How to close an HTTP port on Apache Tomcat 4?
Hello everybody! I use Apache Tomcat 4.0 as Web Server an I would like to know how I can close an opened port (eg. 8000 or 9000) to avoid that someone can use it to enter in my system. Which configuration files I must modify? Thanks a lot in advance! Luca -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
HELP!! I need urgent information about Tomcat's configuration
Hello everybody! I have the following problem I have installed Internet Information Services (IIS) as Web Server on my local machine and Apache Tomcat 4.0 as plug-in of IIS to support JSP-Servlets (to do this I installed an ISAPI filter in IIS that redirects all my JSP-servlet requests to Tomcat). Until now my Web Server's name was set as localhost but now I have the need to change it because I want to have an Internet domain, es: www.mydomain.com So I need to know the following information: 1)How can I set in my Web Server (IIS) a different name (that is to say www.mydomain.com instead of localhost). 2)What changes must I do in Tomcat's configuration files (server.xml and so on) to make it go on working correctly as plug-in of IIS (given that the server name will change I suspect I must change anything in Tomcat's configuration). 3)Even if I set Tomcat 4 as plug-in of IIS I have seen that it starts in Standalone mode (that is to say as a Web Server) on port 9000, so I would like to know: a) How can I avoid that Tomcat starts in Standalone mode too? b) How can I close an opened port in Tomcat 4.0 (I don't want that someone uses an opened port, eg: 9000, to attack my system!)? Thanks a lot in advance! Luca -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
AW: How to close an HTTP port on Apache Tomcat 4?
Just remove the HTTP Connector entry in server xml. (Asuming that you want to run tomcat behind a web server) -Ursprüngliche Nachricht- Von: Luca Ventura [mailto:[EMAIL PROTECTED]] Gesendet: Freitag, 7. Juni 2002 08:28 An: tomcat-user; tomcat-dev Betreff: How to close an HTTP port on Apache Tomcat 4? I use Apache Tomcat 4.0 as Web Server an I would like to know how I can close an opened port (eg. 8000 or 9000) to avoid that someone can use it to enter in my system. Which configuration files I must modify? -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
R: How to close an HTTP port on Apache Tomcat 4?
Thanks a lot Ralph!:-) Luca -Messaggio originale- Da: Ralph Einfeldt [mailto:[EMAIL PROTECTED]] Inviato: venerdì 7 giugno 2002 8.32 A: Tomcat Users List Oggetto: AW: How to close an HTTP port on Apache Tomcat 4? Just remove the HTTP Connector entry in server xml. (Asuming that you want to run tomcat behind a web server) -Ursprüngliche Nachricht- Von: Luca Ventura [mailto:[EMAIL PROTECTED]] Gesendet: Freitag, 7. Juni 2002 08:28 An: tomcat-user; tomcat-dev Betreff: How to close an HTTP port on Apache Tomcat 4? I use Apache Tomcat 4.0 as Web Server an I would like to know how I can close an opened port (eg. 8000 or 9000) to avoid that someone can use it to enter in my system. Which configuration files I must modify? -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Socrates (slightly off topic)
Somewhat more off-topic: wget was originally included with Mac OS X and was later replaced with curl. Curl has got pretty many features and works just as wget if you give curl the -o flag. Basiclly curl is a browser without support for rendering HTML. Markus On torsdag, juni 6, 2002, at 06:36 , Trenton D. Adams wrote: Great, thanks. Didn't even know about wget or curl. I'll try them out. -Original Message- From: Phillip Morelock [mailto:[EMAIL PROTECTED]] Sent: June 6, 2002 12:03 AM To: Tomcat Users List Subject: Re: Socrates (slightly off topic) If not, anyone know of any good testing programs that access web pages very quickly over and over for testing purposes? wget - _F_ree curl - free perl - _F_ree There are commercial tools, but I haven't used one. fillup On 6/5/02 10:52 PM, Trenton D. Adams [EMAIL PROTECTED] wrote: I've heard of a program called socrates that was posted to this list back in 2000. It was used for testing the performance of Resin and Tomcat. I would like to use it myself for testing. Anyone here might know where it is? If not, anyone know of any good testing programs that access web pages very quickly over and over for testing purposes? -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] For additional commands, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Encrypted passwords in a JDBC Realm
I've just went through the documentation concerning setting up a JDBC Realm as well as some of the MySQL documentation. It seems to me that to use encrypted passwords I need to manually encrypt them before I store them in my database since it is not possible to set the digest attribute in the Realm element to the encryption algorithm MySQL uses for storing passwords (with the function password()). Is this correct? This hardly causes any problems since it's simple to encrypt the password in my application before storing it in the database, but I loose the possibility to manage passwords directly through SQL. Any workaround? Markus -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Apache to Tomcat
How do I set up Tomcat 4.x and Apache so that Tomcat serves as an app server and Apache as the Web server? please help -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Security problem?
Hi all, it might be that I have a security problem and you should tell me if I am right. Well, I have a server with an ecommerce application: an user can buy something a when he has to pay the servlet of the web application executes a redirect to my servlet (in a different server) passing me the sum of money that the user has to pay. Could the user change the sum of money? Is redirect secure? What do you think? If yes how I can solve the problem? Thanks for your help Laura -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
AW: Security problem?
-Ursprüngliche Nachricht- Von: Laura [mailto:[EMAIL PROTECTED]] Gesendet: Freitag, 7. Juni 2002 10:47 An: [EMAIL PROTECTED] Betreff: Security problem? Hi all, it might be that I have a security problem and you should tell me if I am right. Well, I have a server with an ecommerce application: an user can buy something a when he has to pay the servlet of the web application executes a redirect to my servlet (in a different server) passing me the sum of money that the user has to pay. Could the user change the sum of money? Is redirect secure? put the value into an object, serialize it and send the object directly to the other servers app. at best via SSL, or encrypt it yourself ( at least the stored informations ). M.Schwarz -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Security problem?
On 6/7/02 1:47 AM, Laura [EMAIL PROTECTED] wrote: Hi all, it might be that I have a security problem and you should tell me if I am right. Well, I have a server with an ecommerce application: an user can buy something a when he has to pay the servlet of the web application executes a redirect to my servlet (in a different server) passing me the sum of money that the user has to pay. Could the user change the sum of money? Yes. I mean, yes I think so -- but you haven't described the redirect. Is redirect secure? No. A redirect is literally that. It redirects the client to send its request to a different server/page/whatever. This means a cracker could simply set up a system whereby they don't respond to redirects. Instead, they take the information that should be redirected and they alter it in some way, and then just send a request to your second server. To see a redirect in action, telnet to your webserver's port and request a page that uses a redirect. All it says is content moved, a response code, and the new location of the content. The client at this point normally sends the same request to the new location. If I am wrong here, someone please correct me. What do you think? Bad idea. If yes how I can solve the problem? Dunno how you can do it this way without security problems. If you're not keeping track of state, you are in trouble. Clients cannot be trusted. Thanks for your help Laura -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Security problem?
