Christopher thanks for quick replay.
for connecting tomcat with apache i'm using mod_jk connector. But i'm
having problem with header values. On apache side headers values are in
UTF-8 cp but on tomcat side i have to make conversion from latin-1 cp.
Hmm.
HTTP defines header values as
2010/1/21 Ramachandran, Vishwanath(IE10)
vishwanath.ramachand...@honeywell.com
I have evaluated around 8 tools which do not support catalina.out.
Kindly suggest.
Hi.
catalina.out is not supposed to be used for traffic analyzis.
Look at the AccessLogValve
On 21/01/2010 04:45, grailcattt wrote:
That is exactly what I ended up doing and it is working well. I was hoping
for a solution that used tomcat session management rather than managing my
own session timeouts, but it works well.
If you put the poll servlet in a separate app and are NOT using
Hi Ryszard
Yes catalina.out is not used for traffic analysis. I just looking for a tool,
which I like to see visitors, access, counts, pages visited, browsers used etc.
Is there any tool like e.g. weblog expert and deep log analyzer, where I just
give the catalina.out in the log file location
Mirko Solic wrote:
Christopher thanks for quick replay.
...
I'm from Slovenija, Europe. We are using character that are not defined
in ASCII so we are using UTF-8 cp.
I will try to explain what is this application about.
This project (web page) is protected with AAI
Hi guys,I've a absurd problem and I can't figure outI've a debian server
on which tomcat 5.5 is installed.I need to run a jsf application, in which I
use pool of connection for db. Issue is that my application can't connect to
db!In catalina log I
Hi,
I've found a potential bug in the Basic Authentication module. I have users
and some user's username is contains national characters (encoded in UTF-8).
The HTTP header based authentication is fails when the username or the
password contains multibyte characters.
The root of the bug is
Hi,
Can anyone throw some light on this topic, seems it is possible to convert
the tomcat+tomcat web applications to native code to secure them and further
to run them on client machines easily.
Please check this.
http://www.excelsior-usa.com/jetinternals.html
How could we achieve this without
Auth Gábor wrote:
Hi,
I've found a potential bug in the Basic Authentication module. I have users
and some user's username is contains national characters (encoded in UTF-8).
The HTTP header based authentication is fails when the username or the
password contains multibyte characters.
The
Do you develop web applications and deliver them to the client, so
that they can install your applications on their machines without your
access to the machine?
Leon
2010/1/21 Kranti™ K K Parisa kranti.par...@gmail.com:
Hi,
Can anyone throw some light on this topic, seems it is possible to
2010/1/21 Kranti™ K K Parisa kranti.par...@gmail.com
Hi,
Can anyone throw some light on this topic, seems it is possible to convert
the tomcat+tomcat web applications to native code to secure them and
further
to run them on client machines easily.
Please check this.
Kranti™ K K Parisa wrote:
Hi,
Can anyone throw some light on this topic, seems it is possible to convert
the tomcat+tomcat web applications to native code to secure them and further
to run them on client machines easily.
Please check this.
http://www.excelsior-usa.com/jetinternals.html
How
On 21/01/2010 05:54, Auth Gábor wrote:
Hi,
I've found a potential bug in the Basic Authentication module. I have users
and some user's username is contains national characters (encoded in UTF-8).
The HTTP header based authentication is fails when the username or the
password contains
Hi,
André Warnier wrote:
I've found a potential bug in the Basic Authentication module. I have
users and some user's username is contains national characters (encoded
in UTF-8). The HTTP header based authentication is fails when the
username or the password contains multibyte characters.
On 21/01/2010 06:12, André Warnier wrote:
Auth Gábor wrote:
Hi,
I've found a potential bug in the Basic Authentication module. I have
users and some user's username is contains national characters
(encoded in UTF-8). The HTTP header based authentication is fails when
the username or the
Peter Crowther wrote:
2010/1/21 Kranti™ K K Parisa kranti.par...@gmail.com
How could we achieve this without the above tool? Because the pricing of
the
above tool is very costly.
Well, you could always spend the developer-years to create your own version
of that tool... which would probably
On Thu, 2010-01-21 at 11:30 +0100, André Warnier wrote:
This was quite replay :). Thanks for you time and
knowledge.
Mirko,
I am from Belgium, Europe too. I live in Spain and work mostly for
German and other international customers (among which are some from
Poland too). This to say that
Mark Thomas wrote:
On 21/01/2010 06:12, André Warnier wrote:
Auth Gábor wrote:
Hi,
I've found a potential bug in the Basic Authentication module. I have
users and some user's username is contains national characters
(encoded in UTF-8). The HTTP header based authentication is fails when
the
Hi All,
How I can use my own custom classloader to load my own app classes inside
webapp? Please share some ideas.
