Re: Tomcat/Java starts using too much memory and not by the heap or non-heap memory
Hello, It has been a long time since I received the last suggestions to my issue here on this support list. Since then I decided to stop asking for help and to "do my homework". To read, to watch YouTube presentations, to spend time on StackOverflow, etc. So I have spent a lot of time on this and I think I have learned a lot which is nice. This is what I have learned lately: I definitely don't have a leak in my code (or in the libraries I am using, as far as I understand). And my code is not creating a significant amount of objects that would use too much memory. The heap memory (the 3 G1s) and non-heap memory (3 CodeHeaps + compressed class space + metaspace) together use just using a few hundred MBs and their usage is steady and normal. I discovered the JCMD command to perform the native memory tracking. When running it, after 3-4 days since I started Tomcat, I found out that the compiler was using hundreds of MB and that is exactly why the Tomcat process starts abusing the memory! This is what I saw when executing "sudo jcmd VM.native_memory scale=MB": Compiler (reserved=3D340MB, commited=3D340MB) (arena=3D340MB #10) All the other categories (Class, Thread, Code, GC, Internal, Symbol, etc) look normal since they use a low amount of memory and they don't grow. Then I discovered the Jemalloc tool (http://jemalloc.net) and its jeprof tool, so I started launching Tomcat using it. Then, after 3-4 days after Tomcat starts I was able to create some GIF images from the dumps that Jemalloc creates. The GIF files show the problem: 75-90% of the memory is being used by some weird activity in the compiler! It seems that something called "The C2 compile/JIT compiler" starts doing something after 3-4 days, and that creates the leak. Why after 3-4 days and not sooner? I don't know. I am attaching the GIF in this email. Does anybody know how to deal with this? I have been struggling with this issue already for 3 months. At least now I know that this is a native memory leak, but at this point I feel lost. By the way, I'm running my website using Tomcat 9.0.58, Java "11.0.21+9-post-Ubuntu-0ubuntu122.04", Ubuntu 22.04.03. And I am developing using Eclipse and compiling my WAR file with a "Compiler compliance level:11". Thanks in advance! Brian On Mon, Jan 8, 2024 at 10:05 AM Christopher Schultz < ch...@christopherschultz.net> wrote: > Brian, > > On 1/5/24 17:21, Brian Braun wrote: > > Hello Chirstopher, > > > > First of all: thanks a lot for your responses! > > > > On Wed, Jan 3, 2024 at 9:25 AM Christopher Schultz < > > ch...@christopherschultz.net> wrote: > > > >> Brian, > >> > >> On 12/30/23 15:42, Brian Braun wrote: > >>> At the beginning, this was the problem: The OOM-killer (something that > I > >>> never knew existed) killing Tomcat unexpectedly and without any > >>> explanation > >> > >> The explanation is always the same: some application requests memory > >> from the kernel, which always grants the request(!). When the > >> application tries to use that memory, the kernel scrambles to physically > >> allocate the memory on-demand and, if all the memory is gone, it will > >> pick a process and kill it. > > > > Yes, that was happening to me until I set up the SWAP file and now at > least > > the Tomcat process is not being killed anymore. > > Swap can get you out of a bind like this, but it will ruin your > performance. If you care more about stability (and believe me, it's a > reasonable decision), then leave the swap on. But swap will kill (a) > performance (b) SSD lifetime and (c) storage/transaction costs depending > upon your environment. Besides, you either need the memory or you do > not. It's rare to "sometimes" need the memory. > > >> Using a swap file is probably going to kill your performance. What > >> happens if you make your heap smaller? > > > > Yes, in fact the performance is suffering and that is why I don't > consider > > the swap file as a solution. > > :D > > > I have assigned to -Xmx both small amounts (as small as 300MB) and high > > amounts (as high as 1GB) and the problem is still present (the Tomcat > > process grows in memory usage up to 1.5GB combining real memory and swap > > memory). > > Okay, that definitely indicates a problem that needs to be solved. > > I've seen things like native ZIP handling code leaking native memory, > but I know that Tomcat does not leak like that. If you do anything in > your application that might leave file handles open, it could be > contributing to the problem. > > > As I have explained in another email recently, I think that neither heap > > usage no
Re: Tomcat/Java starts using too much memory and not by the heap or non-heap memory
Hello, It has been a long time since I received the last suggestions to my issue here on this support list. Since then I decided to stop asking for help and to "do my homework". To read, to watch YouTube presentations, to spend time on StackOverflow, etc. So I have spent a lot of time on this and I think I have learned a lot which is nice. This is what I have learned lately: I definitely don't have a leak in my code (or in the libraries I am using, as far as I understand). And my code is not creating a significant amount of objects that would use too much memory. The heap memory (the 3 G1s) and non-heap memory (3 CodeHeaps + compressed class space + metaspace) together use just using a few hundred MBs and their usage is steady and normal. I discovered the JCMD command to perform the native memory tracking. When running it, after 3-4 days since I started Tomcat, I found out that the compiler was using hundreds of MB and that is exactly why the Tomcat process starts abusing the memory! This is what I saw when executing "sudo jcmd VM.native_memory scale=MB": Compiler (reserved=3D340MB, commited=3D340MB) (arena=3D340MB #10) All the other categories (Class, Thread, Code, GC, Internal, Symbol, etc) look normal since they use a low amount of memory and they don't grow. Then I discovered the Jemalloc tool (http://jemalloc.net) and its jeprof tool, so I started launching Tomcat using it. Then, after 3-4 days after Tomcat starts I was able to create some GIF images from the dumps that Jemalloc creates. The GIF files show the problem: 75-90% of the memory is being used by some weird activity in the compiler! It seems that something called "The C2 compile/JIT compiler" starts doing something after 3-4 days, and that creates the leak. Why after 3-4 days and not sooner? I don't know. I am attaching the GIF in this email. Does anybody know how to deal with this? I have been struggling with this issue already for 3 months. At least now I know that this is a native memory leak, but at this point I feel lost. By the way, I'm running my website using Tomcat 9.0.58, Java "11.0.21+9-post-Ubuntu-0ubuntu122.04", Ubuntu 22.04.03. And I am developing using Eclipse and compiling my WAR file with a "Compiler compliance level:11". Thanks in advance! Brian On Mon, Jan 8, 2024 at 10:05 AM Christopher Schultz < ch...@christopherschultz.net> wrote: > Brian, > > On 1/5/24 17:21, Brian Braun wrote: > > Hello Chirstopher, > > > > First of all: thanks a lot for your responses! > > > > On Wed, Jan 3, 2024 at 9:25 AM Christopher Schultz < > > ch...@christopherschultz.net> wrote: > > > >> Brian, > >> > >> On 12/30/23 15:42, Brian Braun wrote: > >>> At the beginning, this was the problem: The OOM-killer (something that > I > >>> never knew existed) killing Tomcat unexpectedly and without any > >>> explanation > >> > >> The explanation is always the same: some application requests memory > >> from the kernel, which always grants the request(!). When the > >> application tries to use that memory, the kernel scrambles to physically > >> allocate the memory on-demand and, if all the memory is gone, it will > >> pick a process and kill it. > > > > Yes, that was happening to me until I set up the SWAP file and now at > least > > the Tomcat process is not being killed anymore. > > Swap can get you out of a bind like this, but it will ruin your > performance. If you care more about stability (and believe me, it's a > reasonable decision), then leave the swap on. But swap will kill (a) > performance (b) SSD lifetime and (c) storage/transaction costs depending > upon your environment. Besides, you either need the memory or you do > not. It's rare to "sometimes" need the memory. > > >> Using a swap file is probably going to kill your performance. What > >> happens if you make your heap smaller? > > > > Yes, in fact the performance is suffering and that is why I don't > consider > > the swap file as a solution. > > :D > > > I have assigned to -Xmx both small amounts (as small as 300MB) and high > > amounts (as high as 1GB) and the problem is still present (the Tomcat > > process grows in memory usage up to 1.5GB combining real memory and swap > > memory). > > Okay, that definitely indicates a problem that needs to be solved. > > I've seen things like native ZIP handling code leaking native memory, > but I know that Tomcat does not leak like that. If you do anything in > your application that might leave file handles open, it could be > contributing to the problem. > > > As I have explained in another email recently, I think that neither heap >
Re: Tomcat/Java starts using too much memory and not by the heap or non-heap memory
Hello Chirstopher, First of all: thanks a lot for your responses! On Wed, Jan 3, 2024 at 9:25 AM Christopher Schultz < ch...@christopherschultz.net> wrote: > Brian, > > On 12/30/23 15:42, Brian Braun wrote: > > At the beginning, this was the problem: The OOM-killer (something that I > > never knew existed) killing Tomcat unexpectedly and without any > > explanation > > The explanation is always the same: some application requests memory > from the kernel, which always grants the request(!). When the > application tries to use that memory, the kernel scrambles to physically > allocate the memory on-demand and, if all the memory is gone, it will > pick a process and kill it. > > Yes, that was happening to me until I set up the SWAP file and now at least the Tomcat process is not being killed anymore. > There are ways to prevent this from happening, but the best way to not > to over-commit your memory. > > > Not knowing how much memory would I need to satisfy the JVM, and not > > willing to migrate to more expensive Amazon instances just because I > > don't know why this is happening. And not knowing if the memory > > requirement would keep growing and growing and growing. > It might. But if your symptom is Linux oom-killer and not JVM OOME, then > the better technique is to *reduce* your heap space in the JVM. > > > Then I activated the SWAP file, and I discovered that this problem stops > at > > 1.5GB of memory used by the JVM. At least I am not getting more crashes > > anymore. But I consider the SWAP file as a palliative and I really want > to > > know what is the root of this problem. If I don't, then maybe I should > > consider another career. I don't enjoy giving up. > > Using a swap file is probably going to kill your performance. What > happens if you make your heap smaller? > > Yes, in fact the performance is suffering and that is why I don't consider the swap file as a solution. I have assigned to -Xmx both small amounts (as small as 300MB) and high amounts (as high as 1GB) and the problem is still present (the Tomcat process grows in memory usage up to 1.5GB combining real memory and swap memory). As I have explained in another email recently, I think that neither heap usage nor non-heap usage are the problem. I have been monitoring them and their requirements have always stayed low enough, so I could leave the -Xms parameter with about 300-400 MB and that would be enough. There is something else in the JVM that is using all that memory and I still don't know what it is. And I think it doesn't care about the value I give to -Xmx, it uses all the memory it wants. Doing what? I don't know. > Yes, the memory used by the JVM started to grow suddenly one day, after > > several years running fine. Since I had not made any changes to my app, I > > really don't know the reason. And I really think this should not be > > happening without an explanation. > > > > I don't have any Java OOME exceptions, so it is not that my objects don't > > fit. Even if I supply 300MB to the -Xmx parameter. In fact, as I wrote, I > > don't think the Heap and non-heap usage is the problem. I have been > > inspecting those and their usage seems to be normal/modest and steady. I > > can see that using the Tomcat Manager as well as several other tools (New > > Relic, VisualVM, etc). > > Okay, so what you've done then is to allow a very large heap that you > mostly don't need. If/when the heap grows a lot -- possibly suddenly -- > the JVM is lazy and just takes more heap space from the OS and > ultimately you run out of main memory. > > The solution is to reduce the heap size. > > Maybe I am not understanding your suggestion. I have assigned to -Xmx both small amounts (as small as 300MB) and high amounts (as high as 1GB) and the problem is still present. In fact the problem started with a low amount for -Xmx. > > Regarding the 1GB I am giving now to the -Xms parameter: I was giving > just > > a few hundreds and I already had the problem. Actually I think it is the > > same if I give a few hundreds of MBs or 1GB, the JVM still starts using > > more memory after 3-4 days of running until it takes 1.5GB. But during > the > > first 1-4 days it uses just a few hundred MBs. > > > > My app has been "static" as you say, but probably I have upgraded Tomcat > > and/or Java recently. I don't really remember. Maybe one of those > upgrades > > brought this issue as a result. Actually, If I knew that one of those > > upgrades causes this huge pike in memory consumption and there is no way > to > > avoid it, then I would accept it as a fact of life and move on. But > since I > > don't know, it really bugs
Re: Tomcat/Java starts using too much memory and not by the heap or non-heap memory
Hi Chris, Thanks a lot for your very detailed response! Here are my answers, comments and questions. At the beginning, this was the problem: The OOM-killer (something that I never knew existed) killing Tomcat unexpectedly and without any explanation, many times during the night while I should be sleeping peacefully (as long as I wear my Apnea mask). Not knowing how much memory would I need to satisfy the JVM, and not willing to migrate to more expensive Amazon instances just because I don't know why this is happening. And not knowing if the memory requirement would keep growing and growing and growing. Then I activated the SWAP file, and I discovered that this problem stops at 1.5GB of memory used by the JVM. At least I am not getting more crashes anymore. But I consider the SWAP file as a palliative and I really want to know what is the root of this problem. If I don't, then maybe I should consider another career. I don't enjoy giving up. Yes, the memory used by the JVM started to grow suddenly one day, after several years running fine. Since I had not made any changes to my app, I really don't know the reason. And I really think this should not be happening without an explanation. I don't have any Java OOME exceptions, so it is not that my objects don't fit. Even if I supply 300MB to the -Xmx parameter. In fact, as I wrote, I don't think the Heap and non-heap usage is the problem. I have been inspecting those and their usage seems to be normal/modest and steady. I can see that using the Tomcat Manager as well as several other tools (New Relic, VisualVM, etc). Regarding the 1GB I am giving now to the -Xms parameter: I was giving just a few hundreds and I already had the problem. Actually I think it is the same if I give a few hundreds of MBs or 1GB, the JVM still starts using more memory after 3-4 days of running until it takes 1.5GB. But during the first 1-4 days it uses just a few hundred MBs. My app has been "static" as you say, but probably I have upgraded Tomcat and/or Java recently. I don't really remember. Maybe one of those upgrades brought this issue as a result. Actually, If I knew that one of those upgrades causes this huge pike in memory consumption and there is no way to avoid it, then I would accept it as a fact of life and move on. But since I don't know, it really bugs me. I have the same amount of users and traffic as before. I also know how much memory a session takes and it is fine. I have also checked the HTTP(S) requests to see if somehow I am getting any attempts to hack my instance that could be the root of this problem. Yes, I get hacking attempts by those bots all the time, but I don't see anything relevant there. No news. I agree with what you say now regarding the GC. I should not need to use those switches since I understand it should work fine without using them. And I don't know how to use them. And since I have never cared about using them for about 15 years using Java+Tomcat, why should I start now? I have also checked all my long-lasting objects. I have optimized my DB queries recently as you suggest now, so they don't create huge amounts of objects in a short period of time that the GC would have to deal with. The same applies to my scheduled tasks. They all run very quickly and use modest amounts of memory. All the other default Tomcat threads create far more objects. I have already activated the GC log. Is there a tool that you would suggest to analyze it? I haven't even opened it. I suspect that the root of my problem comes from the GC process indeed. Thanks again! Brian On Sat, Dec 30, 2023 at 12:44 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > Brian, > > On 12/29/23 20:48, Brian Braun wrote: > > Hello, > > > > First of all: > > Christopher Schultz: You answered an email from me 6 weeks ago. You > helped > > me a lot with your suggestions. I have done a lot of research and have > > learnt a lot since then, so I have been able to rule out a lot of > potential > > roots for my issue. Because of that I am able to post a new more specific > > email. Thanks a lot!!! > > > > Now, this is my stack: > > > > - Ubuntu 22.04.3 on x86/64 with 2GM of physical RAM that has been enough > > for years. > > - Java 11.0.20.1+1-post-Ubuntu-0ubuntu122.04 / openjdk 11.0.20.1 > 2023-08-24 > > - Tomcat 9.0.58 (JAVA_OPTS="-Djava.awt.headless=true -Xmx1000m -Xms1000m > > ..") > > - My app, which I developed myself, and has been running without any > > problems for years > > > > Well, a couple of months ago my website/Tomcat/Java started eating more > and > > more memory about after about 4-7 days. The previous days it uses just a > > few hundred MB and is very steady, but then after a few days the memory > > usage suddenly grows up to 1.5GB (and then stops growing at t