This is one way, there are probably others. By using encryption you can make such a transaction secure. If site X is where they buy the thing and site Y is your site: You could get site X to pass two things: - the amount of money the user is to pay in clear text - the amount of money the user is to pay encrypted with the private key of site X as a digest. On site Y you recieve both. You decrypt the encrypted amount with site X's public key. If the clear text amount matches the encrypted amount then you know the request originates from X and that the user hasn't tampered with the request. If the amounts differ then you know the user has tampered with the request and it should be rejected. Hamish -Original Message- From: Laura [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 10:47 AM To: [EMAIL PROTECTED] Subject: Security problem? Hi all, it might be that I have a security problem and you should tell me if I am right. Well, I have a server with an ecommerce application: an user can buy something a when he has to pay the servlet of the web application executes a redirect to my servlet (in a different server) passing me the sum of money that the user has to pay. Could the user change the sum of money? Is redirect secure? What do you think? If yes how I can solve the problem? Thanks for your help Laura -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Security problem?
On 6/7/02 1:54 AM, Barney Hamish [EMAIL PROTECTED] wrote: - the amount of money the user is to pay encrypted with the private key of site X as a digest. On site Y you recieve both. You decrypt the encrypted amount with site X's public key. If the clear text amount matches the encrypted amount then you know the request originates from X and that the user hasn't tampered with the request. If the amounts differ then you know the user has tampered with the request and it should be rejected. Is this backwards? I thought public keys encrypt and private keys decrypt.. so site X would need to use site Y's public key to encrypt the amount, and site Y would then decrypt it with its private key. Am I wrong? Also, why even send the cleartext version? fillup -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Security problem?
On 6/7/02 1:54 AM, Barney Hamish [EMAIL PROTECTED] wrote: - the amount of money the user is to pay encrypted with the private key of site X as a digest. On site Y you recieve both. You decrypt the encrypted amount with site X's public key. If the clear text amount matches the encrypted amount then you know the request originates from X and that the user hasn't tampered with the request. If the amounts differ then you know the user has tampered with the request and it should be rejected. Is this backwards? I thought public keys encrypt and private keys decrypt.. so site X would need to use site Y's public key to encrypt the amount, and site Y would then decrypt it with its private key. Am I wrong? I don't know if I have to say this, but... I believe that with X.509 certificates there are two courses of action: encrypt A public entity uses the certificate (which is publicly available) to encrypt an object to the owner of the certificate. Only the owner has the private part of the certificate with the private key, which can decrypt the object. sign The owner of the certificate ca use the private part of certificate/key to digitally sign the object. All public entities, who have that certificate, can verify the integrity and authenticity of the object. So, what is suggested is that the shopping cart server creates the final payment report and signs it with it's private key/certificate. The financial transaction server would verify that *that* is an authentic request from the shopping cart server. I must say that this is a bit ellaborate. I think that Java Servlet/JSP should serve as a Web portal towards the Enterprize application. This would be a typical case where the application design would benefit from a real JEE environment. IOW, there would be no redirection, the shopping cart servlet would fire up an Enterprize Java Bean component on the financial transaction server and that EJB would do the work, return the result to the servlet. There is no browser leaving the server, one point of entry. Also, why even send the cleartext version? Why not use HTTPS? It is a must in payment web applications. Nix.
Re: Security problem?
On 6/7/02 2:14 AM, Nikola Milutinovic [EMAIL PROTECTED] wrote: On 6/7/02 1:54 AM, Barney Hamish [EMAIL PROTECTED] wrote: - the amount of money the user is to pay encrypted with the private key of site X as a digest. On site Y you recieve both. You decrypt the encrypted amount with site X's public key. If the clear text amount matches the encrypted amount then you know the request originates from X and that the user hasn't tampered with the request. If the amounts differ then you know the user has tampered with the request and it should be rejected. Is this backwards? I thought public keys encrypt and private keys decrypt.. so site X would need to use site Y's public key to encrypt the amount, and site Y would then decrypt it with its private key. Am I wrong? I don't know if I have to say this, but... I believe that with X.509 certificates there are two courses of action: encrypt A public entity uses the certificate (which is publicly available) to encrypt an object to the owner of the certificate. Only the owner has the private part of the certificate with the private key, which can decrypt the object. sign The owner of the certificate ca use the private part of certificate/key to digitally sign the object. All public entities, who have that certificate, can verify the integrity and authenticity of the object. So, what is suggested is that the shopping cart server creates the final payment report and signs it with it's private key/certificate. The financial transaction server would verify that *that* is an authentic request from the shopping cart server. Ok, it was signing. This still doesn't mean that it's encrypted right? Just that there's a high-tech version of a checksum in a sense? I guess maybe I don't understand signing. I thought that signed files were unencrypted, and that the process of signing generates a sort of MD5-style one-way hash and this is verified against the x.509. Is this wrong? I must say that this is a bit ellaborate. I think that Java Servlet/JSP should serve as a Web portal towards the Enterprize application. This would be a typical case where the application design would benefit from a real JEE environment. IOW, there would be no redirection, the shopping cart servlet would fire up an Enterprize Java Bean component on the financial transaction server and that EJB would do the work, return the result to the servlet. There is no browser leaving the server, one point of entry. Yeah -- the redirect thing sounds like a very bad idea. Nix. fillup -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Security problem?
Public and private keys can both generally be used to encrypt and decrypt.* With this algorithm it's just as hard to try and crack the key in either direction. In fact site X encrypting the message with it's private key is the only way you can be sure that the message originated from site X. Hamish * This is the case for RSA encryption for instance, one of the most widely used public key encryption algorithms. RSA takes advantage of the fact that it's very hard to find the prime factors of very large numbers. The prime factorisation is the private key and the large number is the public key. Both can be used to encrypt the data in analogous ways. -Original Message- From: Nikola Milutinovic [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 11:14 AM To: Tomcat Users List Subject: Re: Security problem? On 6/7/02 1:54 AM, Barney Hamish [EMAIL PROTECTED] wrote: - the amount of money the user is to pay encrypted with the private key of site X as a digest. On site Y you recieve both. You decrypt the encrypted amount with site X's public key. If the clear text amount matches the encrypted amount then you know the request originates from X and that the user hasn't tampered with the request. If the amounts differ then you know the user has tampered with the request and it should be rejected. Is this backwards? I thought public keys encrypt and private keys decrypt.. so site X would need to use site Y's public key to encrypt the amount, and site Y would then decrypt it with its private key. Am I wrong? I don't know if I have to say this, but... I believe that with X.509 certificates there are two courses of action: encrypt A public entity uses the certificate (which is publicly available) to encrypt an object to the owner of the certificate. Only the owner has the private part of the certificate with the private key, which can decrypt the object. sign The owner of the certificate ca use the private part of certificate/key to digitally sign the object. All public entities, who have that certificate, can verify the integrity and authenticity of the object. So, what is suggested is that the shopping cart server creates the final payment report and signs it with it's private key/certificate. The financial transaction server would verify that *that* is an authentic request from the shopping cart server. I must say that this is a bit ellaborate. I think that Java Servlet/JSP should serve as a Web portal towards the Enterprize application. This would be a typical case where the application design would benefit from a real JEE environment. IOW, there would be no redirection, the shopping cart servlet would fire up an Enterprize Java Bean component on the financial transaction server and that EJB would do the work, return the result to the servlet. There is no browser leaving the server, one point of entry. Also, why even send the cleartext version? Why not use HTTPS? It is a must in payment web applications. Nix. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Security problem?
