tomcat developers : In reference to the thread : Installation differences between 6.0.24 and 5.5.28 It seems to me that one reason for David's confusion may be the lack of a clear indication in the documentation, of which subdirectories of a Tomcat installation are relative to CATALINA_HOME as opposed to relative to CATALINA_BASE. When both are the same, then of course one knows where the subdirs bin, conf, webapps, lib etc belong. But if one decides to make CATALINA_BASE different from CATALINA_HOME (e.g. to run multiple Tomcat instances off the same executables), then it is not so clear to the uninitiated, which subdirectories belong under each. I can kind of guess for myself, but I do not have enough knowledge to provide a short and accurate description for each subdirectory, indicating why it should be here rather than there. Maybe it is somewhere in the docs, but I have not found it yet. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Best Practices for Deployment with separate Context XML file (Tomcat 6.0.20)
Thank you so much Chuck, that works perfectly (interestingly each 'touch' still only instigates the Undeploy log in catalina.out, but the application does now redeploy seamlessly). Out of curiosity, is using a separate Context XML file the best way of providing server-specific configuration to a tomcat web application? Not using the standard webapps folder directly seems like bit of a work-around. Although it looks like I'm now all set with this method, was I approaching this config provision in the right way to start with? Regards, James -Original Message- From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Sent: Monday, March 08, 2010 5:01 PM To: Tomcat Users List Subject: RE: Best Practices for Deployment with separate Context XML file (Tomcat 6.0.20) From: James Matthews [mailto:jxmatth...@gmail.com] Subject: RE: Best Practices for Deployment with separate Context XML file (Tomcat 6.0.20) Context path=/Application Take out the path attribute - it's not allowed. docBase=/home/farthing/appservers/userapps The above should be /home/farthing/appservers/userapps/Application.war. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: which subdirectories where ?
2010/3/9 André Warnier a...@ice-sa.com: Hi. To the Tomcat developers : In reference to the thread : Installation differences between 6.0.24 and 5.5.28 It seems to me that one reason for David's confusion may be the lack of a clear indication in the documentation, of which subdirectories of a Tomcat installation are relative to CATALINA_HOME as opposed to relative to CATALINA_BASE. All directories of CATALINA_BASE are listed in RUNNING.txt of Tomcat version that you are trying to run. Current 6.0.x version of the file is here: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/RUNNING.txt?view=markup (It might be better to look into the distribution bundle for certain particular version, though). It might be that it is not clear elsewhere in the docs, but we need references to know where to fix it. David's problem is that common.loader in catalina.properties in 5.5 and 6.0 has different values. The 5.5 one references subdirectories that do not exist in 6.0. IIRC, this issue was asked at least three times in the last year. The stack trace and message are always the same, so it should be easy to find. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Secured photo rendering
Hi, As I notice, the photo rendering usually uses file system/Apache to speed up displaying, a url point at a photo URL, the photo is still available even when the page is finished. Is there a way to show the photo only thru the page? somehow secure the photo? Thanks, Angelo -- View this message in context: http://old.nabble.com/Secured-photo-rendering-tp27829228p27829228.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat shutdown: catalina.sh STOP vs SIGTERM
2010/3/8 Aggarwal, Ajay ajay.aggar...@stratus.com: When I send SIGTERM to tomcat, I actually do get Tomcat installs a shutdown hook into JVM so that it will shutdown gracefully. There is a problem though that if there are several shutdown hooks then they run in parallel. That is particularly visible in 6.0.24, because logging system shutdown was made more robust. This shutdown hooks race is already fixed in the current 6.0.x sources -- that will be 6.0.26. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat shutdown: catalina.sh STOP vs SIGTERM