Re: Tomcat/Java starts using too much memory and not by the heap or non-heap memory
Hello Chuck, On Fri, Dec 29, 2023 at 11:00 PM Chuck Caldarale wrote: > > > On Dec 29, 2023, at 19:48, Brian Braun wrote: > > > > First of all: > > Christopher Schultz: You answered an email from me 6 weeks ago. You > helped > > me a lot with your suggestions. I have done a lot of research and have > > learnt a lot since then, so I have been able to rule out a lot of > potential > > roots for my issue. Because of that I am able to post a new more specific > > email. Thanks a lot!!! > > > > Now, this is my stack: > > > > - Ubuntu 22.04.3 on x86/64 with 2GM of physical RAM that has been enough > > for years. > > > I presume the “2GM” above should be “2GB”. > Yes, sorry, I mean to write "2GB". > > > - Java 11.0.20.1+1-post-Ubuntu-0ubuntu122.04 / openjdk 11.0.20.1 > 2023-08-24 > > - Tomcat 9.0.58 (JAVA_OPTS="-Djava.awt.headless=true -Xmx1000m -Xms1000m > > ..") > > - My app, which I developed myself, and has been running without any > > problems for years > > > > Well, a couple of months ago my website/Tomcat/Java started eating more > and > > more memory about after about 4-7 days. The previous days it uses just a > > few hundred MB and is very steady, but then after a few days the memory > > usage suddenly grows up to 1.5GB (and then stops growing at that point, > > which is interesting). Between these anomalies the RAM usage is fine and > > very steady (as it has been for years) and it uses just about 40-50% of > the > > "Max memory" (according to what the Tomcat Manager server status shows). > > The 3 components of G1GC heap memory are steady and low, before and after > > the usage grows to 1.5GB, so it is definitely not that the heap starts > > requiring more and more memory. I have been using several tools to > monitor > > that (New Relic, VisualVM and JDK Mission Control) so I'm sure that the > > memory usage by the heap is not the problem. > > The Non-heaps memory usage is not the problem either. Everything there is > > normal, the usage is humble and even more steady. > > > What does the /proc//maps file show, both before and after the > problem occurs? This should give you some idea of what .so library is > grabbing the extra memory. (I only have Tomcat installed on macOS at the > moment, so I can’t show you an example; I should be able to bring up Tomcat > on a Linux box tomorrow.) The output may be long, depending on how > fragmented the virtual memory allocations are. > > This is the first time I hear about the "/proc/id/maps" file and how to see the content with "cat". The content is very long and now I suspect that all those strange lines that don't seem to be files are the source of my problem. Are those Linux threads or something like that? At least from the point of view of the JVM there are just 67 threads which I think is normal considering that I am running "New Relic" and also JMX (and the peak was 72 threads). I have reviewed all those java threads and all of them look normal and necessary. I will paste the content at the end of this email. > > And there are no leaks, I'm sure of that. I have inspected the JVM using > > several tools. > > > > There are no peaks in the number of threads either. The peak is the same > > when the memory usage is low and when it requires 1.5GB. It stays the > same > > all the time. > > > > I have also reviewed all the scheduled tasks in my app and lowered the > > amount of objects they create, which was nice and entertaining. But that > is > > not the problem, I have analyzed the object creation by all the threads > > (and there are many) and the threads created by my scheduled tasks are > very > > humble in their memory usage, compared to many other threads. > > > > And I haven't made any relevant changes to my app in the 6-12 months > before > > this problem started occurring. It is weird that I started having this > > problem. Could it be that I received an update in the java version or the > > Tomcat version that is causing this problem? > > > > If neither the heap memory or the Non-heaps memory is the source of the > > growth of the memory usage, what could it be? Clearly something is > > happening inside the JVM that raises the memory usage. And everytime it > > grows, it doesn't decrease. It is like if something suddenly starts > > "pushing" the memory usage more and more, until it stops at 1.5GB. > > > > I think that maybe the source of the problem is the garbage collector. I > > haven't used any of the switches that we can use to optimize tha
Tomcat/Java starts using too much memory and not by the heap or non-heap memory
Hello, First of all: Christopher Schultz: You answered an email from me 6 weeks ago. You helped me a lot with your suggestions. I have done a lot of research and have learnt a lot since then, so I have been able to rule out a lot of potential roots for my issue. Because of that I am able to post a new more specific email. Thanks a lot!!! Now, this is my stack: - Ubuntu 22.04.3 on x86/64 with 2GM of physical RAM that has been enough for years. - Java 11.0.20.1+1-post-Ubuntu-0ubuntu122.04 / openjdk 11.0.20.1 2023-08-24 - Tomcat 9.0.58 (JAVA_OPTS="-Djava.awt.headless=true -Xmx1000m -Xms1000m ..") - My app, which I developed myself, and has been running without any problems for years Well, a couple of months ago my website/Tomcat/Java started eating more and more memory about after about 4-7 days. The previous days it uses just a few hundred MB and is very steady, but then after a few days the memory usage suddenly grows up to 1.5GB (and then stops growing at that point, which is interesting). Between these anomalies the RAM usage is fine and very steady (as it has been for years) and it uses just about 40-50% of the "Max memory" (according to what the Tomcat Manager server status shows). The 3 components of G1GC heap memory are steady and low, before and after the usage grows to 1.5GB, so it is definitely not that the heap starts requiring more and more memory. I have been using several tools to monitor that (New Relic, VisualVM and JDK Mission Control) so I'm sure that the memory usage by the heap is not the problem. The Non-heaps memory usage is not the problem either. Everything there is normal, the usage is humble and even more steady. And there are no leaks, I'm sure of that. I have inspected the JVM using several tools. There are no peaks in the number of threads either. The peak is the same when the memory usage is low and when it requires 1.5GB. It stays the same all the time. I have also reviewed all the scheduled tasks in my app and lowered the amount of objects they create, which was nice and entertaining. But that is not the problem, I have analyzed the object creation by all the threads (and there are many) and the threads created by my scheduled tasks are very humble in their memory usage, compared to many other threads. And I haven't made any relevant changes to my app in the 6-12 months before this problem started occurring. It is weird that I started having this problem. Could it be that I received an update in the java version or the Tomcat version that is causing this problem? If neither the heap memory or the Non-heaps memory is the source of the growth of the memory usage, what could it be? Clearly something is happening inside the JVM that raises the memory usage. And everytime it grows, it doesn't decrease. It is like if something suddenly starts "pushing" the memory usage more and more, until it stops at 1.5GB. I think that maybe the source of the problem is the garbage collector. I haven't used any of the switches that we can use to optimize that, basically because I don't know what I should do there (if I should at all). I have also activated the GC log, but I don't know how to analyze it. I have also increased and decreased the value of "-Xms" parameter and it is useless. Finally, maybe I should add that I activated 4GB of SWAP memory in my Ubuntu instance so at least my JVM would not be killed my the OS anymore (since the real memory is just 1.8GB). That worked and now the memory usage can grow up to 1.5GB without crashing, by using the much slower SWAP memory, but I still think that this is an abnormal situation. Thanks in advance for your suggestions!
Java/Tomcat is being killed by the Linux OOM killer for using a huge amount of RAM. How can I know what was going on inside my app (& Tomcat & the JVM) to make that happen?
Hello, First of all, this is my stack: - Ubuntu 22.04.3 on x86/64 with 2GM of physical RAM that has been enough for years. - Java 11.0.20.1+1-post-Ubuntu-0ubuntu122.04 / openjdk 11.0.20.1 2023-08-24 - Tomcat 9.0.58 (JAVA_OPTS="-Djava.awt.headless=true -Xmx900m -Xms16m ..") - My app, which I developed myself, and has been running without any OOM crashes for years Well, a couple of weeks ago my website started crushing about every 5-7 days. Between crashes the RAM usage is fine and very steady (as it has been for years) and it uses just about 50% of the "Max memory" (according to what the Tomcat Manager server status shows). The 3 types of G1 heap are steady and low. And there are no leaks as far as I can tell. And I haven't made any significant changes to my app in the last months. When my website crashes, I can see on the Ubuntu log that some process has invoked the "oom-killer" and that this killer investigates which process is using most of the RAM and it is Tomcat/Java so it kills it. This is what I see on the log when it was Nginx that invoked the OOM-killer: Nov 15 15:23:54 ip-172-31-89-211 kernel: [366008.597771] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=nginx.service,mems_allowed=0,global_oom,task_memcg=/system.slice/tomcat9.service,task=java,pid=470,uid=998 Nov 15 15:23:54 ip-172-31-89-211 kernel: [366008.597932] Out of memory: Killed process 470 (java) total-vm:4553056kB, anon-rss:1527944kB, file-rss:2872kB, shmem-rss:0kB, UID:998 pgtables:3628kB oom_score_adj:0 I would like to be able to know what was happening inside the JVM when it was using too much RAM and deserved to be killed. Was it a problem in Java not associated with Tomcat or my app? Was it Tomcat itself that ate too much RAM? I doubt it. Was it my application? If it was my application (and I have to assume it was), how/why was it using all that RAM? What were the objects, threads, etc that were involved in the crash? What part of the heap memory was using all that RAM? This can happen at any time, like at 4am so I can not run to the computer to see what was going on at that moment. I need some way to get a detailed log of what was going on when the crush took place. So my question is, what tool should I use to investigate these crashes? I have started trying to make "New Relic" work since it seems that this service could help me, but I am having some problems making it work and I still don't know if this would be a solution in the first place. So, while I struggle with New Relic, I would appreciate your suggestions. Thanks in advance!
Re: JSF errors when upgrading Tomcat and Eclipse: com.sun.faces.config.JavaClassScanningAnnotationScanner$ConstantPoolInfo.containsAnnotation Unknow type constant pool XX at position XX
Hi, I replaced JSF 2.2.1 with 2.2.20 and the problem is gone! It seems that the old 2.2.1 JAR had some kind of old format that crushed with the way the latest Eclipse works. And since 2.2.1 to 2.2.20 is not a huge upgrade, my old JSF pages still work. Nice! Thanks! On Thu, Oct 12, 2023 at 4:35 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > Brian, > > On 10/12/23 16:55, Brian Braun wrote: > > Hello, > > > > First of all, I apologize if maybe my issue is not exclusively related to > > Tomcat, but I think it is. > > > > I started my website many years ago, using Struts 1.2.4 and since then I > > have been using it. Some years after that I had the intention to migrate > to > > JSF (version 2.2.X) and combine both frameworks for a while until I > > migrated everything to JSF and Struts was gone. I started learning it, > > created a few pages on my site but then I realized that it was not the > > ideal framework for me, so I stopped creating more pages with JSF and > > continued developing my site with Struts, letting those few JSF pages > that > > work coexist with the rest of the site running using Struts. Since then, > I > > haven't touched JSF. I haven't created even one page with it, never > > upgraded its version but the JSF JAR and pages are still there. Years > > passed and nothing made me think about JSF. > > > > Now I'm using: > > - Mac with the M2 chip > > - Eclipse (ARM version) > > - Tomcat, when developing with Eclipse > > - Tomcat 9.0.58 at my production server (which runs Ubuntu 22.04, x86/64) > > - Azul's Java 11.0.19+7-LTS aarch64, when developing with Eclipse > > - Java 11.0.20.1+1-post-Ubuntu-0ubuntu122.04, at the production server > > > > Well, a few days ago I upgraded Eclipse to Version: 2023-09 (4.29.0) and > at > > the same time upgraded to Azul's Java 11.0.19+7-LTS aarch64 and to Tomcat > > 9.0.71 when developing. And since then, I get these "SEVERE" JSF error > > messages (many of them) when I start Tomcat: > > > > SEVERE [main] > > > com.sun.faces.config.JavaClassScanningAnnotationScanner$ConstantPoolInfo.containsAnnotation > > Unknow type constant pool NN at position XX > > > > Why is that? Could someone please give me a clue? I just upgraded Eclipse > > and Tomcat, didn't do anything else relevant and now I get these > messages. > > And when I create the WAR file and deploy it on my production server, I > get > > the same error messages as well over there. It seems like the class files > > that gets generated are now different, since I didn't upgrade anything on > > my production server, so it is the WAR file that gets generated with > > something problematic now. > > > > Thanks in advance! > > > > Here is the complete stuff that Tomcat shows, as a reference: > > > > 12-Oct-2023 14:47:18.676 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log Server version > name: > > Apache Tomcat/9.0.71 > > 12-Oct-2023 14:47:18.678 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log Server built: Jan 9 > > 2023 22:33:01 UTC > > 12-Oct-2023 14:47:18.678 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log Server version > > number: 9.0.71.0 > > 12-Oct-2023 14:47:18.678 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log OS Name: Mac OS X > > 12-Oct-2023 14:47:18.678 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log OS Version: 14.0 > > 12-Oct-2023 14:47:18.678 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log Architecture: > aarch64 > > 12-Oct-2023 14:47:18.678 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log Java Home: > > /Library/Java/JavaVirtualMachines/zulu-11.jdk/Contents/Home > > 12-Oct-2023 14:47:18.678 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log JVM Version: > > 11.0.19+7-LTS > > 12-Oct-2023 14:47:18.678 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor: Azul > > Systems, Inc. > > 12-Oct-2023 14:47:18.678 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE: > > /Users/brianbraun/BB/ACME/Programacion-Mac-Silicon/EclipseTomcat9.0.71 > > 12-Oct-2023 14:47:18.678 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME: > > /Users/brianbraun/BB/ACME/Programacion-Mac-Silicon/EclipseTomcat9.0.71 > > 12-Oct-2023 14:47:18.719 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log Command line &
