Tomcat memory issues
Hi We have implemented a picture/pdf server in Tomcat. The pictures are cached in a map. When the memory is nearly full, some entries are removed from map. However, eventually the entries in the map become fewer and fewer even though the memory consumption stays high. In other words more and more memory are used outside the map. According to a heap dump done by jmap, there are many org.apache.tomcat.util.buf.ByteChunk instances referencing large byte[], which we suspect to be previously used pictures. We have tried both Tomcat 5.5.9 and Tomcat 6 under JBoss 4.2.0. Both showed the same behaviour. Are there any way to stop Tomcat from cached these large byte[] internally? The object graph looks like this: The byte[] is referenced from: - ByteChunk (A) - ByteChunk (B) ByteChunk (A) is referenced by: - org.apache.tomcat.util.buf.C2BConverter (AA) - org.apache.tomcat.util.buf.IntermediateOutputStream (AB) - org.apache.catalina.connector.OutputBuffer (AC) ByteChunk (B) is referenced by: - org.apache.catalina.connector.OutputBuffer (AC) C2BConverter (AA) is referenced by: - HashMap$Entry (AAA) - org.apache.catalina.connector.OutputBuffer (AC) IntermediateOutputStream (AB) is referenced by: - org.apache.tomcat.util.buf.C2BConverter (AA) - org.apache.tomcat.util.buf.WriteConvertor (ABA) - sun.nio.cs.StreamEnocder (ABB) OutputBuffer (AC) is referenced by: - org.apache.catalina.conncetor.CoyoteOutputStream (ACA) - org.apache.catalina.connector.CoyoteWriter (ACB) - org.apache.catalina.connector.Response (ACC) HashMap$Entry (AAA) is referenced by: - class[] org.apache.catalina.conncetor.CoyoteOutputStream (ACA) is referenced by: - org.apache.catalina.connector.Response (ACC) org.apache.catalina.connector.CoyoteWriter (ACB) is referenced by: - org.apache.catalina.connector.Response (ACC) org.apache.catalina.connector.Response (ACC) is referenced by: - org.apache.catalina.connector.ResponseFacade (ACCA) - class[] (ACCB) - org.apache.catalina.connector.Request (ACCC) I cannot find any trace of any JBoss or any webapp class. Any help appreciated, Morten - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Programmic login to tomcat using username and password
I somehow understand what you are trying to do. I suppose your idea is to have user get an email with a serial number that allow them direct access to a secured page. This serial would be associated internally by your app with that user's credential. AFAIK, the J2EE specs does not allow 'spontaneous login' from webapplication and am not sure tomcat give provision for this. You could probably revamp the SSO valve so that is can inject the basic authentification header to tomcat. Another possibility might be the use of http://securityfilter.sourceforge.net/ which mimic a container security mecanism (respect of web.xml rules, use of realms) but allows for more flexibility than pure j2ee specs. En l'instant précis du 06/09/07 07:31, zhu quanxin s'exprimait en ces termes: Hi, Dave I am looking for tomcat API for doing programmic login. I read the source code of org.apache.catalina.authenticator.SingleSignOn, and find that it contains a method called reauthenticate maybe helpful. protected boolean reauthenticate(String ssoId, Realm realm, Request request) { if (ssoId == null || realm == null) return false; boolean reauthenticated = false; SingleSignOnEntry entry = lookup(ssoId); if (entry != null entry.getCanReauthenticate()) { String username = entry.getUsername(); if (username != null) { Principal reauthPrincipal = realm.authenticate(username, entry.getPassword()); if (reauthPrincipal != null) { reauthenticated = true; // Bind the authorization credentials to the request request.setAuthType(entry.getAuthType()); request.setUserPrincipal(reauthPrincipal); } } } return reauthenticated; } but when I use those code in my application(for example a servlet), it could not work. I think I could not get the instance of realm in tomcat server. do you have a better idea about programmic login, and how to write it? Thanks a lot~ zhu quanxin 2007/9/6, Dave [EMAIL PROTECTED]: I think this feature is very basic. Everything should have a programmatic way. zhu quanxin [EMAIL PROTECTED] wrote: hi,David, My aim is that tomcat could authenticate users without promoting any login form. I give out the userID and password in the servlet code. when users navagate the servlet page, they would login to tomcat as that userID identity. Thanks a lot! Zhu quanxin 2007/9/6, David Delbecq : Hi, Am not sure to understand what you want to do. You want to login user without requiring it, ever, to authenticate? That seems to me quite paradoxal. Maybe you should explain a bit more what you try to achieve... 朱全鑫 a écrit : Hi, I have already enabled the SSO function in server.xml. It could be promoted the challenge once when I visit the first webapp and without login to all the webapps in the host. But I do not want any login form promoted to users. So my point is, how do I write code in a jsp or servlet to auto login to the first webapp without the login-form promoted to users. For example, in websphere application server, the following code could be auto login to the server, If we give the right username and password pair. code begin -- LoginContext lc = null; try { lc = new LoginContext(WSLogin, new WSCallbackHandlerImpl(userName, password)); } catch (LoginException le) { System.out.println(Cannot create LoginContext. + le.getMessage()); // Insert the error processing code } catch(SecurityException se) { System.out.println(Cannot create LoginContext. + se.getMessage()); // Insert the error processing code } try { lc.login(); } catch (LoginException le) { System.out.println(Fails to create Subject. + le.getMessage()); // Insert the error processing code code end I do not know if tomcat provide some APIs like the above, and we could use the API to programmic login to the tomcat server. and where to find the instruction to use the API? Many Thanks! Zhu quanxin 2007/9/5, David Delbecq : http://tomcat.apache.org/tomcat-5.5-doc/config/host.html See section about single-sign. This share credential between webapps. Note: it's not a programamtic. It just let all your application share a same authentification token. Once you authenticate using J2EE compliant method in application X, it's not necessary to login into other application Y on same host that is also using J2EE compliant authentification mecanism. En l'instant précis du 05/09/07 16:51, 朱全鑫 s'exprimait en ces termes: hi, everyone I meet a problem about programmic login. I setup a tomcat server, and deploy two WAR files (applications) on it. One of the application A is protected by server
mod_jk - connectionTimeout en connection_pool_timeout
Hi, We are using mod_jk 1.2.21 on Solaris 8. together Apache 2.0.59 with the worker MPM. We are moving our applicationserver to a new version which is also using a new Tomcat version. We now have a split application which is using both Tomcat 5.0 and the other part is using Tomcat 5.5. For tomcat 5.5 we set the connectionTimeout to 10 minutes, for 5.0 it is set to 0 (infinite) For Tomcat 5.0 we see lots more ESTABLISHED connections than for Tomcat 5.5. While I expected it to be the same. For the Tomcat 5.0 connections we do not see any errors (except for client errors). For the Tomcat 5.5 connections we see errors occuring, claiming that it cannot connect to Tomcat: [Thu Sep 06 09:17:15 2007] [2735:0061] [info] ajp_send_request::jk_ajp_common.c (1215): dummy) error sending request. Will try another pooled connection [Thu Sep 06 09:17:15 2007] [2735:0061] [info] ajp_send_request::jk_ajp_common.c (1241): (dummy) all endpoints are disconnected [Thu Sep 06 09:17:15 2007] [2735:0061] [info] ajp_send_request::jk_ajp_common.c (1244): (dummy) increase the backend idle connection timeout or the connection_pool_minsize [Thu Sep 06 09:17:15 2007] [2735:0061] [info] ajp_service::jk_ajp_common.c (1930): (dummy) sending request to tomcat failed, recoverable operation attempt=1 [Thu Sep 06 09:17:15 2007] [2735:0061] [error] ajp_service::jk_ajp_common.c (1942): (dummy) Connecting to tomcat failed. Tomcat is probably not started or is listening on the wrong port [Thu Sep 06 09:17:15 2007] [2735:0061] [info] service::jk_lb_worker.c (1023): service failed, worker dummy is in error state On the mod_jk side of things we use the same settings for both applications: worker.maintain=60 # worker template worker.template.type=ajp13 worker.template.port= worker.template.lbfactor=50 worker.template.connection_pool_timeout=600 worker.template.socket_timeout=62 worker.template.connect_timeout=3 worker.template.prepost_timeout=3 worker.template.recovery_options=0 worker.template.reply_timeout=60 worker.template.retries=1 On the tomcat 5.0 side the connectionTimeout is set to 0 (infinite) Connector className=org.apache.coyote.tomcat5.CoyoteConnector port= minProcessors=5 maxProcessors=500 acceptCount=10 debug=0 enableLookups=true redirectPort=8443 connectionTimeout=0 useURIValidationHack=false protocolHandlerClassName=org.apache.jk.server.JkCoyoteHandler / On the tomcat 5.5 site the connectionTimeout is set to 10 minutes: Connector port= address=a.b.c.d enableLookups=false emptySessionPath=true minSpareThreads=20 maxThreads=750 acceptCount=10 connectionTimeout=60 redirectPort=8443 debug=0 protocol=AJP/1.3 / So, on the timeout settings for Tomcat 5.5 I am using the recommended values described in the 'timeouts howto' section. The info messages suggest that I should increase the connectionTimeout on the Tomcat side. Probably to some value (connection_pool_timeout + worker.maintain)?? Or should I set the connection_pool_minsize to match the minSpareThreads?? Or upgrade to mod_jk 1.2.25?? Advice is welcome. regards Henk Fictorie -- View this message in context: http://www.nabble.com/mod_jk---connectionTimeout-en-connection_pool_timeout-tf4390617.html#a12518264 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Issue with psql driver
Hi All, I've tried at least 4 drivers, changing the url to localhost:test, localhost:5432:test, 127.0.0.1:test This is my current trace: Error occurred: org.postgresql.util.PSQLException: Something unusual has occured to cause the driver to fail. Please report this exception. org.postgresql.util.PSQLException: Something unusual has occured to cause the driver to fail. Please report this exception. at org.postgresql.Driver.connect(Driver.java:276) at java.sql.DriverManager.getConnection(DriverManager.java:512) at java.sql.DriverManager.getConnection(DriverManager.java:171) at org.apache.jsp.jdb_jsp._jspService(jdb_jsp.java:69) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:94) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:324) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:292) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:236) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:243) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAsPrivileged(Subject.java:500) at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:272) at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:161) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:245) at org.apache.catalina.core.ApplicationFilterChain.access$0(ApplicationFilterChain.java:177) at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:156) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:152) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929) at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705) at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) at java.lang.Thread.run(Thread.java:534) Caused by: java.security.AccessControlException: access denied (java.net.SocketPermission localhost resolve) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269) at java.security.AccessController.checkPermission(AccessController.java:401) at java.lang.SecurityManager.checkPermission(SecurityManager.java:524) at java.lang.SecurityManager.checkConnect(SecurityManager.java:1023) at java.net.InetAddress.getAllByName0(InetAddress.java:1000) at java.net.InetAddress.getAllByName0(InetAddress.java:981) at java.net.InetAddress.getAllByName(InetAddress.java:975) at
Re: Issue with psql driver
Ahh... I see the root cause now. It is indeed caused by the JVM's security manager: Caused by: java.security.AccessControlException: access denied (java.net.SocketPermission localhost resolve) Looking at your original post, I see (forgive the recap, but I wanted to refresh the relevant parts): I was told I had a security problem so I added a file called chapter1.policy to /etc/policy.d: // These permissions apply to the chapter1 web application grant codeBase file:${catalina.home}/webapps/chapter1/WEB-INF/ classes/- { permission java.security.AllPermission; }; grant codeBase file:${catalina.home}/webapps/chapter1/WEB-INF/ lib/- { permission java.security.AllPermission; }; // // The permission granted to your JDBC driver grant codeBase file:${catalina.home}/common/lib/postgresql- jdbc3-8.1.jar { permission java.net.SocketPermission localhost:5432, connect; }; I'm not familiar with /etc/policy.d though as the tomcat download stores policy info in $TOMCAT_HOME/conf/catalina.policy. You'll have to verify that /etc/policy.d is really the policy file used. I can offer this bit of policy code based on an example in catalina.policy: grant codeBase jar:file:${catalina.home}/common/lib/postgresql-jdbc3-8.1.jar!/- { permission java.net.SocketPermission localhost, connect; } If you look at the Sun Javadocs for java.net.SocketPermission, you can get more detail on what's allowed in the permission line. --David Chris Baty wrote: Hi All, I've tried at least 4 drivers, changing the url to localhost:test, localhost:5432:test, 127.0.0.1:test This is my current trace: Error occurred: org.postgresql.util.PSQLException: Something unusual has occured to cause the driver to fail. Please report this exception. org.postgresql.util.PSQLException: Something unusual has occured to cause the driver to fail. Please report this exception. at org.postgresql.Driver.connect(Driver.java:276) at java.sql.DriverManager.getConnection(DriverManager.java:512) at java.sql.DriverManager.getConnection(DriverManager.java:171) at org.apache.jsp.jdb_jsp._jspService(jdb_jsp.java:69) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:94) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:324) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:292) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:236) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:243) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAsPrivileged(Subject.java:500) at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:272) at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:161) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:245) at org.apache.catalina.core.ApplicationFilterChain.access$0(ApplicationFilterChain.java:177) at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:156) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:152) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at
How to get Request from RequestFacade
Hello, I'v been using a valve to perform license checking in my web application. The method invoke(Request request, Response response) had access to the Request and Response objects, allowing me to perform some advanced operations. For instance, I made use of instructions like: Session catalinaSession = request.getSessionInternal(false); catalinaSession.access(); or Session[] managedSessions = request.getContext().getManager().findSessions(); Now, I'm moving the license validation code to a Filter. How do I access org.apache.catalina.connector.Request/Response in the method doFilter()? I see that I can only cast to a RequestFacade object: public void doFilter(ServletRequest sRequest, ServletResponse sResponse, FilterChain chain) throws IOException, ServletException { RequestFacade cRequest = (RequestFacade) sRequest; .. but now, I cannot use the Facade to access the Request. How can I solve this problem? Is it desirable accessing Catalina specific object from a Filter? Should I rewrite my code/ redesign my license validation framework? It is a very complex one, hance it may require some effort. May you redirect me to some useful articles/resources? Many thanks -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to get Request from RequestFacade