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ajay, On 3/8/2010 2:56 PM, Aggarwal, Ajay wrote: When I send SIGTERM to tomcat, I actually do get 1) these messages in my catalina.out Mar 8, 2010 2:46:05 PM org.apache.catalina.core.StandardService stop INFO: Stopping service Catalina That's good, but apparently not guaranteed to occur, since I didn't see them in my environment. It's possible that the JVM sends a notification and subsequently terminates all the threads, but may not wait for them to finish their work. I highly recommend an orderly shutdown (using catalina.sh stop). As to why on a busy system, catalina.sh stop takes longer I really don't have the details. This should be easy to determine: run catalina.sh stop which should return immediately. Run jstack on the still-running JVM several times a few seconds apart to see which threads are still alive. Perhaps some are request processing threads still doing work, in which case the response will not complete if you forceably kill the thread. There could be other threads running that should be daemon threads but aren't: that's usually a simple fix. All I can say is that sometimes I don't even see the above messages for first 20-25 seconds. Could it be because catalina.sh stop has to start another JVM and then send a stop message to tomcat process over a local loop interface and on a busy system, both of these require resources which may not be available. Yes and no: catalina.sh stop does in fact start a second JVM and send a stop message to the other Tomcat, but its likely that Tomcat receives the message immediately. I'm not sure why it would take 20-30 seconds for you to see the above message: it should be immediate. Tomcat then does a whole bunch of things, including waiting for request processing threads to complete, notifying servlet context listeners that the webapp is coming down, then taking the servlets and filters out of service, shutting down various resource pools, etc. Only then does it take the connectors out of service. So, if something takes a long time to complete (maybe a filter or servlet taking a long time to shutdown) then you'll just have to wait for it to complete. I just checked, and my TC 6.0.20 install doesn't print anything after Stopping Service Catalina when I shut it down, so it's possible that message is printed when the service really is ready to go down. Thread dumps will certainly help you figure out what's taking so long. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuVhyIACgkQ9CaO5/Lv0PBZBACfY+kevbW9Y51JNMrghofh4aCj atwAn02La9O0OEY5bn3/9l+3NlHazxRG =LQwd -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Secured photo rendering
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Angelo, On 3/8/2010 6:22 PM, Angelo Chen wrote: As I notice, the photo rendering usually uses file system/Apache to speed up displaying Where did you notice this? I can't imagine that Apache [httpd] improves the performance of rendering an image. a url point at a photo URL, the photo is still available even when the page is finished. Is there a way to show the photo only thru the page? somehow secure the photo? Thanks, Are you talking about only allowing images to be displayed within a page from your own site? The only cheap solution is to check the Referer header from the request to see if the page loading the image is on your site whatever that means to you. You could also check to make sure that the user is logged-in (if you require logins) in order to request a page. This won't stop images from being loaded by other sites in the case where the user really is logged-in, but it should stop people from accessing images at random. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuViIwACgkQ9CaO5/Lv0PAtvgCfWRBGu5tMXywwK9sQR3dntaie ejwAnRBD3Bom30c+if1jWzi3occuvxU8 =MAmX -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Best Practices for Deployment with separate Context XML file (Tomcat 6.0.20)
On 08/03/2010 22:47, James Matthews wrote: Thank you so much Chuck, that works perfectly (interestingly each 'touch' still only instigates the Undeploy log in catalina.out, but the application does now redeploy seamlessly). Thats a 'feature'. It is fixed in 6.0.24 onwards. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
jul.ConsoleHandler doesn't work with SystemLogHandler redirectStreams
I'm using Tomcat with juli. I'm using java.util.logging.ConsoleHandler to handle logging output. My logging.properties looks like the following: handlers = java.util.logging.ConsoleHandler .handlers = java.util.logging.ConsoleHandler java.util.logging.ConsoleHandler.level = FINE java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter jul.ConsoleHandler by definition sends everything to System.err and it grabs a reference to System.err at instantiation time. ConsoleHanlder gets instantiated before Embedded.initStreams() is called. Hence my jul.ConsoleHandler doesn't use SystemLogHandler. One way to fix this would be for Tomcat to provide a SystemLogHandler friendly ConsoleHandler implementation as part of tomcat-juli. Does anyone else think this issue is worthy of a feature request? I'd be more than happy to provide a patch. Mike -- View this message in context: http://old.nabble.com/jul.ConsoleHandler-doesn%27t-work-with-SystemLogHandler-redirectStreams-tp27829370p27829370.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Context path configuration in tomcat5.5.28
