If you grep for your running tomcat process, you can grab the PID. If you use `netstat -tnp | grep -e $TOMCAT_PID`, you can see if that particular process is making a connection anywhere. NOTE: the `-p` (process) flag only works if you have permission, which often means you need to be root.
I think your format shows a combined IPv6 and IPv4 address, along with the numeric port. (See the examples at https://pythonhosted.org/netaddr/tutorial_01.html#ipv4-to-ipv6-conversion and the Wikipedia reference at http://en.wikipedia.org/wiki/IPv6_address#Transition_from_IPv4). That makes me think there was a connection to port 57xx at address "ip.ip.ip.ip". You could try connecting to it with the command line MySQL client. Thanks, Carl ----- Original Message ----- From: "Phil Romov" <[email protected]> To: [email protected] Sent: Friday, May 29, 2015 4:27:09 PM Subject: Re: [cas-user] debugging AUTHENTICATION_FAILED Thanks for the tip Misagh, I’m now getting debug info (no trace, even though I set it to trace) However, the debug lines don’t really expose anything else. I also tried nestat -c 1 -tn | grep 3306, that gave me 3 lines (before starting tomcat) which must be some other apps connecting to it (I’m on a box that runs a bunch of apps that talk to the same database) As I started tomcat and went through the cas login process, I was monitoring the output for any new lines with a new local port number to be created, but I didn’t see any, so it seems like it never makes a connection to MYSQL I then ran my old tomcat with the old cas install that I know works (I’m reinstalling because the old tomcat has some other apps and I want to re-do the install from scratch having only cas as the only tomcat web app) and it created 4 new lines in the format of ::ffff:ip.ip.ip.ip:57xxx (and the login process worked as in the past) so I wonder if that’s a clue at all Thanks again for your support Phil On 5/29/15, 2:26 PM, "Misagh Moayyed" <[email protected]> wrote: >CAS logging is available at: >$CATALINA_HOME/webapps/cas/WEB-INF/classes/log4j.xml assuming you want to >modify the deployed war. Set "org.jasig" or other appropriate packages to >DEBUG. Depending on your configuration, logs will be written to cas.log >or >tomcat's log directory, etc. > >-----Original Message----- >From: Waldbieser, Carl [mailto:[email protected]] >Sent: Friday, May 29, 2015 11:13 AM >To: [email protected] >Subject: Re: [cas-user] debugging AUTHENTICATION_FAILED > >Phil, > >If you are on Linux, you could try: > > $ netstat -c 1 -tn | grep 3306 > >That will re-poll the connections every second. The other flags are to >make >sure you look at TCP connections and the numeric values of ports instead >of >whatever the mapping is in /etc/services. > >I would think you should be able to see at least an "ESTABLISHED" or >"CLOSE_WAIT" state. > >You could try checking the basic connectivity from the CAS server to the >database: > > $ telnet $YOUR_DB_IP_OR_HOSTNAME 3306 > >If you get a "connection refused" you might have a firewall issue. > > >Not sure what to do about your CAS logging. Java tends to be >ultra-configurable in that regard. >The logging configs in your Tomcat's "conf" folder might give you a >starting >point. > >Thanks, >Carl > > >----- Original Message ----- >From: "Phil Romov" <[email protected]> >To: [email protected] >Sent: Friday, May 29, 2015 1:18:18 PM >Subject: Re: [cas-user] debugging AUTHENTICATION_FAILED > >Netstat | grep 3306 isn’t showing anything, but then again I’m not sure >if >there’s going to be a persistent connection for cas that we can see > >I would much rather be able to set up logging to see what’s happening, >but I’m >a java/cas newbie and not sure how to enable it > > >It might also be something to do with tomcat, as I copied over the entire >webapps/cas directory from an older working version, and it doesn’t work >on >my new tomcat install. > >Really puzzled. Any pointers are appreciated. > >Thanks! >Phil > > >On 