Re: CGIServlet - Disregarding 404 error-page
That is exactly the line I am referring to. Simply replacing the call to res.setStatus with res.sendError would definitely be wrong due to what you described. That change is not what I am suggesting. It is simply what I did for a quick test. I was thinking it would be worth it to add a flag as a servlet init-param to allow support for the error-pages. The default would maintain current functionality so as not to break anything currently in place. Something like: if (!cgiEnv.isValid()) { if (shouldTriggerErrorPage) { res.sendError(404); } else { res.setStatus(404); } } There are also a few other calls to setStatus that would probably be handled the same way in order to handle other error codes as well. As for the if (!cgiEnv.isValid()) condition, isValid() will return false if a request is made for a file that does not exist. Since the file doesn't exist, I actually wanted to show a proper 404 error page matching the error pages for the rest of my server. Currently, all I see is a blank page from the CGIServlet since my debug level doesn't meet the logging condition. Thanks for the help, Jake On Mon, Mar 16, 2015 at 7:49 PM, Konstantin Kolinko knst.koli...@gmail.com wrote: 2015-03-16 21:52 GMT+03:00 Jacob Haverkost jdh5...@gmail.com: Version: 6.0.43 OS: Win7 x64 Currently, the CGIServlet does not appear to support using the 404 error-page specified in the web.xml (ROOT). The error-pages work fine This appears to be due to the line, res.setStatus(404);, inside of doGet(). According to the documentation for HttpServletResponse.setStatus(int), If this method is used to set an error code, then the container's error page mechanism will not be triggered. This line appears in all major versions of Tomcat that I have looked into (8.0.20, 7.0.59). Just for a quick test, I changed setStatus to sendError and the error-page worked as expected. Is there a way to have the error-page work without changing the source code? If not, should I submit a bug report to include a configuration parameter for the CGIServlet to allow support for the error-page? If you are talking about the following: (lines 612-614 in CGIServlet of current Tomcat 6.0.x) if (!cgiEnv.isValid()) { res.setStatus(404); } You cannot just change res.setStatus(404); with res.sendError(404), as that will break the following code that generates a HTML page with a debug message. See the block starting with if (debug = 10). My guess (without looking deep into this) is that if (!cgiEnv.isValid()) condition is there to catch a configuration error. I mean that you would not see that with a properly configured CGIServlet. If my guess is wrong, you need to provide a specific use case that demonstrates otherwise. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Error:Could not load [sun.rmi.transport.ObjectTable]
I decided to startup tomcat and check the first request -since the problem seems to be with references from a previous load. I got this exception: java.lang.NoSuchMethodError: sun.rmi.transport.ObjectTable.getStub(Ljava/rmi/Remote;)Ljava/rmi/server/RemoteStub; org.objectweb.carol.rmi.jrmp.server.JUnicastRemoteObject.unexportObject(JUnicastRemoteObject.java:138) org.objectweb.carol.rmi.multi.JrmpPRODelegate.unexportObject(JrmpPRODelegate.java:107) org.objectweb.carol.rmi.multi.MultiPRODelegate.unexportObject(MultiPRODelegate.java:107) javax.rmi.PortableRemoteObject.unexportObject(PortableRemoteObject.java:132) org.objectweb.jotm.SubCoordinator.doAfterCompletion(SubCoordinator.java:1584) org.objectweb.jotm.SubCoordinator.doRollback(SubCoordinator.java:1370) org.objectweb.jotm.SubCoordinator.rollback(SubCoordinator.java:330) org.objectweb.jotm.TransactionImpl.rollback(TransactionImpl.java:668) org.objectweb.jotm.Current.rollback(Current.java:538) On Mon, 3/16/15, Mark Thomas ma...@apache.org wrote: Subject: Re: Error:Could not load [sun.rmi.transport.ObjectTable] To: Tomcat Users List users@tomcat.apache.org Date: Monday, March 16, 2015, 2:31 AM On 16/03/2015 02:55, nandy r wrote: Hello, I am trying to setup tomcat+jotm+sqlite and I get this exception stack: java.lang.IllegalStateException: Illegal access: this web application instance has been stopped already. snip/ This seems more a java rmi issue although I am not sure. I googled but could not find anything of interest so any help much appreciated. The root cause looks pretty obvious. You are trying to use a web application that has already been stopped. It is possible you have some sort of memory leak. This should help you track that down: http://people.apache.org/~markt/presentations/2010-11-04-Memory-Leaks-60mins.pdf Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Multiple SSL certificates on one Instance
On 16/03/2015 12:53, Rory Kelly wrote: Hey guys, I’ve a bad feeling what I’m trying to do is impossible, and I’m going to have to implement a different solution. Been hunting for an answer, but couldn’t find anything definite. I’m running Tomcat 8.0.18, Java 1.7.0_75-b13, Ubuntu 14.04. I have multiple sites running on Virtual Hosts on the instance. For a bit of background, I am intending on creating a 2-server load balanced system using nginx as a balancer on virtual servers (Best I can do, given our hosting/not possible to move away from it) I need each site to be protected by its own SSL certificate, provided by the client for each site. Can I actually have multiple SSL certs with Tomcat Virtual Hosts, or am I going to have to go learn nginx/httpd and provide it that way? https://bz.apache.org/bugzilla/show_bug.cgi?id=57108 Mark Thanks, Rory - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) when starting Embedded Tomcat Instance