2010/3/8 tembugs tembugs temb...@gmail.com: In my servelt, I try to transform my xml data available as a string to html using the xsl files available. http://marc.info/?t=12665788981r=1w=2 That was your thread. Is anything different now? Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Multiple SSL certificates on same server
Does anyone know if it is possible, or has anyone done this: I have two applications running on a single server. The applications use different domains and URLs, so the single Tomcat instance can easily tell them apart. (Note: this part is currently working just fine). https://domain1/application1 https://domain2/application2 Again, both domains point to the same static IP, and yes, it is possible for someone to access either application from either domain. Normally, that is not an issue with the clients. However, I currently have only one SSL certificate on the server - this is for domain1. So if you use domain1 to access application1, it's all fine. The security cert comes up green and all that. BUT - if you try and access application2 via domain2, you get the red security cert (wrong domain / server name). I would like to purchase a second certificate for the second domain, and am wondering if this can be done, and how one would tell Tomcat (in server.xml) to acknowledge the second certificate. Currently the stuff in server.xml looks like this: Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 enableLookups=false scheme=https secure=true keystoreFile=./keys/.keystore keystorePass=myPassword clientAuth=false sslProtocol=TLS / I have a bad feeling it's not possible, but wanted to ask anyway. Thanks in advance. -R - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: class loaded twice when sharing wlfullclient.jar by two web apps
2010/3/5 Michal Bunarowski michal.bunarow...@comarch.pl: ClassCastException occurs in my web app, because classloaders load the same class twice, when two web apps share WebLogic wlfullclient.jar. Any idea how to avoid that? Details below. Don't share the jar. Deploy a separate copy with each web application. We've been considering this. It solves the error indeed. But the problem is wlfullclient.jar has over 50 MB, so both WARs will increase a lot, which will have impact on our releases. So we were hoping there's some other solution. Note, that there exists the following class: http://tomcat.apache.org/tomcat-6.0-doc/api/org/apache/catalina/loader/VirtualWebappLoader.html though it is not recommended for production. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Multiple SSL certificates on same server
-Original Message- From: Richard Huntrods [mailto:huntr...@nucleus.com] Sent: Monday, March 08, 2010 18:46 To: users@tomcat.apache.org Subject: Multiple SSL certificates on same server Does anyone know if it is possible, or has anyone done this: I have two applications running on a single server. The applications use different domains and URLs, so the single Tomcat instance can easily tell them apart. (Note: this part is currently working just fine). https://domain1/application1 https://domain2/application2 No. The certificate is sent and SSL negotiated prior to the server receiving the Host header. Again, both domains point to the same static IP, and yes, it is possible for someone to access either application from either domain. Normally, that is not an issue with the clients. However, I currently have only one SSL certificate on the server - this is for domain1. So if you use domain1 to access application1, it's all fine. The security cert comes up green and all that. BUT - if you try and access application2 via domain2, you get the red security cert (wrong domain / server name). I would like to purchase a second certificate for the second domain, and am wondering if this can be done, and how one would tell Tomcat (in server.xml) to acknowledge the second certificate. Currently the stuff in server.xml looks like this: Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 enableLookups=false scheme=https secure=true keystoreFile=./keys/.keystore keystorePass=myPassword clientAuth=false sslProtocol=TLS / I have a bad feeling it's not possible, but wanted to ask anyway. Thanks in advance. -R - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100- - +1 (443) 269-1555 x333Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: tomcat shutdown: catalina.sh STOP vs SIGTERM