On 6/7/02 2:23 AM, Barney Hamish [EMAIL PROTECTED] wrote: Public and private keys can both generally be used to encrypt and decrypt.* With this algorithm it's just as hard to try and crack the key in either direction. In fact site X encrypting the message with it's private key is the only way you can be sure that the message originated from site X. Hamish * This is the case for RSA encryption for instance, one of the most widely used public key encryption algorithms. RSA takes advantage of the fact that it's very hard to find the prime factors of very large numbers. The prime factorisation is the private key and the large number is the public key. Both can be used to encrypt the data in analogous ways. Did not know that! Good stuff, thanks for the explanation. fillup -Original Message- From: Nikola Milutinovic [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 11:14 AM To: Tomcat Users List Subject: Re: Security problem? On 6/7/02 1:54 AM, Barney Hamish [EMAIL PROTECTED] wrote: - the amount of money the user is to pay encrypted with the private key of site X as a digest. On site Y you recieve both. You decrypt the encrypted amount with site X's public key. If the clear text amount matches the encrypted amount then you know the request originates from X and that the user hasn't tampered with the request. If the amounts differ then you know the user has tampered with the request and it should be rejected. Is this backwards? I thought public keys encrypt and private keys decrypt.. so site X would need to use site Y's public key to encrypt the amount, and site Y would then decrypt it with its private key. Am I wrong? I don't know if I have to say this, but... I believe that with X.509 certificates there are two courses of action: encrypt A public entity uses the certificate (which is publicly available) to encrypt an object to the owner of the certificate. Only the owner has the private part of the certificate with the private key, which can decrypt the object. sign The owner of the certificate ca use the private part of certificate/key to digitally sign the object. All public entities, who have that certificate, can verify the integrity and authenticity of the object. So, what is suggested is that the shopping cart server creates the final payment report and signs it with it's private key/certificate. The financial transaction server would verify that *that* is an authentic request from the shopping cart server. I must say that this is a bit ellaborate. I think that Java Servlet/JSP should serve as a Web portal towards the Enterprize application. This would be a typical case where the application design would benefit from a real JEE environment. IOW, there would be no redirection, the shopping cart servlet would fire up an Enterprize Java Bean component on the financial transaction server and that EJB would do the work, return the result to the servlet. There is no browser leaving the server, one point of entry. Also, why even send the cleartext version? Why not use HTTPS? It is a must in payment web applications. Nix. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Security problem?
So, what is suggested is that the shopping cart server creates the final payment report and signs it with it's private key/certificate. The financial transaction server would verify that *that* is an authentic request from the shopping cart server. Ok, it was signing. This still doesn't mean that it's encrypted right? Just that there's a high-tech version of a checksum in a sense? I guess maybe I don't understand signing. I thought that signed files were unencrypted, and that the process of signing generates a sort of MD5-style one-way hash and this is verified against the x.509. Is this wrong? Just as Barney Hamish pointed out, with RSA (and I think DSA) keys, you can encrypt/decript both ways. It is just that these two modes of operation have been established as common. And yes, a signed object is not encrypted. What would we encript it with? Our private key? the anyone can decrypt it with our public key, so what's the point? There is a third mode of operation, which is a combination of the two. Say we both have digital certificates and we exchange public parts. Then I can digitally sign a message from me to you, using my private key and encrypt it all with your public key. That message is decryptabel only by you and using my public key, you can verify that the mesage came from me. They used to call it digital handshake. I believe it is a part of SSL/TLS handshake. Yeah -- the redirect thing sounds like a very bad idea. Yup. Nix.
Major server crash due to BAD packet
Hi, there! I just had a major server crash with tomcat 4.0.3 caused by a bad packet. The exception was probably caused by POSTing (For some reason it says GET in the dump ) a lost of data to a servlet, but I cant tell for sure. Does anyone know what this could be? Cheers, Stef. BAD packet 18245 In: : [B@a68ef9 4/21540 47 45 54 20 00 00 00 00 00 00 00 00 00 00 00 00 | GET. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | java.lang.ArrayIndexOutOfBoundsException at org.apache.ajp.Ajp13Packet.hexLine(Ajp13Packet.java:532) at org.apache.ajp.Ajp13Packet.dump(Ajp13Packet.java:550) at org.apache.ajp.Ajp13Packet.checkIn(Ajp13Packet.java:204) at org.apache.ajp.Ajp13.receive(Ajp13.java:479) at org.apache.ajp.Ajp13.receiveNextRequest(Ajp13.java:274) at org.apache.ajp.tomcat4.Ajp13Processor.process(Ajp13Processor.java:371) at org.apache.ajp.tomcat4.Ajp13Processor.run(Ajp13Processor.java:495) at java.lang.Thread.run(Thread.java:536) java.lang.NullPointerException at org.apache.catalina.connector.http.HttpResponseStream.checkHead(HttpResponseStream.java:253) at org.apache.catalina.connector.http.HttpResponseStream.init(HttpResponseStream.java:104) at org.apache.catalina.connector.http.HttpResponseImpl.createOutputStream(HttpResponseImpl.java:220) at org.apache.catalina.connector.ResponseBase.getOutputStream(ResponseBase.java:725) at org.apache.catalina.connector.ResponseBase.finishResponse(ResponseBase.java:469) at org.apache.catalina.connector.HttpResponseBase.finishResponse(HttpResponseBase.java:236) at org.apache.catalina.connector.http.HttpResponseImpl.finishResponse(HttpResponseImpl.java:288) at org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor.java:1039) at org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java:1107) at java.lang.Thread.run(Thread.java:536) java.lang.NullPointerException at org.apache.catalina.connector.http.HttpResponseStream.checkHead(HttpResponseStream.java:253) at org.apache.catalina.connector.http.HttpResponseStream.init(HttpResponseStream.java:104) at org.apache.catalina.connector.http.HttpResponseImpl.createOutputStream(HttpResponseImpl.java:220) at org.apache.catalina.connector.ResponseBase.getOutputStream(ResponseBase.java:725) at org.apache.catalina.connector.ResponseBase.finishResponse(ResponseBase.java:469) at org.apache.catalina.connector.HttpResponseBase.finishResponse(HttpResponseBase.java:236) at org.apache.catalina.connector.http.HttpResponseImpl.finishResponse(HttpResponseImpl.java:288) at org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor.java:1039) at org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java:1107) at java.lang.Thread.run(Thread.java:536) Stopping service Tomcat-Standalone Stopping service Tomcat-Apache -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
AW: Security problem?