Hi, 2015-03-16 15:33 GMT+02:00 Thusitha Thilina Dayaratne thusit...@wso2.com: Hi Violeta Hi, 2015-03-16 15:07 GMT+02:00 Thusitha Thilina Dayaratne thusit...@wso2.com : ERROR {org.apache.catalina.core.ApplicationDispatcher} - Servlet.service() for servlet bridgeservlet threw exception java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) at org.apache.jasper.compiler.Parser.parseTaglibDirective(Parser.java:410) at org.apache.jasper.compiler.Parser.parseDirective(Parser.java:469) at org.apache.jasper.compiler.Parser.parseElements(Parser.java:1430) at org.apache.jasper.compiler.Parser.parse(Parser.java:139) snip/ I can't figure out the reason to get this NullPointerException. Can someone help me out? If we knew which version of Tomcat 8 you were using, someone could look at the relevant source code to try to figure out what was going on. I'm using tomcat version *8.0.20* Browse to the sourcecode of v8.0.20 of tomcat here: public TldResourcePath getTldResourcePath(String uri) { return getOptions().getTldCache().getTldResourcePath(uri); } Thanks for the quick response Obviously either getOptions() or getTldCache() is returning null. I debug the code as you suggest and found that getTldCache() is null. In the code As I understand there are 2 point which set the *tldCache* variable one is the setTldCache() method and other is public static TldCache getInstance(ServletContext servletContext) { if (servletContext == null) { throw new IllegalArgumentException(Localizer.getMessage( org.apache.jasper.compiler.TldCache.servletContextNull)); } return (TldCache) servletContext.getAttribute(SERVLET_CONTEXT_ATTRIBUTE_NAME); } If you can attach a debugger try to see whether the code below is invoked: org.apache.jasper.servlet.JasperInitializer.onStartup(SetClass?, ServletContext) { . context.setAttribute(TldCache.SERVLET_CONTEXT_ATTRIBUTE_NAME, new TldCache(context, scanner.getUriTldResourcePathMap(), scanner.getTldResourcePathTaglibXmlMap())); } I have checked that as well. But that method didn't get hot when I'm debugging the source. what could be the reason? You wrote that you are running an embedded Tomcat. Is that true? In Tomcat 8, Jasper initialization is implemented as a standard ServletContainderInitializer (check Servlet specification). So you should ensure that org.apache.jasper.servlet.JasperInitializer.onStartup is invoked during web app startup. Regards, Violeta Thanks Regards Thusitha
Re: Slow http denial of service
As browsers (at least the ones I know) open 2 connections to browse websites, we could have a look on the hourly stats and estimate this (under 100 without problem). I never met such problem anyway, the highest trafic being 120 000 different users/day. If you really have to face DDOS as said by Christopher, you would have to use something like cloudflare. For very big sites, AKAMAI,.. 2015-03-16 13:50 GMT+01:00 David kerber dcker...@verizon.net: On 3/16/2015 8:41 AM, Robert Klemme wrote: On Sun, Mar 15, 2015 at 10:07 AM, Aurélien Terrestris aterrest...@gmail.com wrote: I agree with the NIO connector which gives good results to this problem. Also, on Linux you can configure iptables firewall to limit the number of connections from one IP ( http://unix.stackexchange.com/questions/139285/limit-max-connections-per-ip-address-and-new-connections-per-second-with-iptable ) What I find difficult about this approach is that because of NAT the number of individual machines (and hence connections that are reasonable) behind a single IP can vary vastly. What value will you pick to not discriminate large organizations? That is a reasonable question, but the owner of a web site should have some idea of who their clients are, and have a feel for a reasonable number to allow. Obviously a site with a large clientele will be able to handle a larger number of connections, whether they're legit or not. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) when starting Embedded Tomcat Instance
Hi, 2015-03-16 15:07 GMT+02:00 Thusitha Thilina Dayaratne thusit...@wso2.com: ERROR {org.apache.catalina.core.ApplicationDispatcher} - Servlet.service() for servlet bridgeservlet threw exception java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) at org.apache.jasper.compiler.Parser.parseTaglibDirective(Parser.java:410) at org.apache.jasper.compiler.Parser.parseDirective(Parser.java:469) at org.apache.jasper.compiler.Parser.parseElements(Parser.java:1430) at org.apache.jasper.compiler.Parser.parse(Parser.java:139) snip/ I can't figure out the reason to get this NullPointerException. Can someone help me out? If we knew which version of Tomcat 8 you were using, someone could look at the relevant source code to try to figure out what was going on. I'm using tomcat version *8.0.20* Browse to the sourcecode of v8.0.20 of tomcat here: public TldResourcePath getTldResourcePath(String uri) { return getOptions().getTldCache().getTldResourcePath(uri); } Thanks for the quick response Obviously either getOptions() or getTldCache() is returning null. I debug the code as you suggest and found that getTldCache() is null. In the code As I understand there are 2 point which set the *tldCache* variable one is the setTldCache() method and other is public static TldCache getInstance(ServletContext servletContext) { if (servletContext == null) { throw new IllegalArgumentException(Localizer.getMessage( org.apache.jasper.compiler.TldCache.servletContextNull)); } return (TldCache) servletContext.getAttribute(SERVLET_CONTEXT_ATTRIBUTE_NAME); } If you can attach a debugger try to see whether the code below is invoked: org.apache.jasper.servlet.JasperInitializer.onStartup(SetClass?, ServletContext) { . context.setAttribute(TldCache.SERVLET_CONTEXT_ATTRIBUTE_NAME, new TldCache(context, scanner.getUriTldResourcePathMap(), scanner.getTldResourcePathTaglibXmlMap())); } Regards, Violeta from this 2 methods I couldn't find any point that setTldCache() is been used. So I think getInstance() is the method that is been used. Should I manually set the value o tldCache? Thanks Regards /Thusitha
Re: Slow http denial of service
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Robert, On 3/16/15 8:41 AM, Robert Klemme wrote: On Sun, Mar 15, 2015 at 10:07 AM, Aurélien Terrestris aterrest...@gmail.com wrote: I agree with the NIO connector which gives good results to this problem. Also, on Linux you can configure iptables firewall to limit the number of connections from one IP ( http://unix.stackexchange.com/questions/139285/limit-max-connections-per-ip-address-and-new-connections-per-second-with-iptable ) What I find difficult about this approach is that because of NAT the number of individual machines (and hence connections that are reasonable) behind a single IP can vary vastly. What value will you pick to not discriminate large organizations? Or anyone using a service like AOL which proxies everyone through a small number of IP addresses. If you are worried about a DOS but not a DDOS, you aren't being honest with yourself. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVBs/xAAoJEBzwKT+lPKRYwjMQAI9nL3jhu1C+3yD4b5mmGpmQ 1+YXu71FHpC31M4/a5mQNkoa+n1UFJ9BUJx46TuamFBfoh34Y2IIzQCgrK6MDEjv PhF+/67+xTEeGhjGdN941aLvuJrM4EaMsc1/SPOpct9XEadf4RehdNCj7C4b1CIA BrH5ZvUYJNInaiZSl6ypIHkZ2JaeebdNvtuH5OMzQPPjuM30iCuNZPr++mzLjIDu 7H820ykyB34zUUbhAfZUaogoM2TAqevDUwCNp6aPbZLm4wQjilgLweGM+dJmVFMq onuNPTC11sVIYc3SyIZljPWeuz7I9yXStobFgLLFzWKKiaw8rj/Kd5SewCYe1DWJ IQfe0ZOOCqixU/uLVMUq5D2ch0U3ujDxrVnYds5ojXP57ZvmBW1PhJjzQag+Z2L/ rK4p/IZzNMjli8MeX4NkzV4iu/eGxfaKE2EZ+agAl9Hw9BLY4K6VvZSLIimk4PYE wy3VBQy97KwaVP1FvTHHCSWABpkKYZornDBobwn4kmSXJwVux0r2atCiFRNE4ry6 Fsa+XnHtKj3ui1X6R4QkiUgXXJaHQhLLeBjKGCZB5HNfNMTOrce/agWC1Q6u1Fv/ Gaxv1ls1nB9KiW7XN4H4NQ2fa+2z6pv8RMOgnnlCAlgd70Wq9a+fGKI2Bwdakaed Eax7olF7+ucQw8YmkXCV =OJJX -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) when starting Embedded Tomcat Instance