From: Christopher Schultz [mailto:ch...@christopherschultz.net] Subject: Re: tomcat shutdown: catalina.sh STOP vs SIGTERM I'm not sure why it would take 20-30 seconds for you to see the above message: it should be immediate. One possible cause is specifying a large heap size in JAVA_OPTS, which will be used by both the running Tomcat and the JVM launched by the shutdown script. Better to put such settings in CATALINA_OPTS, which is not used by the shutdown script. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __
RE: Best Practices for Deployment with separate Context XML file (Tomcat 6.0.20)
From: James Matthews [mailto:jxmatth...@gmail.com] Subject: RE: Best Practices for Deployment with separate Context XML file (Tomcat 6.0.20) is using a separate Context XML file the best way of providing server-specific configuration to a tomcat web application? I think so, since otherwise the server administrator has to take the .war file apart, update context.xml or web.xml, and pack it all back together. Specific values can also be specified by system properties on the command line, and referenced in the webapp's context.xml, but that has its own issues with uniqueness and remembering to set the values when needed. Not using the standard webapps folder directly seems like bit of a work-around. It's the way I prefer to run the production apps, as opposed to the examples, docs, manager, etc., that come with Tomcat. (We keep the examples and docs deployed just to give people something to play with - there's no outside access to the system.) Having the production apps outside of the Tomcat directory structure makes it easy to update Tomcat versions when needed - and we do keep up with each release. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Multiple SSL certificates on same server
On 03/08/2010 06:46 PM, Richard Huntrods wrote: Does anyone know if it is possible, or has anyone done this: I have two applications running on a single server. The applications use different domains and URLs, so the single Tomcat instance can easily tell them apart. (Note: this part is currently working just fine). https://domain1/application1 https://domain2/application2 Again, both domains point to the same static IP, and yes, it is possible for someone to access either application from either domain. Normally, that is not an issue with the clients. However, I currently have only one SSL certificate on the server - this is for domain1. So if you use domain1 to access application1, it's all fine. The security cert comes up green and all that. BUT - if you try and access application2 via domain2, you get the red security cert (wrong domain / server name). I would like to purchase a second certificate for the second domain, and am wondering if this can be done, and how one would tell Tomcat (in server.xml) to acknowledge the second certificate. Currently the stuff in server.xml looks like this: Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 enableLookups=false scheme=https secure=true keystoreFile=./keys/.keystore keystorePass=myPassword clientAuth=false sslProtocol=TLS / I have a bad feeling it's not possible, but wanted to ask anyway. Thanks in advance. -R Richard, It's possible. It doesn't appear that Tomcat or Java(SUN) support RFC 3546 just yet (For Server Name Indication) even though Apache httpd does. However Windows XP users of IE will not be able to take advantage of SNI at this time anyway (to further rain on your parade). Vista and greater do make use of SNI though. Gotta wait for XP to die I guess. :-P End result: Multi-Domain Certificate, separate ports, separate IPs or a load balancer that distributes the load to an internal IP based on FQDN, to which you could then use X amount of different SSL certs.(This last bit may be a wee bit complicated) Hope this helps - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installation differences between 6.0.24 and 5.5.28
André Warnier wrote: David kerber wrote: Caldarale, Charles R wrote: From: David kerber [mailto:dcker...@verizon.net] Subject: Re: Installation differences between 6.0.24 and 5.5.28 Why not? Here are the entries on the java tab of tomcat6w: -Dcatalina.base=C:\TomcatClients\Pelican -Djava.io.tmpdir=C:\TomcatClients\Pelican\temp And tomcat5w has -Dcatalina.base=C:\TomcatClients\Pelican -Djava.io.tmpdir=C:\TomcatClients\Pelican\temp So you are sharing things between Tomcat 5.5.28 and 6.0.24, which you said you had no desire to do. I'd strongly recommend you stop trying to do that. I don't *want* to do this!! I'm only doing it as a troubleshooting attempt, trying to figure out why I can't get 6.0.x to start. Obviously there's something different in the configuration requirements, but I can't figure out what it is. That's why I asked for some suggestions as to where to find configuration differences between the two major versions. Right now, I'm in the middle of doing a line-by-line comparison of the default configuration files that the two installations set up. This is becoming increasingly shrill on all sides. Let's all calm down a bit. But I'm afraid it will