May I ask what exactly you want to do with the facade? Seems like you could do what you want with a request or response wrapper instead. --David Tremal Naik wrote: Hello, I'v been using a valve to perform license checking in my web application. The method invoke(Request request, Response response) had access to the Request and Response objects, allowing me to perform some advanced operations. For instance, I made use of instructions like: Session catalinaSession = request.getSessionInternal(false); catalinaSession.access(); or Session[] managedSessions = request.getContext().getManager().findSessions(); Now, I'm moving the license validation code to a Filter. How do I access org.apache.catalina.connector.Request/Response in the method doFilter()? I see that I can only cast to a RequestFacade object: public void doFilter(ServletRequest sRequest, ServletResponse sResponse, FilterChain chain) throws IOException, ServletException { RequestFacade cRequest = (RequestFacade) sRequest; .. but now, I cannot use the Facade to access the Request. How can I solve this problem? Is it desirable accessing Catalina specific object from a Filter? Should I rewrite my code/ redesign my license validation framework? It is a very complex one, hance it may require some effort. May you redirect me to some useful articles/resources? Many thanks - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to get Request from RequestFacade
That's the point, I don't know much about request/response wrapping. I don't need the Facade itself, what I need are the real Catalina Request/Response objects hidden behind it. I don't know how to get them from inside a Filter. Thanks, TN 2007/9/6, David Smith [EMAIL PROTECTED]: May I ask what exactly you want to do with the facade? Seems like you could do what you want with a request or response wrapper instead. --David Tremal Naik wrote: Hello, I'v been using a valve to perform license checking in my web application. The method invoke(Request request, Response response) had access to the Request and Response objects, allowing me to perform some advanced operations. For instance, I made use of instructions like: Session catalinaSession = request.getSessionInternal(false); catalinaSession.access(); or Session[] managedSessions = request.getContext().getManager().findSessions(); Now, I'm moving the license validation code to a Filter. How do I access org.apache.catalina.connector.Request/Response in the method doFilter()? I see that I can only cast to a RequestFacade object: public void doFilter(ServletRequest sRequest, ServletResponse sResponse, FilterChain chain) throws IOException, ServletException { RequestFacade cRequest = (RequestFacade) sRequest; .. but now, I cannot use the Facade to access the Request. How can I solve this problem? Is it desirable accessing Catalina specific object from a Filter? Should I rewrite my code/ redesign my license validation framework? It is a very complex one, hance it may require some effort. May you redirect me to some useful articles/resources? Many thanks - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to get Request from RequestFacade
Ok... do you need them to modify the request and/or response? Or are you trying to pull some information from the original tomcat internals? I first assumed you were attempting to modify the request or response, so a wrapper is ideal. All you have to do is create a class that extends HttpServletRequestWrapper or HttpServletResponseWrapper and override the methods you want. Then in the filter, just instantiate your request or response class with the original request or response in the constructor. When you chain to the next filter, just pass on the new request and response objects. --David Tremal Naik wrote: That's the point, I don't know much about request/response wrapping. I don't need the Facade itself, what I need are the real Catalina Request/Response objects hidden behind it. I don't know how to get them from inside a Filter. Thanks, TN 2007/9/6, David Smith [EMAIL PROTECTED]: May I ask what exactly you want to do with the facade? Seems like you could do what you want with a request or response wrapper instead. --David Tremal Naik wrote: Hello, I'v been using a valve to perform license checking in my web application. The method invoke(Request request, Response response) had access to the Request and Response objects, allowing me to perform some advanced operations. For instance, I made use of instructions like: Session catalinaSession = request.getSessionInternal(false); catalinaSession.access(); or Session[] managedSessions = request.getContext().getManager().findSessions(); Now, I'm moving the license validation code to a Filter. How do I access org.apache.catalina.connector.Request/Response in the method doFilter()? I see that I can only cast to a RequestFacade object: public void doFilter(ServletRequest sRequest, ServletResponse sResponse, FilterChain chain) throws IOException, ServletException { RequestFacade cRequest = (RequestFacade) sRequest; .. but now, I cannot use the Facade to access the Request. How can I solve this problem? Is it desirable accessing Catalina specific object from a Filter? Should I rewrite my code/ redesign my license validation framework? It is a very complex one, hance it may require some effort. May you redirect me to some useful articles/resources? Many thanks - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to get Request from RequestFacade
2007/9/6, David Smith [EMAIL PROTECTED]: Ok... do you need them to modify the request and/or response? Or are you trying to pull some information from the original tomcat internals? ok, I don't need to modify the Request or Response. I'm trying to read them. Maybe a Wrapper is too much... TN - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Usertransaction
Hi All, I'm currently trying to create a transaction between a standalone application and a web service. By starting a usertransaction in the standalone app and bridging it to/with the web service. However I'm unable to get use a transaction in the web service. I took these steps: - published a transactional webservice with apache axis on tomcat 5.5 - added to /conf/server.xml Transaction name=UserTransaction factory= com.arjuna.mw.wst.UserTransactionFactory/ - added to /conf/context.xml ResourceLink name=UserTransaction global=UserTransaction type= com.arjuna.mw.wst.UserTransactionFactory/ - added the following lines to the code: InitialContext ctx = new InitialContext(); ut = (UserTransaction) ctx.lookup(java:comp/UserTransaction); which gives the javax.naming.NameNotFoundException: Name UserTransaction is not bound in this Context Am I missing some xml-statements somewhere? thanks in advance, Gerard
Re: How to get Request from RequestFacade
2007/9/6, Tremal Naik [EMAIL PROTECTED]: ok, I don't need to modify the Request or Response. I'm trying to read them. by the way, I'd be glad if I was able to read the StandardSession. I mean, even if it's not possible reading the Request, maybe it's easier accessing the Session behind the StandardSessionFacade. Thanks, -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat Farm Deployment and Statistics
Is there a way to distribute the deployment of an application through many tomcat's farm instances in different machines setting a context path that is different than the war's name? Is there a way to centrally collect statistics of usage of all of the tomcat's farm instances? Thanks, Johann -- View this message in context: http://www.nabble.com/Tomcat-Farm-Deployment-and-Statistics-tf4391810.html#a12521532 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Can two Tomcat web apps deadlock each other?
Alexey, Thanks for taking the time to reply. I'll try all your suggestions but I wanted to investigate the windows vs linux possibilities. Does the fact that this Tomcat behavior does not occur on the windows-based development server offer any clue as to what may be happening on the linux server when Tomcat hangs? Thanks again, -=bill Alexey Solofnenko wrote: There can be a simple problem with locking - see http://tomcat.apache.org/faq/windows.html#lock . On Linux the files are usually not locked, so you can get class not found exception when a jar file is replaced with a new one. Ask administrators to get the stack trace (and check if CPU is at 100% or not - maybe it is not a deadlock). Otherwise you can look for a problem for a very long time. You can also add try/catch with finite number of retries around connection code. Please also check that your application shuts down cleanly - no exceptions are thrown during shutdown (but they should be logged) and preferably there are no finally() methods. Wm.A.Stafford wrote: Thanks Alexey. Unfortunately, the server in question is not ours and we do not even have log in on it, so any kind of sane analysis is probably out of the question. All we can do is try deploying another version with changes that will either fix the problem (we hope) or yield some more information about what is going on. -=bill Alexey Solofnenko wrote: Everything is possible, but unlikely. Please try running server stack trace from http://tmitevski.users.mcs2.netarray.com/stacktrace/app/launch.jnlp to get a thread dump. It will show the list of threads and what locks they have acquired and what locks they are waiting for. - Alexey. Wm.A.Stafford wrote: We are deploying a newer version of a web app to run in the same Tomcat instance (1.4.31) as the existing version. On our development servers, winXP, if the new version encounters a startup problem the production app will start and only the new version will fail. On the production server, which is linux, Tomcat seems to 'hang' on the first failure encountered when starting the new app and nothing further happens. Tomcat has to be restarted after deleting the new app when it enters this state. In the localhost log the last log entry is the exception logged from the new app and there is no further logging. Since we have been doing some database changes the usual error that causes this is Jakarta DBCP connection failure but we have also seen it for a missing class file. So I don't think the error per se is at the root of the problem. To me this looks like a deadlock. Is it possible for one Tomcat web application to deadlock with another? An obvious difference is windows vs linux servers. Could there be some config issue for Tomcat on linux that would lead to this behavior? We are completely stumped by this, any ideas or suggestions would be appreciated. -=bill - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
reponse.setHeader in tomcat
Hello, I am trying to change the response header in tomcat by setting: Response.setHeader(Content-Type,text/plain) in a servletFilter. But it doesn't work. Any idea for it? Odelya Glick JPost.com web-programmer 050-2052075
Quartz
I can't find an example of using Quartz to scheduling jobs on Tomcat Web application. Someone already work with Quartz? Could you share a hello world sample? Thanks a lot
POST data lost when switching URL using mod_rewrite and mod_jk
Hi folks! I Have the following setup: Apache/2.2.4 mod_ssl/2.2.4 mod_jk/1.2.25 mod_rewrite (?) Apache Tomcat 5.5.23 Browser == Apache + mod_rewrite == mod_jk == Tomcat This is a Linux machine, and mod_rewrite is used to switch to SSL on certain URLs. Problem: the POST data is lost whenever a form on a http page sends data to a page that gets its URL rewritten to https. This goes as folllows: http page = form post to http url = rewrite url to https, switch to SSL = display https url No data arrives when using POST! I know there is a bug that limits the maximum post size to x KB, but in my case, the post data is a just a few text fields. Any idea as to why this happens? Regards, Michael -- Michael Böckling Java Engineer dmc digital media center GmbH Rommelstraße 11 70376 Stuttgart (Germany) Telefon: +49 711 601747-0 Telefax: +49 711 601747-141 E-Mail: [EMAIL PROTECTED] Internet: www.dmc.de Handelsregister: AG Stuttgart HRB 18974 Geschäftsführer: Andreas Magg, Daniel Rebhorn, Andreas Schwend - Open Source ist reif für ECM zeigt Ihnen neue und innovative Lösungswege sowie Best Practices aus dem Bereich Enterprise Content Management. Besuchen Sie die ECM-Vortragsreihe bei dmc! Nächste Veranstaltung: 20. September 2007, 15-18.30 Uhr: Digitaler Rechnungsein- und ausgang. Was ist möglich? Was ist erlaubt? - Automatische Verarbeitung des Rechnungseingangs und digitale Signierung von Dokumenten beim Versand von elektronischen Dokumenten. Veranstaltungsort: Römerkastell, 70376 Stuttgart Melden Sie sich unter www.dmc.de/ecm an oder besuchen Sie uns vom 25.-27.09.07 auf der DMS in Köln: Halle 7, Stand G095! - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Quartz
Andrew, It is the best way to use Quartz together with spring. Look the documentation, there all very well is described. 2007/9/6, Andrew Hole [EMAIL PROTECTED]: I can't find an example of using Quartz to scheduling jobs on Tomcat Web application. Someone already work with Quartz? Could you share a hello world sample? Thanks a lot
Re: Quartz
this code works for me well bean id=job class=org.springframework.scheduling.quartz.JobDetailBean property name=jobClass valuebaseportal.com.portal.sheduler.SimpleJob/value /property /bean bean id=job2 class=org.springframework.scheduling.quartz.JobDetailBean property name=jobClass valuebaseportal.com.portal.sheduler.Simple2Job/value /property /bean bean id=trigger class= org.springframework.scheduling.quartz.SimpleTriggerBean property name=jobDetail ref local=job2/ /property property name=startDelay value1000/value /property property name=repeatInterval value3000/value /property /bean bean id=crontrigger class= org.springframework.scheduling.quartz.CronTriggerBean property name=cronExpression value0/15 * 22 * * ?/value /property property name=jobDetail ref local=job/ /property /bean bean id=schedulerFactory class= org.springframework.scheduling.quartz.SchedulerFactoryBean property name=triggers list ref local=crontrigger/ ref local=trigger/ /list /property /bean 2007/9/6, Andrew Hole [EMAIL PROTECTED]: I can't find an example of using Quartz to scheduling jobs on Tomcat Web application. Someone already work with Quartz? Could you share a hello world sample? Thanks a lot
mod_jk errors and http status code 503 under load
Hi, I'm getting stuck with an error we are seeing on our production server under load. I've googled and found many posts on similar topics but I haven't found an answer yet, I was hoping somebody here could shed some light on my issue: We upgraded our combination of Apache,Tomcat,Java all running on Solaris 10 to Apache 2_2.0.55.build2 Tomcat 5.5.23 Java 1.5.0_06-b05 Our Apache Tomcat connector is AJP/1.3. It's all installed on the same server, we have no tomcat clusters and no load balancers. With a few (10) concurrent users accessing the various JSP's everything worked as expected, all our functional tests passed. We opened more up live traffic to the server and starting seeing the following error message: [Thu Sep 06 02:23:00 2007] [error] ajp_service::jk_ajp_common.c (1758): Error connecting to tomcat. Tomcat is probably not started or is listening on the wrong port. worker=worker1 failed On the client side this was being reported as a 503 and our intelligent browser was re-submitting the request and generally, on the second time, the request would be successful. After an hour we then had a Solaris panic, and after analyzing the crash using scat I can see that the cause was: panic string: BAD TRAP: type=9 rp=2a1015332d0 addr=0 mmu_fsr=0 and looking further into the trap, it seems to be network related. trapip:tcp_conn_request+0x894 (0x4, 0x2000, 0x136ec00, 0x3a2b9a44040, 0x40e03960300, 0x40dedc247c0) ip:squeue_drain+0xe4 (0x300015ddec0, 0x40e2021c1c0, 0x411666de, 0x135f2c0, 0x3a2b9a44040, 0x3) ip:squeue_enter+0x358 (0x300015ddec0, 0x38fca5e0d80, 0x3000426b640, 0x3a2bd674c00, 0x0, 0x1) ip:tcp_wput - frame recycled I am still trying to work out if the crash is a symptom of the browsers resubmitting the failed requests and we've hit a Solaris bug that we haven't got a patch for, Or if the two errors are unrelated and it was coincidence that we panicked whilst having mod_jk errors. Any help/pointers in resolving the mod_jk error would be appreciated, I included the brief crash information as it may be relevant. Thanks Damien This e-mail transmission may contain information that is proprietary, privileged and/or confidential and is intended exclusively for the person(s) to whom it is addressed. Any use, copying, retention or disclosure by any person other than the intended recipient or the intended recipient's designees is strictly prohibited. If you are the intended recipient, you must treat the information in confidence and in accordance with all laws related to the privacy and confidentiality of such information. If you are not the intended recipient or their designee, please notify the sender immediately by return e-mail and delete all copies of this email, including all attachments. Intervoice, Inc. 17811 Waterview Parkway Dallas, TX 75252 USA Intervoice Limited, Registered in England and Wales with number 2601740, 50 Park Road, Gatley, Cheshire, SK8 4HZ. VAT Number: 560421375 Intervoice GmbH, Hagenauer Straße 55, 65203 Wiesbaden, Sitz der Gesellschaft: Wiesbaden, Handelsregister: HRB 8186 (Amtsgericht Wiesbaden), Geschäftsführer: Richard Arnold.