Hi Violeta Hi, 2015-03-16 15:07 GMT+02:00 Thusitha Thilina Dayaratne thusit...@wso2.com: ERROR {org.apache.catalina.core.ApplicationDispatcher} - Servlet.service() for servlet bridgeservlet threw exception java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) at org.apache.jasper.compiler.Parser.parseTaglibDirective(Parser.java:410) at org.apache.jasper.compiler.Parser.parseDirective(Parser.java:469) at org.apache.jasper.compiler.Parser.parseElements(Parser.java:1430) at org.apache.jasper.compiler.Parser.parse(Parser.java:139) snip/ I can't figure out the reason to get this NullPointerException. Can someone help me out? If we knew which version of Tomcat 8 you were using, someone could look at the relevant source code to try to figure out what was going on. I'm using tomcat version *8.0.20* Browse to the sourcecode of v8.0.20 of tomcat here: public TldResourcePath getTldResourcePath(String uri) { return getOptions().getTldCache().getTldResourcePath(uri); } Thanks for the quick response Obviously either getOptions() or getTldCache() is returning null. I debug the code as you suggest and found that getTldCache() is null. In the code As I understand there are 2 point which set the *tldCache* variable one is the setTldCache() method and other is public static TldCache getInstance(ServletContext servletContext) { if (servletContext == null) { throw new IllegalArgumentException(Localizer.getMessage( org.apache.jasper.compiler.TldCache.servletContextNull)); } return (TldCache) servletContext.getAttribute(SERVLET_CONTEXT_ATTRIBUTE_NAME); } If you can attach a debugger try to see whether the code below is invoked: org.apache.jasper.servlet.JasperInitializer.onStartup(SetClass?, ServletContext) { . context.setAttribute(TldCache.SERVLET_CONTEXT_ATTRIBUTE_NAME, new TldCache(context, scanner.getUriTldResourcePathMap(), scanner.getTldResourcePathTaglibXmlMap())); } I have checked that as well. But that method didn't get hot when I'm debugging the source. what could be the reason? Thanks Regards Thusitha On Mon, Mar 16, 2015 at 6:59 PM, Violeta Georgieva miles...@gmail.com wrote: Hi, 2015-03-16 15:07 GMT+02:00 Thusitha Thilina Dayaratne thusit...@wso2.com : ERROR {org.apache.catalina.core.ApplicationDispatcher} - Servlet.service() for servlet bridgeservlet threw exception java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) at org.apache.jasper.compiler.Parser.parseTaglibDirective(Parser.java:410) at org.apache.jasper.compiler.Parser.parseDirective(Parser.java:469) at org.apache.jasper.compiler.Parser.parseElements(Parser.java:1430) at org.apache.jasper.compiler.Parser.parse(Parser.java:139) snip/ I can't figure out the reason to get this NullPointerException. Can someone help me out? If we knew which version of Tomcat 8 you were using, someone could look at the relevant source code to try to figure out what was going on. I'm using tomcat version *8.0.20* Browse to the sourcecode of v8.0.20 of tomcat here: public TldResourcePath getTldResourcePath(String uri) { return getOptions().getTldCache().getTldResourcePath(uri); } Thanks for the quick response Obviously either getOptions() or getTldCache() is returning null. I debug the code as you suggest and found that getTldCache() is null. In the code As I understand there are 2 point which set the *tldCache* variable one is the setTldCache() method and other is public static TldCache getInstance(ServletContext servletContext) { if (servletContext == null) { throw new IllegalArgumentException(Localizer.getMessage( org.apache.jasper.compiler.TldCache.servletContextNull)); } return (TldCache) servletContext.getAttribute(SERVLET_CONTEXT_ATTRIBUTE_NAME); } If you can attach a debugger try to see whether the code below is invoked: org.apache.jasper.servlet.JasperInitializer.onStartup(SetClass?, ServletContext) { . context.setAttribute(TldCache.SERVLET_CONTEXT_ATTRIBUTE_NAME, new TldCache(context, scanner.getUriTldResourcePathMap(), scanner.getTldResourcePathTaglibXmlMap())); } Regards, Violeta from this 2 methods I couldn't find any point that setTldCache() is been used. So I think getInstance() is the method that is been used. Should I manually set the value o tldCache? Thanks Regards /Thusitha -- Thusitha Dayaratne Software Engineer WSO2 Inc. - lean . enterprise . middleware | wso2.com Mobile +94712756809 Blog alokayasoya.blogspot.com Abouthttp://about.me/thusithathilina
Re: How to use Jasper to Parse JSP
On 16/03/2015 09:19, kaori hattanda wrote: Dear Jasper I develop a tool for JSP's static code analysis. I would like to use parse result of jsp files for my tool. I am assuming that the result is a syntax tree. Assumptions are never a good idea. Take a look at the source code for Jasper to see where JSP parsing is done and the form that the results take. Hint: look in the org.apache.jasper.compiler package. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Slow http denial of service
On 3/16/2015 8:41 AM, Robert Klemme wrote: On Sun, Mar 15, 2015 at 10:07 AM, Aurélien Terrestris aterrest...@gmail.com wrote: I agree with the NIO connector which gives good results to this problem. Also, on Linux you can configure iptables firewall to limit the number of connections from one IP ( http://unix.stackexchange.com/questions/139285/limit-max-connections-per-ip-address-and-new-connections-per-second-with-iptable ) What I find difficult about this approach is that because of NAT the number of individual machines (and hence connections that are reasonable) behind a single IP can vary vastly. What value will you pick to not discriminate large organizations? That is a reasonable question, but the owner of a web site should have some idea of who their clients are, and have a feel for a reasonable number to allow. Obviously a site with a large clientele will be able to handle a larger number of connections, whether they're legit or not. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) when starting Embedded Tomcat Instance