take some typing.. David, maybe what you do not understand, is that what you are doing to test your migration, is at the base of your problem in making it work. Believe me, that wasn't my first step in this; I only did it out of desperation!!! You /are/ using the same catalina_base (and the same physical directory structure and files below it), for both Tomcat 5.5 and Tomcat 6.0. And what each one of them expects below his catalina_base is not identical in the two cases. I mentioned earlier that Tomcat 5.5, under its catalina_base dir, is expecting a subdirectory shared, containing 2 subdirectories lib and classes (with some things in them). Well, guess what ? Tomcat 6.0 does not expect this subdirectory shared under its catalina_base. But it does expect a subdirectory lib directtly under its catalina_base. The reason why your Tomcat 5.5 works fine, from your common catalina_base, is that it finds what it wants there. The reason why Tomcat6 is not happy, is that under that same physical directory, it does not find what it wants. And that is because you probably set up this catalina_base directory according to the pattern of your (previous, existing) tomcat 5.5 catalina_base. Now, I am saying this with not a lot of knowledge to back this up. But according to the other people here, there are more differences between what Tomcat 5.5 has below its catalina_base, and what Tomcat 6.0 has there. So you should /not/ try to use the same physical directory as catalina_base for both, because it will get you in a lot of trouble, independently of the difference shared vs lib. You should set up a /separate/ catalina_base directory for your Tomcat 6.0, modeled on what you find under the original catalina_home of your original Tomcat 6.0. Similarly, you should start the conf directory files of your Tomcat 6.0 instance on the base of the original conf of Tomcat6.0, and then make the needed changes in it to accomodate your applications. You should /not/ try to use the same server.xml (and other conf files) for both Tomcat5.5 and Tomcat 6.0. Thanks for the note of calm, André . You claim you don't have a lot of knowledge to back you up, but your comments led me to the solution of the problem. It turns out that the shared vs lib issue doesn't matter (at least for my very simple case), and SOME of the config files can be used in both places, but others cannot. I didn't check all of the files in conf, but I did check server.xml, context.xml and web.xml, and found that their contents will work with both server versions (again, at least for my simple case) . However, when I started looking at some of the other files in conf, I found major differences between the two versions. So I copied all the various files from the conf folder under 6.0.24 into the conf folder in my catalina_base tree, and it immediately started working. I guess the root of my problem was the implicit assumption (without really thinking it through) that if the server, context and web .xml files were ok, the rest wouldn't matter, so I just copied the entire application folder tree including the conf folders from my 5.5 installation to the 6.0 server. And of course that assumption was wrong (yes I know what happens when one assumes!!), and it bit me where it hurts. So thanks for putting up with my pebkac issues, people. Hopefully next time I'll do some clearer thinking about the problem before I post... D - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Best Practices for Deployment with separate Context XML file (Tomcat 6.0.20)
Thank you Chuck, you've been most helpful. Regards, James On 8 March 2010 19:41, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: James Matthews [mailto:jxmatth...@gmail.com] Subject: RE: Best Practices for Deployment with separate Context XML file (Tomcat 6.0.20) is using a separate Context XML file the best way of providing server-specific configuration to a tomcat web application? I think so, since otherwise the server administrator has to take the .war file apart, update context.xml or web.xml, and pack it all back together. Specific values can also be specified by system properties on the command line, and referenced in the webapp's context.xml, but that has its own issues with uniqueness and remembering to set the values when needed. Not using the standard webapps folder directly seems like bit of a work-around. It's the way I prefer to run the production apps, as opposed to the examples, docs, manager, etc., that come with Tomcat. (We keep the examples and docs deployed just to give people something to play with - there's no outside access to the system.) Having the production apps outside of the Tomcat directory structure makes it easy to update Tomcat versions when needed - and we do keep up with each release. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Icons ?