Re: JSF errors when upgrading Tomcat and Eclipse: com.sun.faces.config.JavaClassScanningAnnotationScanner$ConstantPoolInfo.containsAnnotation Unknow type constant pool XX at position XX
Hi Chris, Its JSF version 2.2.1 What is a bytecode scanner? I will google that, I don't have any idea. And why did I start getting this problem a few days ago? The only thing that changed is Eclipse (I upgraded it to the latest) and the Tomcat that Eclipse uses to run the website everytime I run it when I'm developing. I could upgrade JSF to some other version, but would that solve the issue? I don't know. And what if the few pages that I created using JSF will not work anymore because of the upgrade? I really totally forgot about how to use JSF, so I would not like having to learn it again now just because of this obstacle! Who is doing the class scanning? Is it JSF? Is it Tomcat? I have no clue right now. The interesting thing is that in my production server i didn't change anything in the software stack, but the WAR that now arrives there causes this problems. It is like if Eclipse is creating a new type of class/JAR files with some new characteristic, in my opinion. Thanks for your help!!! On Thu, Oct 12, 2023 at 4:35 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > Brian, > > On 10/12/23 16:55, Brian Braun wrote: > > Hello, > > > > First of all, I apologize if maybe my issue is not exclusively related to > > Tomcat, but I think it is. > > > > I started my website many years ago, using Struts 1.2.4 and since then I > > have been using it. Some years after that I had the intention to migrate > to > > JSF (version 2.2.X) and combine both frameworks for a while until I > > migrated everything to JSF and Struts was gone. I started learning it, > > created a few pages on my site but then I realized that it was not the > > ideal framework for me, so I stopped creating more pages with JSF and > > continued developing my site with Struts, letting those few JSF pages > that > > work coexist with the rest of the site running using Struts. Since then, > I > > haven't touched JSF. I haven't created even one page with it, never > > upgraded its version but the JSF JAR and pages are still there. Years > > passed and nothing made me think about JSF. > > > > Now I'm using: > > - Mac with the M2 chip > > - Eclipse (ARM version) > > - Tomcat, when developing with Eclipse > > - Tomcat 9.0.58 at my production server (which runs Ubuntu 22.04, x86/64) > > - Azul's Java 11.0.19+7-LTS aarch64, when developing with Eclipse > > - Java 11.0.20.1+1-post-Ubuntu-0ubuntu122.04, at the production server > > > > Well, a few days ago I upgraded Eclipse to Version: 2023-09 (4.29.0) and > at > > the same time upgraded to Azul's Java 11.0.19+7-LTS aarch64 and to Tomcat > > 9.0.71 when developing. And since then, I get these "SEVERE" JSF error > > messages (many of them) when I start Tomcat: > > > > SEVERE [main] > > > com.sun.faces.config.JavaClassScanningAnnotationScanner$ConstantPoolInfo.containsAnnotation > > Unknow type constant pool NN at position XX > > > > Why is that? Could someone please give me a clue? I just upgraded Eclipse > > and Tomcat, didn't do anything else relevant and now I get these > messages. > > And when I create the WAR file and deploy it on my production server, I > get > > the same error messages as well over there. It seems like the class files > > that gets generated are now different, since I didn't upgrade anything on > > my production server, so it is the WAR file that gets generated with > > something problematic now. > > > > Thanks in advance! > > > > Here is the complete stuff that Tomcat shows, as a reference: > > > > 12-Oct-2023 14:47:18.676 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log Server version > name: > > Apache Tomcat/9.0.71 > > 12-Oct-2023 14:47:18.678 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log Server built: Jan 9 > > 2023 22:33:01 UTC > > 12-Oct-2023 14:47:18.678 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log Server version > > number: 9.0.71.0 > > 12-Oct-2023 14:47:18.678 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log OS Name: Mac OS X > > 12-Oct-2023 14:47:18.678 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log OS Version: 14.0 > > 12-Oct-2023 14:47:18.678 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log Architecture: > aarch64 > > 12-Oct-2023 14:47:18.678 INFO [main] > > org.apache.catalina.startup.VersionLoggerListener.log Java Home: > > /Library/Java/JavaVirtualMachines/zulu-11.jdk/Contents/Home > > 12-Oct-2023 14:47:18.678 INFO [main] > >
JSF errors when upgrading Tomcat and Eclipse: com.sun.faces.config.JavaClassScanningAnnotationScanner$ConstantPoolInfo.containsAnnotation Unknow type constant pool XX at position XX
Hello, First of all, I apologize if maybe my issue is not exclusively related to Tomcat, but I think it is. I started my website many years ago, using Struts 1.2.4 and since then I have been using it. Some years after that I had the intention to migrate to JSF (version 2.2.X) and combine both frameworks for a while until I migrated everything to JSF and Struts was gone. I started learning it, created a few pages on my site but then I realized that it was not the ideal framework for me, so I stopped creating more pages with JSF and continued developing my site with Struts, letting those few JSF pages that work coexist with the rest of the site running using Struts. Since then, I haven't touched JSF. I haven't created even one page with it, never upgraded its version but the JSF JAR and pages are still there. Years passed and nothing made me think about JSF. Now I'm using: - Mac with the M2 chip - Eclipse (ARM version) - Tomcat, when developing with Eclipse - Tomcat 9.0.58 at my production server (which runs Ubuntu 22.04, x86/64) - Azul's Java 11.0.19+7-LTS aarch64, when developing with Eclipse - Java 11.0.20.1+1-post-Ubuntu-0ubuntu122.04, at the production server Well, a few days ago I upgraded Eclipse to Version: 2023-09 (4.29.0) and at the same time upgraded to Azul's Java 11.0.19+7-LTS aarch64 and to Tomcat 9.0.71 when developing. And since then, I get these "SEVERE" JSF error messages (many of them) when I start Tomcat: SEVERE [main] com.sun.faces.config.JavaClassScanningAnnotationScanner$ConstantPoolInfo.containsAnnotation Unknow type constant pool NN at position XX Why is that? Could someone please give me a clue? I just upgraded Eclipse and Tomcat, didn't do anything else relevant and now I get these messages. And when I create the WAR file and deploy it on my production server, I get the same error messages as well over there. It seems like the class files that gets generated are now different, since I didn't upgrade anything on my production server, so it is the WAR file that gets generated with something problematic now. Thanks in advance! Here is the complete stuff that Tomcat shows, as a reference: 12-Oct-2023 14:47:18.676 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version name: Apache Tomcat/9.0.71 12-Oct-2023 14:47:18.678 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server built: Jan 9 2023 22:33:01 UTC 12-Oct-2023 14:47:18.678 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version number: 9.0.71.0 12-Oct-2023 14:47:18.678 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Name: Mac OS X 12-Oct-2023 14:47:18.678 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Version: 14.0 12-Oct-2023 14:47:18.678 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Architecture: aarch64 12-Oct-2023 14:47:18.678 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Java Home: /Library/Java/JavaVirtualMachines/zulu-11.jdk/Contents/Home 12-Oct-2023 14:47:18.678 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Version: 11.0.19+7-LTS 12-Oct-2023 14:47:18.678 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor: Azul Systems, Inc. 12-Oct-2023 14:47:18.678 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE: /Users/brianbraun/BB/ACME/Programacion-Mac-Silicon/EclipseTomcat9.0.71 12-Oct-2023 14:47:18.678 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME: /Users/brianbraun/BB/ACME/Programacion-Mac-Silicon/EclipseTomcat9.0.71 12-Oct-2023 14:47:18.719 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.base=/Users/brianbraun/BB/ACME/Programacion-Mac-Silicon/EclipseTomcat9.0.71 12-Oct-2023 14:47:18.719 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.home=/Users/brianbraun/BB/ACME/Programacion-Mac-Silicon/EclipseTomcat9.0.71 12-Oct-2023 14:47:18.719 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dwtp.deploy=/Users/brianbraun/BB/ACME/Programacion-Mac-Silicon/EclipseTomcat9.0.71/webapps 12-Oct-2023 14:47:18.719 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.config.file=/Users/brianbraun/BB/ACME/Programacion-Mac-Silicon/EclipseTomcat9.0.71/conf/logging.properties 12-Oct-2023 14:47:18.720 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 12-Oct-2023 14:47:18.720 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: --add-opens=java.base/java.lang=ALL-UNNAMED 12-Oct-2023 14:47:18.720 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: --add-opens=java.base/java.io=ALL-UNNAMED 12-Oct-2023 14:47:18.720
Re: Best way to log requests from a servlet and to a database?
My current method can hold about 3000 threads until memory collapses. I'm looking to replace this method with something more efficient in terms of RAM usage. Something like a buffer, where each item needs far less RAM than the kind of threads I'm creating now. Then when it gets full I will use Amazon's queue as a failover mechanism.Any ideas? :-) On Sat, Jan 26, 2013 at 12:25 AM, Hassan Schroeder hassan.schroe...@gmail.com wrote: On Fri, Jan 25, 2013 at 8:16 PM, Brian Braun brianbr...@gmail.com wrote: OK, Amazon's solution would be too expensive to use as a first option. I would like to use it but just after a first queue is full. This first queue would be something running in my own host, using RAM to host the buffer. Any ideas on how to create this? Since you already have an implicit interface -- ...doing a (new Thread(new certain Object)).start(); write some tests describing the behavior of that class as a resource (in this case memory) threshold approaches. The actual design will probably be pretty apparent. Or at least you'll have a good start. /* been there, done that, drunk the TDD koolaid :-) */ -- Hassan Schroeder hassan.schroe...@gmail.com http://about.me/hassanschroeder twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Best way to log requests from a servlet and to a database?
Hi chuck, I finally found this, implemented it and works great! http://docs.oracle.com/javase/6/docs/api/java/util/concurrent/LinkedBlockingQueue.html However, if I get significantly more requests, this may not be enough because MySQL will get slower and the queue will get full. I think I could start using this queue, and if it gets full I could failover to Amazons Queue service. What do you think? On Sat, Jan 26, 2013 at 9:06 AM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Brian Braun [mailto:brianbr...@gmail.com] Subject: Re: Best way to log requests from a servlet and to a database? (Marking this off-topic, since it has nothing to do with Tomcat.) My current method can hold about 3000 threads until memory collapses. I'm looking to replace this method with something more efficient in terms of RAM usage. Something like a buffer, where each item needs far less RAM than the kind of threads I'm creating now. Then when it gets full I will use Amazon's queue as a failover mechanism.Any ideas? :-) Instead of using one additional thread per log entry, use just _one_ additional logging service thread. When each request processing thread has prepared the object representing the log entry to be made, that object should be placed on a synchronized FIFO queue. If the logging service thread is idle, the request processing thread should mark the logging service thread as active and wake it up before unlocking the queue; if the logging service thread is already active, the request processing thread just unlocks the queue after enqueuing its entry. When the logging service thread wakes up, it must lock the queue, remove _all_ the entries currently on the queue, unlock the queue, and send all the removed entries to the database in as few calls as possible. Once that's done, the logging service thread relocks the queue, checks for any new arrivals and repeats as needed. If no new arrivals, it marks itself as inactive, and goes to sleep on the queue. No polling required. You can use the standard synchronization methods (wait(), notify(), etc.) for all this (safest), or the newer but easier to abuse java.util.concurrent operations. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Best way to log requests from a servlet and to a database?
Hi Hassan, I forgot to mention that I am already using Amazon's cloud (EC2+load balancer) so I love to see a suggestion that mentions it! I will definitely check your advice. The problem is that it costs money to use it, and I would love to just use some kind of framework that uses my own RAM to host a buffer/queue. However, creating my own queue would not escalate to hundreds or thousands of requests per second, so considering that I was already considering some kind of queue service and actually I thought about Amazon's. but I did it while sleeping so I forgot to mention it in my list :-) Thanks again for your suggestion! On Fri, Jan 25, 2013 at 9:32 PM, Hassan Schroeder hassan.schroe...@gmail.com wrote: On Fri, Jan 25, 2013 at 6:00 PM, Brian Braun brianbr...@gmail.com wrote: What I need is to be able to accept as much HTTP requests as possible, to log every one of them as fast as possible (not syncronously), and to make everything fast and with a very low usage of RAM when MySQL gets slow and inserts need to queue. I think I need some kind of queue to buffer the entries when the speed of http request is higher than the speed of insertions in the database log. 3- Using some kind of any other framework that specializes in this? http://aws.amazon.com/sqs/ Let us know how that works out if you try it :-) -- Hassan Schroeder hassan.schroe...@gmail.com http://about.me/hassanschroeder twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Best way to log requests from a servlet and to a database?
OK, Amazon's solution would be too expensive to use as a first option. I would like to use it but just after a first queue is full. This first queue would be something running in my own host, using RAM to host the buffer. Any ideas on how to create this? On Fri, Jan 25, 2013 at 9:44 PM, Brian Braun brianbr...@gmail.com wrote: Hi Hassan, I forgot to mention that I am already using Amazon's cloud (EC2+load balancer) so I love to see a suggestion that mentions it! I will definitely check your advice. The problem is that it costs money to use it, and I would love to just use some kind of framework that uses my own RAM to host a buffer/queue. However, creating my own queue would not escalate to hundreds or thousands of requests per second, so considering that I was already considering some kind of queue service and actually I thought about Amazon's. but I did it while sleeping so I forgot to mention it in my list :-) Thanks again for your suggestion! On Fri, Jan 25, 2013 at 9:32 PM, Hassan Schroeder hassan.schroe...@gmail.com wrote: On Fri, Jan 25, 2013 at 6:00 PM, Brian Braun brianbr...@gmail.com wrote: What I need is to be able to accept as much HTTP requests as possible, to log every one of them as fast as possible (not syncronously), and to make everything fast and with a very low usage of RAM when MySQL gets slow and inserts need to queue. I think I need some kind of queue to buffer the entries when the speed of http request is higher than the speed of insertions in the database log. 3- Using some kind of any other framework that specializes in this? http://aws.amazon.com/sqs/ Let us know how that works out if you try it :-) -- Hassan Schroeder hassan.schroe...@gmail.com http://about.me/hassanschroeder twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
How to stop DoS attacks to my Tomcat based app? Should I use Apache HTTPD or NGINX behind Tomcat?