Chinmoy
I take your point about getting realistic heap info. It's also been
suggested that I set up profile a version just executing the Java
side without DWR in the loop.
Thanks
Ken
On Jan 20, 2010, at 10:02 PM, Caldarale, Charles R wrote:
From: Ken Bowen [mailto:kbo...@als.com]
Subject:
2010/1/21 Chinmoy Chakraborty cch...@gmail.com
How I can use my own custom classloader to load my own app classes inside
webapp? Please share some ideas.
1) Write custom classloader.
2) Write code in web app to use your custom classloader.
Sorry... if you want us to help you, I think you'll
Thanks a lot for your reply. This is what I want:
I have a webapplication and I want to load the classes of my app
(../WEB-INF/classes ../WEB-INF/lib) using my own classloader. Now I have
my own classloader. My question is,
how to tell tomcat to use my custom classloader to load classes of my
On 21/01/2010 06:55, André Warnier wrote:
Mark Thomas wrote:
The authorisation header is base64
encoded so it is automatically compliant with RFC2616.
Yes, it sounds like you're right; my mistake.
(Also for Gabor, I admit my mistake.)
I agree that the HTTP header itself is correct.
But
2010/1/21 danielitob gbatt...@aliceposta.it:
Hi guys,I've a absurd problem and I can't figure outI've a debian server
on which tomcat 5.5 is installed.I need to run a jsf application, in which I
use pool of connection for db. Issue is that my application can't connect to
db!In catalina
http://proguard.sourceforge.net/
-Original Message-
From: Kranti(tm) K K Parisa [mailto:kranti.par...@gmail.com]
Sent: Thursday, January 21, 2010 5:05 AM
To: Tomcat Users List
Subject: Securing Tomcat Applications from Reverse Engineering
Hi,
Can anyone throw some light on this topic,
Joseph Morgan wrote:
http://proguard.sourceforge.net/
-Original Message-
From: Kranti(tm) K K Parisa [mailto:kranti.par...@gmail.com]
Sent: Thursday, January 21, 2010 5:05 AM
To: Tomcat Users List
Subject: Securing Tomcat Applications from Reverse Engineering
Hi,
Can anyone throw
Mark Thomas wrote:
On 21/01/2010 06:55, André Warnier wrote:
Mark Thomas wrote:
The authorisation header is base64
encoded so it is automatically compliant with RFC2616.
Yes, it sounds like you're right; my mistake.
(Also for Gabor, I admit my mistake.)
I agree that the HTTP header itself
Hi,
Mark Thomas wrote:
OCTET = any 8-bit sequence of data
CTL= any US-ASCII control character
(octets 0 - 31) and DEL (127)
So actually, Tomcat is correct in the current treatment of credentials.
Therefore, not a bug.
Yes, but the
From: Chinmoy Chakraborty [mailto:cch...@gmail.com]
Subject: Re: How to use custom classloader to load my own app classes
in tomcat?
how to tell tomcat to use my custom classloader to load
classes of my app?
Read the doc:
http://tomcat.apache.org/tomcat-6.0-doc/config/loader.html
-
Mirko Solic wrote:
On Thu, 2010-01-21 at 11:30 +0100, André Warnier wrote:
Mirko,
just for info : there is a related other thread taking place at the same
time, entitled Basic Authentication Failed with multibyte username.
Basically, I am interested in those topics because I encounter them
Reverse engineering is not a technical problem; it is a legal
problem. You need a lawyer, not a program.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Friends don't let friends publish revisable-form documents.
pgpRmc02QIJYG.pgp
Description: PGP signature
Hi Leon,
That's correct. we develop and deploy on client machines. but we want to
secure the code. please suggest.
Best Regards,
Kranti K K Parisa
On Thu, Jan 21, 2010 at 4:45 PM, Leon Rosenberg
rosenberg.l...@googlemail.com wrote:
Do you develop web applications and deliver them to the
2010/1/21 Mark H. Wood mw...@iupui.edu
Reverse engineering is not a technical problem; it is a legal
problem. You need a lawyer, not a program.
Mmm, yes and no. Burglary is also a legal problem, but I have locks (on /
around the things I want to keep, of a cost and quality appropriate to my
Well there are soo many comments on the cost of IP and other tools. when we
are a small team started working on a web based product with open source
tools, for sure we can't spend too much on the tools to protect the IP
rights. because once we deploy for few clients, if its a good product, what
if
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ted,
On 1/20/2010 7:49 PM, Ted Steiner wrote:
Is there any good reason to do this? If so, could someone please let
me know and possibly provide an example?
