RE: JNI error under tomcat: java.lang.UnsatisfiedLinkError
do you get this error upon first deployment or re-deploy? do you restart tomcat after you redeploy your jni app? From: users-return-214329-racarlson=mediacomcc@tomcat.apache.org [users-return-214329-racarlson=mediacomcc@tomcat.apache.org] On Behalf Of Shay Rojansky [r...@roji.org] Sent: Saturday, July 03, 2010 12:40 AM To: Tomcat Users List Subject: Re: JNI error under tomcat: java.lang.UnsatisfiedLinkError Hi Dennis. So do you see the Load library successful message? Also, if I remember correctly, the code in eval.java is not a safe way to load a native library. It's a very good idea to place the System.loadLibrary in a static { } block, instead of in a method. The way your class is written, it's possible for the run method to be executed more than once, in which case loadLibrary will be called more than once (and so will the native initModels). Not sure what the effects are and if it's related to your problem but it's a good idea to avoid trouble by fixing it. Shay On Fri, Jul 2, 2010 at 3:46 AM, dennis ch dennis.ch2...@gmail.com wrote: Hi, I have a java class (eval.java) that invokes a native method in an so file (libmodel.so, using SWIG 1.3.29 to generate JNI code/wrapper and compiled the library). I can use System.loadLibrary() to load the libmodel.so without any error (-Djava.library.path=/usr/lib), and the native method initModel() works fine as a standalone application. However, when I deploy it as a web service (tomcat 6.0.26 + axis2 1.5.1 + eclipse jee helios) to call the native method, I got the following error (the first line means the .so was successfully loaded): Load library successfully [ERROR] com.model.modelJNI.initModel()V java.lang.reflect.InvocationTargetException at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:194) at org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:102) at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40) at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:114) at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:173) at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167) at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142) at javax.servlet.http.HttpServlet.service(HttpServlet.java:637) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:852) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Thread.java:619) Caused by: java.lang.UnsatisfiedLinkError: com.model.modelJNI.initModel()V at com.model.modelJNI.initModel(Native Method) at com.model.model.initModel(model.java:13) at com.webservice.run(EvalVita.java:763) ... 25 more Below is the body of Eval.java: import com.model.*; public class Eval { static void loadModel() { try { System.loadLibrary(model); System.out.println(Load library successfully); } catch (UnsatisfiedLinkError e) { System.err.println(Native code library failed to load. + e); } } public void run() { loadModel(); model.initModel(); } } Do I miss anything here? Any input is appreciated! Dennis - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat 5.5 creates 0 byte files
you can also try the oreilly file upload api, I have used it in many projects without issue http://www.servlets.com/cos/ (download) http://java.itags.org/java-essentials/11012/ (an example) From: users-return-214291-racarlson=mediacomcc@tomcat.apache.org [users-return-214291-racarlson=mediacomcc@tomcat.apache.org] On Behalf Of Murat Birben [muratbir...@gmail.com] Sent: Friday, July 02, 2010 6:01 AM To: Tomcat Users List; p...@pidster.com Subject: Re: Tomcat 5.5 creates 0 byte files Yes 0 byte files are causing the disk to run out of space @Andre Warnier I'm not actually saving files on the server. I just tried to simplify my problem and tried that simple code. Now i'll give a try to apache fileupload api, thanks for advice On Fri, Jul 2, 2010 at 11:52 AM, Pid p...@pidster.com wrote: On 02/07/2010 09:43, Murat Birben wrote: Hi all, I have a very simple file upload mechanism in java. I just take the file and save it on the server. I'm testing this simple code with selenium and *when a timeout occurs in the selenium test *tomcat creates 0 byte files under tomcat_home/work/Catalina/localhost/uploadServlet/ directory as MultiPart* files. It creates thousands of files, until there is no disk space left on device. What may cause this problem? How can I solve this? Is there anyone has an idea about this? Thousands of 0 byte files are causing the disk to run out of space? p My environment is: Ubuntu - 8.04 server, apache tomcat - 5.5.29, sun java 1.6 Thanks, Here is the code snippet that i use File fFile = null; FileOutputStream fileOutputStream = null; FileInputStream