Hi, This is my infrastructure, from the point of view of what my users/attackers are facing: - Amazon web service Elastic Load balancer - 2 or more Ubuntu Linux VPSs behind the load balancer - IPTables running inside Ubuntu - JVM 1.6.0_35-b10 - Tomcat 7.0.33 - My app, running inside Tomcat I want to stop if one person starts making an excesive amount of requests to my app, maybe because he needs to make all those requests but didn’t know there is a service limit in the RestFul service I'm providing, maybe because he doesn’t care about the service limits, or maybe because he wants to attack me with a DoS. I can do it at the app level using a servlet filter and I'm already filtering them by IPs there, but that is not the best solution because the http requests will go all the way to my app, causing a lot of work to the previous layers (from the OS to the app). I can also do it at the Tomcat level using valves even at the engine level, but the same concern applies here: too much previous effort. Besides that, I can not update the offending IPs registered in the valve in a programmatic way (as I can do using servler filters and a MySQL database containing the offending IPs). I can NOT do it at the IPTables level, because the real IP address is in the x_forwarded_for header and IPTables deals with TCP/IP, not with HTTP. Or at least, even if there is a way to create a rule, it will not run in an efficient way. I will NOT be able to do it a the load balancer level, because Amazon doesn't allow us the stop some IPs there, not to mention a way to stop a DoS. I have been doing some reasearch, and it seems that I have two good options: Installing Apache HTTPD server or NGINX, before Tomcat. I know a lot about Tomcat, but almost nothing about Apache HTTPD and nothing about NGINX. Which one would you recommend me? This is what I’m looking for: - To be able to evaluate the x_forwarded_for header to recognize the real IP address (because there will be a load balancer behind) - To be able to limit the rate of request based on the IP making it enter my site at a slower rate, or if that is not possible to reject the excesive requests. - To place this new layer (HTTPD or NGINX) between the load balancer and Tomcat, so Tomcat will still run the app. My app has been written in Java and I love java/Tomcat, so this will definitely existing. - Speed, low resources consumption (mainly CPU and RAM), stability, reliability. - Easy to learn, install and maintain. Which one would you recommend, Apache or NGINX? I guess it would be better to use Apache because of all the documentation and information out there, and It would not harm me to finally learn about Apache. But I read somewhere that NGINX is specially fast and light in doing this (stopping Dos). However, I read that it is easier to connect HTTPD and Tomcat while it is not that easy NGINX/Tomcat. Or is there a better solution to stop users making an excesive amount of requests, using just Tomcat? Is there a filter somewhere that could help me, or a valve I haven't heard of? Tia, Brian
Re: How to limit the number of sessions per IP address (DOS attacks)
HI André, You are right, there is a hole there. However, it won't be a problem for me. Basically, I want to detect if the same IP creates so many sessions that in the same time 200 sessions exist and belong to is (the sessions live about 30 min each). My site doesn't have much traffic, usually there are between 10 and 20 sessions and many of them belong to crawlers. So if at a certain point there 200 concurrent sessions belonging to the same IP, most likely they actually belong to the same host and not to many hosts behind a proxy. Thanks for the comment! On Mon, Oct 1, 2012 at 3:45 AM, André Warnier a...@ice-sa.com wrote: Brian Braun wrote: Hi Constantine, 1- I had almost decided to program a filter. However, I have found this solution: http://stackoverflow.com/**questions/3679465/find-number-** of-active-sessions-created-**from-a-given-client-ip/**3679783#3679783http://stackoverflow.com/questions/3679465/find-number-of-active-sessions-created-from-a-given-client-ip/3679783#3679783 What do you think about it? I havent tried it yet, but as far as I can tell it looks good. It would help me to know how many sessions exist for a certain IP. Knowing that, I could deny more sessions for that IP (even though the procedure to deny is not included in this code). Just want to point out a possible hole in the logic. If there are a number of potential (legitimate and illegitimate) clients located within the same corporate LAN, and these clients all access the Internet through say a corporate proxy, all these request will look to your server as originating from the same IP address. So you could be denying more than you wish. However, their origin /port/ should be different, so you might want to include that in your filter, inaddition to the IP address. --**--**- To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.orgusers-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to limit the number of sessions per IP address (DOS attacks)
Hi Contantine, I barely have about 10-20 sessions existing at the same time, considering already abandones sessions and even sessions created because of crawlers. So it won't be slow to use the getCount() method, at least not for now. Thanks for your comment! On Mon, Oct 1, 2012 at 5:42 AM, Konstantin Kolinko knst.koli...@gmail.comwrote: 2012/10/1 Brian Braun brianbr...@gmail.com: Hi Constantine, 1- I had almost decided to program a filter. However, I have found this solution: http://stackoverflow.com/questions/3679465/find-number-of-active-sessions-created-from-a-given-client-ip/3679783#3679783 What do you think about it? I havent tried it yet, but as far as I can tell it looks good. It would help me to know how many sessions exist for a certain IP. Knowing that, I could deny more sessions for that IP (even though the procedure to deny is not included in this code). Yes, something like that. I note though that I'd expect that getCount() method implementation to be slow. Whether do you notice the slowness or not depends on the actual count of sessions on your server. 3- Thanks a lot for reminding me about the manager tag. I had almost forgot about it. However, the attribute maxActiveSessions limits the total of sessions among all the visitors, not specifically the total of sessions FOR A CERTAIN IP, or does it? Yes, the total count of active sessions. I think it would be better than to allow Tomcat to crash. Though it might disrupt service for the legitimate demo clients. . Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to limit the number of sessions per IP address (DOS attacks)
Hi Constantine, 1- I had almost decided to program a filter. However, I have found this solution: http://stackoverflow.com/questions/3679465/find-number-of-active-sessions-created-from-a-given-client-ip/3679783#3679783 What do you think about it? I havent tried it yet, but as far as I can tell it looks good. It would help me to know how many sessions exist for a certain IP. Knowing that, I could deny more sessions for that IP (even though the procedure to deny is not included in this code). 2- You don't need to authenticate to acess the demo page, so in theory it should not need a session. However, I'm handling that page in the same way all the other pages -that require authentication- are being handled. I mean, all of them create a session if a session doesn't exist yet. Maybe I could improve that so the demo page would not create a session if its the first page that the bot goes to, but what if in the future a bot goes to any other page at a high rate? The site would crash anyway. So I prefer to find a solution against too many sessions per IP, regardless of which pages have been visited. 3- Thanks a lot for reminding me about the manager tag. I had almost forgot about it. However, the attribute maxActiveSessions limits the total of sessions among all the visitors, not specifically the total of sessions FOR A CERTAIN IP, or does it? Thanks! On Sun, Sep 30, 2012 at 3:24 AM, Konstantin Kolinko knst.koli...@gmail.comwrote: 2012/9/30 Brian Braun brianbr...@gmail.com: Hi, I'm using Tomcat 7.0.22 (+Ubuntu Linux + MySQL). I'm providen a geolocation service. My users invoque a URL in my server (something like http://services.acme.com/locate?ip=..) providing the IP address, and it responds with the geolocation info. This service must admit a very high rate of queries, and it is doing it sucessfully now. This URL doesn't create sessions in order to save resources, and because sessions are not required after all. Each call is treated individually, no need to link them in sessions. In other words, this is a RESTful service. Besides the service URL, I have a website in the form http://www.acme.com(www. instead of services.). This website has a demo page where visitors can type an IP address and see the response (values, format, and an explanation of that). This website DOES create session, because it is necessary given that the user logs in, uses his account, manages his license codes, etc. The problem is that some people are requesting the demo URL at a very high rate, instead of requesting the special service URL that has been designed to provide the service returning a response in XML. When they request this demo page at a very high rate, a ton of sessions are being created and Tomcat ultimately collapses. Basically, the RAM is exhausted, Tomcats gets slower and slower, and dies at the end. In other words, this is something similar to a DOS attack (Denial Of Service). I need to solve this. I need a way to limit the number of sessions that are being created for the same IP, and in the same host under Tomcat, so if this people start doing this, the app will stop them. It is very import to be able to apply a solution just to the www website, not to the other services. subdomain, so the solution must not be global to the Tomcat engine. What would you recommend as a strategy? Is there some kind of valve that I can use in the server.xml file to solve this? Should I create a filter that does this? Is a filter the best place to implement a solution? Is there a way to inspect the API and get the list of current sessions? Or do I need to build my own list at the application scope, most likely using the events when a session is created or destroyed to update this list? Is there a solution already built? Or do I have to program one from scratch? Note: I want to solve it at the host or context level. Not at the Tomcat engine level, or at the Linux level (IPTables/firewall), or adding Apache HTTPD server before Tomcat. 1. You can write a Filter. 2. Your requests to your demo page are authenticated? If yes, maybe you can track abuse from there (and ban abusers). If not, do you need a session for those pages? 3. Manager maxActiveSessions=... / https://tomcat.apache.org/tomcat-7.0-doc/config/manager.html Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Is there a REAL solution to the BEAST attack (CVE-2011-3389) for Tomcat 7.x
Hi Mark, I was really interested in your advice. I'm glad you answered, thanks! I'm trying not the disable TLS1.0 because I did a site that is being uses by unknown people over the internet, and I don't one how many of them are using a browser that only works with TLS1.0. Where can I get the list of all available ciphers for Sun JVM 6 update 35? I would like to get the complete list, and then remove the CBC ones. Right now I'm using just 3, from which one uses CBC: ciphers=SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA Besides removing the last one, which ones should I add? On Sat, Sep 15, 2012 at 2:57 AM, Mark Thomas ma...@apache.org wrote: Brian Braun brianbr...@gmail.com wrote: Hi, Is there a REAL solution to the BEAST attack (CVE-2011-3389) for Tomcat 7.x? For more info about this attack: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389 My toughts and questions, as far as I have investigated this issue: - Disabling the TLS1.0 protocol would be too restrictive, because there are still browser versions in use that don't support TLS1.1 or TLS1.2. - Should we restrict the ciphers in use? If so, which ones should we offer for Tomcat 7.X over JVM1.6 and using a GeoCerts certificate (which means JSSE instead of OpenSSL)? Any strong ciphers available with your JVM that don't use CBC. - Will upgrading to the latest JVM (as of today, Sept 14th 2012) solve this issue? Unlikely. What it may do is give you more cipher options. Java 7 also - I think but haven't check my recollection - supports the later TLS versions. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Is there a REAL solution to the BEAST attack (CVE-2011-3389) for Tomcat 7.x
Well, I'm using JVM1.6 Update 35 (the latest). I want the best encription I can get, while at the same time I want it to be near to 100% compatible with all my possible internet visitor's browsers, and also I want to pass the PCI test that www.secritymetrics.com performs. I have humble requirements :-) On Sat, Sep 15, 2012 at 2:05 PM, Mark Thomas ma...@apache.org wrote: On 15/09/2012 19:59, Brian Braun wrote: Hi Mark, I was really interested in your advice. I'm glad you answered, thanks! I'm trying not the disable TLS1.0 because I did a site that is being uses by unknown people over the internet, and I don't one how many of them are using a browser that only works with TLS1.0. Where can I get the list of all available ciphers for Sun JVM 6 update 35? http://people.apache.org/~markt/random/CryptoInfo.java I would like to get the complete list, and then remove the CBC ones. You'll need to remove more than just the CBC ones. Anything with EXPORT or NULL will need to go too. Maybe others. You'll have to check each one. Right now I'm using just 3, from which one uses CBC: ciphers=SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA Besides removing the last one, which ones should I add? It depends on what the JVM supports and what minimum strength encryption you want. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL Vulnerability in Tomcat and/or JVM?
Thanks a lot Dan. I will do. I just hope all internet visitors will still be able to browse by site. Do you think they will? How important could the CBC ciphers be? On Sat, Sep 15, 2012 at 10:57 AM, Dan Chernoff dan.chern...@gmail.comwrote: Your only other real option is remove any CBC and diffehelmen ciphers from your supported cipher list. This really only leaves you with RC4 ciphers. Dan On Sep 14, 2012, at 5:14 PM, Brian Braun brianbr...@gmail.com wrote: Hi Dan, Thanks a lot for your response! Contacting them will not work. I have had false positives in the past and they just don't fix it. I need to do something on my side to solve this situation. I'm certainly NOT using OpenSSL. I'm using a Geotrust certificate, and therefore the JSSE implementation. Is there any other value I could give to the parameters in my connector section to solve this problem? Maybe any way to force TLS1.1 instead of allow TLS1.0? I'm very confussed. On Fri, Sep 14, 2012 at 9:59 AM, Dan dan.chern...@gmail.com wrote: I experienced this exact same issue with McAfee secure scan. If you are you using JSSE as your provider you should be okay. You can submit this as a false positive scan and let them know you are using JSSE instead of OpenSSL. You can check to see which provider you are using by looking at your connector. JSSE Connector protocol=org.apache.coyote.http11.Http11Protocol port=443 .../ APR/OpenSSL Connector protocol=org.apache.coyote.http11.Http11AprProtocol port=443 .../ Dan -Original Message- From: Brian Braun [mailto:brianbr...@gmail.com] Sent: Friday, September 14, 2012 1:06 AM To: Tomcat Users List Subject: SSL Vulnerability in Tomcat and/or JVM? Hi, In my site I'm using a certificate from www.securitymetrics.com. Today they disabled my certificate. This is supposed to be the main reason: Description: SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability Synoposis: It may be possible to obtain sensitive information from the remote host with SSL/TLS-enabled services. Impact: A vulnerability exists in SSL 3.0 and TLS 1.0 that could allow information disclosure if an attacker intercepts encrypted traffic served from an affected system. TLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected. This script tries to establish an SSL/TLS remote connection using an affected SSL version and cipher suite, and then solicits return data. If returned application data is not fragmented with an empty or one-byte record, it is likely vulnerable. OpenSSL uses empty fragments as a countermeasure unless the 'SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS' option is specified when OpenSSL is initialized. Microsoft implemented one-byte fragments as a countermeasure, and the setting can be controlled via the registry key H KEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\SecurityProviders \\SCHANNEL\\SendExtraRecord file://schannel/SendExtraRecord. Therefore, if multiple applications use the same SSL/TLS implementation, some may be vulnerable while others may not, depending on whether or not a countermeasure has been enabled. Note that this script detects the vulnerability in the SSLv3/TLSv1 protocol implemented in the server. It does not detect the BEAST attack where it exploits the vulnerability at HTTPS client-side (i.e., Internet browser). The detection at server-side does not necessarily mean your server is vulnerable to the BEAST attack because the attack exploits the vulnerability at client-side, and both SSL/TLS clients and servers can independently employ the split record countermeasure. See also : http://www.openssl.org/~bodo/tls-cbc.txt http://vnhacker.blogspot.com/2011/09/beast.html http://technet.microsoft.com/en-us/security/bulletin/ms12-006 http://support.microsoft.com/kb/2643584 http://blogs.msdn.com/b/kaushal/archive/2012/01/21/fixing-the-beast.aspxData Received: Negotiated cipher suite: EDH-RSA-DES- CBC3-SHA|SSLv3|Kx=DH|Au=RSA|Enc=3DES(168)|Mac=SHA1 Resolution: Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported. Configure SSL/TLS servers to only support cipher suites that do not use block ciphers. Apply patches if available. Note that additional configuration may be required after the installation of the MS12-006 security update in order to enable the split-record countermeasure. See http://support.microsoft.com/kb/2643584 for details. Risk Factor: Medium/ CVSS2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE: CVE-2011-3389 This is supposed to explain it further: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389 What should I do? Should I modify the parameters in my Tomcat Connector? Should I upgrade my JVM? Should I upgrade Tomcat to a most recent version? Should I use Windows
Re: Is there a REAL solution to the
Thanks a lot for the tip Edward. I will research it. However, I would have to stop using JSSE in Tomcat and start using APR. Maybe I should, I really don't know if it is supposed to be better than JSSE but I will investigate. On Sat, Sep 15, 2012 at 10:10 AM, Edward Bicker g...@travelin.com wrote: Yeah, but I thought OpenSSL had a patch for this that worked. Read...#2635: 1/n-1 record splitting technique for CVE-2011-3389 -Original Message- From: Brian Braun brianbr...@gmail.com Sent: Sep 14, 2012 11:12 PM To: Tomcat Users List users@tomcat.apache.org Subject: Is there a REAL solution to the BEAST attack (CVE-2011-3389) for Tomcat 7.x Hi, Is there a REAL solution to the BEAST attack (CVE-2011-3389) for Tomcat 7.x? For more info about this attack: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389 My toughts and questions, as far as I have investigated this issue: - Disabling the TLS1.0 protocol would be too restrictive, because there are still browser versions in use that don't support TLS1.1 or TLS1.2. - Should we restrict the ciphers in use? If so, which ones should we offer for Tomcat 7.X over JVM1.6 and using a GeoCerts certificate (which means JSSE instead of OpenSSL)? - Will upgrading to the latest JVM (as of today, Sept 14th 2012) solve this issue? Thanks in advace. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
SSL Vulnerability in Tomcat and/or JVM?
Hi, In my site I’m using a certificate from www.securitymetrics.com. Today they disabled my certificate. This is supposed to be the main reason: Description: SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability Synoposis: It may be possible to obtain sensitive information from the remote host with SSL/TLS-enabled services. Impact: A vulnerability exists in SSL 3.0 and TLS 1.0 that could allow information disclosure if an attacker intercepts encrypted traffic served from an affected system. TLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected. This script tries to establish an SSL/TLS remote connection using an affected SSL version and cipher suite, and then solicits return data. If returned application data is not fragmented with an empty or one-byte record, it is likely vulnerable. OpenSSL uses empty fragments as a countermeasure unless the 'SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS' option is specified when OpenSSL is initialized. Microsoft implemented one-byte fragments as a countermeasure, and the setting can be controlled via the registry key H KEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\SecurityProviders \\SCHANNEL\\SendExtraRecord file://schannel/SendExtraRecord. Therefore, if multiple applications use the same SSL/TLS implementation, some may be vulnerable while others may not, depending on whether or not a countermeasure has been enabled. Note that this script detects the vulnerability in the SSLv3/TLSv1 protocol implemented in the server. It does not detect the BEAST attack where it exploits the vulnerability at HTTPS client-side (i.e., Internet browser). The detection at server-side does not necessarily mean your server is vulnerable to the BEAST attack because the attack exploits the vulnerability at client-side, and both SSL/TLS clients and servers can independently employ the split record countermeasure. See also : http://www.openssl.org/~bodo/tls-cbc.txt http://vnhacker.blogspot.com/2011/09/beast.html http://technet.microsoft.com/en-us/security/bulletin/ms12-006 http://support.microsoft.com/kb/2643584 http://blogs.msdn.com/b/kaushal/archive/2012/01/21/fixing-the-beast.aspxData Received: Negotiated cipher suite: EDH-RSA-DES- CBC3-SHA|SSLv3|Kx=DH|Au=RSA|Enc=3DES(168)|Mac=SHA1 Resolution: Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported. Configure SSL/TLS servers to only support cipher suites that do not use block ciphers. Apply patches if available. Note that additional configuration may be required after the installation of the MS12-006 security update in order to enable the split-record countermeasure. See http://support.microsoft.com/kb/2643584 for details. Risk Factor: Medium/ CVSS2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE: CVE-2011-3389 This is supposed to explain it further: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389 What should I do? Should I modify the parameters in my Tomcat Connector? Should I upgrade my JVM? Should I upgrade Tomcat to a most recent version? Should I use Windows instead of Linux? (I’m joking with the last one!) Some information you may need to answer this: - Linux Centos 5.8 - I’m using an SSL certificate from geotrust, a very current one (as far as I know). - JVM: 1.6.0_11-b03 - Tomcat 7.0.10 (Even though I disguised it as 7.0.25, actually so securitymetrics don’t bother me with some very obscure vulnerabilities that would force me to update it otherwise) - This is the relevant entry in my server.xml file: Connector connectionTimeout=1 enableLookups=true port=8443 scheme=https secure=true clientAuth=false keystoreFile=conf/certificate.kdb minSpareThreads=4 maxThreads=1000 sslProtocol=SSLv3 ciphers=SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA protocol=HTTP/1.1 SSLEnabled=true /Connector Thanks in advance! Brian
Re: SSL Vulnerability in Tomcat and/or JVM?
