Re: [OT] Re: problems at thejarbar.org
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yucca Nel, On 6/11/2010 4:53 AM, yucca...@live.co.za wrote: Hello tomcats !! :) A quick question as I tackle configuring jndi resource for first time: I was referred to using jndi in production environmrnt snd hsve noted through documentation found in test server that there are 3 possible places to define jndi resources: 1)the server .xml(for every webapp in server if I am correct. Yes, you can define site-wide JNDI resources, here, but I'd recommend against it. 2)context.xml I think this is the best place to put JNDI resource definitions. 3)web.xml You can't actually define JNDI resources, here: only map global (server.xml) ones to the webapp. As I am planning on only using this resource for multiple webapps in same domain, am I right in asuming server.xml is correct choice to define jndi resource? Perhaps. if you want to share database pools, then do it at the server.xml level. If you want each webapp to have it's own pool, you might consider separating them (even if the details are the same). In addition I am to define jndi used in server.xml again in web.xml? My experience is that you do not need to map them in web.xml, though the servlet spec seems to indicate that doing so is appropriate. I now need to know how / where to configure parameters for mysql connections or are the defaults acceptable for production? You can find connection pool settings here: http://commons.apache.org/dbcp/configuration.html You can find documentation for configuring Connector/J in the MySQL documentation that matches your version number. Good luck, - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwfZQ4ACgkQ9CaO5/Lv0PD5YQCeO0ARUBBH/d6pQi7ESc8oTIXk dAgAn24ON3N3iU/VErSFk3/YpAiORS0v =yBQf -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Re: problems at thejarbar.org
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yucca Nel, On 6/11/2010 4:53 AM, yucca...@live.co.za wrote: Hello tomcats !! :) A quick question as I tackle configuring jndi resource for first time: I was referred to using jndi in production environmrnt snd hsve noted through documentation found in test server that there are 3 possible places to define jndi resources: 1)the server .xml(for every webapp in server if I am correct. Yes, you can define site-wide JNDI resources, here, but I'd recommend against it. 2)context.xml I think this is the best place to put JNDI resource definitions. 3)web.xml You can't actually define JNDI resources, here: only map global (server.xml) ones to the webapp. As I am planning on only using this resource for multiple webapps in same domain, am I right in asuming server.xml is correct choice to define jndi resource? Perhaps. if you want to share database pools, then do it at the server.xml level. If you want each webapp to have it's own pool, you might consider separating them (even if the details are the same). In addition I am to define jndi used in server.xml again in web.xml? My experience is that you do not need to map them in web.xml, though the servlet spec seems to indicate that doing so is appropriate. I now need to know how / where to configure parameters for mysql connections or are the defaults acceptable for production? You can find connection pool settings here: http://commons.apache.org/dbcp/configuration.html You can find documentation for configuring Connector/J in the MySQL documentation that matches your version number. Good luck, - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwSo6AACgkQ9CaO5/Lv0PDuvQCcCgg07IDlP/LvRAUGq2UsIlIp zrkAoJHGUDedkqybZdcTuSNSnyLw22yC =8Ghi -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Re: problems at thejarbar.org
Hello tomcats !! :) A quick question as I tackle configuring jndi resource for first time: I was referred to using jndi in production environmrnt snd hsve noted through documentation found in test server that there are 3 possible places to define jndi resources: 1)the server .xml(for every webapp in server if I am correct. 2)context.xml 3)web.xml As I am planning on only using this resource for multiple webapps in same domain, am I right in asuming server.xml is correct choice to define jndi resource? In addition I am to define jndi used in server.xml again in web.xml? I now need to know how / where to configure parameters for mysql connections or are the defaults acceptable for production? -- From: yucca...@live.co.za Sent: Thursday, June 03, 2010 12:41 AM To: Tomcat Users List users@tomcat.apache.org Subject: Re: [OT] Re: problems at thejarbar.org Ok I appreciatethis big help. I am expecting a small amount of users though so does that mean that a datasource realm may be overkill? I am not implying that this is what was being said earlier, just trying to learn more. I have noticed though that forum posters seem to assume a lot at times, an example was that I need to learn maven which itself was a good headsup although I am familiar with it already. The sad thing is that with sun/oracle transition maven documentation is rotten and many of the plugins need a revamp, especially ones for full stack jee severs I learnt a little start of this year and everything was too fresh (jboss 6 not even released yet or is it?) or was very outdated for me as I started Java when JSE 6 was released so have little interest in knowing how to use maven in legacy systems unless I get employment in enterprise(hopefuly soon), Java is in a mess st the moment with no news on JSE7 and very little info from Oracle. I took it as a blessing in disguise an started getting to know JSF and hibernate and other stuff. PS can anyone confirm that there is firefox bug when selecting a different locale for i8n testing? I am able only to change locale few times. -- From: Christopher Schultz ch...