ERROR {org.apache.catalina.core.ApplicationDispatcher} - Servlet.service() for servlet bridgeservlet threw exception java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) at org.apache.jasper.compiler.Parser.parseTaglibDirective(Parser.java:410) at org.apache.jasper.compiler.Parser.parseDirective(Parser.java:469) at org.apache.jasper.compiler.Parser.parseElements(Parser.java:1430) at org.apache.jasper.compiler.Parser.parse(Parser.java:139) snip/ I can't figure out the reason to get this NullPointerException. Can someone help me out? If we knew which version of Tomcat 8 you were using, someone could look at the relevant source code to try to figure out what was going on. I'm using tomcat version *8.0.20* Browse to the sourcecode of v8.0.20 of tomcat here: public TldResourcePath getTldResourcePath(String uri) { return getOptions().getTldCache().getTldResourcePath(uri); } Thanks for the quick response Obviously either getOptions() or getTldCache() is returning null. I debug the code as you suggest and found that getTldCache() is null. In the code As I understand there are 2 point which set the *tldCache* variable one is the setTldCache() method and other is public static TldCache getInstance(ServletContext servletContext) { if (servletContext == null) { throw new IllegalArgumentException(Localizer.getMessage( org.apache.jasper.compiler.TldCache.servletContextNull)); } return (TldCache) servletContext.getAttribute(SERVLET_CONTEXT_ATTRIBUTE_NAME); } from this 2 methods I couldn't find any point that setTldCache() is been used. So I think getInstance() is the method that is been used. Should I manually set the value o tldCache? Thanks Regards /Thusitha
Re: Error:Could not load [sun.rmi.transport.ObjectTable]
On 16/03/2015 02:55, nandy r wrote: Hello, I am trying to setup tomcat+jotm+sqlite and I get this exception stack: java.lang.IllegalStateException: Illegal access: this web application instance has been stopped already. snip/ This seems more a java rmi issue although I am not sure. I googled but could not find anything of interest so any help much appreciated. The root cause looks pretty obvious. You are trying to use a web application that has already been stopped. It is possible you have some sort of memory leak. This should help you track that down: http://people.apache.org/~markt/presentations/2010-11-04-Memory-Leaks-60mins.pdf Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AW: digest.bat -a MD5 in Tomcat 8
On 16/03/2015 11:23, Igor Mukhin wrote: Mark, thanks you, now I understand how it is build. I think that I have to use plain MD5 without salt if I want to use DIGEST authentication. Correct. Tomcat 8 documentation should say that people have to use -s 0 flag and copy md5 just after the last $-sign. I'll take a look. We can also modify the output format for no salt and 1 iteration. Mark Mit freundlichen Grüßen Igor Mukhin -Ursprüngliche Nachricht- Von: Mark Thomas [mailto:ma...@apache.org] Gesendet: Montag, 16. März 2015 12:17 An: Tomcat Users List Betreff: Re: digest.bat -a MD5 in Tomcat 8 On 16/03/2015 10:22, Igor Mukhin wrote: Hello, I just tried to execute on Tomcat 8.0.20 : digest.bat -a MD5 myusername:myrealm:mypassword and it replyed with: myusername:myrealm:mypassword:283c7c0d977648d4dc3def5a20e2a595701a7542 44baec7153d40e8ee30ff6a5$1$f47f1b081edd3627ed24d67274dd6e15 I used this long MD5 (283c7c0d977648d4dc3def5a20e2a595701a754244baec7153d40e8ee30ff6a5$1$f4 7f1b081edd3627ed24d67274dd6e15) in my tomcat-user.xml and the user couldn't login with DIGEST method. Then I tried to execute the same command on Tomcat 6.0.43 and got: myusername:myrealm:mypassword:8fcc8ae2c169463bab76eb7124aede7b I used the short MD5 (8fcc8ae2c169463bab76eb7124aede7b) ) in my Tomcat 8's tomcat-user.xml and the login is working again! (DIGEST method) Question: Why Tomcat8's digest.bat is generating such a long MD5? It doesn't look the same as earlier and it is not working. The credential output format is different (salt$iterations$digest) and salt is enabled by default. If you try digest -s 0 -a MD5 foo:foo:foo you get foo:foo:foo:$1$67ec44ba7c1234c8f201c261183e9d25 If you try digest -a MD5 foo:foo:foo on Tomcat 6 you get foo:foo:foo:67ec44ba7c1234c8f201c261183e9d25 Tomcat 8 will accept either format although it always generates them in the new format. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org w.e.b. Wirth EDV Beratung OHG Jesuitenstrasse 11 85049 Ingolstadt Telefon +49 (0)841 981280 Telefax +49 (0)841 9812828 http://www.web-dienstleister.de Sitz der Gesellschaft: Ingolstadt Registergericht: Amtsgericht Ingolstadt, HRA 1833 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: digest.bat -a MD5 in Tomcat 8
On 16/03/2015 10:22, Igor Mukhin wrote: Hello, I just tried to execute on Tomcat 8.0.20 : digest.bat -a MD5 myusername:myrealm:mypassword and it replyed with: myusername:myrealm:mypassword:283c7c0d977648d4dc3def5a20e2a595701a754244baec7153d40e8ee30ff6a5$1$f47f1b081edd3627ed24d67274dd6e15 I used this long MD5 (283c7c0d977648d4dc3def5a20e2a595701a754244baec7153d40e8ee30ff6a5$1$f47f1b081edd3627ed24d67274dd6e15) in my tomcat-user.xml and the user couldn't login with DIGEST method. Then I tried to execute the same command on Tomcat 6.0.43 and got: myusername:myrealm:mypassword:8fcc8ae2c169463bab76eb7124aede7b I used the short MD5 (8fcc8ae2c169463bab76eb7124aede7b) ) in my Tomcat 8's tomcat-user.xml and the login is working again! (DIGEST method) Question: Why Tomcat8's digest.bat is generating such a long MD5? It doesn't look the same as earlier and it is not working. The credential output format is different (salt$iterations$digest) and salt is enabled by default. If you try digest -s 0 -a MD5 foo:foo:foo you get foo:foo:foo:$1$67ec44ba7c1234c8f201c261183e9d25 If you try digest -a MD5 foo:foo:foo on Tomcat 6 you get foo:foo:foo:67ec44ba7c1234c8f201c261183e9d25 Tomcat 8 will accept either format although it always generates them in the new format. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) when starting Embedded Tomcat Instance
On 16 Mar 2015, at 11:48 AM, Thusitha Thilina Dayaratne thusit...@wso2.com wrote: ERROR {org.apache.catalina.core.ApplicationDispatcher} - Servlet.service() for servlet bridgeservlet threw exception java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) at org.apache.jasper.compiler.Parser.parseTaglibDirective(Parser.java:410) at org.apache.jasper.compiler.Parser.parseDirective(Parser.java:469) at org.apache.jasper.compiler.Parser.parseElements(Parser.java:1430) at org.apache.jasper.compiler.Parser.parse(Parser.java:139) snip/ I can't figure out the reason to get this NullPointerException. Can someone help me out? If we knew which version of Tomcat 8 you were using, someone could look at the relevant source code to try to figure out what was going on. I'm using tomcat version *8.0.20* Browse to the sourcecode of v8.0.20 of tomcat here: https://svn.apache.org/viewvc/tomcat/tc8.0.x/tags/TOMCAT_8_0_20/java/org/apache/jasper/JspCompilationContext.java?view=markup The lines you want look like this: 535 public TldResourcePath getTldResourcePath(String uri) { 536 return getOptions().getTldCache().getTldResourcePath(uri); 537 } Obviously either getOptions() or getTldCache() is returning null. Reverse engineer the source to find out which, or stop the code in a debugger. Regards, Graham — - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) when starting Embedded Tomcat Instance