Hi Dan, Thanks a lot for your response! Contacting them will not work. I have had false positives in the past and they just don't fix it. I need to do something on my side to solve this situation. I'm certainly NOT using OpenSSL. I'm using a Geotrust certificate, and therefore the JSSE implementation. Is there any other value I could give to the parameters in my connector section to solve this problem? Maybe any way to force TLS1.1 instead of allow TLS1.0? I'm very confussed. On Fri, Sep 14, 2012 at 9:59 AM, Dan dan.chern...@gmail.com wrote: I experienced this exact same issue with McAfee secure scan. If you are you using JSSE as your provider you should be okay. You can submit this as a false positive scan and let them know you are using JSSE instead of OpenSSL. You can check to see which provider you are using by looking at your connector. JSSE Connector protocol=org.apache.coyote.http11.Http11Protocol port=443 .../ APR/OpenSSL Connector protocol=org.apache.coyote.http11.Http11AprProtocol port=443 .../ Dan -Original Message- From: Brian Braun [mailto:brianbr...@gmail.com] Sent: Friday, September 14, 2012 1:06 AM To: Tomcat Users List Subject: SSL Vulnerability in Tomcat and/or JVM? Hi, In my site I'm using a certificate from www.securitymetrics.com. Today they disabled my certificate. This is supposed to be the main reason: Description: SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability Synoposis: It may be possible to obtain sensitive information from the remote host with SSL/TLS-enabled services. Impact: A vulnerability exists in SSL 3.0 and TLS 1.0 that could allow information disclosure if an attacker intercepts encrypted traffic served from an affected system. TLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected. This script tries to establish an SSL/TLS remote connection using an affected SSL version and cipher suite, and then solicits return data. If returned application data is not fragmented with an empty or one-byte record, it is likely vulnerable. OpenSSL uses empty fragments as a countermeasure unless the 'SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS' option is specified when OpenSSL is initialized. Microsoft implemented one-byte fragments as a countermeasure, and the setting can be controlled via the registry key H KEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\SecurityProviders \\SCHANNEL\\SendExtraRecord file://schannel/SendExtraRecord. Therefore, if multiple applications use the same SSL/TLS implementation, some may be vulnerable while others may not, depending on whether or not a countermeasure has been enabled. Note that this script detects the vulnerability in the SSLv3/TLSv1 protocol implemented in the server. It does not detect the BEAST attack where it exploits the vulnerability at HTTPS client-side (i.e., Internet browser). The detection at server-side does not necessarily mean your server is vulnerable to the BEAST attack because the attack exploits the vulnerability at client-side, and both SSL/TLS clients and servers can independently employ the split record countermeasure. See also : http://www.openssl.org/~bodo/tls-cbc.txt http://vnhacker.blogspot.com/2011/09/beast.html http://technet.microsoft.com/en-us/security/bulletin/ms12-006 http://support.microsoft.com/kb/2643584 http://blogs.msdn.com/b/kaushal/archive/2012/01/21/fixing-the-beast.aspxData Received: Negotiated cipher suite: EDH-RSA-DES- CBC3-SHA|SSLv3|Kx=DH|Au=RSA|Enc=3DES(168)|Mac=SHA1 Resolution: Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported. Configure SSL/TLS servers to only support cipher suites that do not use block ciphers. Apply patches if available. Note that additional configuration may be required after the installation of the MS12-006 security update in order to enable the split-record countermeasure. See http://support.microsoft.com/kb/2643584 for details. Risk Factor: Medium/ CVSS2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE: CVE-2011-3389 This is supposed to explain it further: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389 What should I do? Should I modify the parameters in my Tomcat Connector? Should I upgrade my JVM? Should I upgrade Tomcat to a most recent version? Should I use Windows instead of Linux? (I'm joking with the last one!) Some information you may need to answer this: - Linux Centos 5.8 - I'm using an SSL certificate from geotrust, a very current one (as far as I know). - JVM: 1.6.0_11-b03 - Tomcat 7.0.10 (Even though I disguised it as 7.0.25, actually so securitymetrics don't bother me with some very obscure vulnerabilities that would force me to update it otherwise) - This is the relevant entry in my server.xml file: Connector connectionTimeout=1 enableLookups=true port=8443 scheme=https secure
Is there a REAL solution to the BEAST attack (CVE-2011-3389) for Tomcat 7.x
Hi, Is there a REAL solution to the BEAST attack (CVE-2011-3389) for Tomcat 7.x? For more info about this attack: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389 My toughts and questions, as far as I have investigated this issue: - Disabling the TLS1.0 protocol would be too restrictive, because there are still browser versions in use that don't support TLS1.1 or TLS1.2. - Should we restrict the ciphers in use? If so, which ones should we offer for Tomcat 7.X over JVM1.6 and using a GeoCerts certificate (which means JSSE instead of OpenSSL)? - Will upgrading to the latest JVM (as of today, Sept 14th 2012) solve this issue? Thanks in advace.
Re: Any way to deal with too many request per second?
Hi Joseph, Could you elaborate that further please? It sounds like a solution, but I didn't understand it. Thanks in advance! On Fri, Jun 29, 2012 at 8:28 PM, Joseph wutong...@gmail.com wrote: Try jdk build in block queue in concurrent pkg 在 2012-6-30,7:57,Brian Braun brianbr...@gmail.com 写道: Hi, First of all, I'm using Ubuntu 11.1 + Tomcat 7.0.22. I created a RESTfull service. My clients are sending me HTTP requests, and I return them responses. Usually, a client makes at the most 1-2 requests per second which is totally fine, but some clients sometimes make about 30 requests per second and that makes my server suffer, even though I'm using a load balancer with two servers behind it. I would like to find a way to deal with this. The best thing would be to delay them when they do that, not to totally stop or ban them, but to slow them somehow. Maybe creating a queue for them, or maybe putting them in a lower priority, until they slow their requests. I could program this myself, but I guess there is already a solution somewhere. Maybe a Tomcat valve could do it? Does anybody know one? Or maybe some kind of filter? Any suggestions? Thanks in advance. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Any way to deal with too many request per second?
Hi, First of all, I'm using Ubuntu 11.1 + Tomcat 7.0.22. I created a RESTfull service. My clients are sending me HTTP requests, and I return them responses. Usually, a client makes at the most 1-2 requests per second which is totally fine, but some clients sometimes make about 30 requests per second and that makes my server suffer, even though I'm using a load balancer with two servers behind it. I would like to find a way to deal with this. The best thing would be to delay them when they do that, not to totally stop or ban them, but to slow them somehow. Maybe creating a queue for them, or maybe putting them in a lower priority, until they slow their requests. I could program this myself, but I guess there is already a solution somewhere. Maybe a Tomcat valve could do it? Does anybody know one? Or maybe some kind of filter? Any suggestions? Thanks in advance.
Re: Leak in Tomcat 7.0.11: a java.util.Timer seems to leave a timerThread in the JVM, and Tomcat says ...has failed to stop it. This is very likely to create a memory leak
Hi, Where do I find that? is there an archive of the threads? Thanks! On Sat, Jul 30, 2011 at 9:14 AM, Konstantin Kolinko knst.koli...@gmail.comwrote: 2011/7/30 Brian Braun brianbr...@gmail.com: How do I solve it? Do I need to kill the thread somehow, or should it die as soon as I cancel the timer with the timer.cancel() method? It was discussed recently. See thread Terminating Timer Thread Gracefully starting with July 12th. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Leak in Tomcat 7.0.11: a java.util.Timer seems to leave a timerThread in the JVM, and Tomcat says ...has failed to stop it. This is very likely to create a memory leak
(I have just found the archive, sorry for asking something so silly) On Sat, Jul 30, 2011 at 9:21 AM, Brian Braun brianbr...@gmail.com wrote: Hi, Where do I find that? is there an archive of the threads? Thanks! On Sat, Jul 30, 2011 at 9:14 AM, Konstantin Kolinko knst.koli...@gmail.com wrote: 2011/7/30 Brian Braun brianbr...@gmail.com: How do I solve it? Do I need to kill the thread somehow, or should it die as soon as I cancel the timer with the timer.cancel() method? It was discussed recently. See thread Terminating Timer Thread Gracefully starting with July 12th. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Leak in Tomcat 7.0.11: a java.util.Timer seems to leave a timerThread in the JVM, and Tomcat says ...has failed to stop it. This is very likely to create a memory leak
Hi Konstantine, I read all the thread, but I didn't find any conclusive response. Here are my doubts/comments, after everything I have read: - My timer creates a thread, with a name I assign to it. After my app stops, I see the thread in the JVM using the Yourkit profiler. It is clear that the thread is still there, but doing absolutely nothing (it does show any color trace in the profiler). As far as I have noticed, it dissappears after a while. Somehow, the JVM realizes the timer was already canceled, and that for that reason the thread can/must be killed. Am I right? - When Tomcat checks for leaks, it finds that the timer thread is there, and that it is related to the same classloader that is related to the app, and then warns that it could be a leak. Tomcat doesn't check if the timer has already been canceled and therefore going to dissapear in a while, it just checks that its thread is linked to the app by the same loader and that the thread still exists. Or am I wrong? What should I really do? 1- Should I try to kill the thread somehow? I don't even know how to get a reference to that thread. 2- Should I try to understand how Tomcat kills the thread in its code, and do it myself copying the code? 3- Should I just wait for a couple of seconds, inserting a delay in the contextDestroyed() method, so as to give time to the task object to finish doing whatever it does when cancelling? I don't think that would be reliable. 4- Should I set the parameter clearReferencesStopTimerThreads=true in the context, to tell Tomcat to kill the threads linked to the same loader? That would make Tomcat to leave a warning in the log also (I would prefer a clean log instead), but at least the manager would not tell me that a leak was found, when I press the Find leaks button. If I use that parameter, what will happen if there is another timer in the future that should not be killed, and it will kill it without me knowing about it? 5- Or should I just do nothing, and accept that even if the manager thinks there is a leak, it is just the timer thread that will dissappear eventually and that no leaking is really happening? On Sat, Jul 30, 2011 at 9:14 AM, Konstantin Kolinko knst.koli...@gmail.comwrote: 2011/7/30 Brian Braun brianbr...@gmail.com: How do I solve it? Do I need to kill the thread somehow, or should it die as soon as I cancel the timer with the timer.cancel() method? It was discussed recently. See thread Terminating Timer Thread Gracefully starting with July 12th. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Leak in Tomcat 7.0.11: a java.util.Timer seems to leave a timerThread in the JVM, and Tomcat says ...has failed to stop it. This is very likely to create a memory leak
Hi Konstantine, I read all the thread, but I didn't find any conclusive response. Here are my doubts/comments, after everything I have read: For reference: http://markmail.org/thread/oph2acjbdptcvduf - My timer creates a thread, with a name I assign to it. After my app stops, I see the thread in the JVM using the Yourkit profiler. It is clear that the thread is still there, but doing absolutely nothing (it does show any color trace in the profiler). As far as I have noticed, it dissappears after a while. Somehow, the JVM realizes the timer was already canceled, and that for that reason the thread can/must be killed. Am I right? In short, Timer.cancel() only prevents future execution of the timer task. It does not interrupt the task that is currently being executed if there is any, nor waits for the scheduler thread to finish. Main concern here is that any task that is scheduled must complete before you shut down WebappClassLoader. Oh, I forgot to mention that before I cancel() the timer, I iterate on all the tasks and cancel them. I guess that guarantees that everything has finished. - When Tomcat checks for leaks, it finds that the timer thread is there, and that it is related to the same classloader that is related to the app, and then warns that it could be a leak. Tomcat doesn't check if the timer has already been canceled and therefore going to dissapear in a while, it just checks that its thread is linked to the app by the same loader and that the thread still exists. Yes. That is what happens. 3- Should I just wait for a couple of seconds, inserting a delay in the contextDestroyed() method, so as to give time to the task object to finish doing whatever it does when cancelling? I don't think that would be reliable. At least you may do a Thread.yield() to let that other thread a chance to run (and finish). How to I get a reference to the timerThread? I wonder whether WebappClassLoader#clearReferencesStopTimerThread() can be improved to check whether the value of newTasksMayBeScheduled flag is already false. It does not solve the issue of a task that is being run at this very moment, though. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org 2011/7/30 Brian Braun brianbr...@gmail.com:
Re: Leak in Tomcat 7.0.11: a java.util.Timer seems to leave a timerThread in the JVM, and Tomcat says ...has failed to stop it. This is very likely to create a memory leak
Hi Terence, I will try that. Thanks! On Sat, Jul 30, 2011 at 3:13 PM, Terence M. Bandoian tere...@tmbsw.comwrote: On 1:59 PM, Brian Braun wrote: Hi Konstantine, I read all the thread, but I didn't find any conclusive response. Here are my doubts/comments, after everything I have read: For reference: http://markmail.org/thread/**oph2acjbdptcvdufhttp://markmail.org/thread/oph2acjbdptcvduf - My timer creates a thread, with a name I assign to it. After my app stops, I see the thread in the JVM using the Yourkit profiler. It is clear that the thread is still there, but doing absolutely nothing (it does show any color trace in the profiler). As far as I have noticed, it dissappears after a while. Somehow, the JVM realizes the timer was already canceled, and that for that reason the thread can/must be killed. Am I right? In short, Timer.cancel() only prevents future execution of the timer task. It does not interrupt the task that is currently being executed if there is any, nor waits for the scheduler thread to finish. Main concern here is that any task that is scheduled must complete before you shut down WebappClassLoader. Oh, I forgot to mention that before I cancel() the timer, I iterate on all the tasks and cancel them. I guess that guarantees that everything has finished. - When Tomcat checks for leaks, it finds that the timer thread is there, and that it is related to the same classloader that is related to the app, and then warns that it could be a leak. Tomcat doesn't check if the timer has already been canceled and therefore going to dissapear in a while, it just checks that its thread is linked to the app by the same loader and that the thread still exists. Yes. That is what happens. 3- Should I just wait for a couple of seconds, inserting a delay in the contextDestroyed() method, so as to give time to the task object to finish doing whatever it does when cancelling? I don't think that would be reliable. At least you may do a Thread.yield() to let that other thread a chance to run (and finish). How to I get a reference to the timerThread? I wonder whether WebappClassLoader#**clearReferencesStopTimerThread**() can be improved to check whether the value of newTasksMayBeScheduled flag is already false. It does not solve the issue of a task that is being run at this very moment, though. Best regards, Konstantin Kolinko --**--** - To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.orgusers-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org 2011/7/30 Brian Braunbrianbr...@gmail.com: Hi, Brian- As Kris Schneider suggested, I ended up using Executors.** newSingleThreadScheduledExecut**or() instead of a Timer. See the last post in the thread Konstantin referenced (http://markmail.org/thread/** oph2acjbdptcvduf http://markmail.org/thread/oph2acjbdptcvduf), dated July 24, for example code. It appears to work reliably. -Terence --**--**- To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.orgusers-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Leak in Tomcat 7.0.11: a java.util.Timer seems to leave a timerThread in the JVM, and Tomcat says ...has failed to stop it. This is very likely to create a memory leak
Finally I have found something interesting: Tomcat has been warning me about the TimerThread, saying that it could bring leaks. And the Find Leaks button in the Tomcat Manager actually has been telling me that I do have leaks, because it notices that the class loader can't be garbage collected. But the condiction that made the class loader to be unable to unload was not actually the TimerThread, but another object that I created, that references some cryptografic libraries! I just found out that, solved it, and now its clean of leaks! I have even restarted the app a lot of times, and not only the Tomcat manager says its clean of leaks, but also the Yourkit profiler shows noe just one object of the class loader! :-) On Sat, Jul 30, 2011 at 3:28 PM, Brian Braun brianbr...@gmail.com wrote: Hi Terence, I will try that. Thanks! On Sat, Jul 30, 2011 at 3:13 PM, Terence M. Bandoian tere...@tmbsw.comwrote: On 1:59 PM, Brian Braun wrote: Hi Konstantine, I read all the thread, but I didn't find any conclusive response. Here are my doubts/comments, after everything I have read: For reference: http://markmail.org/thread/**oph2acjbdptcvdufhttp://markmail.org/thread/oph2acjbdptcvduf - My timer creates a thread, with a name I assign to it. After my app stops, I see the thread in the JVM using the Yourkit profiler. It is clear that the thread is still there, but doing absolutely nothing (it does show any color trace in the profiler). As far as I have noticed, it dissappears after a while. Somehow, the JVM realizes the timer was already canceled, and that for that reason the thread can/must be killed. Am I right? In short, Timer.cancel() only prevents future execution of the timer task. It does not interrupt the task that is currently being executed if there is any, nor waits for the scheduler thread to finish. Main concern here is that any task that is scheduled must complete before you shut down WebappClassLoader. Oh, I forgot to mention that before I cancel() the timer, I iterate on all the tasks and cancel them. I guess that guarantees that everything has finished. - When Tomcat checks for leaks, it finds that the timer thread is there, and that it is related to the same classloader that is related to the app, and then warns that it could be a leak. Tomcat doesn't check if the timer has already been canceled and therefore going to dissapear in a while, it just checks that its thread is linked to the app by the same loader and that the thread still exists. Yes. That is what happens. 3- Should I just wait for a couple of seconds, inserting a delay in the contextDestroyed() method, so as to give time to the task object to finish doing whatever it does when cancelling? I don't think that would be reliable. At least you may do a Thread.yield() to let that other thread a chance to run (and finish). How to I get a reference to the timerThread? I wonder whether WebappClassLoader#**clearReferencesStopTimerThread**() can be improved to check whether the value of newTasksMayBeScheduled flag is already false. It does not solve the issue of a task that is being run at this very moment, though. Best regards, Konstantin Kolinko --**--** - To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.orgusers-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org 2011/7/30 Brian Braunbrianbr...@gmail.com: Hi, Brian- As Kris Schneider suggested, I ended up using Executors.** newSingleThreadScheduledExecut**or() instead of a Timer. See the last post in the thread Konstantin referenced (http://markmail.org/thread/** oph2acjbdptcvduf http://markmail.org/thread/oph2acjbdptcvduf), dated July 24, for example code. It appears to work reliably. -Terence --**--**- To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.orgusers-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tomcat 7.0.11: Find Leaks Button says there is a leak... then after a few minutes, it says the opposite (without any restarts in between)!