This is one way, there are probably others. By using encryption you can make such a transaction secure. If site X is where they buy the thing and site Y is your site: You could get site X to pass two things: - the amount of money the user is to pay in clear text - the amount of money the user is to pay encrypted with the private key of site X as a digest. IMHO, the first step of a cracked key. If you send the encrypted message as plain text, you give anyone who tries to crack that key a major hint. @Laura: just send the encrypted data, nothing else. Keeps your secret key a secret. If anyone tries to change the amount of money , the decrypter can tell you that. And i suggest to send more encrypted data as you need to send. With this an attacker can't guess which of the cracked decrypted data is correct, which makes it harder to a brute force attack to get throu, even if the key get cracked by random tries :-) M.Schwarz -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Security problem?
On 6/7/02 2:30 AM, Nikola Milutinovic [EMAIL PROTECTED] wrote: Just as Barney Hamish pointed out, with RSA (and I think DSA) keys, you can encrypt/decript both ways. It is just that these two modes of operation have been established as common. And yes, a signed object is not encrypted. What would we encript it with? Our private key? the anyone can decrypt it with our public key, so what's the point? There is a third mode of operation, which is a combination of the two. Say we both have digital certificates and we exchange public parts. Then I can digitally sign a message from me to you, using my private key and encrypt it all with your public key. That message is decryptabel only by you and using my public key, you can verify that the mesage came from me. They used to call it digital handshake. I believe it is a part of SSL/TLS handshake. It's true what they say -- learn something new every day! Nix. fillup -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Security problem?
The point of encrypting with the private key is exactly that it can be decrypted by anyone _with_ the public key. If a message can be decrypted with the public key then that means that only the someone who knows the private key could have encrypted it. In our example, if you're sure that the only person that knows site X's private key is Site X itself then you can be sure that the message originated from site X. In response to M. Schwarz, with public key encryption schemes know the clear text of really doesn't help very much at cracking the private key. Besides which, the user (presumably) knows what the price of the thing they are buy anyway right? So they know what the cleartext of the message is whether it's sent with the message or not. Although this does bring to my mind a real weakness in my suggestion. Once the user knows the Cypher text for $1 they can just resend the price for whatever they want as $1. A nonce or something similar is therefore required in the cyphertext to prevent from this kind of attack. Certificate Authorities for instance always sign the key's they issue with their private key (or certificate). This signature can then be decrypted with the certificate authority's public key confirming that the certificate was in fact issued by that certificate authority as sent by the website. Do you really think CA's would use such a technique if it allowed people to crack they're private key? That's one of the attractive properties of algorithms like RSA. Knowledge of the algorithm and the public key don't help you find the private key because finding the prime factors of a number is a hard problem and takes a _long_ time... Even knowing the cleartext of a couple of messages doesn't really help. Hamish -Original Message- From: Nikola Milutinovic [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 11:31 AM To: Tomcat Users List Subject: Re: Security problem? So, what is suggested is that the shopping cart server creates the final payment report and signs it with it's private key/certificate. The financial transaction server would verify that *that* is an authentic request from the shopping cart server. Ok, it was signing. This still doesn't mean that it's encrypted right? Just that there's a high-tech version of a checksum in a sense? I guess maybe I don't understand signing. I thought that signed files were unencrypted, and that the process of signing generates a sort of MD5-style one-way hash and this is verified against the x.509. Is this wrong? Just as Barney Hamish pointed out, with RSA (and I think DSA) keys, you can encrypt/decript both ways. It is just that these two modes of operation have been established as common. And yes, a signed object is not encrypted. What would we encript it with? Our private key? the anyone can decrypt it with our public key, so what's the point? There is a third mode of operation, which is a combination of the two. Say we both have digital certificates and we exchange public parts. Then I can digitally sign a message from me to you, using my private key and encrypt it all with your public key. That message is decryptabel only by you and using my public key, you can verify that the mesage came from me. They used to call it digital handshake. I believe it is a part of SSL/TLS handshake. Yeah -- the redirect thing sounds like a very bad idea. Yup. Nix. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
AW: Security problem?
HTTPS Alone won't help much in the described szenario. HTTPS can't enshure that the user is not manipulating the request. To disable that you have to sign the data. I think it's better to use a complete different architecture. If this has to be done with EJB as you suggest, a WebService over HTTPS or any other server2server communcationis a different topic) -Ursprüngliche Nachricht- Von: Nikola Milutinovic [mailto:[EMAIL PROTECTED]] Gesendet: Freitag, 7. Juni 2002 11:14 An: Tomcat Users List Betreff: Re: Security problem? Why not use HTTPS? It is a must in payment web applications. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: AW: Security problem?
Hi all, thanks for your advices. Well, I have never worked with encryption. Well I know what is RSA, but how can I implement it? Do I have to install something? What have I to use to implement ansd use an RSA alghoritm? Thanks Laura Alle 11:33, venerdì 7 giugno 2002, Power-Netz \(Schwarz\) ha scritto: This is one way, there are probably others. By using encryption you can make such a transaction secure. If site X is where they buy the thing and site Y is your site: You could get site X to pass two things: - the amount of money the user is to pay in clear text - the amount of money the user is to pay encrypted with the private key of site X as a digest. IMHO, the first step of a cracked key. If you send the encrypted message as plain text, you give anyone who tries to crack that key a major hint. @Laura: just send the encrypted data, nothing else. Keeps your secret key a secret. If anyone tries to change the amount of money , the decrypter can tell you that. And i suggest to send more encrypted data as you need to send. With this an attacker can't guess which of the cracked decrypted data is correct, which makes it harder to a brute force attack to get throu, even if the key get cracked by random tries :-) M.Schwarz -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
tomcat with IIS
We are attempting to get IIS to work with Tomcat such that IIS forwards JSP requests to Tomcat and otherwise handles static content. Has anyone gotten this to work? Thanks, Chris
RE: tomcat with IIS
Use hard links (FQ URL eg. http://wwwiis.xxx.com/graphics1.gif vs. ./graphics1.gif) on your jsp pages ref the static content on the IIS service. Question is why would you want to - twice the risk of being hacked. -Original Message- From: Chris Ruegger [mailto:[EMAIL PROTECTED]] Sent: 07 June 2002 12:24 To: Tomcat Users List Subject: tomcat with IIS We are attempting to get IIS to work with Tomcat such that IIS forwards JSP requests to Tomcat and otherwise handles static content. Has anyone gotten this to work? Thanks, Chris -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: tomcat with IIS
Steve, I think you misunderstood my question. Here is what we want to do. We want to put all of our files, static html, images, jsps under the IIS server and tell Tomcat that its docroot is under IIS (point to the IIS docroot from Tomcat's server.xml file) When the user asks for an HTML page, they get it from IIS. When they ask for a JSP page *from IIS*, IIS forwards the request to Tomcat, acting as a proxy. We are trying to use the isapi_redirect.dll within IIS and it's not forwarding JSP/servlet requests. -Chris - Original Message - From: Steven Sporen [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Friday, June 07, 2002 6:20 AM Subject: RE: tomcat with IIS Use hard links (FQ URL eg. http://wwwiis.xxx.com/graphics1.gif vs. ./graphics1.gif) on your jsp pages ref the static content on the IIS service. Question is why would you want to - twice the risk of being hacked. -Original Message- From: Chris Ruegger [mailto:[EMAIL PROTECTED]] Sent: 07 June 2002 12:24 To: Tomcat Users List Subject: tomcat with IIS We are attempting to get IIS to work with Tomcat such that IIS forwards JSP requests to Tomcat and otherwise handles static content. Has anyone gotten this to work? Thanks, Chris -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
AW: Security problem?