Re: Problem with form based JSP authentication using Firefox with Tomcat
Luke McMahon wrote: Thanks again P, Can you include the source of /index.html and /members/index.html (is it html or JSP?) p Yeah I actually already had the meta tags at the top, and modified everything to match your example exactly. I also tried using separate login and error pages with no noticeable difference. Here are the http responses to the member page GET. I'm not well versed in this stuff, but it seems like the cache-control info is ok but it thinks the page has not been modified when the re-login fails: Success: - http://localhost:8080/members/ GET /members/ HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://localhost:8080/members/ Cookie: JSESSIONID=533286C2B979BBF186A7D69AAAE33746 Cache-Control: max-age=0 HTTP/1.x 200 OK Server: Apache-Coyote/1.1 Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 10:00:00 EST Etag: W/2807-1188956843361 Last-Modified: Wed, 05 Sep 2007 01:47:23 GMT Content-Type: text/html Content-Length: 2807 Date: Wed, 05 Sep 2007 02:03:55 GMT Failure: - http://localhost:8080/members/ GET /members/ HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://localhost:8080/members/ Cookie: JSESSIONID=FF03B0286AA97B1A603A05A1E402728D Cache-Control: max-age=0 HTTP/1.x 304 Not Modified Server: Apache-Coyote/1.1 Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 10:00:00 EST Etag: W/2807-1188956843361 Date: Wed, 05 Sep 2007 02:04:23 GMT Date: Wed, 5 Sep 2007 09:46:53 +0100 From: [EMAIL PROTECTED] To: users@tomcat.apache.org Subject: Re: Problem with form based JSP authentication using Firefox with Tomcat Are you saying you tried what I suggested, or that you have already tried it? It seems like the problem is a caching issue to me. What URL are you trying to access to trigger the login - you're not accessing the login.jsp directly are you? (I have to ask...) In the second instance the browser is setting JSESSIONID as a cookie, instead of as a URL parameter, but that shouldn't make a difference. The response.encodeURL method only encodes the URL with JSESSIONID if it can't see the same value in a cookie in the request. The value of JSESSIONID *may* change with each new session, but it won't be created until you hit a JSP. So the first time it's only created when you hit login.jsp, where it's encoded in the URL because no previous session id was found in the URL or cookie. The cookie still exists locally after you logout, until you close the browser down, so it's not added to the URL the second time round, but as the existing ID is an invalid session it triggers the authentication valve. You should compare the server response headers rather than the request headers, to see if the server is correctly sending the Cache-Control info. p Luke McMahon wrote: Thanks p (hope this is formatted better!) I tried this without success. I've attached the livehttpheader output below. What seems to happen in Firefox is the first time I go to the login page, it passes the jsessionid to j_security_check. If I then invalidate the session, and go to log in again, it calls j_security_check without this identifier. This might be why I'm not getting redirected to the member page, but I'm not sure of that. Like I said, this works fine in IE, but firefox still seems to either be losing its bundle after the session is invalidated or incorrectly caching the login page as the member page I'm trying to access. I've just cut and pasted the differences between the headers of the successful login, and the unsuccessful login (ie. no redirect). Success: - http://localhost:8080/members/ GET /members/ HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://localhost:8080/index.htm Failure:
Re: Quartz
Andrew Hole wrote: I can't find an example of using Quartz to scheduling jobs on Tomcat Web application. Someone already work with Quartz? Could you share a hello world sample? Thanks a lot http://www.opensymphony.com/quartz/wikidocs/Tutorial.html http://www.opensymphony.com/quartz/wikidocs/QuickStart.html http://forums.opensymphony.com/search.jspa?threadID=q=tomcatobjID=f6dateRange=last90daysuserID=numResults=15rankBy=10001 Google is your friend. p smime.p7s Description: S/MIME Cryptographic Signature
Re: POST data lost when switching URL using mod_rewrite and mod_jk
Michael Böckling wrote: http page = form post to http url = rewrite url to https, switch to SSL = display https url What do you mean by 'rewrite url to https, switch to SSL '? Do you send HTTP redirect? If so, POST data is obviously lost. In other case, if you do not send redirect, why do you switch to SSL on server side? -- Mikolaj Rydzewski [EMAIL PROTECTED] smime.p7s Description: S/MIME Cryptographic Signature
Re: Quartz
I found something interesting, maybe is what I need! Spring and Quartz together is a good solution but I don't want another component in my java web application. What's your opinion? 1) It would be helpful to show an example of how to configure Quartz to work without a custom servlet. It can be done and is probably the most likely way people will use it within a J2EE application. I recently implemented something like this, and had to figure it out for myself since the Quartz docs weren't very explicit. Basically, you -Configure your web app to use the Quartz initializer servlet, loading on startup. For example (from web.xml): servlet servlet-namequartz/servlet-name display-nameQuartz Initializer Servlet/display-name servlet-classorg.quartz.ee.servlet.QuartzInitializerServlet /servlet-class load-on-startup1/load-on-startup /servlet -Add a quartz.properties file to your classpath, indicating how jobs will be loaded (as well as the quartz system properties). For example (from quartz.properties): org.quartz.plugin.jobInitializer.class = org.quartz.plugins.xml.JobInitializationPlugin org.quartz.plugin.jobInitializer.fileName = quartz-jobs.xml org.quartz.plugin.jobInitializer.overWriteExistingJobs = true org.quartz.plugin.jobInitializer.failOnFileNotFound = true -Add an xml file configuring your jobs and triggers, using the file name specified under the org.quartz.plugin.jobInitializer.fileName property. For example (from quartz-jobs.xml, in this case): job job-detail namealertJob/name groupalertJobs/group job-classcom.somecompany.AlertJob/job-class volatilityfalse/volatility durabilityfalse/durability recoverfalse/recover /job-detail trigger cron namedailyTrigger/name groupalertTriggers/group job-namealertJob/job-name job-groupalertJobs/job-group !-- every night at 2:15AM, M-F -- cron-expression0 15 2 ? * MON-FRI/cron-expression /cron /trigger /job Again, I think this is the most flexible, easy to use way to implement quartz, and I'm surprised it's not documented better. In most systems I use, I don't want to hard-code something like a scheduled process that might be subject to frequent scheduling change. 2) The author mentions the userThreads setting for application servers to allow Quartz to use user threads. Unfortunately, I'm kind of thread-dumb, so I don't exactly know what this means or why it's important. What happens if Quartz is deployed without this setting? What implications does this setting have to other aspects of server performance (will it cause a conflict with some other setting)? I actually am in the middle of deploying an app that uses Quartz on OC4J and would like to be aware of the implications and necessity of this setting. On 9/6/07, Pid [EMAIL PROTECTED] wrote: Andrew Hole wrote: I can't find an example of using Quartz to scheduling jobs on Tomcat Web application. Someone already work with Quartz? Could you share a hello world sample? Thanks a lot http://www.opensymphony.com/quartz/wikidocs/Tutorial.html http://www.opensymphony.com/quartz/wikidocs/QuickStart.html http://forums.opensymphony.com/search.jspa?threadID=q=tomcatobjID=f6dateRange=last90daysuserID=numResults=15rankBy=10001 Google is your friend. p On 9/6/07, Pid [EMAIL PROTECTED] wrote: Andrew Hole wrote: I can't find an example of using Quartz to scheduling jobs on Tomcat Web application. Someone already work with Quartz? Could you share a hello world sample? Thanks a lot http://www.opensymphony.com/quartz/wikidocs/Tutorial.html http://www.opensymphony.com/quartz/wikidocs/QuickStart.html http://forums.opensymphony.com/search.jspa?threadID=q=tomcatobjID=f6dateRange=last90daysuserID=numResults=15rankBy=10001 Google is your friend. p
Re: How to get Request from RequestFacade
Don't know -- maybe one of the devs that monitor the list can offer some help. I'm still unclear as to why you need access those object. If you could say more about that, someone might be able to offer a better way to do what you want. --David Tremal Naik wrote: 2007/9/6, Tremal Naik [EMAIL PROTECTED]: ok, I don't need to modify the Request or Response. I'm trying to read them. by the way, I'd be glad if I was able to read the StandardSession. I mean, even if it's not possible reading the Request, maybe it's easier accessing the Session behind the StandardSessionFacade. Thanks, - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat memory issues
From: news [mailto:[EMAIL PROTECTED] On Behalf Of Morten Subject: Tomcat memory issues Are there any way to stop Tomcat from cached these large byte[] internally? If you look near the end of conf/catalina.properties, you'll see some caching enable/disable lines; you might try turning off the one for byte and see what happens. I haven't tried this, so I don't really know if it will help or what effect it will have on performance or any other operational characteristic. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Differentiate Tomcat 6.x with Tomcat 5.x
Hohoho, Happy Christmas! By the way: Read the fucking manual! lg Clemens 2007/9/3, MOHD SUFIAN BIN ZAKARIAH ZAKARIAH [EMAIL PROTECTED]: Hello I have something question about Tomcat version. I want to know that Tomcat 6.x have difference with Tomcat 5.x and other. Can give explaination about function both of Tomcat. Thank you for all cooperation. - Bosan dengan spam? Mel Yahoo! memiliki perlindungan spam yang terbaik http://my.mail.yahoo.com/ - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_jk errors and http status code 503 under load
Damien Corbishley wrote: Hi, I'm getting stuck with an error we are seeing on our production server under load. We upgraded our combination of Apache,Tomcat,Java all running on Solaris 10 to Apache 2_2.0.55.build2 This doesn't sound like a real Apache httpd version. You can check the real version with httpd -V or when using log level info in the error log of httpd. Worker or prefork MPM? Tomcat 5.5.23 Java 1.5.0_06-b05 If you are in a general update situation, switch to 1.5.0_12 or whatever seems to be recent and not only a couple days old. And finally mod_jk-version? Our Apache Tomcat connector is AJP/1.3. What's the configuration of the connector element in server.xml? It's all installed on the same server, we have no tomcat clusters and no load balancers. With a few (10) concurrent users accessing the various JSP's everything worked as expected, all our functional tests passed. We opened more up live traffic to the server and starting seeing the following error message: [Thu Sep 06 02:23:00 2007] [error] ajp_service::jk_ajp_common.c (1758): Error connecting to tomcat. Tomcat is probably not started or is listening on the wrong port. worker=worker1 failed Is Tomcat on the same machine, or on another one? What do you get for netstat -an| grep TOMCATPORT where you replace TOMCATPORT with the port number your Tomcat AJP connector listens on? How many ESTABLISHED, how many of other states (SYN_SENT, CLOSE_WAIT etc.)? What's you mod_jk configuration? On the client side this was being reported as a 503 and our intelligent browser was re-submitting the request and generally, on the second time, the request would be successful. After an hour we then had a Solaris panic, and after analyzing the crash using scat I can see that the cause was: Solaris panic looks very bad. I would definitely open a bug with sun. I'm not saying that the original problem is there, but it is very unusual, that the whole system panics. panic string: BAD TRAP: type=9 rp=2a1015332d0 addr=0 mmu_fsr=0 and looking further into the trap, it seems to be network related. trapip:tcp_conn_request+0x894 (0x4, 0x2000, 0x136ec00, 0x3a2b9a44040, 0x40e03960300, 0x40dedc247c0) ip:squeue_drain+0xe4 (0x300015ddec0, 0x40e2021c1c0, 0x411666de, 0x135f2c0, 0x3a2b9a44040, 0x3) ip:squeue_enter+0x358 (0x300015ddec0, 0x38fca5e0d80, 0x3000426b640, 0x3a2bd674c00, 0x0, 0x1) ip:tcp_wput - frame recycled I am still trying to work out if the crash is a symptom of the browsers resubmitting the failed requests and we've hit a Solaris bug that we haven't got a patch for, Or if the two errors are unrelated and it was coincidence that we panicked whilst having mod_jk errors. Any help/pointers in resolving the mod_jk error would be appreciated, I included the brief crash information as it may be relevant. Thanks Damien Regards, Rainer - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Differentiate Tomcat 6.x with Tomcat 5.x
Now that was just plain unnecessary. Sure it was a lazy question, but you could always just delete it. --David Clemens Eisserer wrote: Hohoho, Happy Christmas! By the way: Read the fucking manual! lg Clemens 2007/9/3, MOHD SUFIAN BIN ZAKARIAH ZAKARIAH [EMAIL PROTECTED]: Hello I have something question about Tomcat version. I want to know that Tomcat 6.x have difference with Tomcat 5.x and other. Can give explaination about function both of Tomcat. Thank you for all cooperation. - Bosan dengan spam? Mel Yahoo! memiliki perlindungan spam yang terbaik http://my.mail.yahoo.com/ - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat Farm Deployment and Statistics
From: bajistaman [mailto:[EMAIL PROTECTED] Subject: Tomcat Farm Deployment and Statistics Is there a way to distribute the deployment of an application through many tomcat's farm instances in different machines setting a context path that is different than the war's name? If you want a path different from the name of the .war file, then the webapp must be located outside of any Host element's appBase directory. The webapp is then deployed by creating a conf/Catalina/[host]/[appPath].xml file containing a Context element with an appropriate docBase attribute. (This will override any META-INF/context.xml file that's inside the webapp.) You'll have to do this on each Tomcat instance, of course, but the whole process can be scripted as needed. Is there a way to centrally collect statistics of usage of all of the tomcat's farm instances? You got me - I'm a city boy. Filip? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_jk - connectionTimeout en connection_pool_timeout
Hi Henk, Henk Fictorie wrote: Hi, We are using mod_jk 1.2.21 on Solaris 8. together Apache 2.0.59 with the worker MPM. We are moving our applicationserver to a new version which is also using a new Tomcat version. We now have a split application which is using both Tomcat 5.0 and the other part is using Tomcat 5.5. For tomcat 5.5 we set the connectionTimeout to 10 minutes, for 5.0 it is set to 0 (infinite) For Tomcat 5.0 we see lots more ESTABLISHED connections than for Tomcat 5.5. While I expected it to be the same. Hmmm. Maybe I'm missing the point, but I would not share your expectation: if you disable the idle connection timeout for TC 5.0, we will keep the idle connections around for a long time. OK, you've got an idle timeout on the JK side, but it will shrink the pool only until half of its maximum size. E.g. if you allow 25 threads per process with httpd, the pool will never shrink smaller than 13 connections (unless it didn't yet grow to this size) per process. Of course, since you didn't give us numbers, I'm not sure if this suffices to explain your observation. For the Tomcat 5.0 connections we do not see any errors (except for client errors). For the Tomcat 5.5 connections we see errors occuring, claiming that it cannot connect to Tomcat: [Thu Sep 06 09:17:15 2007] [2735:0061] [info] ajp_send_request::jk_ajp_common.c (1215): dummy) error sending request. Will try another pooled connection [Thu Sep 06 09:17:15 2007] [2735:0061] [info] ajp_send_request::jk_ajp_common.c (1241): (dummy) all endpoints are disconnected [Thu Sep 06 09:17:15 2007] [2735:0061] [info] ajp_send_request::jk_ajp_common.c (1244): (dummy) increase the backend idle connection timeout or the connection_pool_minsize [Thu Sep 06 09:17:15 2007] [2735:0061] [info] ajp_service::jk_ajp_common.c (1930): (dummy) sending request to tomcat failed, recoverable operation attempt=1 [Thu Sep 06 09:17:15 2007] [2735:0061] [error] ajp_service::jk_ajp_common.c (1942): (dummy) Connecting to tomcat failed. Tomcat is probably not started or is listening on the wrong port [Thu Sep 06 09:17:15 2007] [2735:0061] [info] service::jk_lb_worker.c (1023): service failed, worker dummy is in error state most of those are only info messages. They are telling us, that jk tried to use a connection, that has already been closed by Tomcat. Only the last line is an error. Usually a closed connection is not a problem, we simply search for another one in the connection cache. If we can't find an open connection, we use retry number 2 to open a new one. Since you set retries to 1, this will not happen. On the mod_jk side of things we use the same settings for both applications: worker.maintain=60 # worker template worker.template.type=ajp13 worker.template.port= worker.template.lbfactor=50 worker.template.connection_pool_timeout=600 worker.template.socket_timeout=62 worker.template.connect_timeout=3 worker.template.prepost_timeout=3 worker.template.recovery_options=0 worker.template.reply_timeout=60 worker.template.retries=1 On the tomcat 5.0 side the connectionTimeout is set to 0 (infinite) Connector className=org.apache.coyote.tomcat5.CoyoteConnector port= minProcessors=5 maxProcessors=500 acceptCount=10 debug=0 enableLookups=true redirectPort=8443 connectionTimeout=0 useURIValidationHack=false protocolHandlerClassName=org.apache.jk.server.JkCoyoteHandler / On the tomcat 5.5 site the connectionTimeout is set to 10 minutes: Connector port= address=a.b.c.d enableLookups=false emptySessionPath=true minSpareThreads=20 maxThreads=750 acceptCount=10 connectionTimeout=60 redirectPort=8443 debug=0 protocol=AJP/1.3 / So, on the timeout settings for Tomcat 5.5 I am using the recommended values described in the 'timeouts howto' section. The info messages suggest that I should increase the connectionTimeout on the Tomcat side. Probably to some value (connection_pool_timeout + worker.maintain)?? Or should I set the connection_pool_minsize to match the minSpareThreads?? Or upgrade to mod_jk 1.2.25?? Advice is welcome. regards Henk Fictorie Regards, Rainer - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: mod_jk errors and http status code 503 under load