Hi, I'm using Tomcat 7.0.11. I have noticed that after a reload of an app, the Find Leaks button sometimes declares that there is a leak. But after a few minutes (without restarting/stopping/reloading the app) it says that there are no leaks. I guess the reason is that some objects are refering to the class loader and avoiding it to be garbage collected when we press the Find leaks button the first time, so it finds the leak. Then, somehow, those objects that retain the class loader dissappear or stop reffering to it, so then the class loader is collected by the GC. So then when I press the button, it says no leaks. Question: Does it mean that it is not reliable to press the button immediately after the app restart, and that I should wait for a while before doing it?
Leak in Tomcat 7.0.11: a java.util.Timer seems to leave a timerThread in the JVM, and Tomcat says ...has failed to stop it. This is very likely to create a memory leak
Hi, I'm using Tomcat 7.0.11 and I'm experiencing a leak problem. This is what I find in the log: Jul 29, 2011 7:36:51 PM org.apache.catalina.loader.WebappClassLoader clearReferencesJdbc SEVERE: The web application [/admin] registered the JDBC driver [com.mysql.jdbc.Driver] but failed to unregister it when the web application was stopped. To prevent a memory leak, the JDBC Driver has been forcibly unregistered. Jul 29, 2011 7:36:51 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/admin] appears to have started a thread named [ParadiseManualzoneTimer] but has failed to stop it. This is very likely to create a memory leak. Jul 29, 2011 7:36:55 PM org.apache.catalina.core.StandardContext reload INFO: Reloading Context with name [/admin] is completed Regarding the JDBC driver, I understand that the Tomcat mechanism to solve the leaks is able to unregister it, so for now I want to concentrate in the other leak, later I will get back to this and find the way to solve it. Regarding the thread, it belongs to a java.util.Timer. It is a timer that I create in the contextInitialized() method of my app, and I attach 3 tasks to it (java.util.TimerTask). These tasks work great during the live of the app. In the contextDestroyed() method I do this: //Cancel tasks LinkedListjava.util.TimerTask tasks= (java.util.LinkedListjava.util.TimerTask)(contexto.getAttribute(TASKS)); Iteratorjava.util.TimerTask taskIterator =tasks.iterator(); while (taskIterator.hasNext()) { java.util.TimerTask task =taskIterator.next(); task.cancel(); } contexto.removeAttribute(TASKS); taskIterator=null; tasks=null; //Destroy Timer java.util.Timer timer=(java.util.Timer)contexto.getAttribute(TIMER); contexto.removeAttribute(TIMER); timer.cancel(); timer=null; I think I'm doing the right thing, but it seems that the thread stays in the JVM. Im using Yourkit (a very powerful profiler!) and I clearly see that thread. How do I solve it? Do I need to kill the thread somehow, or should it die as soon as I cancel the timer with the timer.cancel() method? Thanks in advace!
Transactions using Tomcat 7 + Apache Commons DBCP 1.4 with two databases?
Hi, I'm using: - JDK 1.6 - Tomcat 7.0.12 - Apache Commons DBCP 1.4 - MySQL 5.1.42 - The latest MySQL JDBC driver I have an application that, so far, hasn't had transactional processing. I mean I have the autocommit in on mode, so every update/delete gets commited separately. I need to fix it so it starts grouping changes to the DB in a transaction and implement the ACID stuff, using the commit and rollback. I read the documentation and it is not hard, but I have two complications: 1- I'm using DBCP, the connection pool: The way I have programmed my app is that a business object asks a resultset that comes after a query, which in turn asks for a statement, which in turn asks for a connection from the pool. That means that the business object dosn't know which connection from the pool will attend its requirement at the end. What should I do? Should I start asking the pool for a connection, set the autocommit to false, use this connection for all the changes I need to make, then commit (or rollback), and then at the end close (return to the pool) the connection? Is that it? 2- My app uses two databases, even though both run inside the same MySQL instance. I mantain two DBCP pools, one for each database. Then how do I manage the transactions, if I need to make changes to both databases and that implies using two different connections? Do I need to use the JTA stuff that Java EE brings, for distributed processing, or is there an easier approach? Thanks a lot in advance!
Regular expression for the Crawler Session Manager Valve?
Hi Mark Thomas and everybody else, I just discovered the new valve, the *Crawler Session Manager Valve*. It deals with the search engine bots, making them use just one session among their requests (one session for each bot). I see that it includes a default regular expression for detecting the bots, which I guess is not intended to detect every bot available. Has anybody created a more complete regular expression for that? It would be great if such a reg ex existed and was published for the whole world. Brian
java.lang.NoClassDefFoundError: javax/servlet/jsp/jstl/core/LoopTag
Hi, I feel like a rookie, But I will ask for help on this. I will swallow my pride. I'm using Eclipe (latest version) to develop, and Tomcat 7.0.X both in development and in production. I started using JSTL1.2 today. When I run my app, I get this response: javax.servlet.ServletException: java.lang.NoClassDefFoundError: javax/servlet/jsp/jstl/core/LoopTag org.apache.jasper.servlet.JspServlet.service(JspServlet.java:343) javax.servlet.http.HttpServlet.service(HttpServlet.java:722) org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:381) org.apache.struts.action.RequestProcessor.doForward(RequestProcessor.java:1056) org.apache.struts.action.RequestProcessor.processForwardConfig(RequestProcessor.java:388) org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:231) org.apache.struts.action.ActionServlet.process(ActionServlet.java:1164) org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:397) javax.servlet.http.HttpServlet.service(HttpServlet.java:621) javax.servlet.http.HttpServlet.service(HttpServlet.java:722) org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:381) I already added the file jstl-impl-1.2.jar to my lib path, which is C:\EclipseTomcat7Labs\webapps\VistaControlador\WEB-INF\lib. I confirmed that when Eclipse is deploying my app, it is deloying the JST JAR. I also put this declaration on top of my JSP file: %@ taglib prefix=c uri=http://java.sun.com/jsp/jstl/core; % So how can that class not be found? Thanks in advace, Brian
Re: java.lang.NoClassDefFoundError: javax/servlet/jsp/jstl/core/LoopTag
I did. On Thu, May 19, 2011 at 10:24 AM, Yucca Nel yucca...@live.co.za wrote: Either that classis part of a lib that must be included in your WEB-INF/lib or in your $CATALINA_HOME/lib directory or it needs to be included in your zipped up web app(.war). -Original Message- From: Brian Braun Sent: Thursday, May 19, 2011 5:16 PM To: Tomcat Users List Subject: java.lang.NoClassDefFoundError: javax/servlet/jsp/jstl/core/LoopTag Hi, I feel like a rookie, But I will ask for help on this. I will swallow my pride. I'm using Eclipe (latest version) to develop, and Tomcat 7.0.X both in development and in production. I started using JSTL1.2 today. When I run my app, I get this response: javax.servlet.ServletException: java.lang.NoClassDefFoundError: javax/servlet/jsp/jstl/core/LoopTag org.apache.jasper.servlet.JspServlet.service(JspServlet.java:343) javax.servlet.http.HttpServlet.service(HttpServlet.java:722) org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:381) org.apache.struts.action.RequestProcessor.doForward(RequestProcessor.java:1056) org.apache.struts.action.RequestProcessor.processForwardConfig(RequestProcessor.java:388) org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:231) org.apache.struts.action.ActionServlet.process(ActionServlet.java:1164) org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:397) javax.servlet.http.HttpServlet.service(HttpServlet.java:621) javax.servlet.http.HttpServlet.service(HttpServlet.java:722) org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:381) I already added the file jstl-impl-1.2.jar to my lib path, which is C:\EclipseTomcat7Labs\webapps\VistaControlador\WEB-INF\lib. I confirmed that when Eclipse is deploying my app, it is deloying the JST JAR. I also put this declaration on top of my JSP file: %@ taglib prefix=c uri=http://java.sun.com/jsp/jstl/core; % So how can that class not be found? Thanks in advace, Brian - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.NoClassDefFoundError: javax/servlet/jsp/jstl/core/LoopTag
Hi Mark, Do I also need to deploy that file? On Thu, May 19, 2011 at 10:28 AM, Mark Thomas ma...@apache.org wrote: On 19/05/2011 16:26, Brian Braun wrote: I did. Isn't there a jstl-api-1.2.jar you need as well? Mark On Thu, May 19, 2011 at 10:24 AM, Yucca Nel yucca...@live.co.za wrote: Either that classis part of a lib that must be included in your WEB-INF/lib or in your $CATALINA_HOME/lib directory or it needs to be included in your zipped up web app(.war). -Original Message- From: Brian Braun Sent: Thursday, May 19, 2011 5:16 PM To: Tomcat Users List Subject: java.lang.NoClassDefFoundError: javax/servlet/jsp/jstl/core/LoopTag Hi, I feel like a rookie, But I will ask for help on this. I will swallow my pride. I'm using Eclipe (latest version) to develop, and Tomcat 7.0.X both in development and in production. I started using JSTL1.2 today. When I run my app, I get this response: javax.servlet.ServletException: java.lang.NoClassDefFoundError: javax/servlet/jsp/jstl/core/LoopTag org.apache.jasper.servlet.JspServlet.service(JspServlet.java:343) javax.servlet.http.HttpServlet.service(HttpServlet.java:722) org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:381) org.apache.struts.action.RequestProcessor.doForward(RequestProcessor.java:1056) org.apache.struts.action.RequestProcessor.processForwardConfig(RequestProcessor.java:388) org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:231) org.apache.struts.action.ActionServlet.process(ActionServlet.java:1164) org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:397) javax.servlet.http.HttpServlet.service(HttpServlet.java:621) javax.servlet.http.HttpServlet.service(HttpServlet.java:722) org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:381) I already added the file jstl-impl-1.2.jar to my lib path, which is C:\EclipseTomcat7Labs\webapps\VistaControlador\WEB-INF\lib. I confirmed that when Eclipse is deploying my app, it is deloying the JST JAR. I also put this declaration on top of my JSP file: %@ taglib prefix=c uri=http://java.sun.com/jsp/jstl/core; % So how can that class not be found? Thanks in advace, Brian - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.NoClassDefFoundError: javax/servlet/jsp/jstl/core/LoopTag
Thanks Mark, that was the problem! Now it runs. I'm starting to think that you know more about java than I do ;-) On Thu, May 19, 2011 at 10:33 AM, Mark Thomas ma...@apache.org wrote: On 19/05/2011 16:30, Brian Braun wrote: Hi Mark, Do I also need to deploy that file? Almost certainly since that is where I would expect to find the missing class. Mark On Thu, May 19, 2011 at 10:28 AM, Mark Thomas ma...@apache.org wrote: On 19/05/2011 16:26, Brian Braun wrote: I did. Isn't there a jstl-api-1.2.jar you need as well? Mark On Thu, May 19, 2011 at 10:24 AM, Yucca Nel yucca...@live.co.za wrote: Either that classis part of a lib that must be included in your WEB-INF/lib or in your $CATALINA_HOME/lib directory or it needs to be included in your zipped up web app(.war). -Original Message- From: Brian Braun Sent: Thursday, May 19, 2011 5:16 PM To: Tomcat Users List Subject: java.lang.NoClassDefFoundError: javax/servlet/jsp/jstl/core/LoopTag Hi, I feel like a rookie, But I will ask for help on this. I will swallow my pride. I'm using Eclipe (latest version) to develop, and Tomcat 7.0.X both in development and in production. I started using JSTL1.2 today. When I run my app, I get this response: javax.servlet.ServletException: java.lang.NoClassDefFoundError: javax/servlet/jsp/jstl/core/LoopTag org.apache.jasper.servlet.JspServlet.service(JspServlet.java:343) javax.servlet.http.HttpServlet.service(HttpServlet.java:722) org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:381) org.apache.struts.action.RequestProcessor.doForward(RequestProcessor.java:1056) org.apache.struts.action.RequestProcessor.processForwardConfig(RequestProcessor.java:388) org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:231) org.apache.struts.action.ActionServlet.process(ActionServlet.java:1164) org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:397) javax.servlet.http.HttpServlet.service(HttpServlet.java:621) javax.servlet.http.HttpServlet.service(HttpServlet.java:722) org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:381) I already added the file jstl-impl-1.2.jar to my lib path, which is C:\EclipseTomcat7Labs\webapps\VistaControlador\WEB-INF\lib. I confirmed that when Eclipse is deploying my app, it is deloying the JST JAR. I also put this declaration on top of my JSP file: %@ taglib prefix=c uri=http://java.sun.com/jsp/jstl/core; % So how can that class not be found? Thanks in advace, Brian - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.NoClassDefFoundError: javax/servlet/jsp/jstl/core/LoopTag
I think I just understood what was the problem: The file that was missing contains all the intarfaces and abstract classes that declare what needs to be implemented, and the other file (that comes from Apache) implements it. I just downloaded the second file in the beginning. On Thu, May 19, 2011 at 10:35 AM, Brian Braun brianbr...@gmail.com wrote: Thanks Mark, that was the problem! Now it runs. I'm starting to think that you know more about java than I do ;-) On Thu, May 19, 2011 at 10:33 AM, Mark Thomas ma...@apache.org wrote: On 19/05/2011 16:30, Brian Braun wrote: Hi Mark, Do I also need to deploy that file? Almost certainly since that is where I would expect to find the missing class. Mark On Thu, May 19, 2011 at 10:28 AM, Mark Thomas ma...@apache.org wrote: On 19/05/2011 16:26, Brian Braun wrote: I did. Isn't there a jstl-api-1.2.jar you need as well? Mark On Thu, May 19, 2011 at 10:24 AM, Yucca Nel yucca...@live.co.za wrote: Either that classis part of a lib that must be included in your WEB-INF/lib or in your $CATALINA_HOME/lib directory or it needs to be included in your zipped up web app(.war). -Original Message- From: Brian Braun Sent: Thursday, May 19, 2011 5:16 PM To: Tomcat Users List Subject: java.lang.NoClassDefFoundError: javax/servlet/jsp/jstl/core/LoopTag Hi, I feel like a rookie, But I will ask for help on this. I will swallow my pride. I'm using Eclipe (latest version) to develop, and Tomcat 7.0.X both in development and in production. I started using JSTL1.2 today. When I run my app, I get this response: javax.servlet.ServletException: java.lang.NoClassDefFoundError: javax/servlet/jsp/jstl/core/LoopTag org.apache.jasper.servlet.JspServlet.service(JspServlet.java:343) javax.servlet.http.HttpServlet.service(HttpServlet.java:722) org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:381) org.apache.struts.action.RequestProcessor.doForward(RequestProcessor.java:1056) org.apache.struts.action.RequestProcessor.processForwardConfig(RequestProcessor.java:388) org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:231) org.apache.struts.action.ActionServlet.process(ActionServlet.java:1164) org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:397) javax.servlet.http.HttpServlet.service(HttpServlet.java:621) javax.servlet.http.HttpServlet.service(HttpServlet.java:722) org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:381) I already added the file jstl-impl-1.2.jar to my lib path, which is C:\EclipseTomcat7Labs\webapps\VistaControlador\WEB-INF\lib. I confirmed that when Eclipse is deploying my app, it is deloying the JST JAR. I also put this declaration on top of my JSP file: %@ taglib prefix=c uri=http://java.sun.com/jsp/jstl/core; % So how can that class not be found? Thanks in advace, Brian - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: High Availability in Tomcat?