5/28/15, 9:28 AM, "Waldbieser, Carl" <[email protected]> wrote: > >>Phil, >> >>You can use `netstat` just to see if the TCP connection to MySQL is >>established. >>You could also run a local MySQL database instance with a couple test >>users and switch your CAS config to use that temporarily until you >>determine if the queries are what you expect. >> >>I haven't used Amazon RDS before, but the docs for the Amazon CLI tools >>have this command: >> >> >>http://docs.aws.amazon.com/AmazonRDS/latest/CommandLineReference/CLIRef >>ere >>nce-cmd-DownloadCompleteDBLogFile.html >> >>Thanks, >>Carl >> >>----- Original Message ----- >>From: "Phil Romov" <[email protected]> >>To: [email protected] >>Sent: Thursday, May 28, 2015 9:10:31 AM >>Subject: Re: [cas-user] debugging AUTHENTICATION_FAILED >> >>Carl, >>That’s an interesting idea… The MySQL database lives on amazon RDS, and >>I’m not quite sure how to check that log. I’ve been crawling around >>the RDS dashboard and related pages, and can’t find anything pointing >>to the logs! >> >>At this point I might try to sniff the network traffic instead :X >> >>Any other ideas are welcome >> >>Thanks >>Phil >> >>On 5/26/15, 3:18 PM, "Waldbieser, Carl" <[email protected]> wrote: >> >>>Phil, >>> >>>Can you tell if your CAS instance is actually connecting to your MySQL >>>database to authenticate? >>>Can you look at the MySQL query log to see what queries your CAS >>>instance is making against it? >>> >>> https://dev.mysql.com/doc/refman/5.1/en/query-log.html >>> >>>Thanks, >>>Carl Waldbieser >>>ITS Systems Programmer >>>Lafayette College >>> >>>----- Original Message ----- >>>From: "Phil Romov" <[email protected]> >>>To: [email protected] >>>Sent: Tuesday, May 26, 2015 3:12:53 PM >>>Subject: Re: [cas-user] debugging AUTHENTICATION_FAILED >>> >>>To be sure, I’ve done a diff -r between the working cas and the >>>nonworking one, and besides cosmetic differences (like >>>“Specification-Title: Jasig CAS Web Application” vs >>>“Specificatio-Title: Jasig CAS - Uber WAR”) I couldn’t find anything >>>different! >>> >>>Stumped >>>Phil >>> >>>On 5/26/15, 2:33 PM, "Romov, Phil" <[email protected]> wrote: >>> >>>>Chris, >>>>No, we aren’t using eDirectory. >>>> >>>>What’s frustating is I had cas working before. I used the regular >>>>web app war (now I’m using the uber one, and I even copied the lib >>>>over from the one that was working) and I copied over all the config >>>>files (using the select * method of confirming auth against custom >>>>users table) - or so I thought. I must have missed one, because the >>>>new cas install is still not working >>>> >>>>(I have to abandon my old cas install because it was installed on a >>>>bundled tomcat with something else) >>>> >>>>I must be missing something really obvious here, but I don’t even >>>>know where to start looking as the log file is all but devoid of >>>>helpful information >>>> >>>>Any ideas whatsoever are welcome! >>>> >>>>Thanks >>>>Phil >>>> >>>>From: Christopher Myers >>>><[email protected]<mailto:[email protected]>> >>>>Reply-To: "[email protected]<mailto:[email protected]>" >>>><[email protected]<mailto:[email protected]>> >>>>Date: Friday, May 22, 2015 at 9:09 AM >>>>To: "[email protected]<mailto:[email protected]>" >>>><[email protected]<mailto:[email protected]>> >>>>Subject: Re: [cas-user] debugging AUTHENTICATION_FAILED >>>> >>>>Hey Phil - >>>> >>>>You don't happen to use eDirectory on the back-end, do you? If so, I >>>>can send you some directions that can make troubleshooting something >>>>like this a TON easier... >>>> >>>>Chris >>>> >>>>>>> "Romov, Phil" <[email protected]<mailto:[email protected]>> >>>>>>>05/21/15 3:55 PM >>> >>>>Misagh, >>>>Thanks for your reply! However, I might need significantly more >>>>schooling on how to do this.. >>>> >>>>I tried googling around for some hints, but saw a mish-mash of >>>>.properties and .xml files and didn¹t know where to start. >>>> >>>>So I tried a stab in the