Hi Rainer, Apache: Server version: Apache/2.0.55 Server built: Mar 5 2007 11:10:17 Server's Module Magic Number: 20020903:11 Yes, we are thinking about updating the Java, I was in the process of checking the release notes to see if anything specific was mentioned. Mod JK: mod_jk/1.2.15 Worker or prefork MPM? - I don't understand the question, sorry. Connector port=8009 enableLookups=false redirectPort=8443 protocol=AJP/1.3 acceptCount=50 minSpareThreads=240 maxThreads=950 backlog=50 address=127.0.0.1 debug=0 / Tomcat is installed on the same machine as Apache. With respect to the number of connections to the tomcat port I can't give a complete answer - looking at the crash I can see there are around 4000 stuck at TIME_WAIT. Another 30 or so are at ESTABLISHED. The mod jk configuration: ## THIS FILE MAY BE OVERRIDEN AT RUNTIME. MAKE SURE TOMCAT IS STOPED ## WHEN YOU EDIT THE FILE. ## COMMENTS WILL BE _LOST_ ## DOCUMENTATION OF THE FORMAT IN JkMain javadoc. # Set the desired handler list # handler.list=apr,request,channelJni # # Override the default port for the socketChannel # channelSocket.port=8019 # Default: # channelUnix.file=${jkHome}/work/jk2.socket # Just to check if the the config is working # shm.file=${jkHome}/work/jk2.shm # In order to enable jni use any channelJni directive # channelJni.disabled = 0 # And one of the following directives: # apr.jniModeSo=/opt/apache2/modules/mod_jk2.so # If set to inprocess the mod_jk2 will Register natives itself # This will enable the starting of the Tomcat from mod_jk2 # apr.jniModeSo=inprocess bash-3.00# cat ./callflow-server/webserver/conf/workers.properties workers.apache_log=/usr/local/apache2 workers.tomcat_home=/opt/tomcat workers.java_home=/usr/j2se/ worker.list= worker1 worker.worker1.type=ajp13 worker.worker1.host=127.0.0.1 worker.worker1.port=8009 worker.worker1.lbfactor=2.5 # Number of concurrent users. worker.worker1.cachesize=950 worker.worker1.cache_timeout=600 worker.worker1.socket_timeout=300 Yes, I agree with you about contacting SUN, I'm digging out our service plan at the moment. Damien -Original Message- From: Rainer Jung [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 3:42 PM To: Tomcat Users List Subject: Re: mod_jk errors and http status code 503 under load Damien Corbishley wrote: Hi, I'm getting stuck with an error we are seeing on our production server under load. We upgraded our combination of Apache,Tomcat,Java all running on Solaris 10 to Apache 2_2.0.55.build2 This doesn't sound like a real Apache httpd version. You can check the real version with httpd -V or when using log level info in the error log of httpd. Worker or prefork MPM? Tomcat 5.5.23 Java 1.5.0_06-b05 If you are in a general update situation, switch to 1.5.0_12 or whatever seems to be recent and not only a couple days old. And finally mod_jk-version? Our Apache Tomcat connector is AJP/1.3. What's the configuration of the connector element in server.xml? It's all installed on the same server, we have no tomcat clusters and no load balancers. With a few (10) concurrent users accessing the various JSP's everything worked as expected, all our functional tests passed. We opened more up live traffic to the server and starting seeing the following error message: [Thu Sep 06 02:23:00 2007] [error] ajp_service::jk_ajp_common.c (1758): Error connecting to tomcat. Tomcat is probably not started or is listening on the wrong port. worker=worker1 failed Is Tomcat on the same machine, or on another one? What do you get for netstat -an| grep TOMCATPORT where you replace TOMCATPORT with the port number your Tomcat AJP connector listens on? How many ESTABLISHED, how many of other states (SYN_SENT, CLOSE_WAIT etc.)? What's you mod_jk configuration? On the client side this was being reported as a 503 and our intelligent browser was re-submitting the request and generally, on the second time, the request would be successful. After an hour we then had a Solaris panic, and after analyzing the crash using scat I can see that the cause was: Solaris panic looks very bad. I would definitely open a bug with sun. I'm not saying that the original problem is there, but it is very unusual, that the whole system panics. panic string: BAD TRAP: type=9 rp=2a1015332d0 addr=0 mmu_fsr=0 and looking further into the trap, it seems to be network related. trapip:tcp_conn_request+0x894 (0x4, 0x2000, 0x136ec00, 0x3a2b9a44040, 0x40e03960300, 0x40dedc247c0) ip:squeue_drain+0xe4 (0x300015ddec0, 0x40e2021c1c0, 0x411666de, 0x135f2c0, 0x3a2b9a44040, 0x3) ip:squeue_enter+0x358 (0x300015ddec0, 0x38fca5e0d80, 0x3000426b640, 0x3a2bd674c00, 0x0, 0x1) ip:tcp_wput - frame recycled I am still trying to work out if the crash is a symptom of the browsers
RE: POST data lost when switching URL using mod_rewrite and mod_jk
Ok, that makes it clear to me. Thanks for the exhaustive reply! Btw., I didn't configure the servers, I'm just trying to get my forms data through and understand as much as possible. :-) So I switched to GET, but again, I ran into issues, this time it is character-encoding related. The Tomcats all have URIEncoding=UTF-8 set, and it works whithout the rewrite-induced redirect. But when redirect is used, the following happens: The parameter führung becomes f%C3%BChrung in my JSPs. I did AddDefaultEncoding UTF-8 in my Apache config, that doesn't help. Is there a configuration option for mod_rewrite or mod_jk that I have to set to make it work? I tried the ForwardURIxxx options on my mod_jk, but they didn't help. Any Ideas? Thanks a lot for the help so far! Regards, Michael -Original Message- From: Rainer Jung [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 4:35 PM To: Tomcat Users List Subject: Re: POST data lost when switching URL using mod_rewrite and mod_jk Example from http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html 10.3.2 301 Moved Permanently The requested resource has been assigned a new permanent URI and any future references to this resource SHOULD use one of the returned URIs. Clients with link editing capabilities ought to automatically re-link references to the Request-URI to one or more of the new references returned by the server, where possible. This response is cacheable unless indicated otherwise. The new permanent URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s). If the 301 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued. Note: When automatically redirecting a POST request after receiving a 301 status code, some existing HTTP/1.0 user agents will erroneously change it into a GET request. So if you are using HTTp Redirect, check your Apache access log. It's likely you will notice, that the browser switched from a POST to a GET during the redirect and the POST Body isn't send by the Browser. Nothing we could do in this case on the server side. You should try to identify a GET which sits before the POST in your clickstream and do the redirect already there (like e.g. when the browser tries to retrieve the empty form before it tries to send the contents). Regards, Rainer Michael Böckling wrote: Hi folks! I Have the following setup: Apache/2.2.4 mod_ssl/2.2.4 mod_jk/1.2.25 mod_rewrite (?) Apache Tomcat 5.5.23 Browser == Apache + mod_rewrite == mod_jk == Tomcat This is a Linux machine, and mod_rewrite is used to switch to SSL on certain URLs. Problem: the POST data is lost whenever a form on a http page sends data to a page that gets its URL rewritten to https. This goes as folllows: http page = form post to http url = rewrite url to https, switch to SSL = display https url No data arrives when using POST! I know there is a bug that limits the maximum post size to x KB, but in my case, the post data is a just a few text fields. Any idea as to why this happens? Regards, Michael - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Integration with Apache
Hi New to the list here :) I have a server setup as follows: Apache - mod_jk2 - tomcat There are a number of webapps served by tomcat: /ROOT - available on http://www.mydomainname.com/ /webapp2 -available on http://www.mydomainname.com/webapp2 /webapp3 - available on http://www.mydomainame.com/webapp3 Now this all works fine, but now I need to add a php forum site onto the server on the same domain name and have it served on http://www.mydomainname.com/forum Trouble is that I cannot for the life of me figure out how to configure this without moving my /ROOT webapp off the URL http://www.mydomainname.com/ and into a subdirectory. Can anyone confirm whether what I want to do is at all possible, and if so give any pointers as to where i need to be looking to configure it? Thanks Ed
Re: mod_jk - connectionTimeout en connection_pool_timeout
Rainer, Thanks for your response. You mentioned our setting of retries=1, so I reread the documentation to find out that it actually means 'no retries'. I have now commented out that line, so it will get the default value of 2. It will let you know if it helped. regards Henk Rainer Jung-3 wrote: Hi Henk, Henk Fictorie wrote: Hi, We are using mod_jk 1.2.21 on Solaris 8. together Apache 2.0.59 with the worker MPM. We are moving our applicationserver to a new version which is also using a new Tomcat version. We now have a split application which is using both Tomcat 5.0 and the other part is using Tomcat 5.5. For tomcat 5.5 we set the connectionTimeout to 10 minutes, for 5.0 it is set to 0 (infinite) For the Tomcat 5.0 connections we do not see any errors (except for client errors). For the Tomcat 5.5 connections we see errors occuring, claiming that it cannot connect to Tomcat: [Thu Sep 06 09:17:15 2007] [2735:0061] [info] ajp_send_request::jk_ajp_common.c (1215): dummy) error sending request. Will try another pooled connection [Thu Sep 06 09:17:15 2007] [2735:0061] [info] ajp_send_request::jk_ajp_common.c (1241): (dummy) all endpoints are disconnected [Thu Sep 06 09:17:15 2007] [2735:0061] [info] ajp_send_request::jk_ajp_common.c (1244): (dummy) increase the backend idle connection timeout or the connection_pool_minsize [Thu Sep 06 09:17:15 2007] [2735:0061] [info] ajp_service::jk_ajp_common.c (1930): (dummy) sending request to tomcat failed, recoverable operation attempt=1 [Thu Sep 06 09:17:15 2007] [2735:0061] [error] ajp_service::jk_ajp_common.c (1942): (dummy) Connecting to tomcat failed. Tomcat is probably not started or is listening on the wrong port [Thu Sep 06 09:17:15 2007] [2735:0061] [info] service::jk_lb_worker.c (1023): service failed, worker dummy is in error state most of those are only info messages. They are telling us, that jk tried to use a connection, that has already been closed by Tomcat. Only the last line is an error. Usually a closed connection is not a problem, we simply search for another one in the connection cache. If we can't find an open connection, we use retry number 2 to open a new one. Since you set retries to 1, this will not happen. On the mod_jk side of things we use the same settings for both applications: worker.maintain=60 # worker template worker.template.type=ajp13 worker.template.port= worker.template.lbfactor=50 worker.template.connection_pool_timeout=600 worker.template.socket_timeout=62 worker.template.connect_timeout=3 worker.template.prepost_timeout=3 worker.template.recovery_options=0 worker.template.reply_timeout=60 worker.template.retries=1 regards Henk Fictorie Regards, Rainer - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/mod_jk---connectionTimeout-en-connection_pool_timeout-tf4390617.html#a12524923 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to get Request from RequestFacade
2007/9/6, David Smith [EMAIL PROTECTED]: help. I'm still unclear as to why you need access those object. If you could say more about that, someone might be able to offer a better way to do what you want. ok, I need to access some of the Catalina Session specific features. In the Valve invoke() method I perform a call like the following: // update last access for this session Session catalinaSession = request.getSessionInternal(false); catalinaSession.access(); This is very easy to do with an HttpSession as well, but there are other things that come easy with Catalina objects and I'm not able to realise using J2EE specific interfaces, i.e.: // get all sessions active for this manager Session[] managedSessions = request.getContext().getManager().findSessions(); // find a session by ID Session session = request.getContext().getManager().findSession(id); // access the security realm Realm realm = request.getContext().getRealm(); Hence, I'd like to know if I can perform the above operations in a J2ee Filter doFilter() method. Thanks TN - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat memory issues
If you don't want to cache internally then you need a distributed caching scheme. There is an open source solution from the guys at Terracotta.org they call Network Attached Memory. Basically you can deploy a virtual heap against disk and make your memory as big as you want. They built all sorts of drop in config modules already: https://wiki.terracotta.org/confluence/display/integrations/Home. Hope this helps. Dwayne Go Open Source On 9/6/07, Caldarale, Charles R [EMAIL PROTECTED] wrote: From: news [mailto:[EMAIL PROTECTED] On Behalf Of Morten Subject: Tomcat memory issues Are there any way to stop Tomcat from cached these large byte[] internally? If you look near the end of conf/catalina.properties, you'll see some caching enable/disable lines; you might try turning off the one for byte and see what happens. I haven't tried this, so I don't really know if it will help or what effect it will have on performance or any other operational characteristic. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
synchronous stop of tomcat
Using: $CATALINA_HOME/bin/catalina.sh stop $CATALINA_HOME/bin/catalina.sh start in quick succession to restart Tomcat, it is possible that the start operation will run before all ports have been released by the instance I'm stopping. Is there a synchronous method for stopping Tomcat, i.e. one that won't return until the ports have been released at least? Cheers, Derek -- View this message in context: http://www.nabble.com/synchronous-stop-of-tomcat-tf4392954.html#a12525265 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: POST data lost when switching URL using mod_rewrite and mod_jk