Hi Chris, The easiest way is to deploy files with the name X##Y.war, where X is the usual name you have been using (ROOT, for example) and Y is any string what should be alphabetically located after the previous ones you used. It is as easy as that. You can achieve it doing this, without making changes to the context.xml files, which maybe doesn't even exist in your case. . On Sat, May 14, 2011 at 7:40 AM, chris derham ch...@derham.me.uk wrote: Take a look at the Parallel Deployment feature in Tomcat 7 http://tomcat.apache.org/tomcat-7.0-doc/config/context.html Can someone explain how to do actually do this? I have read the docs at the link above, and think I understand that you have to manually craft a context.xml file for both v1 and v2 of the war files. However the documentation isn't that clear to me - perhaps we could add a step 1, step 2 guide of actually how to do it. Before anyone says well supply a patch, I am happy to - I just want to understand how to use the feature first Thanks Chris
Re: High Availability in Tomcat?
Hi Konstantin, I have just read the manual regarding the parallel deployment and tested it. IT IS A WONDERFUL FEATURE! And so easy to do! At last my site won't stop every time I redeploy! Thanks a lot for your advice, I wouldn't have noticed this new feature if you hadn't told me to check it. On Mon, May 9, 2011 at 7:13 AM, Konstantin Kolinko knst.koli...@gmail.comwrote: 2011/5/9 Brian Braun brianbr...@gmail.com: republishing the app will make it unavailable for at least 10 seconds while I do it. Take a look at the Parallel Deployment feature in Tomcat 7 http://tomcat.apache.org/tomcat-7.0-doc/config/context.html Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: High Availability in Tomcat?
Hi Chris, I agree with you. First, I will implement the parallel deployment, so my redeployments wont cause unavailability. Then, with a little bit of time and as soon as I have two separate Tomcats and a load balancer, I will forget about the parallel deployment because, as you said, the other solution is better and helps me with the redeployment as well. I do have leaks, but fortunately they happen just when I stop the app, but not when it is already running. I mean, it doesn't get worse with time. On Tue, May 10, 2011 at 1:25 PM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark, On 5/9/2011 9:53 AM, Mark Thomas wrote: On 09/05/2011 14:45, Brian Braun wrote: Hey, that is great! I had never noticed that new feature! But the documentation is so scarse, it hardly explains what is it about. But I think that will solve my redeployment issue :-) But I still need to think about hig availabilty when Tomcat itself crashes, or when I restart it. I guess I need clustering, but the documentation is so scarse and confussing.. The documentation is certainly brief and to the point. If you have specific questions, please ask them. It should also be consistent. If there are things that appear to be confusing tell us what they are. In Tomcat terminology, clustering == session replication. You can do load-balancing without Tomcat clustering. From what you have written, you need load-balancing but not clustering. +1 You don't need session replication, failover, etc... you just need a single request to (nearly) always hit a running server and return a valid response. Apache httpd + mod_jk (or mod_proxy_ajp or mod_proxy_http) + multiple Tomcats should do the trick. Feel free to layer parallel deployment on top of that, though with your requirements and an lb the parallel development doesn't really buy you anything. You should check to see if your webapp is leaky across webapp restarts (with Tomcat continuing to run) because you could bringing-down the JVM if your webapp does not undeploy cleanly /and/ it's got a memory leak. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3Jgv8ACgkQ9CaO5/Lv0PDfowCeP0R+7tuqM4DL2J1Jo9k+fyzl 3pQAnA2DNg9OsMt0bKeDikcNvs/lwzxj =5CIi -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Two Tomcat 7.0 in the same Windows server 2008 instance, both appearing as port 80 for the clients?
Hi, In Linux I have have more than one instance of Tomcat in the same Linux instance. It is as easy as installing each Tomcat with a different port (lets say, 8081 and 8082), and using IPTables NAT (and Tomcat host virtualization) to redirect some domains to some hosts inside a certain Tomcat, and some other domains in certain other virtual hosts inside other Tomcat. All the domains can use port 80 from the clients point of view, but inside are managed with different ports. Can I do the same in Windows Server 2008? If so, which tools do I use in Windows itself to do those NAT mappings? Thanks in advance, Brian
Re: High Availability in Tomcat?
Hi Leon, My budget is scarse, so I definitely should go for a soft balancer. And certainly I see now that a balancer is the way I need to go. My app will be an IP address geolocator, so my clients wont be humans with browsers, but systems with HTTP components. So is it not going to be sessions/cookies, each request will be considered as a new visitor. That said, my needs are easier because I dont need to think about sessions and cookies and how to preserve them. However, I have read another email with an altervative complementary idea: Parallel deployment. That would solve my problem with downtimes with redeployments! It seems to be something new in Tomcat 7. That would help me with the redeployment issue, while I still need a solution for availability with a balancer and two Tomcat instances. (Tomcat clustering?) Thanks On Mon, May 9, 2011 at 5:03 AM, Leon Rosenberg rosenberg.l...@gmail.comwrote: Hello, well, you provided not that many infos, but the usual way of doing this is to put multiple standalone tomcat instances behind a soft- or hardware loadbalancer (whatever your budget allows) and to make the app stateless, with cookie stickiness and failover. However, this will probably not make the site 100% available (which btw no site in the world is, not even google), since you will have at least node failure detection times (usually 3 retries with 10 seconds timeout) and so on. However, you can reach 99,9X pretty easy with this scenario. regards Leon On Mon, May 9, 2011 at 6:17 AM, Brian Braun brianbr...@gmail.com wrote: Hi, I'm about to launch a service on the internet, using Tomcat 7. This service should be available 24x7, it should never be unavailable (or virtually never). However, I will definitely be improving and correcting my app frequently, so I will have to republish the WAR file very often. Not even considering the fact that my app has leaking problems (that's another story) and therefore I will have to restart Tomcat itself, republishing the app will make it unavailable for at least 10 seconds while I do it. I'm thinking that I need to create a Tomcat Cluster. Is that the way to go? Any opinions? Another idea would be to have two tomcat installations, and to change the IP my domain points to, to the IP that goes to that other Tomcat instance. But changing the IP takes some time and I would have to wait until I think that the DNS servers have updates the new IP, that would be slow and unreliable. Thanks in advance, Brian - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: High Availability in Tomcat?
Hey, that is great! I had never noticed that new feature! But the documentation is so scarse, it hardly explains what is it about. But I think that will solve my redeployment issue :-) But I still need to think about hig availabilty when Tomcat itself crashes, or when I restart it. I guess I need clustering, but the documentation is so scarse and confussing.. On Mon, May 9, 2011 at 7:13 AM, Konstantin Kolinko knst.koli...@gmail.comwrote: 2011/5/9 Brian Braun brianbr...@gmail.com: republishing the app will make it unavailable for at least 10 seconds while I do it. Take a look at the Parallel Deployment feature in Tomcat 7 http://tomcat.apache.org/tomcat-7.0-doc/config/context.html Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: High Availability in Tomcat?
Hi Mark, Thanks a lot for your response. I will certaily start using the parallel deployment immediately, that seems to be easy and will solve the issue about deploying new WARs frequently. Then I will implement a load balancer, in order to have two separate Tomcat instances, that will solve more critical situations. On Mon, May 9, 2011 at 8:53 AM, Mark Thomas ma...@apache.org wrote: On 09/05/2011 14:45, Brian Braun wrote: Hey, that is great! I had never noticed that new feature! But the documentation is so scarse, it hardly explains what is it about. But I think that will solve my redeployment issue :-) But I still need to think about hig availabilty when Tomcat itself crashes, or when I restart it. I guess I need clustering, but the documentation is so scarse and confussing.. The documentation is certainly brief and to the point. If you have specific questions, please ask them. It should also be consistent. If there are things that appear to be confusing tell us what they are. In Tomcat terminology, clustering == session replication. You can do load-balancing without Tomcat clustering. From what you have written, you need load-balancing but not clustering. Mark On Mon, May 9, 2011 at 7:13 AM, Konstantin Kolinko knst.koli...@gmail.comwrote: 2011/5/9 Brian Braun brianbr...@gmail.com: republishing the app will make it unavailable for at least 10 seconds while I do it. Take a look at the Parallel Deployment feature in Tomcat 7 http://tomcat.apache.org/tomcat-7.0-doc/config/context.html Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
High Availability in Tomcat?
Hi, I'm about to launch a service on the internet, using Tomcat 7. This service should be available 24x7, it should never be unavailable (or virtually never). However, I will definitely be improving and correcting my app frequently, so I will have to republish the WAR file very often. Not even considering the fact that my app has leaking problems (that's another story) and therefore I will have to restart Tomcat itself, republishing the app will make it unavailable for at least 10 seconds while I do it. I'm thinking that I need to create a Tomcat Cluster. Is that the way to go? Any opinions? Another idea would be to have two tomcat installations, and to change the IP my domain points to, to the IP that goes to that other Tomcat instance. But changing the IP takes some time and I would have to wait until I think that the DNS servers have updates the new IP, that would be slow and unreliable. Thanks in advance, Brian
Re: To re-write URLs, is there a better solution than www.zlatkovic.com/httpredirectfilter.en.html ?
Thanks a lot! MAY GOD BLESS THE INTERNET. On Wed, Apr 20, 2011 at 7:53 PM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Brian Braun [mailto:brianbr...@gmail.com] Subject: To re-write URLs, is there a better solution than www.zlatkovic.com/httpredirectfilter.en.html ? I'm using this solution to apply URL rewrite in my app: www.zlatkovic.com/httpredirectfilter.en.html I'm wondering if there is a better solution, or if Tomcat 6.0.X has a native way to do that. The usual choice is this: http://www.tuckey.org/urlrewrite/ - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Two Tomcat 7.0.11 installations in the same Linux instance, running both on port 80, without conflicts?
Thanks, I will read that. On Mon, Apr 11, 2011 at 7:19 PM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Brian Braun [mailto:brianbr...@gmail.com] Subject: Re: Two Tomcat 7.0.11 installations in the same Linux instance, running both on port 80, without conflicts? Is it so easy? wow, I thought it was going to be more complex. Thanks! Forgot to mention that you can either install two copies of Tomcat (in separate directories, of course), or use the technique described in the RUNNING.txt file to run multiple Tomcats from one installation. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Two Tomcat 7.0.11 installations in the same Linux instance, running both on port 80, without conflicts?
Hi Chris, I'm improving my apps frecuently, so everytime I do it I need to upload a new WAR file. When that happens, I face the leaking problem that so far I haven't solved. For that reason, I'm restarting Tomcat. My new app should not be hosted in the same Tomcat instance for that reason. I will definitely think about redundancy soon, as soon as my new idea shows some profit and I'm able to spend some more, thanks for mentioning that! On Tue, Apr 12, 2011 at 10:57 AM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Brian, On 4/11/2011 6:52 PM, Brian Braun wrote: I have a new project, for a web service that must be running all the time. It should never be offline, and if it does, my clients will leave me, so I can not run this app in the same Tomcat installation. If you need 100% uptime, you'll need more than one server. If you have more than one server, don't restart all Tomcat instances at once. Instead, use clustering (which includes session fail-over) and re-start each Tomcat instance individually. That should ensure that no service interruption is ever encountered. In order to cluster, you'll need some kind of server out in front that can load balance and direct requests to one of several running Tomcat instances on the back-end. Don't forget to set up redundancy at that level, too. If you're going to run a lb, you can just do what we do and run each webapp in it's own JVM and Tomcat instance, and have the lb direct the traffic to the right place. The cluster isn't necessary in that scenario unless you truly need 100% uptime (which is impossible IMHO). The real question is why you have to restart Tomcat instead of just restarting the webapp itself. We separate ours for flexibility and isolation (one OOME doesn't bring-down all services, we can run different JVMs or Tomcat versions for each webapp, etc.). Why do you restart your entire JVM just to bounce your webapp? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk2kdoIACgkQ9CaO5/Lv0PCgdwCeMbJN8pVk6jr+5897Llat5UxF el0AoIAzWQoS+UyffBmvH2xPcarOA2Hy =RmPT -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Two Tomcat 7.0.11 installations in the same Linux instance, running both on port 80, without conflicts?
Hi, I have a Linux instance, on top of which I'm running Tomcat 7.0.11. This Tomcat installation is running two websites, using host virtualization. These websites run both using port 80 and the SSL port. For several reasons, I usually have to restart this Tomcat installation, which takes 30 seconds in the best case scenario. So every time I do that, all the apps are down while it happens. I have a new project, for a web service that must be running all the time. It should never be offline, and if it does, my clients will leave me, so I can not run this app in the same Tomcat installation. I'm considering a parallel Tomcat installation in the same Linux VPS, both running at the same time. I perfectly know that it can be done, but how do I do with the port conflict? How can both Tomcat installations run using the same port 80? Is there a way to configure Linux so Tomcat A will serve some domains AND IP addresses, and Tomcat B will server other domains AND IP addresses? Thanks in advance!
Re: Two Tomcat 7.0.11 installations in the same Linux instance, running both on port 80, without conflicts?