I can think of a few reasons you might want to do this:
1. You want to test the setup of a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John,
On 1/20/2010 10:28 PM, John Tangney wrote:
We use a cluster to do seamless deploys. We use Nginx on the front end
to direct traffic to one or other of the nodes in the cluster. To
deploy, we bring up the new version of the app in a one node,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Paulwintech,
On 1/21/2010 2:00 AM, Paulwintech wrote:
I am really sorry it was my typo mistake its 10 second not 10 mins =^D.
You didn't say what type of hardware you're using, but 10 seconds of
(concurrent) GC activity it not particularly
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Pid,
On 1/21/2010 3:32 AM, Pid wrote:
On 21/01/2010 04:45, grailcattt wrote:
That is exactly what I ended up doing and it is working well. I was
hoping
for a solution that used tomcat session management rather than
managing my
own session
Thanks your help I solved! It was point 2!!!Thanks thanks
Konstantin Kolinko wrote:
2010/1/21 danielitob gbatt...@aliceposta.it:
Hi guys,I've a absurd problem and I can't figure outI've a debian
server
on which tomcat 5.5 is installed.I need to run a jsf application, in
which I
use
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mirko,
On 1/21/2010 6:43 AM, Mirko Solic wrote:
That what i'm afraid of. This code: new
String(request.getHeader(headerName).getBytes(ISO-8859-1)) works for
now but it really shouldn't work.
That way i'm searching for more legitimate way.
What
Hi Kranti - Honestly if the ideas in the product are that valuable anyone
who uses the product with a web browser, print screen, and paint can fully
mock up the application and send the mockups to development. Anything that
is deployed on a server that is out of your control, is exactly that. I
The Apache Tomcat team announces the immediate availability of Apache
Tomcat 6.0.24 stable. This release includes many bug-fixes over Apache
Tomcat 6.0.20.
Note that is version has 4 zip binaries: a generic one and three
bundled with Tomcat native binaries for different CPU architectures.
Apache
Kranti™ K K Parisa wrote:
Well there are soo many comments on the cost of IP and other tools. when we
are a small team started working on a web based product with open source
tools, for sure we can't spend too much on the tools to protect the IP
rights. because once we deploy for few clients, if
Hello Kranti,
first of all I strongly believe in open source software and don't like
to obfuscate things. But well.
1. If you have internet connectivity on the target server you could
only deploy a skeleton of your application and load the
protect-worthly classes
directly from your servers with
I run a tomcat based website which run about 10 sports leagues. All of the
leagues have their own war based webapp. For the last 6 years or so I've been
building 10 separate large war files or one for each. Each deployed webapp
contains all the same source code copied across each.
I have
Dear Forum,
Is it possible to dynamically add/remove hosts through code without
restarting Tomcat (6.0)?
I am writing an application that creates new websites on the fly (eg.
website1.mydomain.com, website2.mydomain.com etc). Each of these websites
will exist in a separate directory on the
From: Eric Pastoor [mailto:epast...@vt.edu]
Subject: Building a more efficient war file
Each deployed webapp contains all the same source code
copied across each.
Hopefully you don't put source code in the .war files.
I have been trying to think of a better way to do this.
Why do you
From: richard42 [mailto:tom...@webcogs.com]
Subject: Adding/removing hosts dynamically?
Is it possible to dynamically add/remove hosts through code without
restarting Tomcat (6.0)?
Yes - use the supplied host-manager webapp. It's mostly undocumented, so
you'll need to poke around in it a
2010/1/21 Eric Pastoor epast...@vt.edu
I run a tomcat based website which run about 10 sports leagues. All of the
leagues have their own war based webapp.
[...]
Am I going about this totally wrong?
Well, a quick cost/benefit analysis...
- How much does the memory and disk to hold the extra
answer is yes, it is possible. Others have done it successfully.
If you want a place to start, take a look at host manager servlet
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/manager/host/HostManagerServlet.java?view=annotate
Note, this doesn't imply that you have
Charles,
You're right. I misspoke and meant to say that each webapp contains the
exact same class files.
My webhost provides me a virtual machine. Unfortunately this means I can't
configure tomcat nor allocate more memory. They give me very little RAM,
usually only about 512 MB at any given
From: Eric Pastoor [mailto:epast...@vt.edu]
Subject: Re: Building a more efficient war file
I was hoping that by changing my webapps to a much smaller
footprint, it would reduce the strain on the server.