I know that's not the answer you like: but why aren't you switching to https before it gets complicated, i.e. when a simple request is coming in, like for the form page itself? To debug the problem you described, we would have to find out, at which stage the problem starts: - is the Location header apache httpd sends back for the redirect still OK? You can check with a commandline client like e.g. curl. - if so, is the second request as decoded by apache OK? The access log might give an idea about that - if so, is the forwarded request from mod_jk to Tomcat OK (JkLogLevel debug shows a line ...service... which containes the forwarded URL at the end) Regards, Rainer Michael Böckling wrote: Ok, that makes it clear to me. Thanks for the exhaustive reply! Btw., I didn't configure the servers, I'm just trying to get my forms data through and understand as much as possible. :-) So I switched to GET, but again, I ran into issues, this time it is character-encoding related. The Tomcats all have URIEncoding=UTF-8 set, and it works whithout the rewrite-induced redirect. But when redirect is used, the following happens: The parameter führung becomes f%C3%BChrung in my JSPs. I did AddDefaultEncoding UTF-8 in my Apache config, that doesn't help. Is there a configuration option for mod_rewrite or mod_jk that I have to set to make it work? I tried the ForwardURIxxx options on my mod_jk, but they didn't help. Any Ideas? Thanks a lot for the help so far! Regards, Michael -Original Message- From: Rainer Jung [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 4:35 PM To: Tomcat Users List Subject: Re: POST data lost when switching URL using mod_rewrite and mod_jk Example from http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html 10.3.2 301 Moved Permanently The requested resource has been assigned a new permanent URI and any future references to this resource SHOULD use one of the returned URIs. Clients with link editing capabilities ought to automatically re-link references to the Request-URI to one or more of the new references returned by the server, where possible. This response is cacheable unless indicated otherwise. The new permanent URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s). If the 301 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued. Note: When automatically redirecting a POST request after receiving a 301 status code, some existing HTTP/1.0 user agents will erroneously change it into a GET request. So if you are using HTTp Redirect, check your Apache access log. It's likely you will notice, that the browser switched from a POST to a GET during the redirect and the POST Body isn't send by the Browser. Nothing we could do in this case on the server side. You should try to identify a GET which sits before the POST in your clickstream and do the redirect already there (like e.g. when the browser tries to retrieve the empty form before it tries to send the contents). Regards, Rainer Michael Böckling wrote: Hi folks! I Have the following setup: Apache/2.2.4 mod_ssl/2.2.4 mod_jk/1.2.25 mod_rewrite (?) Apache Tomcat 5.5.23 Browser == Apache + mod_rewrite == mod_jk == Tomcat This is a Linux machine, and mod_rewrite is used to switch to SSL on certain URLs. Problem: the POST data is lost whenever a form on a http page sends data to a page that gets its URL rewritten to https. This goes as folllows: http page = form post to http url = rewrite url to https, switch to SSL = display https url No data arrives when using POST! I know there is a bug that limits the maximum post size to x KB, but in my case, the post data is a just a few text fields. Any idea as to why this happens? Regards, - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_jk errors and http status code 503 under load
Damien Corbishley wrote: Hi Rainer, Apache: Server version: Apache/2.0.55 Server built: Mar 5 2007 11:10:17 Server's Module Magic Number: 20020903:11 Yes, we are thinking about updating the Java, I was in the process of checking the release notes to see if anything specific was mentioned. Mod JK: mod_jk/1.2.15 OK, 1.2.15 is a little antique. At the moment we reached 1.2.25. Worker or prefork MPM? - I don't understand the question, sorry. MPM = Multi processing module prefork = multiple processes, but only one thread per process worker = multiple processes with a couple of threads per process (default=25) The strings prefork or worker are also cintained in the output of httpd -V. Example: ... Server compiled with -D APACHE_MPM_DIR=server/mpm/prefork ... Connector port=8009 enableLookups=false redirectPort=8443 protocol=AJP/1.3 acceptCount=50 minSpareThreads=240 maxThreads=950 backlog=50 address=127.0.0.1 debug=0 / You should have a connectionTimeout. Tomcat is installed on the same machine as Apache. With respect to the number of connections to the tomcat port I can't give a complete answer - looking at the crash I can see there are around 4000 stuck at TIME_WAIT. Another 30 or so are at ESTABLISHED. All of those 4000 TIME_WAIT for port 8009? That would be very much, indicating, that you are rapidly opening and closing the connections between Apache/mod_jk and tomcat. Those connections are supposed to be reused for some time. The mod jk configuration: This file only consits of comments? ## THIS FILE MAY BE OVERRIDEN AT RUNTIME. MAKE SURE TOMCAT IS STOPED ## WHEN YOU EDIT THE FILE. ## COMMENTS WILL BE _LOST_ ## DOCUMENTATION OF THE FORMAT IN JkMain javadoc. # Set the desired handler list # handler.list=apr,request,channelJni # # Override the default port for the socketChannel # channelSocket.port=8019 # Default: # channelUnix.file=${jkHome}/work/jk2.socket # Just to check if the the config is working # shm.file=${jkHome}/work/jk2.shm # In order to enable jni use any channelJni directive # channelJni.disabled = 0 # And one of the following directives: # apr.jniModeSo=/opt/apache2/modules/mod_jk2.so # If set to inprocess the mod_jk2 will Register natives itself # This will enable the starting of the Tomcat from mod_jk2 # apr.jniModeSo=inprocess bash-3.00# cat ./callflow-server/webserver/conf/workers.properties workers.apache_log=/usr/local/apache2 This attribute never existed (so it's ignored). workers.tomcat_home=/opt/tomcat workers.java_home=/usr/j2se/ Thos two don't have a meaning any more. worker.list= worker1 worker.worker1.type=ajp13 worker.worker1.host=127.0.0.1 worker.worker1.port=8009 worker.worker1.lbfactor=2.5 Not needed, if you are not using a JK load balancer. If you upgrade and later want to use a JK load balancer: newer JK versions use integer numbers here. # Number of concurrent users. worker.worker1.cachesize=950 worker.worker1.cache_timeout=600 So set connectionTimeout in the AJP connector (server.xml) to 60 (Milliseconds). worker.worker1.socket_timeout=300 Yes, I agree with you about contacting SUN, I'm digging out our service plan at the moment. I don't see a good reason, why you should get those error messages for this configuration. But you should update to a more recent mod_jk in order to research this problem from a better starting point (and maybe it will be gone). Damien -Original Message- From: Rainer Jung [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 3:42 PM To: Tomcat Users List Subject: Re: mod_jk errors and http status code 503 under load Damien Corbishley wrote: Hi, I'm getting stuck with an error we are seeing on our production server under load. We upgraded our combination of Apache,Tomcat,Java all running on Solaris 10 to Apache 2_2.0.55.build2 This doesn't sound like a real Apache httpd version. You can check the real version with httpd -V or when using log level info in the error log of httpd. Worker or prefork MPM? Tomcat 5.5.23 Java 1.5.0_06-b05 If you are in a general update situation, switch to 1.5.0_12 or whatever seems to be recent and not only a couple days old. And finally mod_jk-version? Our Apache Tomcat connector is AJP/1.3. What's the configuration of the connector element in server.xml? It's all installed on the same server, we have no tomcat clusters and no load balancers. With a few (10) concurrent users accessing the various JSP's everything worked as expected, all our functional tests passed. We opened more up live traffic to the server and starting seeing the following error message: [Thu Sep 06 02:23:00 2007] [error] ajp_service::jk_ajp_common.c (1758): Error connecting to tomcat. Tomcat is probably not started or is listening on the wrong port. worker=worker1 failed Is Tomcat on the
Re: Tomcat memory issues
Is it possible you're caching Request or Response objects somewhere and not releasing them? I just did a bunch of memory profiling and many of the classes you mention are the same classes I see when I open and don't close a bunch of connections to the server. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat 5.5.23: cannot return to login page??
Hi, My application uses MemoryRealm and FORM-based authentication. In the file tomcat-users.xml, there is an user called view, which belongs to role users. The role users is not included in web.xml of the application. If I try to login the application with the user view, I get an error: HTTP Status 403 - Access to the requested resource has been denied. I cannot go back to the login page. I have to close the brower or restart the server to see the login page. Clean the browser's cache is not working. It seems the authentication information is cached in the Tomcat server. Any idea? Regards, Cun -- View this message in context: http://www.nabble.com/Tomcat-5.5.23%3A-cannot-return-to-login-page---tf4393110.html#a12525873 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Can two Tomcat web apps deadlock each other?
From: Wm.A.Stafford [mailto:[EMAIL PROTECTED] Does the fact that this Tomcat behavior does not occur on the windows-based development server offer any clue as to what may be happening on the linux server when Tomcat hangs? I'm going to take a guess: server load. How heavily do you stress-test your webapp on the development server? What with? How many concurrent requests? - Peter - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Can two Tomcat web apps deadlock each other?
Peter, Thanks for replying. I don't think server load is a factor but I will look into it. What makes me think that load is probably not the cause is that when there are no startup errors everything starts and runs as normal in the normal amount of time. The problem occurs when one app fails during startup. For unknown reasons Tomcat either does not get notified of the failure and is left some sort of waiting state or Tomcat gets hung trying to shutdown the failed app. Thanks again for replying, -=beeky Peter Crowther wrote: From: Wm.A.Stafford [mailto:[EMAIL PROTECTED] Does the fact that this Tomcat behavior does not occur on the windows-based development server offer any clue as to what may be happening on the linux server when Tomcat hangs? I'm going to take a guess: server load. How heavily do you stress-test your webapp on the development server? What with? How many concurrent requests? - Peter - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Accessing the connection pool
Greetings I have web applications running connection pools under the name jdbc/connectionPool, and these web applications can connect without any problems. Now Im working on a security application, to be run as a client jar to the webapps. This jar does the lookup onto the multiple authentication data sources we have. Can the ConnectionFactory within the jar file access the Connection Pools set up by one of the web applications ? If not, any ideas how I can get a Connection Pool on the server that the jar file can access ? The jar file sits in the Tomcat 5.5\shared directory. At the moment, when I try it I get a naming exception : javax.naming.NameNotFoundException: Name jdbc is not bound in this Context Code in the connection factory : try { Context ctx = new InitialContext(); DataSource ds = (DataSource)ctx.lookup( java:comp/env/jdbc/connectionPool); if (ds != null) { conn = ds.getConnection(); if(conn != null) { LogManager.getInstance().logDebug(this.getClass(), Connection retrieved from jdbc/connectionPool.); } } } catch (SQLException ex) { throw new DAORuntimeException(DBConnectionFactory getConnection(), ex); } catch (NamingException ex) { throw new DAORuntimeException(DBConnectionFactory getConnection(), ex); } Code in the Context file : Context crossContext=true debug=5 path=/ipsl_app docBase=C:\dev\ipsl_app\build\web reloadable=true Resource name=jdbc/connectionPool auth=Container type=javax.sql.DataSource driverClassName=net.sourceforge.jtds.jdbc.Driver factory=org.apache.commons.dbcp.BasicDataSourceFactory user=removed password=removed maxIdle=2 maxWait=5000 url=removed maxActive=4 removeAbandoned=true removeAbandonedTimeout=60 logAbandoned=true/ /Context Thanks very much Scott _ Can you see your house from the sky? Try Live Search Maps http://maps.live.com - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat Farm Deployment and Statistics
Thanks Charles, I was reading about JMX and Tomcat and I wonder if is it better (more secure?) to do it at the low level as you suggested or by using the JMX API? Johann -- View this message in context: http://www.nabble.com/Tomcat-Farm-Deployment-and-Statistics-tf4391810.html#a12526752 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Quartz
Do as you know and as it is more convenient. I can't start with servlet-class org.quartz.ee.servlet. QuartzInitializerServlet /servlet-class init but when has tried spring - all has worked for 5 minutes. It is very pleased. In Quartz forum answer badly, it is lazy. In spring - it is very good. Support is much better. This my opinion ... 2007/9/6, Andrew Hole [EMAIL PROTECTED]: I found something interesting, maybe is what I need! Spring and Quartz together is a good solution but I don't want another component in my java web application. What's your opinion? 1) It would be helpful to show an example of how to configure Quartz to work without a custom servlet. It can be done and is probably the most likely way people will use it within a J2EE application. I recently implemented something like this, and had to figure it out for myself since the Quartz docs weren't very explicit. Basically, you -Configure your web app to use the Quartz initializer servlet, loading on startup. For example (from web.xml): servlet servlet-namequartz/servlet-name display-nameQuartz Initializer Servlet/display-name servlet-classorg.quartz.ee.servlet.QuartzInitializerServlet /servlet-class load-on-startup1/load-on-startup /servlet -Add a quartz.properties file to your classpath, indicating how jobs will be loaded (as well as the quartz system properties). For example (from quartz.properties): org.quartz.plugin.jobInitializer.class = org.quartz.plugins.xml.JobInitializationPlugin org.quartz.plugin.jobInitializer.fileName = quartz-jobs.xml org.quartz.plugin.jobInitializer.overWriteExistingJobs = true org.quartz.plugin.jobInitializer.failOnFileNotFound = true -Add an xml file configuring your jobs and triggers, using the file name specified under the org.quartz.plugin.jobInitializer.fileName property. For example (from quartz-jobs.xml, in this case): job job-detail namealertJob/name groupalertJobs/group job-classcom.somecompany.AlertJob/job-class volatilityfalse/volatility durabilityfalse/durability recoverfalse/recover /job-detail trigger cron namedailyTrigger/name groupalertTriggers/group job-namealertJob/job-name job-groupalertJobs/job-group !-- every night at 2:15AM, M-F -- cron-expression0 15 2 ? * MON-FRI/cron-expression /cron /trigger /job Again, I think this is the most flexible, easy to use way to implement quartz, and I'm surprised it's not documented better. In most systems I use, I don't want to hard-code something like a scheduled process that might be subject to frequent scheduling change. 2) The author mentions the userThreads setting for application servers to allow Quartz to use user threads. Unfortunately, I'm kind of thread-dumb, so I don't exactly know what this means or why it's important. What happens if Quartz is deployed without this setting? What implications does this setting have to other aspects of server performance (will it cause a conflict with some other setting)? I actually am in the middle of deploying an app that uses Quartz on OC4J and would like to be aware of the implications and necessity of this setting. On 9/6/07, Pid [EMAIL PROTECTED] wrote: Andrew Hole wrote: I can't find an example of using Quartz to scheduling jobs on Tomcat Web application. Someone already work with Quartz? Could you share a hello world sample? Thanks a lot http://www.opensymphony.com/quartz/wikidocs/Tutorial.html http://www.opensymphony.com/quartz/wikidocs/QuickStart.html http://forums.opensymphony.com/search.jspa?threadID=q=tomcatobjID=f6dateRange=last90daysuserID=numResults=15rankBy=10001 Google is your friend. p On 9/6/07, Pid [EMAIL PROTECTED] wrote: Andrew Hole wrote: I can't find an example of using Quartz to scheduling jobs on Tomcat Web application. Someone already work with Quartz? Could you share a hello world sample? Thanks a lot http://www.opensymphony.com/quartz/wikidocs/Tutorial.html http://www.opensymphony.com/quartz/wikidocs/QuickStart.html http://forums.opensymphony.com/search.jspa?threadID=q=tomcatobjID=f6dateRange=last90daysuserID=numResults=15rankBy=10001 Google is your friend. p
RE: Tomcat Farm Deployment and Statistics
From: bajistaman [mailto:[EMAIL PROTECTED] Subject: RE: Tomcat Farm Deployment and Statistics I was reading about JMX and Tomcat and I wonder if is it better (more secure?) to do it at the low level as you suggested or by using the JMX API? I think using JMX would make it more complicated and may well decrease security since there would be yet another port open into Tomcat; others may have differing opinions. However, your reference to JMX did remind me of Lambda Probe (www.lambdaprobe.org), which is a very useful Tomcat monitoring tool. I've never tried it in a Tomcat clustering environment, but it does appear to have some support for that. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: POST data lost when switching URL using mod_rewrite and mod_jk