Is it so easy? wow, I thought it was going to be more complex. Thanks! On Mon, Apr 11, 2011 at 6:35 PM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Brian Braun [mailto:brianbr...@gmail.com] Subject: Two Tomcat 7.0.11 installations in the same Linux instance, running both on port 80, without conflicts? I'm considering a parallel Tomcat installation in the same Linux VPS, both running at the same time. I perfectly know that it can be done, but how do I do with the port conflict? Use different IP addresses for each Tomcat; specify the IP address chosen via the Connector address attribute. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Migrated from 6.0.29 to 7.0.10, Now I get INFO: TLD skipped. URI: http://struts.apache.org/tags-bean is already defined
I don't know yet which project are you talking about, but why haven't you decided to migrate to JSF 2.0 or Spring MVC, instead of staying with Struts? My needs are mostly to create apps faster, specially in the GUI. The forms, the validation, the old basic HTML... I spend too much time doing that, and I remember how fast was using a RAD as Powerbuilder. It must be a better way to program than Using the 2004 Struts version. So what I'm most interested in, is the presentation. I did my research on JSF and I think it is the substitution of Struts, I mean if you have to create start a new project from scratch, there is no point in choosing Struts if JSF already exists. I was just about to migrate, but then Spring appeared and I postponed the issue, not deciding which way to follow (JSF or Spring MVC). I would also get a lot of benefits from the other Spring modules, such as the transactions, the DBMS access, etc. I know I'm spending time reinventing the weel, creating my own objects while Spring has a lot of functionality ready to use. I would like to know what Mark Thomas thinks about this, being a person involved with Spring Source. On Mon, Mar 14, 2011 at 12:49 PM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Brian, On 3/12/2011 6:46 PM, Brian Braun wrote: Well, first of all, I'm using the 2004 Struts version. Why didn't I upgraded that over all these years? Because in the first years I thought I was going to migrate to JSF, and recetly I'm thinking that maybe I should go with Spring. For that reason, I didn't want to invest time upgrading to the most recent versions of Struts, and I got stuck on time. I usually adopt new version early (as I have done with Struts 7.0.11), but with Struts... that happened. I know the feeling. We are still using Struts 1.3... making the upgrade to 2.x is ... non-trivial. I Still haven't decided between JSF and Spring. I know they are not the same thing, that Spring brings more that a presentation and controller, but in the presentation area I don't know if I should go with JSF (which is the new standard, right?), or with Spring's MVC. But certainly I'm obsolete using 2004's Struts. I'm sure you will get a lot of opinions on all that. :) Struts 1.3 is still fine if it's meeting your needs. S2 is just s much better for so many things, it's painful not have have switched yet. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk1+VRIACgkQ9CaO5/Lv0PCQ8ACgt5slDYZzdslZeNM0d+kpW1XD O00AoLhYBzEqgJdk6pt1WIOCAI9k4d4N =al4T -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Migrated from 6.0.29 to 7.0.10, Now I get INFO: TLD skipped. URI: http://struts.apache.org/tags-bean is already defined
Hi Mark, You said: Yes. You need to refer to the taglibs in your JSPs using the URI rather than the file location. e.g. %@ taglib uri=http://struts.apache.org/tags-bean; prefix=bean% Does it mean that my code will not work if I'm not connected to the internet? Or that it will run lightly slower if my internet connection is slow? On Sun, Mar 13, 2011 at 4:53 AM, Mark Thomas ma...@apache.org wrote: On 13/03/2011 05:37, Brian Braun wrote: %@ taglib uri=*/WEB-INF/struts-bean.tld* prefix=*bean*% That page fails, because it is not being able to find the TLD file anymore. What should I do? I really want to get rid of the info messages. - Do I need to delete the TLDs from my WEB-INF directory? That makes my JSPs fail. Yes. - Do I need to modify the taglib directives, so they refer to the TLD files inside the JAR or something like that? Yes. You need to refer to the taglibs in your JSPs using the URI rather than the file location. e.g. %@ taglib uri=http://struts.apache.org/tags-bean; prefix=bean% - Do I need to delete the TLD files from the Struts JAR? That wouldn't sound OK to me, one should not modify a JAR that comes from a components such as Struts. No. - Should I tell Tomcat not to show those info messages somehow? No. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Migrated from 6.0.29 to 7.0.10, Now I get INFO: TLD skipped. URI: http://struts.apache.org/tags-bean is already defined
OK, I will find out what are the URIs of the TLDs. Thanks a lot On Sun, Mar 13, 2011 at 8:11 AM, Mark Thomas ma...@apache.org wrote: On 13/03/2011 12:09, Brian Braun wrote: Hi Mark, You said: Yes. You need to refer to the taglibs in your JSPs using the URI rather than the file location. e.g. %@ taglib uri=http://struts.apache.org/tags-bean; prefix=bean% Does it mean that my code will not work if I'm not connected to the internet? No. Or that it will run lightly slower if my internet connection is slow? No. That is a URI and it is not used as a URL. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Migrated from 6.0.29 to 7.0.10, Now I get INFO: TLD skipped. URI: http://struts.apache.org/tags-bean is already defined
Hi Konstantin, I really, really, really appreciate the information you have given to me in your response. Thanks a lot! On Sun, Mar 13, 2011 at 10:34 AM, Konstantin Kolinko knst.koli...@gmail.com wrote: 2011/3/13 Mark Thomas ma...@apache.org: On 13/03/2011 05:37, Brian Braun wrote: - Should I tell Tomcat not to show those info messages somehow? No. If you really want to silence the messages, without changing anything in your application, it is possible by adding the following line to conf/logging.properties: org.apache.catalina.startup.TaglibUriRule.level=WARNING 2011/3/13 Brian Braun brianbr...@gmail.com: OK, I will find out what are the URIs of the TLDs. Those are defined as uri.../uri inside the *.tld files. (The actual values were mentioned in the log message that you cited earlier). See also the JSP specification for the background on the issue. E.g. chapters JSP.7.3.2 and JSP.7.3.4 of jsp-2_2-mrel-spec.pdf http://wiki.apache.org/tomcat/Specifications Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Fastest way to upgrade from 7.0.10 to 7.0.11?
Hi Mark, Thanks a lot for your response. I did agree with Charles regarding the usually bad idea about just replacing JARs, but in this specific case (7.0.10 to 7.0.11) I suspected it could be done just replacing JARs. I will try it definitely. On Fri, Mar 11, 2011 at 12:40 PM, Mark Thomas ma...@apache.org wrote: On 11/03/2011 17:21, Caldarale, Charles R wrote: From: Brian Braun [mailto:brianbr...@gmail.com] Subject: Fastest way to upgrade from 7.0.10 to 7.0.11? I wouldn't like to uninstall the whole software and install 7.0.11 from scratch. I would like to stop it, replace some files (some JARs, I guess), and start it again. Wrong approach. Always install a new version of Tomcat in a separate directory, update the new server.xml with your site-specific information (do not blindly copy the old server.xml over), and copy your webapps over to the new appBase. If you keep your webapps outside of Tomcat's directory structure, then the last step is not necessary. The simplest way is to use a separate CATALINA_HOME and CATALINA_BASE. Upgrades take just a few minutes with that approach. In the specific case of 7.0.10 to 7.0.11 you should be able to just replace the JAR files. - Stop 7.0.10 - Replace all the JAR files (and the docs webapp) - Empty the work directory - Start Tomcat This only works because of the very few changes between 7.0.10 and 7.0.11. Normally, this approach would bring all sorts of problems. The caveat is that this is untested and you may end up with a non-functioning Tomcat instance. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Migrated from 6.0.29 to 7.0.10, Now I get INFO: TLD skipped. URI: http://struts.apache.org/tags-bean is already defined
Well, first of all, I'm using the 2004 Struts version. Why didn't I upgraded that over all these years? Because in the first years I thought I was going to migrate to JSF, and recetly I'm thinking that maybe I should go with Spring. For that reason, I didn't want to invest time upgrading to the most recent versions of Struts, and I got stuck on time. I usually adopt new version early (as I have done with Struts 7.0.11), but with Struts... that happened. I Still haven't decided between JSF and Spring. I know they are not the same thing, that Spring brings more that a presentation and controller, but in the presentation area I don't know if I should go with JSF (which is the new standard, right?), or with Spring's MVC. But certainly I'm obsolete using 2004's Struts. On Fri, Mar 11, 2011 at 5:39 PM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Brian, On 3/9/2011 3:42 PM, Brian Braun wrote: Actually, I had already unzipped my .war file and inspected every file inside, and arrived to that conclution: The only place where the TLD files are also present is the JARs that correspond to Struts (don't laugh, but I'm still using it) and other components. Why would anyone laugh that you are using Struts? I think it's a great framework, and it's still maintained by a dedicated group of people. Would you prefer something else? Or, does Struts just have a long enough history to make it un-cool? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk16pIsACgkQ9CaO5/Lv0PAbEQCgl3JHfnkXpx0h1TYaAalJkWty 0SwAnRvOjKTjagdLGMhN/IIz1P8XuXTT =NQKX -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Migrated from 6.0.29 to 7.0.10, Now I get INFO: TLD skipped. URI: http://struts.apache.org/tags-bean is already defined
Hi Mark, I have been thinking about this issue, and I have some thoughts and questions. My web.xml file doesn't mention the TLDs, but I have confirmed that the Struts JAR does contain them. That is the reduncancy. I tried removing the TLDs from my WEB-INF directory, and the the info message was not being show anymore, which is nice and was my goal. However, my app fails as soon as one of the pages with a %@ taglib directive refers to the deleted TLD file, for example one of my pages does this: %@ taglib uri=*/WEB-INF/struts-bean.tld* prefix=*bean*% That page fails, because it is not being able to find the TLD file anymore. What should I do? I really want to get rid of the info messages. - Do I need to delete the TLDs from my WEB-INF directory? That makes my JSPs fail. - Do I need to modify the taglib directives, so they refer to the TLD files inside the JAR or something like that? - Do I need to delete the TLD files from the Struts JAR? That wouldn't sound OK to me, one should not modify a JAR that comes from a components such as Struts. - Should I tell Tomcat not to show those info messages somehow? TIA, Brian On Wed, Mar 9, 2011 at 1:16 PM, Mark Thomas ma...@apache.org wrote: On 09/03/2011 18:12, Brian Braun wrote: Hi, I just migrated from Tomcat 6.0.29 to 7.0.10. I have solved several problems regarding the migration, but I don't know what these mean: INFO: Deploying web application archive ROOT.war Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://struts.apache.org/tags-bean is already defined Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://struts.apache.org/tags-html is already defined Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://struts.apache.org/tags-logic is already defined Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://struts.apache.org/tags-nested is already defined Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://struts.apache.org/tags-tiles is already defined Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://displaytag.sf.net is already defined Something tells me that Tomcat now expects my web.xml file to comply with the new Servlet/JSP specifications, or a new version of the web.xml format. I haven't changed my web.xml file at all, yet. I would like to get rid of these warnings. Anybody knows what is this about? They are INFO messages so do not indicate an error condition. It looks like you have multiple TLD definitions for a given URI (web.xml and TLD embedded in a JAR?). Removing the duplicates should fix it. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Fastest way to upgrade from 7.0.10 to 7.0.11?
Hi, I had just spent the whole day upgrading from Tomcat 6.0.X to 7.0.10 and finished doing it, when I received the news about a vulnerability not solved in that version, and the need to release vr.7.0.11. I wouldn't like to uninstall the whole software and install 7.0.11 from scratch. I would like to stop it, replace some files (some JARs, I guess), and start it again. I guess there are no differences in the way my configuration files must be written, from 7.0.10 to 7.0.11. Which files exactly do I need to replace in place? Some of the JARs I guess, but which ones? What about the batch files that start and stop Tomcat? Do I need to update any of them? I'm using Linux (CentOS), by the way. TIA, Brian
Migrated from 6.0.29 to 7.0.10, Now I get INFO: TLD skipped. URI: http://struts.apache.org/tags-bean is already defined
Hi, I just migrated from Tomcat 6.0.29 to 7.0.10. I have solved several problems regarding the migration, but I don't know what these mean: INFO: Deploying web application archive ROOT.war Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://struts.apache.org/tags-bean is already defined Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://struts.apache.org/tags-html is already defined Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://struts.apache.org/tags-logic is already defined Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://struts.apache.org/tags-nested is already defined Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://struts.apache.org/tags-tiles is already defined Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://displaytag.sf.net is already defined Something tells me that Tomcat now expects my web.xml file to comply with the new Servlet/JSP specifications, or a new version of the web.xml format. I haven't changed my web.xml file at all, yet. I would like to get rid of these warnings. Anybody knows what is this about? Brian
Re: Migrated from 6.0.29 to 7.0.10, Now I get INFO: TLD skipped. URI: http://struts.apache.org/tags-bean is already defined
Hi Mark, Now that I check my web.xml file, I realized that these TLD files are not even mentioned there! I think I remember they used to be mentioned there, but I upgraded my web.xml file to a newer format and then I got rid of those references. But I'm getting the INFOs in my log yet, since I migrated to Tomcat 7.0.10 from 6.0.X. So where is the redundancy? On Wed, Mar 9, 2011 at 1:16 PM, Mark Thomas ma...@apache.org wrote: On 09/03/2011 18:12, Brian Braun wrote: Hi, I just migrated from Tomcat 6.0.29 to 7.0.10. I have solved several problems regarding the migration, but I don't know what these mean: INFO: Deploying web application archive ROOT.war Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://struts.apache.org/tags-bean is already defined Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://struts.apache.org/tags-html is already defined Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://struts.apache.org/tags-logic is already defined Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://struts.apache.org/tags-nested is already defined Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://struts.apache.org/tags-tiles is already defined Mar 9, 2011 9:28:12 AM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://displaytag.sf.net is already defined Something tells me that Tomcat now expects my web.xml file to comply with the new Servlet/JSP specifications, or a new version of the web.xml format. I haven't changed my web.xml file at all, yet. I would like to get rid of these warnings. Anybody knows what is this about? They are INFO messages so do not indicate an error condition. It looks like you have multiple TLD definitions for a given URI (web.xml and TLD embedded in a JAR?). Removing the duplicates should fix it. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Migrated from 6.0.29 to 7.0.10, Now I get INFO: TLD skipped. URI: http://struts.apache.org/tags-bean is already defined
Hi chris, Actually, I had already unzipped my .war file and inspected every file inside, and arrived to that conclution: The only place where the TLD files are also present is the JARs that correspond to Struts (don't laugh, but I'm still using it) and other components. I guess Tomcat 7 is smarter than ever, and TLD being present in the WARs is enough, so I dont need to keep it in my project and exported in my .war file. Is that right? On Wed, Mar 9, 2011 at 3:28 PM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Brian, On 3/9/2011 1:42 PM, Brian Braun wrote: Now that I check my web.xml file, I realized that these TLD files are not even mentioned there! I think I remember they used to be mentioned there, but I upgraded my web.xml file to a newer format and then I got rid of those references. But I'm getting the INFOs in my log yet, since I migrated to Tomcat 7.0.10 from 6.0.X. So where is the redundancy? Try checking the struts-*.jar files for .tld files. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk134wUACgkQ9CaO5/Lv0PAvJACggBUm7EhZQWNFEZf610fZzzvV 4bUAoI/9wxMUQRenqGVn8fIDzdtLQJ0j =/C/X -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Migrated from 6.0.29 to 7.0.10, Now I get INFO: TLD skipped. URI: http://struts.apache.org/tags-bean is already defined
That's nice! I that something new in Tomcat 7, or is it already present in 6.0.29? On Wed, Mar 9, 2011 at 3:45 PM, Mark Thomas ma...@apache.org wrote: On 09/03/2011 20:42, Brian Braun wrote: Hi chris, Actually, I had already unzipped my .war file and inspected every file inside, and arrived to that conclution: The only place where the TLD files are also present is the JARs that correspond to Struts (don't laugh, but I'm still using it) and other components. I guess Tomcat 7 is smarter than ever, and TLD being present in the WARs is enough, so I dont need to keep it in my project and exported in my .war file. Is that right? Tomcat will find the TLDs in the struts JAR files. No need to put extra copies directly in the WAR. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Guide of Tomcat 7 improvements?
Hi, Is there an good article somewhere about all the improvements in Tomcat 7? I know about the migration guide (http://tomcat.apache.org/migration.html), the change log and the documentation pages. But I'm looking for some kind of article that explains all the improvements. Something that explains the most important things, like the serlet 3.0 support, the leak management, the improvements in security, etc. I just migrated, and would like to know what new capabilities does Tomcat 7 have, in order to take advantage of them. TIA, Brian
Re: Migrated from 6.0.29 to 7.0.10, Now I get INFO: TLD skipped. URI: http://struts.apache.org/tags-bean is already defined
OK, thanks for the responses! On Wed, Mar 9, 2011 at 3:51 PM, Mark Thomas ma...@apache.org wrote: On 09/03/2011 20:49, Brian Braun wrote: That's nice! I that something new in Tomcat 7, or is it already present in 6.0.29? It should be in 6 although you probably won't get the warnings. The TLD scanning was completely re-worked for 7. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Guide of Tomcat 7 improvements?
I new I was going to get a great responde form YOU. That is what I was looking for, a nice guide. Thanks! On Wed, Mar 9, 2011 at 4:07 PM, Mark Thomas ma...@apache.org wrote: On 09/03/2011 20:56, Brian Braun wrote: Hi, Is there an good article somewhere about all the improvements in Tomcat 7? I know about the migration guide (http://tomcat.apache.org/migration.html ), the change log and the documentation pages. But I'm looking for some kind of article that explains all the improvements. Something that explains the most important things, like the serlet 3.0 support, the leak management, the improvements in security, etc. I just migrated, and would like to know what new capabilities does Tomcat 7 have, in order to take advantage of them. http://people.apache.org/~markt/presentations/2010-10-11-Tomcat7.pdf It is a little dated. There are other presentations in that dir you may find useful too. HTH, Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Place .ini conf file inside the war package.
http://commons.apache.org/configuration/ ? On Sat, Dec 4, 2010 at 6:58 AM, srd.pl srolek2...@yahoo.com wrote: Hello, I have a quick question considering my rest webservice. I would like to place an .ini file with configuration parameters inside an war file, so that I can change them wile the app is deployed on tomcat without recompiling. Can any give an advice on how to do this? And how to open this file (what path) in my java code. I am using maven so an advice on how to write a special script in the pom.xml file would be great. -- View this message in context: http://old.nabble.com/Place-.ini-conf-file-inside-the-war-package.-tp30366628p30366628.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org