In response to M. Schwarz, with public key encryption schemes know the clear text of really doesn't help very much at cracking the private key. Besides which, the user (presumably) knows what the price of the thing they are buy anyway right? So they know what the cleartext of the message is whether it's sent with the message or not. Although this does bring to my mind a real weakness in my suggestion. Once no, they know only the price, not the form of the data, which of course can be different in the encrypted data as in the clear text, which was my weakness :) M.Schwarz -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
AW: AW: Security problem?
Hi all, thanks for your advices. Well, I have never worked with encryption. Well I know what is RSA, but how can I implement it? Do I have to install something? What have I to use to implement ansd use an RSA alghoritm? javax.crypto classes could help you. M.Schwarz -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
secure aplications with JDBCRealm
Hi ! I am trying to secure my application thought JDBCRealm # 2002-06-07 12:24:05 - Ctx(/Myaplication) : Exception in R( /Myaplication + + null) - java.lang.RuntimeException: JDBCRealm.checkConnection: java.lang.ClassNotFoundException: org.gjt.mm.mysql.Driver at org.apache.tomcat.modules.aaa.JDBCRealm.checkConnection(JDBCRealm.java:307) at org.apache.tomcat.modules.aaa.JDBCRealm.getCredentials(JDBCRealm.java:239) at org.apache.tomcat.modules.aaa.RealmBase.checkPassword(RealmBase.java:212) at org.apache.tomcat.modules.aaa.RealmBase.authenticate(RealmBase.java:193) at org.apache.tomcat.core.Request.getRemoteUser(Request.java:575) at org.apache.tomcat.modules.aaa.AccessInterceptor.authorize(AccessInterceptor.java:359) at org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:902) at org.apache.tomcat.core.ContextManager.service(ContextManager.java:833) at org.apache.tomcat.modules.server.Ajp13Interceptor.processConnection(Ajp13Interceptor.java:341) at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:494) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:516) at java.lang.Thread.run(Thread.java:479) server.xml JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://myhost.dec.es/tomcat userTable=user userNameCol=user_name userCredCol=user_pass userRoleTable=user_roles roleNameCol=role_name / -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: tomcat with IIS
Hi, I take it you've read through something along the lines of http://www.aoindustries.com/docs/jakarta-tomcat-3.2b6/tomcat-iis-howto.h tml And done http://www.google.com/search?hl=enie=UTF8oe=UTF8q=isapi_redirect.dll; btnG=Google+Search Have you confirmed that the ISAPI filter is installed into IIS? Are the registry keys confirmed correctly. These change be checked by IIS Manager | ServerName | Properties | WWW Service | Properties | ISAPI Filter I'm hoping some guru will one day have the inclination of writing an APP Filter for .jsp on IIS. As a side note any good firewall allows you to route directories to different servers so you could potentially drop the ISAPI filter. This is a good thing because (although I haven't looked at the code) ISAPI filters are typically how IIS is compromised. Regards Steven -Original Message- From: Chris Ruegger [mailto:[EMAIL PROTECTED]] Sent: 07 June 2002 12:35 To: Tomcat Users List Subject: Re: tomcat with IIS Steve, I think you misunderstood my question. Here is what we want to do. We want to put all of our files, static html, images, jsps under the IIS server and tell Tomcat that its docroot is under IIS (point to the IIS docroot from Tomcat's server.xml file) When the user asks for an HTML page, they get it from IIS. When they ask for a JSP page *from IIS*, IIS forwards the request to Tomcat, acting as a proxy. We are trying to use the isapi_redirect.dll within IIS and it's not forwarding JSP/servlet requests. -Chris - Original Message - From: Steven Sporen [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Friday, June 07, 2002 6:20 AM Subject: RE: tomcat with IIS Use hard links (FQ URL eg. http://wwwiis.xxx.com/graphics1.gif vs. ./graphics1.gif) on your jsp pages ref the static content on the IIS service. Question is why would you want to - twice the risk of being hacked. -Original Message- From: Chris Ruegger [mailto:[EMAIL PROTECTED]] Sent: 07 June 2002 12:24 To: Tomcat Users List Subject: tomcat with IIS We are attempting to get IIS to work with Tomcat such that IIS forwards JSP requests to Tomcat and otherwise handles static content. Has anyone gotten this to work? Thanks, Chris -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: tomact not staring
hi shapira ..well u r right.. tomcat 4.0.3 is working at my home not the new one.. i'll try that out and if i stuck i'll let u know tahnx a lot u all developers Puneet --- Shapira, Yoav [EMAIL PROTECTED] wrote: Howdy, We're going to need a bit more than that to help you ;) 1) How do you know the tomcat script is picking up your environment variable settings? 2) 4.0.4 is beta. I'd suggest starting out with a stable release, e.g. 4.0.3. 3) Is there any output at all to the tomcat logs, e.g. Catalina.out? If so, what's the output? 4) Are you trying to run it as a service, or from the command-line? Post a big more info (and maybe spell-check ;)), and I'm sure the list will solve your problem in no time, Yoav Shapira Millennium ChemInformatics -Original Message- From: puneet sachar [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 2:56 PM To: Tomcat Users List Subject: tomact not staring what ever is neede ...i have set all java homes and catalina home.. and its picking it up also but when it is abt to satrt the tomcat amessage come.. bad command of file name seriously is tomcat 4.0.4 is for Nt users cos its written in startup.bat file .. NT users... plz help me Puneet __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- To unsubscribe, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] For additional commands, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Tomcat+Apache
Hello! My english is bad, sorry. I need integrated Tomcat with Apache. :-? Please help! PD: si alguien sabe como integrar Tomcat bajo apache con una RedHat que me eche un cablecito, por favor. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Configuration
What is the best solution for integrating tomcat and apache on a Solaris 8 system? Meaning what version of Apache, Tomcat and what connector should I use( mod_jk or webapps). Thanks in advance. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Tomcat+Apache
http://jakarta.apache.org/tomcat/tomcat-4.0-doc/config/ajp.html -Original Message- From: Vico Palomino, José Antonio [mailto:[EMAIL PROTECTED]] Sent: 07 June 2002 11:44 To: 'Tomcat Users List' Subject: Tomcat+Apache Importance: High Hello! My english is bad, sorry. I need integrated Tomcat with Apache. :-? Please help! PD: si alguien sabe como integrar Tomcat bajo apache con una RedHat que me eche un cablecito, por favor. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify [EMAIL PROTECTED] This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. **
AW: Tomcat 4.0.1 and memory usage