why aren't you switching to https before it gets complicated, i.e. when a simple request is coming in, like for the form page itself? Unfortunately, that is not an option. - is the Location header apache httpd sends back for the redirect still OK? You can check with a commandline client like e.g. curl. No, here's where the trouble starts. It seems like mod_rewrite can't handle UTF-8 URLs. I used the LiveHTTPHeaders plugin for Firefox, and here's the output: Original (correct request): GET /lucene/target.jsp?test=%C3%BCberraschung HTTP/1.1 Flawed redirect: Location: http://localhost:778/lucene/target.jsp?test=%25C3%25BCberraschung As you can see, the % have been encoded again. What can I do about it? Regards, Michael - if so, is the second request as decoded by apache OK? The access log might give an idea about that - if so, is the forwarded request from mod_jk to Tomcat OK (JkLogLevel debug shows a line ...service... which containes the forwarded URL at the end) Regards, Rainer Michael Böckling wrote: Ok, that makes it clear to me. Thanks for the exhaustive reply! Btw., I didn't configure the servers, I'm just trying to get my forms data through and understand as much as possible. :-) So I switched to GET, but again, I ran into issues, this time it is character-encoding related. The Tomcats all have URIEncoding=UTF-8 set, and it works whithout the rewrite-induced redirect. But when redirect is used, the following happens: The parameter führung becomes f%C3%BChrung in my JSPs. I did AddDefaultEncoding UTF-8 in my Apache config, that doesn't help. Is there a configuration option for mod_rewrite or mod_jk that I have to set to make it work? I tried the ForwardURIxxx options on my mod_jk, but they didn't help. Any Ideas? Thanks a lot for the help so far! Regards, Michael -Original Message- From: Rainer Jung [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 4:35 PM To: Tomcat Users List Subject: Re: POST data lost when switching URL using mod_rewrite and mod_jk Example from http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html 10.3.2 301 Moved Permanently The requested resource has been assigned a new permanent URI and any future references to this resource SHOULD use one of the returned URIs. Clients with link editing capabilities ought to automatically re-link references to the Request-URI to one or more of the new references returned by the server, where possible. This response is cacheable unless indicated otherwise. The new permanent URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s). If the 301 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued. Note: When automatically redirecting a POST request after receiving a 301 status code, some existing HTTP/1.0 user agents will erroneously change it into a GET request. So if you are using HTTp Redirect, check your Apache access log. It's likely you will notice, that the browser switched from a POST to a GET during the redirect and the POST Body isn't send by the Browser. Nothing we could do in this case on the server side. You should try to identify a GET which sits before the POST in your clickstream and do the redirect already there (like e.g. when the browser tries to retrieve the empty form before it tries to send the contents). Regards, Rainer Michael Böckling wrote: Hi folks! I Have the following setup: Apache/2.2.4 mod_ssl/2.2.4 mod_jk/1.2.25 mod_rewrite (?) Apache Tomcat 5.5.23 Browser == Apache + mod_rewrite == mod_jk == Tomcat This is a Linux machine, and mod_rewrite is used to switch to SSL on certain URLs. Problem: the POST data is lost whenever a form on a http page sends data to a page that gets its URL rewritten to https. This goes as folllows: http page = form post to http url = rewrite url to https, switch to SSL = display https url No data arrives when using POST! I know there is a bug that limits the maximum post size to x KB, but in my case, the post data is a just a few text fields. Any idea as to why this happens? Regards, - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail:
RE: POST data lost when switching URL using mod_rewrite and mod_jk
The mod_rewrites encoding can be changed with option 'noescape|NE' (no URI escaping of output) This flag keeps mod_rewrite from applying the usual URI escaping rules to the result of a rewrite. Ordinarily, special characters (such as '%', '$', ';', and so on) will be escaped into their hexcode equivalents ('%25', '%24', and '%3B', respectively); this flag prevents this from being done. This allows percent symbols to appear in the output, as in RewriteRule /foo/(.*) /bar?arg=P1\%3d$1 [R,NE] Rgds, Fred Michael Böckling wrote: why aren't you switching to https before it gets complicated, i.e. when a simple request is coming in, like for the form page itself? Unfortunately, that is not an option. - is the Location header apache httpd sends back for the redirect still OK? You can check with a commandline client like e.g. curl. No, here's where the trouble starts. It seems like mod_rewrite can't handle UTF-8 URLs. I used the LiveHTTPHeaders plugin for Firefox, and here's the output: Original (correct request): GET /lucene/target.jsp?test=%C3%BCberraschung HTTP/1.1 Flawed redirect: Location: http://localhost:778/lucene/target.jsp?test=%25C3%25BCberraschung As you can see, the % have been encoded again. What can I do about it? Regards, Michael - if so, is the second request as decoded by apache OK? The access log might give an idea about that - if so, is the forwarded request from mod_jk to Tomcat OK (JkLogLevel debug shows a line ...service... which containes the forwarded URL at the end) Regards, Rainer Michael Böckling wrote: Ok, that makes it clear to me. Thanks for the exhaustive reply! Btw., I didn't configure the servers, I'm just trying to get my forms data through and understand as much as possible. :-) So I switched to GET, but again, I ran into issues, this time it is character-encoding related. The Tomcats all have URIEncoding=UTF-8 set, and it works whithout the rewrite-induced redirect. But when redirect is used, the following happens: The parameter führung becomes f%C3%BChrung in my JSPs. I did AddDefaultEncoding UTF-8 in my Apache config, that doesn't help. Is there a configuration option for mod_rewrite or mod_jk that I have to set to make it work? I tried the ForwardURIxxx options on my mod_jk, but they didn't help. Any Ideas? Thanks a lot for the help so far! Regards, Michael -Original Message- From: Rainer Jung [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 4:35 PM To: Tomcat Users List Subject: Re: POST data lost when switching URL using mod_rewrite and mod_jk Example from http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html 10.3.2 301 Moved Permanently The requested resource has been assigned a new permanent URI and any future references to this resource SHOULD use one of the returned URIs. Clients with link editing capabilities ought to automatically re-link references to the Request-URI to one or more of the new references returned by the server, where possible. This response is cacheable unless indicated otherwise. The new permanent URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s). If the 301 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued. Note: When automatically redirecting a POST request after receiving a 301 status code, some existing HTTP/1.0 user agents will erroneously change it into a GET request. So if you are using HTTp Redirect, check your Apache access log. It's likely you will notice, that the browser switched from a POST to a GET during the redirect and the POST Body isn't send by the Browser. Nothing we could do in this case on the server side. You should try to identify a GET which sits before the POST in your clickstream and do the redirect already there (like e.g. when the browser tries to retrieve the empty form before it tries to send the contents). Regards, Rainer Michael Böckling wrote: Hi folks! I Have the following setup: Apache/2.2.4 mod_ssl/2.2.4 mod_jk/1.2.25 mod_rewrite (?) Apache Tomcat 5.5.23 Browser == Apache + mod_rewrite == mod_jk == Tomcat This is a Linux machine, and mod_rewrite is used to switch to SSL on certain URLs. Problem: the POST data is lost whenever a form on a http page sends data to a page that gets its URL rewritten to https. This goes as folllows: http page = form post to http url = rewrite url to https,
RE: POST data lost when switching URL using mod_rewrite and mod_jk
This is great, it seems to work for me! I just found this page, which describes the issue: http://issues.apache.org/bugzilla/show_bug.cgi?id=34602 In post #16, it is suggested that RewriteMap esc int:escape is required to correctly escape the non-query part of the URL. Is that true? Thanks for your help, Michael Böckling -Original Message- From: fredk2 [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 7:30 PM To: users@tomcat.apache.org Subject: RE: POST data lost when switching URL using mod_rewrite and mod_jk The mod_rewrites encoding can be changed with option 'noescape|NE' (no URI escaping of output) This flag keeps mod_rewrite from applying the usual URI escaping rules to the result of a rewrite. Ordinarily, special characters (such as '%', '$', ';', and so on) will be escaped into their hexcode equivalents ('%25', '%24', and '%3B', respectively); this flag prevents this from being done. This allows percent symbols to appear in the output, as in RewriteRule /foo/(.*) /bar?arg=P1\%3d$1 [R,NE] Rgds, Fred Michael Böckling wrote: why aren't you switching to https before it gets complicated, i.e. when a simple request is coming in, like for the form page itself? Unfortunately, that is not an option. - is the Location header apache httpd sends back for the redirect still OK? You can check with a commandline client like e.g. curl. No, here's where the trouble starts. It seems like mod_rewrite can't handle UTF-8 URLs. I used the LiveHTTPHeaders plugin for Firefox, and here's the output: Original (correct request): GET /lucene/target.jsp?test=%C3%BCberraschung HTTP/1.1 Flawed redirect: Location: http://localhost:778/lucene/target.jsp?test=%25C3%25BCberraschung As you can see, the % have been encoded again. What can I do about it? Regards, Michael - if so, is the second request as decoded by apache OK? The access log might give an idea about that - if so, is the forwarded request from mod_jk to Tomcat OK (JkLogLevel debug shows a line ...service... which containes the forwarded URL at the end) Regards, Rainer Michael Böckling wrote: Ok, that makes it clear to me. Thanks for the exhaustive reply! Btw., I didn't configure the servers, I'm just trying to get my forms data through and understand as much as possible. :-) So I switched to GET, but again, I ran into issues, this time it is character-encoding related. The Tomcats all have URIEncoding=UTF-8 set, and it works whithout the rewrite-induced redirect. But when redirect is used, the following happens: The parameter führung becomes f%C3%BChrung in my JSPs. I did AddDefaultEncoding UTF-8 in my Apache config, that doesn't help. Is there a configuration option for mod_rewrite or mod_jk that I have to set to make it work? I tried the ForwardURIxxx options on my mod_jk, but they didn't help. Any Ideas? Thanks a lot for the help so far! Regards, Michael -Original Message- From: Rainer Jung [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 4:35 PM To: Tomcat Users List Subject: Re: POST data lost when switching URL using mod_rewrite and mod_jk Example from http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html 10.3.2 301 Moved Permanently The requested resource has been assigned a new permanent URI and any future references to this resource SHOULD use one of the returned URIs. Clients with link editing capabilities ought to automatically re-link references to the Request-URI to one or more of the new references returned by the server, where possible. This response is cacheable unless indicated otherwise. The new permanent URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s). If the 301 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued. Note: When automatically redirecting a POST request after receiving a 301 status code, some existing HTTP/1.0 user agents will erroneously change it into a GET request. So if you are using HTTp Redirect, check your Apache access log. It's likely you will notice, that the browser switched from a POST to a GET during the redirect and the POST Body isn't send by the Browser. Nothing we could do in this case on the server side. You should try to identify a GET which sits before the POST
Re: an easier way to deploy war file?
Peter Stavrinides a écrit : If you set up Tomcat correctly, and place all your jars in the correct places you can hot deploy the war without a restart. This works over plain http, you don't even need access to the server, all you need is a password for the manager (it's better to use a database realm). There are many ways to secure the manager in production, the simplest is to remove the manager.xml and host-manager.xml files from the $CATALINA_BASE/conf/Catalina/localhost/ directory, or if your configuration permits allow the manager url to resolve only on the internal network, this is a typical scenario if tomcat is left to run on a secure port. If you do that and want to use the manager again, you should replace those files ? If so, I'll be really annoying to do that. For my part, I did a deployment shell to do all the gregor's action (because my servers are on DMZ). Last thing, the less applications are deployed the faster the server is. That is also why I don't use the manager. cheers Peter is to make the manager URL resolve Gregor Schneider wrote: - *never* start tomcat as root: create a user tomcat if not already existing and run tomcat with that user-id - if it's not a production-server with very high security, grant ftp-access to user tomcat - from your local pc, ftp to your ubuntu, login as user tomcat - change to directory www/webapps - put your web-app.war that's it be sure that autodeploy is set to true. having done so, there's no need to delete any directories on your ubuntu-server cheers gregor ps: before starting tomcat as user tomcat, you might have to issue chown -R tomcat:tomcat * in $CATALINA_HOME - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: context-param vs env-entry. Ready? Fight!
Hello, IMO, you should use JNDI variable (env) instead of (context variable). In that case, there will be no link the application server and you'll can deploy your application on another server. Of course, you ll have to define the JNDI variable in a different way. But most important, you'll don't have to change your java classes because the JNDI tree will stay the same. Lionel CRINE - GROUPE LINAGORA Open Source Software Engineer Tel. : 01 58 18 68 28 - Fax : 01 58 18 68 29 www.linagora.com / www.linagora.org Tim Funk a écrit : Sort of. I mean any java class which saves, loads, or gets data from somewhere and thus requires configuration at some time. Using IOC you can hand wave around those configuration issues and having one smarter class dependent on the servlet api which configures the rest of your beans is OK. -Tim Brian Munroe wrote: On 8/31/07, Tim Funk [EMAIL PROTECTED] wrote: Do you really want code that has nothing to do with the servlet api dependent on ServletContext? Plugging in a new jndi lookup for testing is much easier. Forgive my ignorance here, but do you mean, say, in a bean? That doesn't inherit the servlet's scope? I've never tried it because I always use JNDI :) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: create a keystore without user prompting
Hello, If you have a shell, you can use the expect package to catch the prompt. It may be a solution. Lionel CRINE - GROUPE LINAGORA Open Source Software Engineer Tel. : 01 58 18 68 28 - Fax : 01 58 18 68 29 www.linagora.com / www.linagora.org oj a écrit : Hi, I want to make batch file which will create a keystore file but after calling this keytool -genkey -alias tomcat -keyalg RSA there will be a user prompt for my user name and such things. Does anyone know how i can skip those prompts or can I set those values with additonal parameters. I searched through the JDK Docu but I could not find it.. Thanks - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat Logging Configuration
Ole Ersoy a écrit : Hi, I'm trying to point the catalina handler to /var/log/apache-tomcat like by configuring the logging.properties file like this: 1catalina.org.apache.juli.FileHandler.level = FINE 1catalina.org.apache.juli.FileHandler.directory = /var/log/apache-tomcat/ 1catalina.org.apache.juli.FileHandler.prefix = catalina. These lines will create a file named catalina.2007.log However when I start Tomcat I get this message: [EMAIL PROTECTED] apache-tomcat]# service tomcat start Starting tomcat Unable to redirect to /usr/share/apache-tomcat/logs/catalina.out catalina.out is managed by catalina.sh Any ideas on how to fix this? This error does not come from logging.properties. Lionel Thanks, - Ole - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Compatibility of Tomcat 6.0 on Redhat Linux 3.0 ES
Does it require additional configuration? -Original Message- From: Hassan Schroeder [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 12:55 PM To: Tomcat Users List Subject: Re: Compatibility of Tomcat 6.0 on Redhat Linux 3.0 ES On 9/6/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Has anyone installed Tomcat 6.0.x on RedHat Linux ES 3.0 (Linux kernel 2.4.2)? Is this a compatible configuration? Tomcat is *Java* -- if you have a JVM that works on your platform, you're set. :-) But for the record, yes, as it happens I have an ES3/2.4.2 box with TC 6 on it... HTH, -- Hassan Schroeder [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat Farm Deployment and Statistics
Have you tried the Client Deployer Package? Johann -- View this message in context: http://www.nabble.com/Tomcat-Farm-Deployment-and-Statistics-tf4391810.html#a12528074 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: reponse.setHeader in tomcat
Take a look at the example below - that should shed some light: http://mail-archives.apache.org/mod_mbox/tomcat-users/200611.mbox/[EMAIL PROTECTED] Cheers Gregor -- what's puzzlin' you, is the nature of my game gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Different sessions between JSP and Servlets...