fileInputStream = null; try { String strFileName = request.getParameter(FileName); String strPath = request.getParameter(Path); //String strMediaType = request.getParameter(MediaType); //String strDescription = request.getParameter(Description); fFile = (File) request.getAttribute(Content); int index = strPath.length() - 1; //If the user forgets to put the last / for the path... We put it for him/her if (strPath.charAt(index) != '/') { strPath += /; } if (!new File(strPath).exists()) { new File(strPath).mkdirs(); } File file = new File(strPath + strFileName); fileOutputStream = new FileOutputStream(file); fileInputStream = new FileInputStream(fFile); byte[] bBuf = new byte[1024]; int iBufLen = 0; int iReadLen = 1024; int iTotelLen = 0; /*read 1024 bytes at a time*/ while ((iBufLen = fileInputStream.read(bBuf)) != -1) { fileOutputStream.write(bBuf); fileOutputStream.flush(); iTotelLen += iBufLen; if (fileInputStream.available() iReadLen) { iReadLen = fileInputStream.available(); break; } } byte[] tempbBuf = new byte[iReadLen]; fileInputStream.read(tempbBuf, 0, iReadLen); fileOutputStream.write(tempbBuf); } catch (IOException ex) { ex.printStackTrace(); } finally { fileOutputStream.close(); fileInputStream.close(); if (fFile.exists()) { fFile.delete(); } } -- Murat BIRBEN - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: need help setting up tomcat with ssl client authentication
I changed server.xml to: Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=true keystoreFile=/server.ks keystorePass=MC126801$ keystoreType=JKS keyAlias=tomcat truststoreFile=/server.ks truststorePass=MC126801$ truststoreType=JKS sslProtocol=TLS / and now it works with all clients, firefox, openssl s_client, and php client thanks for you all your help, its much appreciated :) From: users-return-214184-racarlson=mediacomcc@tomcat.apache.org [users-return-214184-racarlson=mediacomcc@tomcat.apache.org] On Behalf Of Christopher Schultz [ch...@christopherschultz.net] Sent: Wednesday, June 30, 2010 9:40 PM To: Tomcat Users List Subject: Re: need help setting up tomcat with ssl client authentication -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ralph, On 6/30/2010 5:07 PM, Ralph Carlson wrote: (d) have client Authorization on - with it off tomcat ssl works just fine, when its turned on I get this error so far I have been following the steps listed in this tomcat user group message http://marc.info/?l=tomcat-userm=106293430225790w=2 Try something a bit more recent than 2003. I was able to get client certs working with my own CA, and I was manually checking the client cert instead of having Tomcat do it. However, if your code can do it, so can Tomcat. Try reading-through this thread: http://markmail.org/message/kzxsamuiu6bldjmv Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=true keystoreFile=/server.ks keystorePass=[...] sslProtocol=TLS / I think you also need a truststoreFile and friends. Try re-reading the Connector documentation at http://tomcat.apache.org/tomcat-6.0-doc/config/http.html specifically looking for client cert. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwr8f0ACgkQ9CaO5/Lv0PDFxQCcDrMdAJbl0adm44Dgnyd6fWqV aPEAnjPNCOXwmU847G/7IvZuBU9hnK2A =mNS+ -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
need help setting up tomcat with ssl client authentication
tomcat version 6.0.20 os: windows xp sp3 professional edition sun java jdk 1.5.11 I am trying to do the following (a) create a certificate authority and self sign server and client certificates using openssl and keytool (b) import the keytool keystore into tomcat (c) verify the certificate chaing using openssl verify (which does work and returns ok for all 3 certificates) (d) have client Authorization on - with it off tomcat ssl works just fine, when its turned on I get this error so far I have been following the steps listed in this tomcat user group message http://marc.info/?l=tomcat-userm=106293430225790w=2 but get this message from openssl s_client -cert c:\ssl\client\client.pem -CAfile c:\ssl\ca\ca.pem -connect localhost:443 3772:error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown:.\ssl\s3_pkt.c:1061:SSL alert number 46 3772:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:.\ssl\s23_lib.c:188: and these messages from firefox (after importing the certificate) initially 'sslv3 alert certificate unknown' , then just 'SSL peer was not expecting a handshake message it received' after a few tries does anyone know how to do this or has anyone done this before, thanks for you help in advance - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: need help setting up tomcat with ssl client authentication