@christopherschultz.net Sent: Wednesday, June 02, 2010 6:25 AM To: Tomcat Users List users@tomcat.apache.org Subject: Re: [OT] Re: problems at thejarbar.org -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yucca Nel, On 6/2/2010 8:27 PM, yucca...@live.co.za wrote: There was a question as to why I am using a realm and application based realm and I have no idea howcome people think I am not using only tomcat realm? It's not that we think you're using a non-Tomcat Realm: it's that we think you're using the /wrong/ Tomcat Realm. See... JDBCRealm uses its own set of credentials to connect to the database and uses a single Connection object, requiring lots of synchronization to protect that shared resource. Basically, it's not appropriate for production because of those two facts. Instead, we're suggesting that you set up a DataSource and then use a DataSourceRealm which will use a connection-per-authentication-attempt and is much more high-performance. hibernate is not doing any security related stuff other than persisiting new users and thier credentials to mysql. Tomcat is only managing security and hibernate everything else... Hope this clears up discussion. :) Is hibernate using a Tomcat-created DataSource? If not, you're making your life harder by placing database connection configuration in several places instead of just one. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwGW8IACgkQ9CaO5/Lv0PALlwCgwejhODA7bB92UMEbgpIPGb8R 3RoAn3BXDzQWZ5497EKzaSP1W84Mtqu2 =zCtF -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Re: problems at thejarbar.org
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yucca Nel, On 6/3/2010 3:41 AM, yucca...@live.co.za wrote: Ok I appreciatethis big help. I am expecting a small amount of users though so does that mean that a datasource realm may be overkill? I am not implying that this is what was being said earlier, just trying to learn more. You'll want to use a DataSource for your app's db communication, anyway, so why not use that same DataSource for your Realm? The reality is that the JDBCRealm is not good. Use it at your own risk. The sad thing is that with sun/oracle transition maven documentation is rotten and many of the plugins need a revamp Maven is an Apache project, not an Oracle/Sun project. If you have a complaint about the Apache Maven documentation, might I suggest that you talk to their community about it? Things only improve when users give feedback and/or contribute to those efforts. Java is in a mess st the moment with no news on JSE7 and very little info from Oracle. I took it as a blessing in disguise an started getting to know JSF and hibernate and other stuff. It's not like it's a waste to learn Java 6 when Java 7 is coming out: it's all backward-compatible (unless otherwise noted). Don't worry about the release schedule for Java 7 unless you are dying to have some certain functionality that only ships with that version. PS can anyone confirm that there is firefox bug when selecting a different locale for i8n testing? I am able only to change locale few times. I have never had any problem changing ff's locale. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwIGfoACgkQ9CaO5/Lv0PAnAwCfWMjkflRhfbsBYI0FJmS29kjs l8cAnRywLq1wRXiXkKuLDYD+1p4hrBK2 =WLGC -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Re: problems at thejarbar.org
Hello, with all this confusion (and I am loving it) I will reveal what I am doing :p My website and webapp is to showcase my skills to get work and with a very long term goal of blogging about Java development and having a site to distribute stuff from. There was a question as to why I am using a realm and application based realm and I have no idea howcome people think I am not using only tomcat realm? I do access security stuff in application but only to determine if user is logged in to display in jsp as user is logged in as guest or not. I appreciate this forum and thank you all for replies. hibernate is not doing any security related stuff other than persisiting new users and thier credentials to mysql.Tomcat is only managing security and hibernate everything else... Hope this clears up discussion. :) -- From: Mark Eggers its_toas...@yahoo.com Sent: Tuesday, June 01, 2010 4:27 PM To: Tomcat Users List users@tomcat.apache.org Subject: [OT] Re: problems at thejarbar.org Chris, I think it all depends what you need your Realm to manage. In this instance (single application on Tomcat), then it probably doesn't matter if the Realm sits at the application, Host, or Engine level. Like you've pointed out before it's nice to have a self-contained application with all of the database configurations in one spot. Having some database configurations in META-INF/context.xml, and others in Tomcat's server.xml seems to be a maintenance / migration challenge waiting to happen. If you have multiple applications using the same Realm information, then it might make sense to move the Realm to a Host or Engine level. However I cannot think of a good use case off the top of my head to potentially run multiple hosts under one Engine with the same authentication Realm . . . . Maybe a better place to document all of this and some use case scenarios would be the Wiki. Since I'm thinking about this, I'll see what I can cobble up in the next few days. Thanks for the comments . . . . /mde/ --- On Tue, 6/1/10, Christopher Schultz ch...@christopherschultz.net wrote: From: Christopher Schultz ch...@christopherschultz.net Subject: Re: problems at thejarbar.org To: Tomcat Users List users@tomcat.apache.org Date: Tuesday, June 1, 2010, 3:03 PM -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark, Yes, but honestly, I'd put the Resource and Realm. configuration into my webapp's META-INF/context.xml file (which requires that localDataSource=true be set on the Realm, btw). - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Re: problems at thejarbar.org