Hey Mark, Your question as well as a previous post to another user in which you made the point that the appBase should never point to a root directory helped me resolve this and another JSP issue I was having. The change follows... Host name=my_site.com appBase=webapps\a_subfolder\ Context path= docBase=\my_root\ I cannot thank you and Hassan enough for your assistance with this issue. My very best regards, Mike Cronin Fax.com The New Way To Fax! www.fax.com Confidential: This electronic message and all contents contain information from Fax.com, Inc. which may be privileged, confidential or otherwise protected from disclosure. The information is intended to be for the addressee(s) only. If you are not an addressee, any disclosure, copy, distribution or use of the contents of this message is prohibited. If you have received this electronic message in error, please notify the sender by reply e-mail and destroy the original message and all copies. Thank you. -Original Message- From: Mike Cronin [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 11:41 AM To: 'Tomcat Users List' Subject: RE: Different sessions between JSP and Servlets... Host name=my_site.com appBase=webapps\a_subfolder\my_root\ Context path= docBase=\ The only Context I reference (whether right or wrong) is the default Context shown above. As coded, all applications successfully load using the default Context, but I'm not able to pass session variables between my servlets and JSPs. Thanks for your reply Mark. Mike Fax.com The New Way To Fax! www.fax.com Confidential: This electronic message and all contents contain information from Fax.com, Inc. which may be privileged, confidential or otherwise protected from disclosure. The information is intended to be for the addressee(s) only. If you are not an addressee, any disclosure, copy, distribution or use of the contents of this message is prohibited. If you have received this electronic message in error, please notify the sender by reply e-mail and destroy the original message and all copies. Thank you. -Original Message- From: Mark Thomas [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 05, 2007 7:37 PM To: Tomcat Users List Subject: Re: Different sessions between JSP and Servlets... Mike Cronin wrote: I started from a clean install and continue to encounter the issue where my JSP pages are not exposed to the session variables being set from within my servlets. I believe that my Host element is set up correctly as I can get to all of my site content as desired. What values are you using for appBase and docBase? Mark - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Problem with Tomcat 6.0.xx and JAAS and userContextClassLoader
Hello all, We're using Tomcat 6.0.14 and we need to use JAAS for our webapp. We have a custom login module and it's desirable for us to have the custom LoginModule .jar inside the WEB-INF\lib directory of our webapp. However with Tomcat 6 it appears we can only place the jar in the lib folder of Tomcat, otherwise we get a 'SEVERE: Class com.devtest.auth.UserPrincipal not found! Class not added' on startup. I can't find much information on this issue, but the issue is perhaps better described here: http://support.liferay.com/browse/LEP-2995;jsessionid=C72F970D8B99F4BD60185FB0A1567A8F?page=history According to the link it is because Tomcat 6 performs a Class.forName() lookup. Is there anyway around this? Thanks, Alan. -- View this message in context: http://www.nabble.com/Problem-with-Tomcat-6.0.xx-and-JAAS-and-userContextClassLoader-tf4394188.html#a12529648 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Question about Session MGMT
I was searching the archives, but could not find what I thought I needed?? The problem I have is that when I go to my webapp (IE/Firefox) and login as say an admin and then open another tab and login as just a user. The original admin login will fail if I try to do any administrative functions. I am sure that I am messing up something with the Cookie used to maintain session state, but I am not sure how to avoid this when using the same browser? Any help would be appreciated. Thanks in advance Rob -- View this message in context: http://www.nabble.com/Question-about-Session-MGMT-tf4394390.html#a12530425 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
unable to change tomcat 5.5.20 session manager to PersistentManager
Hi All: I am using tomcat version 5.5.20 and am having problems configuring a persistent session manager. I added the following to the context element in the context.xml file located in the tomcat_home/conf directory: Manager className=org.apache.catalina.session.PersistentManager maxInactiveInterval=60 processExpiresFrequency=1 Store className=org.apache.catalina.session.FileStore / /Manager In order to test whether the above manager configuration changes were successful, I made the following calls from within my servlet: System.out.println( session expir duration: + session.getMaxInactiveInterval() ); System.out.println( session : + session.getClass()); and got the following results which indicate the above manager configuration was ignored: session expir duration: 1800 session :class org.apache.catalina.session.StandardSessionFacade Based on output to the IDE console window, it is clear that context.xml is being properly parsed. I also noticed that I am able to successfully set the session-timeout from the web.xml file. Can anyone tell me whether I have stumbled upon a bug or if I am missing a configuration step? Thanks in advance, Joe - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HttpSessionListener
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ashok, OFFICIAL WEBSITE wrote: I had attached web.xml with th previous mail. It did not come through. Nevertheless, I am attaching source code of listener and the web.xml file. The code looks fine (but strange). Are you even seeing CandidateSessionListener instantiated being printed on stdout? You can't just stick the listener element anywhere you want in web.xml: it's got to go in the appropriate place. Consult the DTD for the proper place to put listener elements. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG4GUw9CaO5/Lv0PARAivJAJ0cLhbn6brPpI/YVcL1ikEjBieFywCbBgT0 OnvHSGPFm3fy5LPZpZrDwgs= =5Gph -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: unable to change tomcat 5.5.20 session manager to PersistentManager
From: Joe Lopilato [mailto:[EMAIL PROTECTED] Subject: unable to change tomcat 5.5.20 session manager to PersistentManager I am using tomcat version 5.5.20 and am having problems configuring a persistent session manager. You did note the following bolded, italicized line in the Tomcat doc for the Persistent Manager, didn't you? WARNING - Use of this Manager implementation has not been thoroughly tested, and should be considered experimental! http://tomcat.apache.org/tomcat-5.5-doc/config/manager.html - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: unable to change tomcat 5.5.20 session manager to PersistentManager
Yes Chuck. I did note that as I have consulted the apache docs and numerous other sources prior to resorting this list. However, the issue is broader than PersistentManager and appears related to all manager configurations made via the context.xml file. For instance, if I configure the standard manager through context.xml, I again note the configuration (specifically, the session timeout) is ignored: Manager className=org.apache.catalina.session.StandardManager maxInactiveInterval=65 / I get the following result from within my servlet: System.out.println( session expir duration: + session.getMaxInactiveInterval() ); System.out.println( session : + session.getClass()); session expir duration: 1800 session :class org.apache.catalina.session.StandardSessionFacade -Original Message- From: Caldarale, Charles R [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 4:45 PM To: Tomcat Users List Subject: RE: unable to change tomcat 5.5.20 session manager to PersistentManager From: Joe Lopilato [mailto:[EMAIL PROTECTED] Subject: unable to change tomcat 5.5.20 session manager to PersistentManager I am using tomcat version 5.5.20 and am having problems configuring a persistent session manager. You did note the following bolded, italicized line in the Tomcat doc for the Persistent Manager, didn't you? WARNING - Use of this Manager implementation has not been thoroughly tested, and should be considered experimental! http://tomcat.apache.org/tomcat-5.5-doc/config/manager.html - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Programmic login to tomcat using username and password
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Quanxin, zhu quanxin wrote: I am looking for tomcat API for doing programmatic login. I read the source code of org.apache.catalina.authenticator.SingleSignOn, and find that it contains a method called reauthenticate maybe helpful. [snip] but when I use those code in my application(for example a servlet), it could not work. I think I could not get the instance of realm in tomcat server. That's because the Request object isn't an HttpServletRequest object, which is what you have in your servlet. Without trouble, you can't get access to this internal object from your servlet. do you have a better idea about programmic login, and how to write it? Check out securityfilter... it keeps the user's principal in the session instead of somewhere else, so it's easy to get. Not sure if it plays well with SSO, though. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG4Gq69CaO5/Lv0PARAgHjAKC9I7NFT3j48+CXdFm4DiIzyUEL5gCgiV40 wR5JB0V+ELPuTGJ2rucBLus= =HkxJ -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Programmic login to tomcat using username and password
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David, David Delbecq wrote: AFAIK, the J2EE specs does not allow 'spontaneous login' from webapplication and am not sure tomcat give provision for this. I think it's more like the J2EE specs do not require it, therefore Tomcat has chosen not to implement it. Another possibility might be the use of http://securityfilter.sourceforge.net/ which mimic a container security mechanism (respect of web.xml rules, use of realms) but allows for more flexibility than pure j2ee specs. It does. One of the things is allows is spontaneous logins. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG4Gsa9CaO5/Lv0PARAiKxAKCkwzGTdiryT9cd3QatDea63MJ5sACeOj9w pqGnWIwunuVJmyAuVfrm9iA= =nVCu -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Different sessions between JSP and Servlets...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike, Mike Cronin wrote: Context path= docBase=\my_root\ You should remove both of these attributes from your Context in context.xml. As mentioned before in this thread, they are at best ignored, and at worst confused by Tomcat or anyone looking at the file. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG4HFw9CaO5/Lv0PARAtpCAJwOh4xIRxFIa6gNWZSfYACU04r+3wCeOY1a q3dTB8HeNvlJ/2gv9htG4kI= =uZFf -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT/RANT] Quartz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Doesn't anyone know how to use cron anymore? Sheesh... - -chris Andrew Hole wrote: I can't find an example of using Quartz to scheduling jobs on Tomcat Web application. Someone already work with Quartz? Could you share a hello world sample? Thanks a lot -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG4HR59CaO5/Lv0PARAvxYAJ48g3JyLuF23xhnS5lp3OKNg7An7gCgruKm hiiwHPYjs27HigRvF+03Hw4= =Z0pm -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Integration with Apache
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ed, Edd Dawson wrote: I have a server setup as follows: Apache [httpd] - mod_jk2 - tomcat Stop right there. Delete mod_jk2. Forget it ever existed (everyone else has). Install mod_jk. Okay, now go: There are a number of webapps served by tomcat: /ROOT - available on http://www.mydomainname.com/ /webapp2 -available on http://www.mydomainname.com/webapp2 /webapp3 - available on http://www.mydomainame.com/webapp3 Now this all works fine, but now I need to add a php forum site onto the server on the same domain name and have it served on http://www.mydomainname.com/forum Trouble is that I cannot for the life of me figure out how to configure this without moving my /ROOT webapp off the URL http://www.mydomainname.com/ and into a subdirectory. Why? Just don't map /forum/*.php to mod_jk. What do your JkMount directives look like? Can anyone confirm whether what I want to do is at all possible, and if so give any pointers as to where i need to be looking to configure it? I have all kinds of things happening with Apache httpd - mod_jk - Tomcat. You can map anything you want. Static content served by Apache httpd while dynamic stuff comes from TC? Of course. Multiple TC instances within the same URL space? Done. Some TC, some PHP, some CGI? Why not? It's all easy. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG4HWW9CaO5/Lv0PARAnvAAKCH7DLvm4JOWCMSqXyPvIf/PKUMjACgxC3A kHIVn0Uj2z+MEc0m8xDlnc8= =dTQG -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat Farm Deployment and Statistics
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Johann, bajistaman wrote: Is there a way to centrally collect statistics of usage of all of the tomcat's farm instances? How are you distributing the traffic among the Tomcat instances? Cant' you use a log file from there? If not, you'll have to either copy log files to a central location, or rig your loggers to report logging information to a single place. One idea is to use log4j as your logging mechanism (I'm guessing that the AccessLogValve or whatever it's called uses the standard logging so you can set it up to use log4j) and use the syslog appender with a host other than localhost. Have all your TC instances use syslog to report logging to one, single system's syslog facility. Then, configure syslog on that target machine to segregate Tomcat/web log messages to a particular file. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG4HPt9CaO5/Lv0PARAiSUAKCbYCkMTu5MRiQUxjlnkCp0sNN7RQCgpn7x 7dfdci4NLk3MAB/VxS9rCRU= =iIKR -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: synchronous stop of tomcat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Derek, Derek Alexander wrote: Using: $CATALINA_HOME/bin/catalina.sh stop $CATALINA_HOME/bin/catalina.sh start in quick succession to restart Tomcat, it is possible that the start operation will run before all ports have been released by the instance I'm stopping. Yes. Is there a synchronous method for stopping Tomcat, i.e. one that won't return until the ports have been released at least? Not that I know of. Lots of folks have posted to the list somewhat recently asking basically the same question: how do you know when Tomcat has really stopped? The best hack I've heard of is to watch the catalina.out log file for the magic Tomcat Stopped message. Another option would be to actually poll the port to see if it's available. They're both pretty ugly options. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG4HYN9CaO5/Lv0PARAhdOAJ4y5YoCK10SuLvAp/xbaBC35jvlbgCgv01O giDep97OsHCWtx/OBoGzbf0= =3cJP -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Question about Session MGMT
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joshua and Rob, Joshua Fielek wrote: That is because you have one session per browser session. Or, more precisely, your application is using a cookie to maintain state, and since the cookies used for both logins have the same hostname, path, and name, the second cookie overwrites the first and you are left with a single login in two different windows/tabs. This is why you can log in to an email webapp, navigate away, and if you return within the timeout for the email session, you are treated as though you never left. YMMV, because this may not be true of _all_ webapps :-) Right. One way to allow multiple logins in separate tabs is to disable the use of cookies on the server (or even your web browser). If you've been writing your web pages properly, all of your links should have the session id encoded in them when cookies are not being used, and sessions will be maintained by using that information instead of cookies. In this case, you can login as many times as you want in separate windows/tabs/processes/etc. and you'll get a separate session in each of them. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG4HfL9CaO5/Lv0PARAm+AAJ9w1Gn3P/uXfFFgXFz3ggQxNjWOewCbBYT+ YiJINdhnJXJ66QdH95iyRlw= =FKj2 -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 5.5.23: cannot return to login page??
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cun, shunhecun wrote: My application uses MemoryRealm and FORM-based authentication. shiver In the file tomcat-users.xml, there is an user called view, which belongs to role users. The role users is not included in web.xml of the application. If I try to login the application with the user view, I get an error: HTTP Status 403 - Access to the requested resource has been denied. I cannot go back to the login page. I have to close the brower or restart the server to see the login page. You don't need to kill the browser /or/ the server. You just need to kill the user's session. Clean the browser's cache is not working. It seems the authentication information is cached in the Tomcat server. Any idea? Tomcat links the authentication information for a user to the session. Once the session is dead, you can re-login. Override the 403 error page to include your own text including a link that takes you to the (unprotected) logout page. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG4HaO9CaO5/Lv0PARAnm4AKCrvlXhb7G7m0QBzAGCOwFGS7Ci5QCgm6Ep RcJdLKCON73CZcBwS699+jw= =qisx -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Different sessions between JSP and Servlets...
Thanks Christopher. At this point, the context is coded within the server.xml. I understand that the context should be placed within a context.xml file within a META-INF, but doing so has been giving me problems thus far (something I plan to tackle here shortly). As for the JSP/Servlet session issues discussed within this thread, I believe that I have them resolved. Thanks once again for your valued input. Best regards, Mike Fax.com The New Way To Fax! www.fax.com Confidential: This electronic message and all contents contain information from Fax.com, Inc. which may be privileged, confidential or otherwise protected from disclosure. The information is intended to be for the addressee(s) only. If you are not an addressee, any disclosure, copy, distribution or use of the contents of this message is prohibited. If you have received this electronic message in error, please notify the sender by reply e-mail and destroy the original message and all copies. Thank you. -Original Message- From: Christopher Schultz [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 2:30 PM To: Tomcat Users List Subject: Re: Different sessions between JSP and Servlets... -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike, Mike Cronin wrote: Context path= docBase=\my_root\ You should remove both of these attributes from your Context in context.xml. As mentioned before in this thread, they are at best ignored, and at worst confused by Tomcat or anyone looking at the file. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG4HFw9CaO5/Lv0PARAtpCAJwOh4xIRxFIa6gNWZSfYACU04r+3wCeOY1a q3dTB8HeNvlJ/2gv9htG4kI= =uZFf -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Problem with Tomcat 6.0.xx and JAAS and userContextClassLoader
A Sunley wrote: Is there anyway around this? No. Mark - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Garbage Collection and Class unloading
Can someone explain a little bit about classloading really quick? Let me preface this with: I am maintaining an application which I did not develop. Looking at the WEB-INF/lib directory, it has around 76 different jar files, some actually used in the application, some (well, most) not. They either pertain to legacy features or are functionality duplicate (two different versions of Oracle driver libraries, for example) I am trying to tune Tomcat because it keeps running out PermGen space, so I am using jconsole to inspect the JVM. I suppose it isn't really a profiler, but it is a start. According to jconsole, after doing many application development cycles of remove-deployment of *.war to Tomcat (via manager), it looks like as many as 20k classes are loaded. I was under the impression that the garbage collector would unload classes as necessary. I tried to force a GC via jconsole, it reduced the heap memory like it should, and it unloaded a few classes pertaining to reflection, but nothing like what I was hoping for. I then leave it be for several hours, and all magic like, the GC unloads about 4k classes. First question. Anyone tell me why it doesn't unload classes when I am trying to force it? Is classloading/unloading not even the same as garbage collection? Second question. Is having 20k classes loaded normal for a middle sized application? I am assuming if I remove all the unnecessary jars from WEB-iNF/lib I can reduce that number? Would it benefit anything to place them in shared/lib? Third: If over 75% of the classes in the jars aren't being called anywhere in the application, even though they get loaded on the initial application deployment, shouldn't the GC unload them almost immediately, since there aren't any open resources using these classes. Fourth question: Do my JAVA_OPTS looks decent? JAVA_OPTS=-Xms512m -Xmx512m -server -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=8114 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -verbose:gc -XX:+PrintClassHistogram -XX:+PrintGCDetails -XX:MaxPermSize=128m many thanks! -- brian ps. My platform looks like: Solaris 9 (SPARC), Tomcat 5.5.23, JDK 1.6.0_02 (32-bit) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: context-param vs env-entry. Ready? Fight!