Putting the class files in a common location won't reduce your footprint much,
but it
I have recently inherted a tomcat 5 server (today - do want want to upgrade
at this point). There is a SSI server on the outside that sends request to
8009 for this tomcat server (from what I have been told). The tomcat
server is running on port 8082. I have been tasked to change this
The Apache Tomcat team announces the immediate availability of Apache
Tomcat Native 1.1.19 stable. This release include few minor fixes
over Tomcat Native 1.1.18.
Please refer to the change log for the list of changes:
http://tomcat.apache.org/native-doc/miscellaneous/changelog.html
Downloads:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 1/21/2010 9:21 AM, André Warnier wrote:
But then, such header field values MUST be encoded according to the
rules of RFC 2047.
Unfortunately, Tomcat does not follow RFC2047, at least not according to
Chart wrote:
I have recently inherted a tomcat 5 server (today - do want want to upgrade
at this point). There is a SSI server on the outside that sends request to
8009 for this tomcat server (from what I have been told). The tomcat
server is running on port 8082. I have been tasked to
From: André Warnier [mailto:a...@ice-sa.com]
Subject: Re: newbie: multiple ports for same tomcat server 5.0
What you have above, graphically (*), is like this :
Nice pictures. (The lost art of ASCII art.)
You just need to duplicate this section, and change one attribute :
Connector
Caldarale, Charles R wrote:
From: André Warnier [mailto:a...@ice-sa.com]
Subject: Re: newbie: multiple ports for same tomcat server 5.0
What you have above, graphically (*), is like this :
Nice pictures. (The lost art of ASCII art.)
Thanks. Unfortunately, I have a feeling that only fellow
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gábor,
On 1/21/2010 9:16 AM, Auth Gábor wrote:
Mark Thomas wrote:
OCTET = any 8-bit sequence of data
CTL= any US-ASCII control character
(octets 0 - 31) and DEL (127)
So actually,
I want to deploy a war file in an embedded Tomcat.
There a few outdated examples, and many posts where this gets asked and never
answered.
http://www.mail-archive.com/users@tomcat.apache.org/msg19481.html
The methods once used to do this are gone, and I can't find any examples of how
to do
simplest
http://tomcat.apache.org/tomcat-6.0-doc/appdev/sample/
http://tomcat.apache.org/tomcat-6.0-doc/deployer-howto.html
On 01/21/2010 01:41 PM, Clay McCoy wrote:
I want to deploy a war file in an embedded Tomcat.
There a few outdated examples, and many posts where this gets asked and
Christopher Schultz wrote:
...
Nice that someone looked at actual behavior of the browsers.
There is an easy way to find out what really happens.
Gábor,
I presume that you have a workstation set for iso-8859-2 (or whichever
non iso-8859-1 charset is appropriate for Magyar, I forgot), and a
Thank you for the reply, but I'm talking about embedded Tomcat.
The war is deployed programmatically, and the API has changed drastically since
the dated examples I can find. It would be great if the embedded use of Tomcat
had the same level of documentation.
On 1/21/10 3:23 PM, Filip Hanik -
André -
Welcome to the world of small business, for-profit software development.
This is a more common attitude that you might be aware.
Jeff
-Original Message-
From: André Warnier [mailto:a...@ice-sa.com]
Sent: Thursday, January 21, 2010 5:31 AM
To: Tomcat Users List
Subject: Re:
On 21/01/2010 15:26, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Pid,
On 1/21/2010 3:32 AM, Pid wrote:
On 21/01/2010 04:45, grailcattt wrote:
That is exactly what I ended up doing and it is working well. I was
hoping
for a solution that used tomcat session
an embedded Tomcat is the same as a regular Tomcat if you configure it
that way.
The easiest way I can think of is to take a look at the class we use to
launch a simple tomcat in trunk
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/startup/Tomcat.java?view=annotate
there
Jeffrey Janner wrote:
André -
Welcome to the world of small business, for-profit software development.
This is a more common attitude that you might be aware.
I was being somewhat ironic. Being myself a small for-profit software
development business, I am well aware of the circumstances.
On 21/01/2010 16:24, Leon Rosenberg wrote:
5. stop wasting your time and invest it into developing new features
and actually selling your product. If its worth copying it will be
copied this way or other. So far no one has managed to protect its
software against copying, better concentrate on
To get back to the underlying issue :
Auth Gábor wrote:
So... this is the real chaos... :)
Yes.
By the way, my users are not use HTML browsers, they are using JAX-WS in their
client program, and the JAX-WS sends authentication data in UTF-8 (like
Opera), because the default encoding is
Thank you for the advice! I have tried the host manager app as well as a
class that I have just written which implements ContainerServlet.