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yucca Nel, On 6/2/2010 8:27 PM, yucca...@live.co.za wrote: There was a question as to why I am using a realm and application based realm and I have no idea howcome people think I am not using only tomcat realm? It's not that we think you're using a non-Tomcat Realm: it's that we think you're using the /wrong/ Tomcat Realm. See... JDBCRealm uses its own set of credentials to connect to the database and uses a single Connection object, requiring lots of synchronization to protect that shared resource. Basically, it's not appropriate for production because of those two facts. Instead, we're suggesting that you set up a DataSource and then use a DataSourceRealm which will use a connection-per-authentication-attempt and is much more high-performance. hibernate is not doing any security related stuff other than persisiting new users and thier credentials to mysql. Tomcat is only managing security and hibernate everything else... Hope this clears up discussion. :) Is hibernate using a Tomcat-created DataSource? If not, you're making your life harder by placing database connection configuration in several places instead of just one. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwGW8IACgkQ9CaO5/Lv0PALlwCgwejhODA7bB92UMEbgpIPGb8R 3RoAn3BXDzQWZ5497EKzaSP1W84Mtqu2 =zCtF -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Re: problems at thejarbar.org
Ok I appreciatethis big help. I am expecting a small amount of users though so does that mean that a datasource realm may be overkill? I am not implying that this is what was being said earlier, just trying to learn more. I have noticed though that forum posters seem to assume a lot at times, an example was that I need to learn maven which itself was a good headsup although I am familiar with it already. The sad thing is that with sun/oracle transition maven documentation is rotten and many of the plugins need a revamp, especially ones for full stack jee severs I learnt a little start of this year and everything was too fresh (jboss 6 not even released yet or is it?) or was very outdated for me as I started Java when JSE 6 was released so have little interest in knowing how to use maven in legacy systems unless I get employment in enterprise(hopefuly soon), Java is in a mess st the moment with no news on JSE7 and very little info from Oracle. I took it as a blessing in disguise an started getting to know JSF and hibernate and other stuff. PS can anyone confirm that there is firefox bug when selecting a different locale for i8n testing? I am able only to change locale few times. -- From: Christopher Schultz ch...@christopherschultz.net Sent: Wednesday, June 02, 2010 6:25 AM To: Tomcat Users List users@tomcat.apache.org Subject: Re: [OT] Re: problems at thejarbar.org -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yucca Nel, On 6/2/2010 8:27 PM, yucca...@live.co.za wrote: There was a question as to why I am using a realm and application based realm and I have no idea howcome people think I am not using only tomcat realm? It's not that we think you're using a non-Tomcat Realm: it's that we think you're using the /wrong/ Tomcat Realm. See... JDBCRealm uses its own set of credentials to connect to the database and uses a single Connection object, requiring lots of synchronization to protect that shared resource. Basically, it's not appropriate for production because of those two facts. Instead, we're suggesting that you set up a DataSource and then use a DataSourceRealm which will use a connection-per-authentication-attempt and is much more high-performance. hibernate is not doing any security related stuff other than persisiting new users and thier credentials to mysql. Tomcat is only managing security and hibernate everything else... Hope this clears up discussion. :) Is hibernate using a Tomcat-created DataSource? If not, you're making your life harder by placing database connection configuration in several places instead of just one. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwGW8IACgkQ9CaO5/Lv0PALlwCgwejhODA7bB92UMEbgpIPGb8R 3RoAn3BXDzQWZ5497EKzaSP1W84Mtqu2 =zCtF -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Re: problems at thejarbar.org
On Tue, Jun 1, 2010 at 4:27 PM, Mark Eggers its_toas...@yahoo.com wrote: If you have multiple applications using the same Realm information, then it might make sense to move the Realm to a Host or Engine level. However I cannot think of a good use case off the top of my head to potentially run multiple hosts under one Engine with the same authentication Realm . . . . Wait, what?? How about if you have multiple hosts, each having restricted-access admin functions being performed by the same (or largely overlapping) set of people? What sense would separate Realms make? -- Hassan Schroeder hassan.schroe...@gmail.com twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