On 9/6/07, Lionel Crine [EMAIL PROTECTED] wrote: Of course, you ll have to define the JNDI variable in a different way. But most important, you'll don't have to change your java classes because the JNDI tree will stay the same. Yep, that is what I am pushing for (JNDI) -- brian - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Problem with Tomcat 6.0.xx and JAAS and userContextClassLoader
A Sunley wrote: Is this bug with Tomcat 6, or is it intentional? The version 6 documentation mentions that setting useContextClassLoader switches between context and container class loading, but obviously that isn't the case anymore... Ignore my previous post. It is indeed a bug in TC6. Mark - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] context-param vs env-entry. Ready? Fight!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Brian, In The Beginning, there was only global scope, and it was Good. Then someone said, nested scopes would be really convenient, so we don't have to manage stacks ourselves, and the nested scope was created, and it was Good. Then someone else said global scope is evil, as it allows programmers to be lazy and leads to bad design, and the global scope was abolished, and it was Good. Then yet another said hey, when I need to pass new data into a highly nested method, lack of global scope is a real PITA because I have to change every method signature in my program, and JNDI was created, and it was Good. Finally Martin Fowler said dependency injection, and nobody ever had to worry about programs making any kind of sense ever again. And it was Good (for hourly contractors!) Is it late enough to call it Friday? ;) - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG4LUd9CaO5/Lv0PARAhmmAJ49Qc6nrfS5ACQ8VJQ3tEQx0oBU3ACeNKrB PdPvlqRQ5suLzaIhEVCGZNw= =c6nR -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Garbage Collection and Class unloading
On 9/6/07, David Smith [EMAIL PROTECTED] wrote: I'd think your best bet is to clean out all the dead in-house code and then thin out the dependencies until it stops building. If nothing else, refactor your code to pair down the multiple versions of libraries. Oh, don't you worry, me and the original developer are gonna have a code audit come Monday! :) Even if it wasn't killing Tomcat, the amount of cruft in WEB-INF/lib is ridiculous! -- brian - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Garbage Collection and Class unloading
Others with more experience in the garbage collection may chime in, but it's my impression that the garbage collection tends to have it's own mind. You can try to force it, but that's no guarantee it will garbage collect anything. I'd think your best bet is to clean out all the dead in-house code and then thin out the dependencies until it stops building. If nothing else, refactor your code to pair down the multiple versions of libraries. --David Brian Munroe wrote: Can someone explain a little bit about classloading really quick? Let me preface this with: I am maintaining an application which I did not develop. Looking at the WEB-INF/lib directory, it has around 76 different jar files, some actually used in the application, some (well, most) not. They either pertain to legacy features or are functionality duplicate (two different versions of Oracle driver libraries, for example) I am trying to tune Tomcat because it keeps running out PermGen space, so I am using jconsole to inspect the JVM. I suppose it isn't really a profiler, but it is a start. According to jconsole, after doing many application development cycles of remove-deployment of *.war to Tomcat (via manager), it looks like as many as 20k classes are loaded. I was under the impression that the garbage collector would unload classes as necessary. I tried to force a GC via jconsole, it reduced the heap memory like it should, and it unloaded a few classes pertaining to reflection, but nothing like what I was hoping for. I then leave it be for several hours, and all magic like, the GC unloads about 4k classes. First question. Anyone tell me why it doesn't unload classes when I am trying to force it? Is classloading/unloading not even the same as garbage collection? Second question. Is having 20k classes loaded normal for a middle sized application? I am assuming if I remove all the unnecessary jars from WEB-iNF/lib I can reduce that number? Would it benefit anything to place them in shared/lib? Third: If over 75% of the classes in the jars aren't being called anywhere in the application, even though they get loaded on the initial application deployment, shouldn't the GC unload them almost immediately, since there aren't any open resources using these classes. Fourth question: Do my JAVA_OPTS looks decent? JAVA_OPTS=-Xms512m -Xmx512m -server -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=8114 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -verbose:gc -XX:+PrintClassHistogram -XX:+PrintGCDetails -XX:MaxPermSize=128m many thanks! -- brian ps. My platform looks like: Solaris 9 (SPARC), Tomcat 5.5.23, JDK 1.6.0_02 (32-bit) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Problem with Tomcat 6.0.xx and JAAS and userContextClassLoader
Is this bug with Tomcat 6, or is it intentional? The version 6 documentation mentions that setting useContextClassLoader switches between context and container class loading, but obviously that isn't the case anymore... http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#JAASRealm markt-2 wrote: A Sunley wrote: Is there anyway around this? No. Mark - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/Problem-with-Tomcat-6.0.xx-and-JAAS-and-userContextClassLoader-tf4394188.html#a12534233 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Garbage Collection and Class unloading
From: Christopher Schultz [mailto:[EMAIL PROTECTED] Subject: Re: Garbage Collection and Class unloading This used to happen because Class objects were never discarded by the JVM. That's not true, at least not since JVM 1.2 came into use. Class objects are discarded once there are no more instances of that type, there are no references to the Class objects themselves, and class unloading has not been inhibited by command-line option. using static fields to store big object trees and pushing application data into something managed by Tomcat (JNDI, a Valve, or something like that). There have also been related issues with other oft-used non-Tomcat libraries, such as loggers. Not sure if all of this undesired references have been cleaned up. The ClassLoader keeps all the java.lang.Class objects it ever loaded Actually, the references go the other way - every instance of java.lang.Class retains a pointer to its ClassLoader, and the ClassLoader won't be discarded until all of its loaded classes are gone. (It's possible that Tomcat's WebappClassLoader keeps track of all classes it loads - I haven't checked - but the standard ClassLoader implementations that come with the JRE do not.) Individual instances of java.lang.Class can be discarded at any time, as long as the constraints noted above are complied with. and those will eventually go into the PermGen space due to their long lives. All instances of java.lang.Class are allocated within the PermGen from the get-go; there is no migration into or out of PermGen. (The tenured generation does operate as you describe.) I'm a little hazy on PermGen, actually, but I think it /never/ gets cleaned up. Not true, except if one esoteric, non-standard GC algorithm is selected for the HotSpot JVM. PermGen is cleaned up whenever a full collection occurs. Second, class loading and GC are mostly unrelated Not true - they're intimately connected. Note that it takes two full GCs to get rid of java.lang.Class instances after they become unreachable. The first discovers that they're no longer active and queues the instances for some cleanup processing. The instances themselves are not discarded until the next full GC, after the cleanup has happened. Yes. You might even want to do -verbose:class if you want some light reading. At least reading it won't keep you awake... - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to get Request from RequestFacade
David Smith [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Ok... do you need them to modify the request and/or response? Or are you trying to pull some information from the original tomcat internals? From his examples below, it looks like he wants access to the TC internals. For the OP's original problem, for obvious security reasons TC makes it very hard to access the internal TC objects behind the various Facades from a webapps code (e.g. a Filter). It should be pretty much impossible if you are running in a sandbox with the default TC security settings. Overall, if you really need access to the internal TC objects, IMHO you are better off using a Valve, since the potential need to modify it when you upgrade TC versions doesn't go away. If you can do what you need to do with the operations and properties exposed via JMX on the Manager, then that is probably cleanest. Otherwise, you would probably need to use introspection. I first assumed you were attempting to modify the request or response, so a wrapper is ideal. All you have to do is create a class that extends HttpServletRequestWrapper or HttpServletResponseWrapper and override the methods you want. Then in the filter, just instantiate your request or response class with the original request or response in the constructor. When you chain to the next filter, just pass on the new request and response objects. --David Tremal Naik wrote: That's the point, I don't know much about request/response wrapping. I don't need the Facade itself, what I need are the real Catalina Request/Response objects hidden behind it. I don't know how to get them from inside a Filter. Thanks, TN 2007/9/6, David Smith [EMAIL PROTECTED]: May I ask what exactly you want to do with the facade? Seems like you could do what you want with a request or response wrapper instead. --David Tremal Naik wrote: Hello, I'v been using a valve to perform license checking in my web application. The method invoke(Request request, Response response) had access to the Request and Response objects, allowing me to perform some advanced operations. For instance, I made use of instructions like: Session catalinaSession = request.getSessionInternal(false); catalinaSession.access(); or Session[] managedSessions = request.getContext().getManager().findSessions(); Now, I'm moving the license validation code to a Filter. How do I access org.apache.catalina.connector.Request/Response in the method doFilter()? I see that I can only cast to a RequestFacade object: public void doFilter(ServletRequest sRequest, ServletResponse sResponse, FilterChain chain) throws IOException, ServletException { RequestFacade cRequest = (RequestFacade) sRequest; .. but now, I cannot use the Facade to access the Request. How can I solve this problem? Is it desirable accessing Catalina specific object from a Filter? Should I rewrite my code/ redesign my license validation framework? It is a very complex one, hance it may require some effort. May you redirect me to some useful articles/resources? Many thanks - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: unable to change tomcat 5.5.20 session manager to PersistentManager
From: Joe Lopilato [mailto:[EMAIL PROTECTED] Subject: RE: unable to change tomcat 5.5.20 session manager to PersistentManager For instance, if I configure the standard manager through context.xml, I again note the configuration (specifically, the session timeout) is ignored: Manager className=org.apache.catalina.session.StandardManager maxInactiveInterval=65 / Based on looking at the Tomcat code, it appears that this particular Manager attribute has no effect. The maxInactiveInterval setting is overridden by the default sessionTimeout value in StandardContext, which is 30 minutes, and also, if present, by the session-timeout value in either the global or the app-specific web.xml file. Looks like you have to change the timeout value in web.xml, not the nested Manager element. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Garbage Collection and Class unloading
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Brian, Brian Munroe wrote: Looking at the WEB-INF/lib directory, it has around 76 different jar files, some actually used in the application, some (well, most) not. They either pertain to legacy features or are functionality duplicate (two different versions of Oracle driver libraries, for example) Yipes! I am trying to tune Tomcat because it keeps running out PermGen space, so I am using jconsole to inspect the JVM. I suppose it isn't really a profiler, but it is a start. Just FYI... dropping JAR files isn't likely to reduce your PermGen usage... classes only get loaded when they're needed. If your application doesn't use those JARs, they are basically ignored (except maybe for being scanned for contents for faster class loading). But, you don't have to worry about all those useless classes actually getting loaded. You should certainly get rid of useless libraries... just make sure you're not doing it for the wrong reasons. According to jconsole, after doing many application development cycles of remove-deployment of *.war to Tomcat (via manager), it looks like as many as 20k classes are loaded. I was under the impression that the garbage collector would unload classes as necessary. This used to happen because Class objects were never discarded by the JVM. Now, it usually happens when your application somehow stashes an object somewhere that never goes away. There are several ways to do that, but off the top of my head I can really only think of one or two: using static fields to store big object trees and pushing application data into something managed by Tomcat (JNDI, a Valve, or something like that). What ends up happening is that you put some object in one of these places and, in order to stick around, the parent ClassLoader must remain in memory (i.e. /not/ GC'd). The ClassLoader keeps all the java.lang.Class objects it ever loaded, and those will eventually go into the PermGen space due to their long lives. I'm a little hazy on PermGen, actually, but I think it /never/ gets cleaned up. That sounds kinda stupid, but I'm not smart enough to write my own JVM so what the heck do I know, anyway? If PermGen never gets cleaned up, maybe your Class objects are just making it into PermGen naturally, and you are just suffering the consequences of many reloads. Why are you reloading your webapp so many times? Is this just a development environment, or do you do this in production? I tried to force a GC via jconsole, it reduced the heap memory like it should, and it unloaded a few classes pertaining to reflection, but nothing like what I was hoping for. I then leave it be for several hours, and all magic like, the GC unloads about 4k classes. Hmm... that torpedoes my natural theory above. Any idea what might happen in those 4 hours? First question. Anyone tell me why it doesn't unload classes when I am trying to force it? Is classloading/unloading not even the same as garbage collection? First, you can't force the JVM to do anything. Runtime.gc() basically says to the garbage collector, now would be a good time to do a collection, but there's no guarantee. Second, class loading and GC are mostly unrelated, although as you're seeing, things can get fuzzy when you're observing problems in either or both areas. Second question. Is having 20k classes loaded normal for a middle sized application? It's not totally crazy, but it is a little high. There are something like 6k classes that ship with the JVM alone. Of course, you're probably not using AWT and Swing and stuff like that, but still, there are a lot of classes out there. Also, Tomcat has a lot of its own classes, and uses many classes from its dependent libraries, etc. My relatively small application in development currently has 3386 classes loaded in what looks like 150 ClassLoaders (many of which show as 'dead' using jmap), and it's been up for several hours at this point under almost no load. The same application (well, the last release) in production has 4046 classes loaded, and has been running since 12 July. I am assuming if I remove all the unnecessary jars from WEB-iNF/lib I can reduce that number? Would it benefit anything to place them in shared/lib? No! Keep your application and all it's dependencies together. As I asserted above, reducing the JARs probably won't help. Third: If over 75% of the classes in the jars aren't being called anywhere in the application, even though they get loaded on the initial application deployment, shouldn't the GC unload them almost immediately, since there aren't any open resources using these classes. The classes should never get loaded in the first place. Fourth question: Do my JAVA_OPTS looks decent? Yes. You might even want to do -verbose:class if you want some light reading. Hope that helps, - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla -
Re: Compatibility of Tomcat 6.0 on Redhat Linux 3.0 ES
Anurag, As mentioned before on this list, avoid the default Linux JAVA/Tomcat packages. So once you install the JDK rpm from http://java.sun.com and install the Tomcat server from http://tomcat.apache.org, you should not have any compatibility issues. [EMAIL PROTECTED] wrote: Does it require additional configuration? -Original Message- From: Hassan Schroeder [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 12:55 PM To: Tomcat Users List Subject: Re: Compatibility of Tomcat 6.0 on Redhat Linux 3.0 ES On 9/6/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Has anyone installed Tomcat 6.0.x on RedHat Linux ES 3.0 (Linux kernel 2.4.2)? Is this a compatible configuration? Tomcat is *Java* -- if you have a JVM that works on your platform, you're set. :-) But for the record, yes, as it happens I have an ES3/2.4.2 box with TC 6 on it... HTH, -- Hassan Schroeder [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Regards Gabriel Wong Beyond Private JVM JAVA Hosting http://www.webappcabaret.com - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Automatic notification of certificate expiry
Mark, Thanks for that. I suspected that cron might be the best option here. Regards, Andrew -Original Message- From: Mark Thomas [mailto:[EMAIL PROTECTED] Sent: Thursday, 6 September 2007 12:32 PM To: Tomcat Users List Subject: Re: Automatic notification of certificate expiry Andrew Friebel wrote: Is there any way that users/administrators can be notified automatically (via email) when the server certificate has expired? http://www.google.com/search?hl=enq=cronbtnG=Google+Search BTW, you probably want to be notified *before* it expires. Mark - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]