On 16/03/2015 09:26, Thusitha Thilina Dayaratne wrote: Hi All, I'm in the process of migrating embedded tomcat application from Tomcat 7 to Tomcat 8. When I'm trying to start the embedded instance I'm getting a NullPointerException Here is the stacktrace ERROR {org.apache.catalina.core.ApplicationDispatcher} - Servlet.service() for servlet bridgeservlet threw exception java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) at org.apache.jasper.compiler.Parser.parseTaglibDirective(Parser.java:410) at org.apache.jasper.compiler.Parser.parseDirective(Parser.java:469) at org.apache.jasper.compiler.Parser.parseElements(Parser.java:1430) at org.apache.jasper.compiler.Parser.parse(Parser.java:139) snip/ I can't figure out the reason to get this NullPointerException. Can someone help me out? If we knew which version of Tomcat 8 you were using, someone could look at the relevant source code to try to figure out what was going on. Hint: Tomcat is open source. You can look at the source code too. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Multiple SSL certificates on one Instance
Hey guys, I’ve a bad feeling what I’m trying to do is impossible, and I’m going to have to implement a different solution. Been hunting for an answer, but couldn’t find anything definite. I’m running Tomcat 8.0.18, Java 1.7.0_75-b13, Ubuntu 14.04. I have multiple sites running on Virtual Hosts on the instance. For a bit of background, I am intending on creating a 2-server load balanced system using nginx as a balancer on virtual servers (Best I can do, given our hosting/not possible to move away from it) I need each site to be protected by its own SSL certificate, provided by the client for each site. Can I actually have multiple SSL certs with Tomcat Virtual Hosts, or am I going to have to go learn nginx/httpd and provide it that way? Thanks, Rory
Re: java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) when starting Embedded Tomcat Instance
Hi Violeta, 2015-03-16 15:33 GMT+02:00 Thusitha Thilina Dayaratne thusit...@wso2.com: Hi Violeta Hi, 2015-03-16 15:07 GMT+02:00 Thusitha Thilina Dayaratne thusit...@wso2.com : ERROR {org.apache.catalina.core.ApplicationDispatcher} - Servlet.service() for servlet bridgeservlet threw exception java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) at org.apache.jasper.compiler.Parser.parseTaglibDirective(Parser.java:410) at org.apache.jasper.compiler.Parser.parseDirective(Parser.java:469) at org.apache.jasper.compiler.Parser.parseElements(Parser.java:1430) at org.apache.jasper.compiler.Parser.parse(Parser.java:139) snip/ I can't figure out the reason to get this NullPointerException. Can someone help me out? If we knew which version of Tomcat 8 you were using, someone could look at the relevant source code to try to figure out what was going on. I'm using tomcat version *8.0.20* Browse to the sourcecode of v8.0.20 of tomcat here: public TldResourcePath getTldResourcePath(String uri) { return getOptions().getTldCache().getTldResourcePath(uri); } Thanks for the quick response Obviously either getOptions() or getTldCache() is returning null. I debug the code as you suggest and found that getTldCache() is null. In the code As I understand there are 2 point which set the *tldCache* variable one is the setTldCache() method and other is public static TldCache getInstance(ServletContext servletContext) { if (servletContext == null) { throw new IllegalArgumentException(Localizer.getMessage( org.apache.jasper.compiler.TldCache.servletContextNull)); } return (TldCache) servletContext.getAttribute(SERVLET_CONTEXT_ATTRIBUTE_NAME); } If you can attach a debugger try to see whether the code below is invoked: org.apache.jasper.servlet.JasperInitializer.onStartup(SetClass?, ServletContext) { . context.setAttribute(TldCache.SERVLET_CONTEXT_ATTRIBUTE_NAME, new TldCache(context, scanner.getUriTldResourcePathMap(), scanner.getTldResourcePathTaglibXmlMap())); } I have checked that as well. But that method didn't get hot when I'm debugging the source. what could be the reason? You wrote that you are running an embedded Tomcat. Is that true? In Tomcat 8, Jasper initialization is implemented as a standard ServletContainderInitializer (check Servlet specification). So you should ensure that org.apache.jasper.servlet.JasperInitializer.onStartup is invoked during web app startup Thanks for the quick response. Could you please tell me how can I do so? Thanks Best Regards /Thusitha On Mon, Mar 16, 2015 at 7:22 PM, Violeta Georgieva miles...@gmail.com wrote: Hi, 2015-03-16 15:33 GMT+02:00 Thusitha Thilina Dayaratne thusit...@wso2.com : Hi Violeta Hi, 2015-03-16 15:07 GMT+02:00 Thusitha Thilina Dayaratne thusit...@wso2.com : ERROR {org.apache.catalina.core.ApplicationDispatcher} - Servlet.service() for servlet bridgeservlet threw exception java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) at org.apache.jasper.compiler.Parser.parseTaglibDirective(Parser.java:410) at org.apache.jasper.compiler.Parser.parseDirective(Parser.java:469) at org.apache.jasper.compiler.Parser.parseElements(Parser.java:1430) at org.apache.jasper.compiler.Parser.parse(Parser.java:139) snip/ I can't figure out the reason to get this NullPointerException. Can someone help me out? If we knew which version of Tomcat 8 you were using, someone could look at the relevant source code to try to figure out what was going on. I'm using tomcat version *8.0.20* Browse to the sourcecode of v8.0.20 of tomcat here: public TldResourcePath getTldResourcePath(String uri) { return getOptions().getTldCache().getTldResourcePath(uri); } Thanks for the quick response Obviously either getOptions() or getTldCache() is returning null. I debug the code as you suggest and found that getTldCache() is null. In the code As I understand there are 2 point which set the *tldCache* variable one is the setTldCache() method and other is public static TldCache getInstance(ServletContext servletContext) { if (servletContext == null) { throw new IllegalArgumentException(Localizer.getMessage( org.apache.jasper.compiler.TldCache.servletContextNull)); } return (TldCache) servletContext.getAttribute(SERVLET_CONTEXT_ATTRIBUTE_NAME); } If you can attach a debugger try to see whether the code below is invoked: org.apache.jasper.servlet.JasperInitializer.onStartup(SetClass?, ServletContext) { .