Greetings friends, Has the icon usage feature implemented in Tomcat : icon small-icon/icons/small-icon.gif/small-icon large-icon/icons/large-icon.ico/large-icon /icon This wont show any icon in my browser? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Multiple SSL certificates on same server
Hi, Here's an idea for you: You can use wildcard when generating your certificate, like *.domain.com, assuming your servers using same domain.com. Regards, Leon Kolchinsky On Tue, Mar 9, 2010 at 11:49, Crypto Sal crypto@gmail.com wrote: On 03/08/2010 06:46 PM, Richard Huntrods wrote: Does anyone know if it is possible, or has anyone done this: I have two applications running on a single server. The applications use different domains and URLs, so the single Tomcat instance can easily tell them apart. (Note: this part is currently working just fine). https://domain1/application1 https://domain2/application2 Again, both domains point to the same static IP, and yes, it is possible for someone to access either application from either domain. Normally, that is not an issue with the clients. However, I currently have only one SSL certificate on the server - this is for domain1. So if you use domain1 to access application1, it's all fine. The security cert comes up green and all that. BUT - if you try and access application2 via domain2, you get the red security cert (wrong domain / server name). I would like to purchase a second certificate for the second domain, and am wondering if this can be done, and how one would tell Tomcat (in server.xml) to acknowledge the second certificate. Currently the stuff in server.xml looks like this: Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 enableLookups=false scheme=https secure=true keystoreFile=./keys/.keystore keystorePass=myPassword clientAuth=false sslProtocol=TLS / I have a bad feeling it's not possible, but wanted to ask anyway. Thanks in advance. -R Richard, It's possible. It doesn't appear that Tomcat or Java(SUN) support RFC 3546 just yet (For Server Name Indication) even though Apache httpd does. However Windows XP users of IE will not be able to take advantage of SNI at this time anyway (to further rain on your parade). Vista and greater do make use of SNI though. Gotta wait for XP to die I guess. :-P End result: Multi-Domain Certificate, separate ports, separate IPs or a load balancer that distributes the load to an internal IP based on FQDN, to which you could then use X amount of different SSL certs.(This last bit may be a wee bit complicated) Hope this helps - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Secured photo rendering
the easiest implementation would be develop a security fence for your front end (https with secure connnector) http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html once the request is 'inside' the servlet (or listener or filter) you can reference 'local' folders which contain the necessary jpgs in this scenario all the jpgs in the folder would be behind a firewall there are more primitive means of securing (such as implementing .htaccess) although you'll want to weigh the performance degradation if you decide to go this route http://httpd.apache.org/docs/1.3/howto/htaccess.html hth Martin Gainty __ Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. Date: Mon, 8 Mar 2010 15:22:59 -0800 From: angelochen...@yahoo.com.hk To: users@tomcat.apache.org Subject: Secured photo rendering Hi, As I notice, the photo rendering usually uses file system/Apache to speed up displaying, a url point at a photo URL, the photo is still available even when the page is finished. Is there a way to show the photo only thru the page? somehow secure the photo? Thanks, Angelo -- View this message in context: http://old.nabble.com/Secured-photo-rendering-tp27829228p27829228.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org _ Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. http://clk.atdmt.com/GBL/go/201469229/direct/01/
Re: Context path configuration in tomcat5.5.28
Hi Konstantin, It is the same but now the problem is I can't use a hard coded path in the import statement in xsl. So I really wonder why relative paths in xsl:import are not working with context root deployment of the war. Regards, Tembug On Tue, Mar 9, 2010 at 5:12 AM, Konstantin Kolinko knst.koli...@gmail.comwrote: 2010/3/8 tembugs tembugs temb...@gmail.com: In my servelt, I try to transform my xml data available as a string to html using the xsl files available. http://marc.info/?t=12665788981r=1w=2 That was your thread. Is anything different now? Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat response Blank Page