I use a batch-file that looks like that - @echo off echo echo Usage: %0 jdk_home tomcat_home (classic/hotspot/server) echo NOTE:You MAY NOT use spaces in the path names. If you know how echo to fix this, please tell me. echo JDK 1.3 does not come with hotpot server by default, you must echo install this seperately if you wish to use it. echo Example: %0 c:\progra~1\jdk c:\progra~1\tomcat hotspot echo if %1 == goto eof if %2 == goto eof if %3 == goto eof copy JavaService.exe %2\bin\TomcatNtService.exe nul %2\bin\TomcatNtService.exe -install Tomcat %1\jre\bin\%3\jvm.dll -Djava.class.path=%2\bin\bootstrap.jar;%2\bin\servlet.jar;%1\lib\tools.jar -Dcatalina.home=%2 -Xmx128m -Xms30m -start org.apache.catalina.startup.Bootstrap -params start -stop org.apache.catalina.startup.Bootstrap;%2\common\lib\Opta2000.jar -params stop -out %2\logs\stdout.log -err %2\logs\stderr.log -current %2\bin goto eof :eof pause - This file I call with the following batch-file - echo installTomcat.bat [Der Pfad zum jdk] [Der Pfad zu Tomcat] [Typ der Virtual Machine] installTomcat.bat c:\jdk1.3.1 c:\tomcat classic pause - When working with Nt-Service I had to use the classic VM to manage the resource-consumpsion. mit freundlichen Grussen Galexis AG Beat Friedli . SW-Entwicklung (DDIS/ASW) Grubenstrasse 11 . CH-3322 Schoenbuehl tel: +41 (0)31 858 72 32 . fax: +41 (0)31 858 78 81 -Ursprungliche Nachricht- Von: Tia Haenni [mailto:[EMAIL PROTECTED]] Gesendet: Donnerstag, 6. Juni 2002 23:39 An: Tomcat Users List Betreff: Tomcat 4.0.1 and memory usage I have searched the archives for this topic, but I need more information to understand. I need to limit the amount of memory used by Tomcat. I have Tomcat 4.0.1 running as an nt service on a Windows 2000 server box with redirects coming from IIS 5.0. I heard of using java -verbosegc to monitor gc, but as the service points at tomcat_home\bin\tomcat.exe, I don't know where this should be set. I understand the concept of setting for the JVM -Xmx###m and -Xms###m where ### is the amount of RAM to allocate for Tomcat, but again I do not know where this is set. Please help. TIA -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE:access to secure aplications with JDBCRealm authentification
Hi ! I am trying to secure my application thought JDBCRealm When I access to my application and after introducing the required user and password I have the following error. # 2002-06-07 12:24:05 - Ctx(/Myaplication) : Exception in R( /Myaplication + + null) - java.lang.RuntimeException: JDBCRealm.checkConnection: java.lang.ClassNotFoundException: org.gjt.mm.mysql.Driver at org.apache.tomcat.modules.aaa.JDBCRealm.checkConnection(JDBCRealm.java:307) at org.apache.tomcat.modules.aaa.JDBCRealm.getCredentials(JDBCRealm.java:239) at org.apache.tomcat.modules.aaa.RealmBase.checkPassword(RealmBase.java:212) at org.apache.tomcat.modules.aaa.RealmBase.authenticate(RealmBase.java:193) at org.apache.tomcat.core.Request.getRemoteUser(Request.java:575) at org.apache.tomcat.modules.aaa.AccessInterceptor.authorize(AccessInterceptor.java:359) at org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:902) at org.apache.tomcat.core.ContextManager.service(ContextManager.java:833) at org.apache.tomcat.modules.server.Ajp13Interceptor.processConnection(Ajp13Interceptor.java:341) at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:494) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:516) at java.lang.Thread.run(Thread.java:479) where should be the org.gjt.mm.mysql.Driver driver? and where is especified the location of the driver? server.xml JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://myhost.dec.es/tomcat userTable=user userNameCol=user_name userCredCol=user_pass userRoleTable=user_roles roleNameCol=role_name / -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: access to secure aplications with JDBCRealm authentification
Depends of course. If you want to make the package visible to all webapps, then you place it in /common/lib There are docs on this on the tomcat homepage. Stef. -Original Message- From: Urtzi Larrazabal [mailto:[EMAIL PROTECTED]] Sent: Freitag, 7. Juni 2002 13:43 To: Tomcat Users List (E-mail) Subject: RE:access to secure aplications with JDBCRealm authentification Hi ! I am trying to secure my application thought JDBCRealm When I access to my application and after introducing the required user and password I have the following error. # 2002-06-07 12:24:05 - Ctx(/Myaplication) : Exception in R( /Myaplication + + null) - java.lang.RuntimeException: JDBCRealm.checkConnection: java.lang.ClassNotFoundException: org.gjt.mm.mysql.Driver at org.apache.tomcat.modules.aaa.JDBCRealm.checkConnection(JDBCRealm.java:3 07) at org.apache.tomcat.modules.aaa.JDBCRealm.getCredentials(JDBCRealm.java:23 9) at org.apache.tomcat.modules.aaa.RealmBase.checkPassword(RealmBase.java:212 ) at org.apache.tomcat.modules.aaa.RealmBase.authenticate(RealmBase.java:193) at org.apache.tomcat.core.Request.getRemoteUser(Request.java:575) at org.apache.tomcat.modules.aaa.AccessInterceptor.authorize(AccessIntercep tor.java:359) at org.apache.tomcat.core.ContextManager.internalService(ContextManager.jav a:902) at org.apache.tomcat.core.ContextManager.service(ContextManager.java:833) at org.apache.tomcat.modules.server.Ajp13Interceptor.processConnection(Ajp1 3Interceptor.java:341) at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:49 4) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool .java:516) at java.lang.Thread.run(Thread.java:479) where should be the org.gjt.mm.mysql.Driver driver? and where is especified the location of the driver? server.xml JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://myhost.dec.es/tomcat userTable=user userNameCol=user_name userCredCol=user_pass userRoleTable=user_roles roleNameCol=role_name / -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
AW: access to secure aplications with JDBCRealm authentification
Put it in the common/lib mit freundlichen Grüssen Galexis AG Beat Friedli · SW-Entwicklung (DDIS/ASW) Grubenstrasse 11 · CH-3322 Schoenbuehl tel: +41 (0)31 858 72 32 · fax: +41 (0)31 858 78 81 -Ursprüngliche Nachricht- Von: Urtzi Larrazabal [mailto:[EMAIL PROTECTED]] Gesendet: Freitag, 7. Juni 2002 13:43 An: Tomcat Users List (E-mail) Betreff: RE:access to secure aplications with JDBCRealm authentification Hi ! I am trying to secure my application thought JDBCRealm When I access to my application and after introducing the required user and password I have the following error. # 2002-06-07 12:24:05 - Ctx(/Myaplication) : Exception in R( /Myaplication + + null) - java.lang.RuntimeException: JDBCRealm.checkConnection: java.lang.ClassNotFoundException: org.gjt.mm.mysql.Driver at org.apache.tomcat.modules.aaa.JDBCRealm.checkConnection(JDBCRe alm.java:307) at org.apache.tomcat.modules.aaa.JDBCRealm.getCredentials(JDBCRea lm.java:239) at org.apache.tomcat.modules.aaa.RealmBase.checkPassword(RealmBas e.java:212) at org.apache.tomcat.modules.aaa.RealmBase.authenticate(RealmBase .java:193) at org.apache.tomcat.core.Request.getRemoteUser(Request.java:575) at org.apache.tomcat.modules.aaa.AccessInterceptor.authorize(Acce ssInterceptor.java:359) at org.apache.tomcat.core.ContextManager.internalService(ContextM anager.java:902) at org.apache.tomcat.core.ContextManager.service(ContextManager.java:833) at org.apache.tomcat.modules.server.Ajp13Interceptor.processConne ction(Ajp13Interceptor.java:341) at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoi nt.java:494) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run( ThreadPool.java:516) at java.lang.Thread.run(Thread.java:479) where should be the org.gjt.mm.mysql.Driver driver? and where is especified the location of the driver? server.xml JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://myhost.dec.es/tomcat userTable=user userNameCol=user_name userCredCol=user_pass userRoleTable=user_roles roleNameCol=role_name / -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: AW: Security problem?