the tomcats logs have no errors in them, they end after start up (I haven't installed any apps yet, just trying to get to the tomcat manager with ssl) Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=true keystoreFile=/server.ks keystorePass=MC126801$ sslProtocol=TLS / I configured the tomcat keystore as follows (openssl commands included): [1] create folders c:\ssl\ca, c:\ssl\server and c:\ssl\client and ca.srl with 02 [2] openssl req -new -newkey rsa:1024 -nodes -out c:\ssl\ca\ca.csr -keyout c:\ssl\ca\ca.key -config C:\ssl\openssl.cnf country=US state=newyork city=fishkill organization_name=myca organization_unit=myca common_name=myca email=racarl...@medaicomcc.com [3] openssl x509 -trustout -signkey c:\ssl\ca\ca.key -days 365 -req -in c:\ssl\ca\ca.csr -out c:\ssl\ca\ca.pem [4] keytool -import -keystore %JAVA_HOME%/jre/lib/security/cacerts -file C:\ssl\ca\ca.pem -alias my_ca **[5] keytool -genkey -alias tomcat -keyalg RSA -keysize 1024 -keystore C:\ssl\server\server.ks -storetype JKS What is your first and last name? myserver.localhost.com What is the name of your organizational unit? mycompany What is the name of your organization? mycompany What is the name of your City or Locality? fishkill What is the name of your State or Province? newyork What is the two-letter country code for this unit? US **[6] keytool -certreq -keyalg RSA -alias tomcat -file C:\ssl\server\server.csr -keystore C:\ssl\server\server.ks [7] amend the text which reads NEW CERTIFICATE REQUEST to CERTIFICATE REQUEST [8] openssl x509 -CA C:\ssl\ca\ca.pem -CAkey C:\ssl\ca\ca.key -CAserial C:\ssl\ca\ca.srl -req -in C:\ssl\server\server.csr -out C:\ssl\server\server.crt -days 365 **[9] keytool -import -alias tomcat -keystore C:\ssl\server\server.ks -trustcacerts -file C:\ssl\server\server.crt **[10] keytool -import -alias my_ca -keystore C:\ssl\server\server.ks -trustcacerts -file C:\ssl\ca\ca.pem [11] openssl req -new -newkey rsa:512 -nodes -out C:\ssl\client\client1.req -keyout C:\ssl\client\client1.key Country Name ? US State or Province Name ? newyork Locality Name (eg, city) ? fishkill Organization Name ? mycompany Organizational Unit Name ? mycompany Common Name (eg, YOUR name) ? localhost -- this value is in tomcat-users.xml Email Address ? racarl...@mediacomcc.com [12] openssl x509 -CA C:\ssl\ca\ca.pem -CAkey C:\ssl\ca\ca.key -CAserial C:\ssl\ca\ca.srl -req -in C:\ssl\client\client1.req -out C:\ssl\client\client1.pem -days 365 [13] openssl pkcs12 -export -clcerts -in C:\ssl\client\client1.pem -inkey C:\ssl\client\client1.key -out C:\ssl\client\client1.p12 -name my_client_certificate I also tried importing the client.pem and apache.pem from below into the keystore (not change in error) openssl pkcs12 -in c:\ssl\client\client1.p12 -out c:\ssl\client\apache.pem -nodes -passin pass:MC126801$ From: users-return-214164-racarlson=mediacomcc@tomcat.apache.org [users-return-214164-racarlson=mediacomcc@tomcat.apache.org] On Behalf Of Pid [...@pidster.com] Sent: Wednesday, June 30, 2010 5:25 PM To: Tomcat Users List Subject: Re: need help setting up tomcat with ssl client authentication On 30/06/2010 22:07, Ralph Carlson wrote: tomcat version 6.0.20 os: windows xp sp3 professional edition sun java jdk 1.5.11 I am trying to do the following (a) create a certificate authority and self sign server and client certificates using openssl and keytool (b) import the keytool keystore into tomcat (c) verify the certificate chaing using openssl verify (which does work and returns ok for all 3 certificates) (d) have client Authorization on - with it off tomcat ssl works just fine, when its turned on I get this error Which error? What is in the Tomcat logs when the problem occurs? so far I have been following the steps listed in this tomcat user group message http://marc.info/?l=tomcat-userm=106293430225790w=2 How did you configure Tomcat to use the certificates in (b)? What is your Tomcat Connector config in server.xml? p but get this message from openssl s_client -cert c:\ssl\client\client.pem -CAfile c:\ssl\ca\ca.pem -connect localhost:443 3772:error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown:.\ssl\s3_pkt.c:1061:SSL alert number 46 3772:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:.\ssl\s23_lib.c:188: and these messages from firefox (after importing the certificate) initially 'sslv3 alert certificate unknown' , then just 'SSL peer was not expecting a handshake message it received' after a few tries does anyone know how to do this or has anyone done this before, thanks for you help in advance
RE: need help setting up tomcat with ssl client authentication