I don't undestand it. But my page is not empty so why send out empty? Also, if u say some exception may exist, is it the exception for this user (me) only or exception in whole server (as the server is also using by other ppl). Shirley n828cl wrote: From: Pid [mailto:p...@pidster.com] Subject: Re: Tomcat response Blank Page Admittedly, I can't think of a way for the page to stop there as a result of an exception and still send a 200 status, but it's worth exploring. It's chunked output, so zero-length content is quite valid. I'm guessing whatever's been queued is just sent out - and somebody is swallowing the exception. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://old.nabble.com/Tomcat-response-Blank-Page-tp27792029p27831329.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat response Blank Page
What is the access log? How to check it? Pid Ster wrote: On 08/03/2010 04:37, Shirely wrote: No error log. This is the return packet No. TimeSourceDestination Protocol Info 3749 202.714770 118.142.22.3 192.168.1.109 HTTP HTTP/1.1 200 OK Sure, but that does the access log say, does it also say zero bytes sent? What happens if the line: Utility.writeToFile(/WP.txt,str +\n); throws an exception? The only line which writes output to the response is after that line, so if something stops the page before or at that line, then the response body will be empty. Admittedly, I can't think of a way for the page to stop there as a result of an exception and still send a 200 status, but it's worth exploring. Your JSP seems simple, but I can't tell exactly where it's writing the WP.txt file to, so this may also be causing a problem. p Frame 3749 (170 bytes on wire, 170 bytes captured) Ethernet II, Src: Tp-LinkT_d2:89:3a (00:25:86:d2:89:3a), Dst: Tp-LinkT_b8:40:30 (00:27:19:b8:40:30) Internet Protocol, Src: 118.142.22.3 (118.142.22.3), Dst: 192.168.1.109 (192.168.1.109) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) Total Length: 156 Identification: 0x112b (4395) Flags: 0x02 (Don't Fragment) Fragment offset: 0 Time to live: 119 Protocol: TCP (0x06) Header checksum: 0xa38a [correct] Source: 118.142.22.3 (118.142.22.3) Destination: 192.168.1.109 (192.168.1.109) Transmission Control Protocol, Src Port: http (80), Dst Port: 52568 (52568), Seq: 1, Ack: 379, Len: 116 Source port: http (80) Destination port: 52568 (52568) [Stream index: 71] Sequence number: 1(relative sequence number) [Next sequence number: 117(relative sequence number)] Acknowledgement number: 379(relative ack number) Header length: 20 bytes Flags: 0x18 (PSH, ACK) Window size: 65536 (scaled) Checksum: 0xa7be [validation disabled] [Good Checksum: False] [Bad Checksum: False] [SEQ/ACK analysis] Hypertext Transfer Protocol HTTP/1.1 200 OK\r\n [Expert Info (Chat/Sequence): HTTP/1.1 200 OK\r\n] Request Version: HTTP/1.1 Response Code: 200 Server: Apache-Coyote/1.1\r\n Transfer-Encoding: chunked\r\n Date: Mon, 08 Mar 2010 04:21:06 GMT\r\n \r\n HTTP chunked response End of chunked encoding Chunk size: 0 octets Chunk boundary 00 27 19 b8 40 30 00 25 86 d2 89 3a 08 00 45 00 .'@0.%...:..E. 0010 00 9c 11 2b 40 00 77 06 a3 8a 76 8e 16 03 c0 a8 @.w...v. 0020 01 6d 00 50 cd 58 78 1e 12 3a 3e 9b 5f d4 50 18 .m.P.Xx..:._.P. 0030 01 00 a7 be 00 00 48 54 54 50 2f 31 2e 31 20 32 ..HTTP/1.1 2 0040 30 30 20 4f 4b 0d 0a 53 65 72 76 65 72 3a 20 41 00 OK..Server: A 0050 70 61 63 68 65 2d 43 6f 79 6f 74 65 2f 31 2e 31 pache-Coyote/1.1 0060 0d 0a 54 72 61 6e 73 66 65 72 2d 45 6e 63 6f 64 ..Transfer-Encod 0070 69 6e 67 3a 20 63 68 75 6e 6b 65 64 0d 0a 44 61 ing: chunked..Da 0080 74 65 3a 20 4d 6f 6e 2c 20 30 38 20 4d 61 72 20 te: Mon, 08 Mar 0090 32 30 31 30 20 30 34 3a 32 31 3a 30 36 20 47 4d 2010 04:21:06 GM 00a0 54 0d 0a 0d 0a 30 0d 0a 0d 0a T0 Pid Ster wrote: On 06/03/2010 18:36, Shirely wrote: I already monitor it by network packet level, I found that server side have receive the reqeust. and it have response it by sending out a packet. but the response packet only have a 0 at the body part. How many bytes does the access log say it sent? Is there any error in any other log? p Shirley n828cl wrote: From: Shirely [mailto:shir...@powerelab.com] Subject: Re: Tomcat response Blank Page Then, I found that when it display blank page, it will not update the session counter and also didn't read to text file. Sounds like something in between is responding to the request, rather than it reaching the server. Try running Wireshark on each end and see if you can catch the failure. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -
RE: Tomcat response Blank Page
From: Shirely [mailto:shir...@powerelab.com] Subject: RE: Tomcat response Blank Page I don't undestand it. But my page is not empty so why send out empty? The output isn't empty - it's a chunked response with zero bytes in the body. Perfectly valid, and typical of a servlet that quits before it's done. Also, if u say some exception may exist, is it the exception for this user (me) only or exception in whole server (as the server is also using by other ppl). An exception is triggered when a thread has a problem not reportable by normal method result (e.g., an I/O error). Nothing to do with you, just what the thread was trying to do at the time. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat response Blank Page
From: Shirely [mailto:shir...@powerelab.com] Subject: Re: Tomcat response Blank Page What is the access log? How to check it? Read the doc: http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html#Access%20Log%20Valve - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Comet event.setTimeOut Bug!! Still no answer
Hi, I am not sure why my previous mail was not answered? I hope that i will get the reply this time So here is the same query again... Was curious what event.setTimeOut(timeOutValue) means on a comet event. 1. Does it mean that the request will timeout after timeOutValue and the server will close the connection and call the END event. I am trying to establish a persistent connection for asynchronous message delivery using comet. I create a chunked request (using socket) send HTTP POST with content. Then create thread which reads from the socket outputstream. On the server side on a comet event for the POST request 1. I set the event timeout to timeOutValue 2. Create a new thread passing the request,response and event 3. The event method of CometProcessor returns. Observations: 1. If there is no activity on the response object (i.e no data is sent) and if the comet client does not send any chunked data to the sever for timeOutValue + 1 an END event is called by the server. 2. To prevent the calling of END event in Observation 1. i send a chunked data from the client for every inactive interval of (timeOutValue -1) [Heartbeat kind of mechanism]. In this case every time i send a heartbeat, the event method on the server is triggered and event.setTimeOut is called again. This prevents the server from calling the END event of the request and my asynch message delivery from the thread i created runs fine and no END event is called Now from observation 2 what i found is as below: a. Every time event.setTimeout is called for the same http request (can be done for a chunked request sending some chunked data) the request timeout increases to (number of time event.setTimeOut is called) * (timeOutValue) I.e on consequetive calls to event.setTimeOut the timeout value is increased to (newtimeOutValue =oldTimeOutValue + timeOutValue) 1. Is this a bug in Comet? Or is this the desired behaviour? 2. What is the exact role of event.setTimeOut in case of normal request and in case of chunked request in which chunked data can be sent again and again? 3. For the asynch message delivery using comet as mentioned above is it required to refresh the connection after some inactive time,probably the timeOutValue? If yes, how can we assure that the END event is never called for this request, considering my applications lifetime for message delivery is the lifetime of the server once the thread is started. Thanks, Animesh
Re: Icons ?
On 09/03/2010 01:36, Ashika Umanga Umagiliya wrote: Greetings friends, Has the icon usage feature implemented in Tomcat : icon small-icon/icons/small-icon.gif/small-icon large-icon/icons/large-icon.ico/large-icon /icon This wont show any icon in my browser? Where are you expecting them to show up? Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
SV: Icons ?
It's not a favicon. Like in the addressbar. If thats what you mean. For that use link rel=shortcut icon href=favicon.ico on your webpage. Søren -Oprindelig meddelelse- Fra: Mark Thomas [mailto:ma...@apache.org] Sendt: 9. marts 2010 08:45 Til: Tomcat Users List Emne: Re: Icons ? On 09/03/2010 01:36, Ashika Umanga Umagiliya wrote: Greetings friends, Has the icon usage feature implemented in Tomcat : icon small-icon/icons/small-icon.gif/small-icon large-icon/icons/large-icon.ico/large-icon /icon This wont show any icon in my browser? Where are you expecting them to show up? Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org