There's been a lot of discussion already reguarding Public Key Cryptography. Just to make sure I am reading your post correctly, the process is the following: 1. user adds items to shopping cart on e-commerce server A 2. when user is ready to check out, the following process occurs. e-commerce server A sends total your servlet on server B 3. servlet on Server B performs actual transaction and charges the credit card. servlet on Server B sends message saying paid e-commerce server A 4. e-commerce server A then finishes the checkout process and saves the order. If that is an accurate description of the process flow, there are several very important issues that have to taken into consideration, which are due to tax and other laws. A business is not allowed to charge a credit card, until it has the product ready to ship. Therefore in step 3, the only thing the system should do is verify the credit card is valid. I'm guessing this isn't a amazon size e-commerce site, so you really don't need step 3 at all. Depending on which third party site you use to verify the credit card, their own process will determine the protocol for step #3. In general terms, you don't want to use redirect for processes that involve money and credit card information. If you're just sending a total, there's no need to encrypt it. encrypting 32.99 doesn't make much sense. On the otherhand, if you are sending credit card and other sensitive information, then definitely use SSL. There's a variety of ways to do RPC (remote procedure calling), so that is a lengthy topic. You may have to go with an application server, since that is what they are designed to do. If you want more detailed help from the mailing list, providing more details about the process flow would help. peter Laura wrote: Hi all, thanks for your advices. Well, I have never worked with encryption. Well I know what is RSA, but how can I implement it? Do I have to install something? What have I to use to implement ansd use an RSA alghoritm? Thanks Laura -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Configuration
Subject: Re: Configuration From: Bruno V [EMAIL PROTECTED] === There are some info on Jguru. Let me know if you find more pages. Check mod_jk (APJ13) by Detlev Beutner : http://www.acg-gmbh.de/mod_jk/solaris/index.htm http://bruno.vernay.free.fr/HowTo/Apache-tomcat/bWebServer/references.html -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Details on IIS/Tomcat Question
Hi, my colleague Chris got here before I had signed onto the group, but let me fill in some details about our attempt to get IIS to work with Tomcat. We want to do this because we have JSP files sharing directories with static HTML files, *and* we also have Cold Fusion files. This is Tomcat 4.0.3 on Windows 2000. I created a web site in IIS, and configured it to intercept all requests on port 8765. I set its root directory to the webapps directory in the Tomcat installation. I added a virtual directory called jakarta, with root directory in the Tomcat bin directory. The DLL that was present in the FTP area was isapi_redirector.dll. I registered it as an ISAPI filter, and got a green arrow when I restarted the site. In SERVER.XML, after the Server tag, I added the tag Listener className=org.apache.ajp.tomcat4.config.IISConfig / After the Host tag with name localhost, I added the tag Listener className=org.apache.ajp.tomcat4.config.IISConfig noRoot=false forwardAll=false append=true / I added the noRoot and forwardAll attributes late during my attempts to get this to work. They had no effect on the results as far as the JSP pages are concerned. I uncommented the Context tag for the root path. Here's my iis_redirect.reg, which I have loaded into the Registry: REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Jakarta Isapi Redirector\1.0] extension_uri=/jakarta/isapi_redirect.dll log_file=..\\logs\\iis_redirect.log log_level=emerg worker_file=..\\conf\\jk\\workers.properties worker_mount_file=..\\conf\\auto\\uriworkermap.properties The uniworkermap.properties file is exactly as Tomcat created it. In the jk directory I added file worker.properties, including the following entries that differ from the version in the ajp.html document: worker.tomcat_home=C:\tomcat\jakarta-tomcat-4.0.3 worker.java_home=C:\jdk1.3.0_02 I created a JAVA_HOME environment variable, pointing to C:\jdk1.3.0_02. I couldn't help noticing that the extension_uri in the Registry entry has isapi_redirect.dll instead of isapi_redirectOR.dll. I finally noticed that the instructions say to download the Tomcat 3.3 isapi_redirect.dll! Then why is there a file with a different name in the Tomcat 4.0.3 area, and what's THAT supposed to be for? Anyway, I downloaded isapi_redirect.dll, and substituted it for the other file in the ISAPI Filters config. I get a RED arrow. Why should that be? Anyway, even before switching the ISAPI filter, a request for http://myserver:8765/examples/jsp/colors/colors.html works, but a request for http://localhost:8765/examples/jsp/colors/colrs.jsp?color1=redcolor2=bl ueaction=Submit gives me The specified module could not be found. Using Tomcat's built-in HTTP service, http://localhost:8080/examples/jsp/colors/colrs.jsp?color1=redcolor2=bl ueaction=Submit does work, so Tomcat itself isn't the problem, it's the redirection. In fact, the log file, iis_redirect.txt, that's supposed to appear in the logs directory, never does. Any thoughts? Harlan Messinger -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Details on IIS/Tomcat Question
I couldn't help noticing that the extension_uri in the Registry entry has isapi_redirect.dll instead of isapi_redirectOR.dll. I finally noticed that the instructions say to download the Tomcat 3.3 isapi_redirect.dll! Then why is there a file with a different name in the Tomcat 4.0.3 area, and what's THAT supposed to be for? Anyway, I downloaded isapi_redirect.dll, and substituted it for the other file in the ISAPI Filters config. I get a RED arrow. Why should that be? Your are correct, the registry entry is wrong. Switch back to the 4.0 DLL and change the registry value to isapi_redirector.dll. This may not fix all the problems but at least you should get a green arrow again. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Problems in redirecting requests from IIS to Tomcat 4
Hello everybody! I have installed Internet Information Services (IIS) as Web Server and Apache Tomcat 4.0 as plug-in of IIS to support JSP-Servlets (to do this I installed an ISAPI filter in IIS that redirects all my JSP-servlet requests to Tomcat). All works fine when I am on localhost but if I use another domain for my Web Server (e.g: www.mydomain.com) I have the following problem: when I try to connect to a site that must be redirected to Tomcat 4 (because it contains JSP pages or servlets), IIS ask me a login or a password to access to it. For example: i try to connect to the url http://www.mydomain.com/mysite; and mysite is a web application defined in webapps folder of tomcat (the document folder is in webapps\mysite\web-inf). What can I do to avoid IIS asks me a password or a login? I want that all users that connects to my site are redirected to Tomcat without asking any login and password I think the problem it isn't in Tomcat's configuration but in IIS's configurationbut I can be wrong. I hope someone can help me...thanks i advance! Luca -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Problems in redirecting requests from IIS to Tomcat 4