Re: Slow http denial of service
Christopher, there are several questions in the same thread.. The first one about SlowLoris was answered a long ago ( http://tomcat.10.x6.nabble.com/is-tomcat-6-0-35-vulnerable-to-CVE-2007-6750-td585.html ). On the contrary, for fast connections opening (DOS), we can configure the firewall in order to temporarily ban an IP if it has reached something like 20 connections/second. The problem becomes more difficult if we're facing a DDOS : if the trafic is good old HTTP then we must challenge our clients (catpcha, javascript) then we know who we have to ban (F5 products can do that, or use Cloudflare/AKAMAI). If it's not HTTP (IP spoofing, DNS recursive requests,..) we need to configure the router or the entrance firewall. I believe there is no cheap solution to fight against a 300G/s flood. What about non-users? Blocked by router/firewall if they were sending something really stupid so I don't have any idea about how many of them. Google bots and others, even not 1% of trafic. We had several crash because of too much trafic when thousands of people were connecting at the same time to get a special news from the company. This doesn't happen anymore after buying servers 20 times more powerfull, but I'm not working there anymore. 2015-03-16 21:09 GMT+01:00 Christopher Schultz ch...@christopherschultz.net: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Aurélien, On 3/16/15 9:16 AM, Aurélien Terrestris wrote: As browsers (at least the ones I know) open 2 connections to browse websites That number has been bigger than 2 for quite a while, now: http://stackoverflow.com/questions/985431/max-parallel-http-connections-in-a-browser We aren't talking about nice clients, here, though, but clients that are intentionally trying to bring-down a site. The maximum number of connections a legit web browser will open to a single host/IP is not relevant. we could have a look on the hourly stats and estimate this (under 100 without problem). I never met such problem anyway, the highest traffic being 120 000 different users/day. What about non-users? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVBzhjAAoJEBzwKT+lPKRYyiMQAMoied29A55351fkrU5HHdkR nILbSHhxH0UGiCAw+Fcp8SNdP7lD5mLiRH8+Mn9Vlp7TkK8AfQIRPWTwj605RRME c9e0VWFnNmMvDbKL+DhyMHKTK/c7LgVABh9l7v5JbiSUBtnyQNeQDBtep4Q5oxuz +P6t7PbDWILLntVHdcUxNMJQFiQkI1VRQ3dYPGu2kRxXTOk7OpHSqZkNhq2XCpH5 /isZlTJtU02l9GqFb3cNFWc2vM94Lp2ATVfUs6vZdYnUQ1oSrUdsWAy76CKdNjII HY5KUiRmyNtxY2JDHlqbcjA7rmOOTcb+68T1qy4ZSmQmDLaBuBR0ajWHOgJ4Btp8 bUgk+4yB32Af8IZ3sr4Asa8aMf1LTNx+1x6TVO0en5VD4WwFbGZ5EdZmW/SZdvWY 0Bu/RNgaydK/Jac5A4RKlEFfP4VJz/r0ST4Cxqq3t1UC0OHS46SFDg0gwXAnEuSt Qsk71YeuWJG8zolL05pXqSehr836H1s7FjG2rych1mwa53T+Agx8+5Cp/zd3fv59 zJ2ivJ7Cr2JAm4CInx7ic0cTuqmjOneRJIKb9WYSzHMoGLw+IVyx3v3Ykru/XlM9 AOfi5zENQ2tVDKCUBgNSdYd/amS6VNliFzbhkw0/cDYvw7HffxNw6Xd43wg388wG VrSu31Roqi3bRVr15Mwl =/YWE -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Multiple SSL certificates on one Instance
hi 2 points: configure the reverse proxy is simpler. tomcat may be harder to troubleshoot issues. i would take the prxy to do that, in fact we use squid rev-proxy to solve exact the same problem. Regards Stefan 2015-03-16 14:16 GMT+01:00 Mark Thomas ma...@apache.org: On 16/03/2015 12:53, Rory Kelly wrote: Hey guys, I’ve a bad feeling what I’m trying to do is impossible, and I’m going to have to implement a different solution. Been hunting for an answer, but couldn’t find anything definite. I’m running Tomcat 8.0.18, Java 1.7.0_75-b13, Ubuntu 14.04. I have multiple sites running on Virtual Hosts on the instance. For a bit of background, I am intending on creating a 2-server load balanced system using nginx as a balancer on virtual servers (Best I can do, given our hosting/not possible to move away from it) I need each site to be protected by its own SSL certificate, provided by the client for each site. Can I actually have multiple SSL certs with Tomcat Virtual Hosts, or am I going to have to go learn nginx/httpd and provide it that way? https://bz.apache.org/bugzilla/show_bug.cgi?id=57108 Mark Thanks, Rory - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: CGIServlet - Disregarding 404 error-page
2015-03-16 21:52 GMT+03:00 Jacob Haverkost jdh5...@gmail.com: Version: 6.0.43 OS: Win7 x64 Currently, the CGIServlet does not appear to support using the 404 error-page specified in the web.xml (ROOT). The error-pages work fine This appears to be due to the line, res.setStatus(404);, inside of doGet(). According to the documentation for HttpServletResponse.setStatus(int), If this method is used to set an error code, then the container's error page mechanism will not be triggered. This line appears in all major versions of Tomcat that I have looked into (8.0.20, 7.0.59). Just for a quick test, I changed setStatus to sendError and the error-page worked as expected. Is there a way to have the error-page work without changing the source code? If not, should I submit a bug report to include a configuration parameter for the CGIServlet to allow support for the error-page? If you are talking about the following: (lines 612-614 in CGIServlet of current Tomcat 6.0.x) if (!cgiEnv.isValid()) { res.setStatus(404); } You cannot just change res.setStatus(404); with res.sendError(404), as that will break the following code that generates a HTML page with a debug message. See the block starting with if (debug = 10). My guess (without looking deep into this) is that if (!cgiEnv.isValid()) condition is there to catch a configuration error. I mean that you would not see that with a properly configured CGIServlet. If my guess is wrong, you need to provide a specific use case that demonstrates otherwise. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
CGIServlet - Disregarding 404 error-page
Version: 6.0.43 OS: Win7 x64 Currently, the CGIServlet does not appear to support using the 404 error-page specified in the web.xml (ROOT). The error-pages work fine This appears to be due to the line, res.setStatus(404);, inside of doGet(). According to the documentation for HttpServletResponse.setStatus(int), If this method is used to set an error code, then the container's error page mechanism will not be triggered. This line appears in all major versions of Tomcat that I have looked into (8.0.20, 7.0.59). Just for a quick test, I changed setStatus to sendError and the error-page worked as expected. Is there a way to have the error-page work without changing the source code? If not, should I submit a bug report to include a configuration parameter for the CGIServlet to allow support for the error-page? Thanks for any feedback or help you can provide. - Jake
java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) when starting Embedded Tomcat Instance