dark, adding to >>>>webapps/cas/WEB-INF/cas.properties: >>>> >>>>log4j.org.jasig.cas=DEBUG >>>> >>>>And restarted tomcat >>>> >>>>However, I didn¹t get anything new in the logs, the same basic error >>>>AUTHENTICATION_FAILED and no detail how to resolve itŠ >>>> >>>>Please advise >>>>Thanks! >>>>Phil >>>> >>>> >>>> >>>> >>>> >>>>On 5/20/15, 4:10 PM, "Misagh Moayyed" >>>><[email protected]<mailto:[email protected]>> wrote: >>>> >>>>>The easiest way would be to review your log4j file, and adjust >>>>>relevant levels to DEBUG, and watch the output. Specifically, you >>>>>want to have org.jasig.cas to DEBUG and packages that deal with jdbc >>>>>and your oracle driver. >>>>> >>>>>-----Original Message----- >>>>>From: Romov, Phil [mailto:[email protected]] >>>>>Sent: Wednesday, May 20, 2015 9:48 AM >>>>>To: [email protected]<mailto:[email protected]> >>>>>Subject: [cas-user] debugging AUTHENTICATION_FAILED >>>>> >>>>>I'm essentially in the same boat as >>>>>http://stackoverflow.com/questions/24387170/whats-the-easiest-way-to >>>>>-de >>>>>b >>>>>u >>>>>g >>>>>-jasig-cas-when-using-jdbc-and-oracle >>>>> >>>>>(except I'm in mysql not oracle) >>>>> >>>>>Are there any other logs to look at, flags to enable more logs? >>>>>Please point me in the right direction >>>>> >>>>>Thanks >>>>>Phil >>>>> >>>>>-- >>>>>You are currently subscribed to >>>>>[email protected]<mailto:[email protected]> as: >>>>>[email protected]<mailto:[email protected]> To unsubscribe, >>>>>change settings or access archives, see >>>>>http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>> >>>>> >>>>>-- >>>>>You are currently subscribed to >>>>>[email protected]<mailto:[email protected]> as: >>>>>[email protected]<mailto:[email protected]> >>>>>To unsubscribe, change settings or access archives, see >>>>>http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>>> >>>>-- >>>>You are currently subscribed to >>>>[email protected]<mailto:[email protected]> as: >>>>[email protected]<mailto:[email protected]> >>>>To unsubscribe, change settings or access archives, see >>>>http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>>> >>>> >>>>-- >>>>You are currently subscribed to >>>>[email protected]<mailto:[email protected]> as: >>>>[email protected]<mailto:[email protected]> >>>>To unsubscribe, change settings or access archives, see >>>>http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>>>-- >>>>You are currently subscribed to [email protected] as: >>>>[email protected] >>>>To unsubscribe, change settings or access archives, see >>>>http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> >>>-- >>>You are currently subscribed to [email protected] as: >>>[email protected] >>>To unsubscribe, change settings or access archives, see >>>http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>>-- >>>You are currently subscribed to [email protected] as: >>>[email protected] >>>To unsubscribe, change settings or access archives, see >>>http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >> >> >>-- >>You are currently subscribed to [email protected] as: >>[email protected] >>To unsubscribe, change settings or access archives, see >>http://www.ja-sig.org/wiki/display/JSG/cas-user >> >>-- >>You are currently subscribed to [email protected] as: >>[email protected] >>To unsubscribe, change settings or access archives, see >>http://www.ja-sig.org/wiki/display/JSG/cas-user >> > > >-- >You are currently subscribed to [email protected] as: >[email protected] To unsubscribe, change settings or access >archives, >see http://www.ja-sig.org/wiki/display/JSG/cas-user > >-- >You are currently subscribed to [email protected] as: >[email protected] To unsubscribe, change settings or access archives, >see >http://www.ja-sig.org/wiki/display/JSG/cas-user > > >-- >You are currently subscribed to [email protected] as: >[email protected] >To unsubscribe, change settings or access archives, see >http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