Unfortunately, I find that when I create a new host (by adding a
StandardHost to the Engine), it appears to add it successfully, but only
empty pages are
Hello Chuck,
I was going through this email thread and have a question for you.
We have a similar setup like this in one of our containers but we do not use
the address attribute as you mentioned in the connector declaration. You
mentioned that adding the address attribute is recommended to
Ensure you are looking at the right log file for end user traffic
information. This file would be configured via the Access Log Valve (
http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html)
*Once you have the right file identified, you would be able to use any
standard log analysis tool.*
--- On Thu, 1/21/10 at 7:26 AM, Christopher Schultz
ch...@christopherschultz.net wrote:
If you access the session at all, it counts as a touch,
thereby
extending the life of the session. It's not possible to
peek at the
session without touching it AFAICT.
The Session timeout can be set
Don't understand what exactly is the question here but maybe the following
answers your question:
http://tomcat.apache.org/tomcat-6.0-doc/config/http.html
connectionTimeout
keepAliveTimeout
selectorTimeout
socket.soTimeout
socket.unlockTimeout
richard42 wrote:
...it appears to add it successfully, but only empty pages are served to
the browser for that website. This seems to happen on the live server and
my local machine (both Tomcat 6.0).
Please ignore this, I have since got it working (needed to add a context).
Thanks once
Mark Thomas ma...@apache.org wrote in message
news:4b57bb79.3010...@apache.org...
On 20/01/2010 17:08, Christopher Schultz wrote:
Paul,
On 1/20/2010 4:08 PM, Paul Guglielmino wrote:
I'm setting up the server to only listen on an ajp port (8009). If I
already
have something listening on
I'm extremely interested in this. Any chance anyone who has used this
before could provide some direction (example implementation)?
Bare-bones documentation - if you will?
Thank you!
-Jordan
richard42 wrote:
richard42 wrote:
...it appears to add it successfully, but only empty pages are
From: Anurag Kapur [mailto:anuragka...@gmail.com]
Subject: Re: newbie: multiple ports for same tomcat server 5.0
You mentioned that adding the address attribute is recommended
to prevent port conflicts.
I didn't say it was recommended, just that it was one way to avoid port
conflicts,
I'm very new to Tomcat, connection pooling, JSP, etc. and I've been
banging my head against a wall for two weeks trying to get a simple
program to connect to a MySQL database.
*Vital Stats:*
Ubuntu 9.10, Java 1.6.0_0, Java Servelet 2.5, Java Server Pages 2.1,
JSTL 1.2, Apache2, Tomcat
2010/1/22 Mark Eggers its_toas...@yahoo.com:
(...)
In all four cases, the tcnative library failed to load. In the first two
cases, the INFO message indicated that the library was not found in
/home/mdeggers/Apache/apache-tomcat-5.5.28/bin. In the last two cases, the
INFO message listed all
From: Jordan Michaels [mailto:jor...@viviotech.net]
Subject: Re: Adding/removing hosts dynamically?
I'm extremely interested in this. Any chance anyone who has used this
before could provide some direction (example implementation)?
Try the HTML version of host-manager to get familiar with
Bingo and thanks.
Note to the impatient (me) - Bugzilla is your friend..
Thanks again,
/mde/
--- On Thu, 1/21/10, Konstantin Kolinko knst.koli...@gmail.com wrote:
From: Konstantin Kolinko knst.koli...@gmail.com
Subject: Re: TCNative installation failed
To: Tomcat Users List
To list owner: I am not sure if vendors are prohibited from posting comments to
this list, if they are, let me know and I won't post next time.
Excelsior JET is not an IDE that every developer must have on his/her
workstation. It is more like a setup generator. Typically, a team of developers
Fixed issues are listed in the changelog file,
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?view=markup
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml?view=markup
Best regards,
Konstantin Kolinko
2010/1/22 Mark Eggers
The GCC compiler for java allows you to compile java down to native code
(AOC - Ahead Of time Compiling). I have never tried it before but it's open
source and free to use.
That being said I'm not certain that compiling your class files down to
native code is going to solve your problem since
Hi Leon,
Thanks for the notes, may be parallel to our sales we may spend some time on
the points you mentioned to protect our selves in the future.
Best Regards,
Kranti K K Parisa
On Thu, Jan 21, 2010 at 9:54 PM, Leon Rosenberg
rosenberg.l...@googlemail.com wrote:
Hello Kranti,
first of
Dmitry Leskov wrote:
We have therefore created a special licensing program that has been working
very well for our smaller customers since mid-2008:
http://www.excelsior-usa.com/store/jetmb.html
To the OP : there, you see, a discount !
And you did not even have to ask.
;-)
87 matches
Mail list logo