Hi All, I'm in the process of migrating embedded tomcat application from Tomcat 7 to Tomcat 8. When I'm trying to start the embedded instance I'm getting a NullPointerException Here is the stacktrace ERROR {org.apache.catalina.core.ApplicationDispatcher} - Servlet.service() for servlet bridgeservlet threw exception java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) at org.apache.jasper.compiler.Parser.parseTaglibDirective(Parser.java:410) at org.apache.jasper.compiler.Parser.parseDirective(Parser.java:469) at org.apache.jasper.compiler.Parser.parseElements(Parser.java:1430) at org.apache.jasper.compiler.Parser.parse(Parser.java:139) at org.apache.jasper.compiler.ParserController.doParse(ParserController.java:227) at org.apache.jasper.compiler.ParserController.parse(ParserController.java:100) at org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:199) at org.apache.jasper.compiler.Compiler.compile(Compiler.java:356) at org.apache.jasper.compiler.Compiler.compile(Compiler.java:336) at org.apache.jasper.compiler.Compiler.compile(Compiler.java:323) at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:570) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:356) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:396) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:340) at javax.servlet.http.HttpServlet.service(HttpServlet.java:725) at org.wso2.carbon.ui.JspServlet.service(JspServlet.java:155) at org.wso2.carbon.ui.TilesJspServlet.service(TilesJspServlet.java:80) at javax.servlet.http.HttpServlet.service(HttpServlet.java:725) at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37) at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61) at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128) at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68) at javax.servlet.http.HttpServlet.service(HttpServlet.java:725) at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:721) at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:466) at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:391) at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:318) at org.eclipse.equinox.http.servlet.internal.RequestDispatcherAdaptor.forward(RequestDispatcherAdaptor.java:30) at org.eclipse.equinox.http.helper.ContextPathServletAdaptor$RequestDispatcherAdaptor.forward(ContextPathServletAdaptor.java:362) at org.apache.tiles.servlet.context.ServletTilesRequestContext.forward(ServletTilesRequestContext.java:198) at org.apache.tiles.servlet.context.ServletTilesRequestContext.dispatch(ServletTilesRequestContext.java:185) at org.apache.tiles.impl.BasicTilesContainer.render(BasicTilesContainer.java:419) at org.apache.tiles.impl.BasicTilesContainer.render(BasicTilesContainer.java:370) at org.wso2.carbon.ui.action.ActionHelper.render(ActionHelper.java:52) at org.wso2.carbon.ui.TilesJspServlet.service(TilesJspServlet.java:101) at javax.servlet.http.HttpServlet.service(HttpServlet.java:725) at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37) at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61) at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128) at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68) at javax.servlet.http.HttpServlet.service(HttpServlet.java:725) at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) at
Re: java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) when starting Embedded Tomcat Instance
On 16/03/2015 09:26, Thusitha Thilina Dayaratne wrote: Hi All, I'm in the process of migrating embedded tomcat application from Tomcat 7 to Tomcat 8. When I'm trying to start the embedded instance I'm getting a NullPointerException Here is the stacktrace ERROR {org.apache.catalina.core.ApplicationDispatcher} - Servlet.service() for servlet bridgeservlet threw exception java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) at org.apache.jasper.compiler.Parser.parseTaglibDirective(Parser.java:410) at org.apache.jasper.compiler.Parser.parseDirective(Parser.java:469) at org.apache.jasper.compiler.Parser.parseElements(Parser.java:1430) at org.apache.jasper.compiler.Parser.parse(Parser.java:139) snip/ I can't figure out the reason to get this NullPointerException. Can someone help me out? If we knew which version of Tomcat 8 you were using, someone could look at the relevant source code to try to figure out what was going on. I'm using tomcat version *8.0.20* Thanks Thusitha On Mon, Mar 16, 2015 at 3:07 PM, Mark Thomas ma...@apache.org wrote: On 16/03/2015 09:26, Thusitha Thilina Dayaratne wrote: Hi All, I'm in the process of migrating embedded tomcat application from Tomcat 7 to Tomcat 8. When I'm trying to start the embedded instance I'm getting a NullPointerException Here is the stacktrace ERROR {org.apache.catalina.core.ApplicationDispatcher} - Servlet.service() for servlet bridgeservlet threw exception java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) at org.apache.jasper.compiler.Parser.parseTaglibDirective(Parser.java:410) at org.apache.jasper.compiler.Parser.parseDirective(Parser.java:469) at org.apache.jasper.compiler.Parser.parseElements(Parser.java:1430) at org.apache.jasper.compiler.Parser.parse(Parser.java:139) snip/ I can't figure out the reason to get this NullPointerException. Can someone help me out? If we knew which version of Tomcat 8 you were using, someone could look at the relevant source code to try to figure out what was going on. Hint: Tomcat is open source. You can look at the source code too. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- Thusitha Dayaratne Software Engineer WSO2 Inc. - lean . enterprise . middleware | wso2.com Mobile +94712756809 Blog alokayasoya.blogspot.com Abouthttp://about.me/thusithathilina
digest.bat -a MD5 in Tomcat 8
Hello, I just tried to execute on Tomcat 8.0.20 : digest.bat -a MD5 myusername:myrealm:mypassword and it replyed with: myusername:myrealm:mypassword:283c7c0d977648d4dc3def5a20e2a595701a754244baec7153d40e8ee30ff6a5$1$f47f1b081edd3627ed24d67274dd6e15 I used this long MD5 (283c7c0d977648d4dc3def5a20e2a595701a754244baec7153d40e8ee30ff6a5$1$f47f1b081edd3627ed24d67274dd6e15) in my tomcat-user.xml and the user couldn't login with DIGEST method. Then I tried to execute the same command on Tomcat 6.0.43 and got: myusername:myrealm:mypassword:8fcc8ae2c169463bab76eb7124aede7b I used the short MD5 (8fcc8ae2c169463bab76eb7124aede7b) ) in my Tomcat 8's tomcat-user.xml and the login is working again! (DIGEST method) Question: Why Tomcat8's digest.bat is generating such a long MD5? It doesn't look the same as earlier and it is not working. The documentation ( http://tomcat.apache.org/tomcat-8.0-doc/realm-howto.html ) does not state any changes in how to generate MD5s with digest.bat. Thanks Igor Mukhin w.e.b. Wirth EDV Beratung OHG Jesuitenstrasse 11 85049 Ingolstadt Telefon +49 (0)841 981280 Telefax +49 (0)841 9812828 http://www.web-dienstleister.de Sitz der Gesellschaft: Ingolstadt Registergericht: Amtsgericht Ingolstadt, HRA 1833
AW: digest.bat -a MD5 in Tomcat 8