I am starting and stopping tomcat using startup.bat and shutdown.bat from the command line I am not using the apr I copied /server.ks into c:\tomcat folder in an attempt to get it working if I change it to a fake name it throws an error so I think its reading it the console looks like: Jun 30, 2010 7:46:25 PM org.apache.catalina.core.AprLifecycleListener init INFO: The APR based Apache Tomcat Native library which allows optimal performanc e in production environments was not found on the java.library.path: C:\Program Files\Java\jdk1.5.0_17\bin;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32; C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Co re-Static;C:\Program Files\Common Files\GTK\2.0\bin;C:\Program Files\Java\jdk1.5 .0_17\bin;C:\openssl\bin; Jun 30, 2010 7:46:25 PM org.apache.coyote.http11.Http11Protocol init INFO: Initializing Coyote HTTP/1.1 on http-8080 Jun 30, 2010 7:46:27 PM org.apache.coyote.http11.Http11Protocol init INFO: Initializing Coyote HTTP/1.1 on http-443 Jun 30, 2010 7:46:27 PM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 2248 ms Jun 30, 2010 7:46:27 PM org.apache.catalina.core.StandardService start INFO: Starting service Catalina Jun 30, 2010 7:46:27 PM org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/6.0.20 Jun 30, 2010 7:46:28 PM org.apache.coyote.http11.Http11Protocol start INFO: Starting Coyote HTTP/1.1 on http-8080 Jun 30, 2010 7:46:28 PM org.apache.coyote.http11.Http11Protocol start INFO: Starting Coyote HTTP/1.1 on http-443 Jun 30, 2010 7:46:28 PM org.apache.jk.common.ChannelSocket init INFO: JK: ajp13 listening on /0.0.0.0:8009 Jun 30, 2010 7:46:28 PM org.apache.jk.server.JkMain start INFO: Jk running ID=0 time=0/15 config=null Jun 30, 2010 7:46:28 PM org.apache.catalina.startup.Catalina start INFO: Server startup in 1274 ms From: users-return-214173-racarlson=mediacomcc@tomcat.apache.org [users-return-214173-racarlson=mediacomcc@tomcat.apache.org] On Behalf Of Pid [...@pidster.com] Sent: Wednesday, June 30, 2010 7:19 PM To: Tomcat Users List Subject: Re: need help setting up tomcat with ssl client authentication On 30/06/2010 23:45, Ralph Carlson wrote: the tomcats logs have no errors in them, they end after start up (I haven't installed any apps yet, just trying to get to the tomcat manager with ssl) Are you using APR? This path: keystoreFile=/server.ks doesn't appear to match this path: C:\ssl\server\server.ks Are there any errors in the logs, or displayed on the console, when Tomcat starts up? (How are you starting the server, as a service, or using startup.bat?) p - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: using Servlet Filter to rewrite domain of JSESSIONID cookie?
can you extend org.apache.catalina.connector.Response adding the HttpResponse object and its getter/setter and call that before valve.invoke() also depending on what you are putting in your cookie and if the users are logging on or not (you could also use ipaddress but that is flaky is they are using proxies) I usually just put the custom user settings in a database now as most virus scanner and malware scanner keep removing my users cookies anyway From: users-return-214168-racarlson=mediacomcc@tomcat.apache.org [users-return-214168-racarlson=mediacomcc@tomcat.apache.org] On Behalf Of Nikita Tovstoles [nikita.tovsto...@gmail.com] Sent: Wednesday, June 30, 2010 6:20 PM To: Tomcat Users List Subject: using Servlet Filter to rewrite domain of JSESSIONID cookie? I'd like to make session cookie domain-wide, and ignore subdomains - in Tomcat 6. So for app reachable via my.site.com and www.site.com, I'd like to have session cookie's domain be .site.com. I thought of doing so using a ServletResponseWrapper and a servlet Filter: @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { if (!(response instanceof SessionCookieDomainSettingServletResponseWrapper)) { response = new SessionCookieDomainSettingServletResponseWrapper((HttpServletResponse) response); } chain.doFilter(request, response); } and in wrapper: @Override public void addCookie(Cookie cookie) { if (cookie != null SESSION_COOKIE_NAME.equals(cookie.getName())) { // update domain name to just the domain stripSubDomain(cookie); } super.addCookie(cookie); } However, JSESSIONID continues to be set to FQ host name (my.site.com). Is it because Tomcat internals do not use HttpServletResponse.addCookie() to set JSESSIONID or is that cookie set before filter chain gets executed? If so, sounds like Filter is (sadly) not applicable for this case, and I have to create a custom Valve? Any tips on how to wrap org.apache.catalina.connector.Response - valve.invoke() does not take HttpServletResponse... thanks -nikita - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org