Mark, thanks you, now I understand how it is build. I think that I have to use plain MD5 without salt if I want to use DIGEST authentication. Tomcat 8 documentation should say that people have to use -s 0 flag and copy md5 just after the last $-sign. Mit freundlichen Grüßen Igor Mukhin -Ursprüngliche Nachricht- Von: Mark Thomas [mailto:ma...@apache.org] Gesendet: Montag, 16. März 2015 12:17 An: Tomcat Users List Betreff: Re: digest.bat -a MD5 in Tomcat 8 On 16/03/2015 10:22, Igor Mukhin wrote: Hello, I just tried to execute on Tomcat 8.0.20 : digest.bat -a MD5 myusername:myrealm:mypassword and it replyed with: myusername:myrealm:mypassword:283c7c0d977648d4dc3def5a20e2a595701a7542 44baec7153d40e8ee30ff6a5$1$f47f1b081edd3627ed24d67274dd6e15 I used this long MD5 (283c7c0d977648d4dc3def5a20e2a595701a754244baec7153d40e8ee30ff6a5$1$f4 7f1b081edd3627ed24d67274dd6e15) in my tomcat-user.xml and the user couldn't login with DIGEST method. Then I tried to execute the same command on Tomcat 6.0.43 and got: myusername:myrealm:mypassword:8fcc8ae2c169463bab76eb7124aede7b I used the short MD5 (8fcc8ae2c169463bab76eb7124aede7b) ) in my Tomcat 8's tomcat-user.xml and the login is working again! (DIGEST method) Question: Why Tomcat8's digest.bat is generating such a long MD5? It doesn't look the same as earlier and it is not working. The credential output format is different (salt$iterations$digest) and salt is enabled by default. If you try digest -s 0 -a MD5 foo:foo:foo you get foo:foo:foo:$1$67ec44ba7c1234c8f201c261183e9d25 If you try digest -a MD5 foo:foo:foo on Tomcat 6 you get foo:foo:foo:67ec44ba7c1234c8f201c261183e9d25 Tomcat 8 will accept either format although it always generates them in the new format. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org w.e.b. Wirth EDV Beratung OHG Jesuitenstrasse 11 85049 Ingolstadt Telefon +49 (0)841 981280 Telefax +49 (0)841 9812828 http://www.web-dienstleister.de Sitz der Gesellschaft: Ingolstadt Registergericht: Amtsgericht Ingolstadt, HRA 1833 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Slow http denial of service
On Sun, Mar 15, 2015 at 10:07 AM, Aurélien Terrestris aterrest...@gmail.com wrote: I agree with the NIO connector which gives good results to this problem. Also, on Linux you can configure iptables firewall to limit the number of connections from one IP ( http://unix.stackexchange.com/questions/139285/limit-max-connections-per-ip-address-and-new-connections-per-second-with-iptable ) What I find difficult about this approach is that because of NAT the number of individual machines (and hence connections that are reasonable) behind a single IP can vary vastly. What value will you pick to not discriminate large organizations? Kind regards robert
Re: Slow http denial of service
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Aurélien, On 3/16/15 9:16 AM, Aurélien Terrestris wrote: As browsers (at least the ones I know) open 2 connections to browse websites That number has been bigger than 2 for quite a while, now: http://stackoverflow.com/questions/985431/max-parallel-http-connections-in-a-browser We aren't talking about nice clients, here, though, but clients that are intentionally trying to bring-down a site. The maximum number of connections a legit web browser will open to a single host/IP is not relevant. we could have a look on the hourly stats and estimate this (under 100 without problem). I never met such problem anyway, the highest traffic being 120 000 different users/day. What about non-users? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVBzhjAAoJEBzwKT+lPKRYyiMQAMoied29A55351fkrU5HHdkR nILbSHhxH0UGiCAw+Fcp8SNdP7lD5mLiRH8+Mn9Vlp7TkK8AfQIRPWTwj605RRME c9e0VWFnNmMvDbKL+DhyMHKTK/c7LgVABh9l7v5JbiSUBtnyQNeQDBtep4Q5oxuz +P6t7PbDWILLntVHdcUxNMJQFiQkI1VRQ3dYPGu2kRxXTOk7OpHSqZkNhq2XCpH5 /isZlTJtU02l9GqFb3cNFWc2vM94Lp2ATVfUs6vZdYnUQ1oSrUdsWAy76CKdNjII HY5KUiRmyNtxY2JDHlqbcjA7rmOOTcb+68T1qy4ZSmQmDLaBuBR0ajWHOgJ4Btp8 bUgk+4yB32Af8IZ3sr4Asa8aMf1LTNx+1x6TVO0en5VD4WwFbGZ5EdZmW/SZdvWY 0Bu/RNgaydK/Jac5A4RKlEFfP4VJz/r0ST4Cxqq3t1UC0OHS46SFDg0gwXAnEuSt Qsk71YeuWJG8zolL05pXqSehr836H1s7FjG2rych1mwa53T+Agx8+5Cp/zd3fv59 zJ2ivJ7Cr2JAm4CInx7ic0cTuqmjOneRJIKb9WYSzHMoGLw+IVyx3v3Ykru/XlM9 AOfi5zENQ2tVDKCUBgNSdYd/amS6VNliFzbhkw0/cDYvw7HffxNw6Xd43wg388wG VrSu31Roqi3bRVr15Mwl =/YWE -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: CGIServlet - Disregarding 404 error-page
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jacob, On 3/16/15 2:52 PM, Jacob Haverkost wrote: Version: 6.0.43 OS: Win7 x64 Currently, the CGIServlet does not appear to support using the 404 error-page specified in the web.xml (ROOT). The error-pages work fine This appears to be due to the line, res.setStatus(404);, inside of doGet(). According to the documentation for HttpServletResponse.setStatus(int), If this method is used to set an error code, then the container's error page mechanism will not be triggered. This line appears in all major versions of Tomcat that I have looked into (8.0.20, 7.0.59). Just for a quick test, I changed setStatus to sendError and the error-page worked as expected. Is there a way to have the error-page work without changing the source code? If not, should I submit a bug report to include a configuration parameter for the CGIServlet to allow support for the error-page? Thanks for any feedback or help you can provide. It seems reasonable to me to file an enhancement request for this. If you provide a patch, you can get your name into the changelog ;) - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVBzo3AAoJEBzwKT+lPKRYkdsP/iutPC4vdDO8LkuwoiXZXM4S Gjh3rWAyqYgVzPq20B+sICkF1cFnovVJnCjdO8D1r2IdFyDcyJoTYDat28oEPqow +3K9vAQUPa+vp0il5YQsi3OuUuna511rH0aEcC4c8M9FyzsMXKLbwZVQu3TQSU2Y 5rImG1K9DODNEVhZA/XbkiOkJunn75D/84FdE3abb1fK9/gn1G/WOJdogelxUhPP FtwDdMK/TsgQM1hDOUF7ieGEYIKyZmzbrXIOnehd2zFAg/1smER9hHUvDGl4UXPd 9MorVWl7C0u74JVntBSrhHmfzUkqz96XG5JZc8mGAxZ9uFdJhvhQMQxCvttB9P7q jEdzJ7t2ZtARH71s0KZya3+r3/F9lkw1OCcF7ITBhRpE4C8Z8vLQqd7puG1mxiUm VIK/pNClVLG60a0L0fvjUJ1tLPEvY2p7SFf0TZ/7rBbGT9/xSqSWESflRLpNExiC SyzlPvilhDsvhyUxKv7L/SqoOqjoiYUtsJyVwVH+jW3JSoayYdq/V9ikTc6bAKaK 6qdBAqm5BXKg8rdYZXQ3OOIVmR/OBnDOTM0GyeeuDYtlhTezYA6Utj/SLorz1OIG viH90/rXWqSAbKrgt/L+YWBIWX4L9M7no+QRQeFKdnjeZpORg0MEkK6/s5pn7wFJ isXMVqWeMk/u6iez4uZ0 =ONFn -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
How to use Jasper to Parse JSP
Dear Jasper I develop a tool for JSP's static code analysis. I would like to use parse result of jsp files for my tool. I am assuming that the result is a syntax tree. Would you tell me how to use the syntax tree from external programs? Best Regards, Kaori Hattanda -- Kaori Hattanda Systems Engineer Systems Infrastructure Development Department Center for Solution Development Nomura Research Institute,Ltd. TEL: +81-45-335-9172 E-Mail: k-hatta...@nri.co.jp - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org