If I recall... Go to the Properties page of the web server and select the Directory Security tab. Click the Edit button for Anonymous Access and Authentication Control. Select Anonymous Access and un-select everything under Authenticated Access. HTH -Original Message- From: Luca Ventura [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 8:38 AM To: tomcat-dev; tomcat-user Subject: Problems in redirecting requests from IIS to Tomcat 4 Hello everybody! I have installed Internet Information Services (IIS) as Web Server and Apache Tomcat 4.0 as plug-in of IIS to support JSP-Servlets (to do this I installed an ISAPI filter in IIS that redirects all my JSP-servlet requests to Tomcat). All works fine when I am on localhost but if I use another domain for my Web Server (e.g: www.mydomain.com) I have the following problem: when I try to connect to a site that must be redirected to Tomcat 4 (because it contains JSP pages or servlets), IIS ask me a login or a password to access to it. For example: i try to connect to the url http://www.mydomain.com/mysite; and mysite is a web application defined in webapps folder of tomcat (the document folder is in webapps\mysite\web-inf). What can I do to avoid IIS asks me a password or a login? I want that all users that connects to my site are redirected to Tomcat without asking any login and password I think the problem it isn't in Tomcat's configuration but in IIS's configurationbut I can be wrong. I hope someone can help me...thanks i advance! Luca -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
R: Problems in redirecting requests from IIS to Tomcat 4
Hello! Thank you for your help! Anyway if you are right I don't understand why IIS doesn't ask me the network login and password for all other sites that must not be redirected to Tomcatin fact IIS ask me login and password ONLY for the sites that are redirected to Tomcat...:-( What do you thin about? Maybe for all the sites configured in IIS the authentication process isn't applied? Thaks a lot again! luca -Messaggio originale- Da: Wagoner, Mark [mailto:[EMAIL PROTECTED]] Inviato: venerdì 7 giugno 2002 14.48 A: 'Tomcat Users List' Oggetto: RE: Problems in redirecting requests from IIS to Tomcat 4 If I recall... Go to the Properties page of the web server and select the Directory Security tab. Click the Edit button for Anonymous Access and Authentication Control. Select Anonymous Access and un-select everything under Authenticated Access. HTH -Original Message- From: Luca Ventura [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 8:38 AM To: tomcat-dev; tomcat-user Subject: Problems in redirecting requests from IIS to Tomcat 4 Hello everybody! I have installed Internet Information Services (IIS) as Web Server and Apache Tomcat 4.0 as plug-in of IIS to support JSP-Servlets (to do this I installed an ISAPI filter in IIS that redirects all my JSP-servlet requests to Tomcat). All works fine when I am on localhost but if I use another domain for my Web Server (e.g: www.mydomain.com) I have the following problem: when I try to connect to a site that must be redirected to Tomcat 4 (because it contains JSP pages or servlets), IIS ask me a login or a password to access to it. For example: i try to connect to the url http://www.mydomain.com/mysite; and mysite is a web application defined in webapps folder of tomcat (the document folder is in webapps\mysite\web-inf). What can I do to avoid IIS asks me a password or a login? I want that all users that connects to my site are redirected to Tomcat without asking any login and password I think the problem it isn't in Tomcat's configuration but in IIS's configurationbut I can be wrong. I hope someone can help me...thanks i advance! Luca -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
access to HttpHeader
hi, is there a way to have access to the HttpHeader from Tomcat ? I want to set cache-controls and expires thanks ekkehard -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Tomcat 4.0.1 and memory usage
Howdy, -verbosegc outputs to the console via System.out.println(). Unless you're doing something to trap System.out(), the verbosegc statements would go in $CATALINA_HOME/logs/catalina.out. As a sidenote, the default maximum memory Java allows is 64MB. Unless you use -Xmx you will never exceed that amount. You'll get OutOfMemoryErrors when you reach it and try to allocate more. Experiment with your application, preferably with load-testing tools (there are many threads here on the topic, e.g. wget, curl, JMeter, blah blah blah), to see where and how much memory gets allocated. Then you can start playing with all the memory allocation parameters (-Xms, -Xmx, -XX:NewSize, -XX:MaxNewSize, -Xminf, -Xmaxf, -Xincgc etc.)... Yoav Shapira Millennium ChemInformatics -Original Message- From: Tia Haenni [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 6:43 PM To: Tomcat Users List Subject: Re: Tomcat 4.0.1 and memory usage ok, just one more question, if i pass an argument for -verbosegc or any other stuff that would normally go to the standard output (the console), but with running tomcat as a service there is no console window, where does it go? does it get dumped in a log or what? Tia Phillip Morelock wrote: Anything you would normally pass on the command line to java -- you put into CATALINA_OPTS At some point in the script that starts tomcat, you'll see a line like (*approximately*) $JAVACMD -classpath $SOMETHING $CATALINA_OPTS or something like that -- so you can see that $CATALINA_OPTS just gets passed in as a string -- are you on windows? oh well, close enough, you get the idea i think ;) I don't know the minimum it requires -- I guess that would depend on usage and how many servlets/jsp's you have. I set mine (for mid-sized website on one server) to 256-384 and it seems almost excessive for the amount of traffic, etc. Play with it a bit, I guess would be my answer, but maybe someone else knows a more precise measurement. cheers fillup On 6/6/02 2:50 PM, Tia Haenni [EMAIL PROTECTED] wrote: Ok, that's simple enough. Does that limit the amount of RAM Tomcat can use? Do you know the minimum it requires? Also, would the java -verbosegc also be set in this way? TIA Phillip Morelock wrote: Just like you set CATALINA_HOME set CATALINA_OPTS to the string you want to feed the vm. so %CATALINA_OPTS% should be -Xmx### -Xms### fillup On 6/6/02 2:38 PM, Tia Haenni [EMAIL PROTECTED] wrote: I have searched the archives for this topic, but I need more information to understand. I need to limit the amount of memory used by Tomcat. I have Tomcat 4.0.1 running as an nt service on a Windows 2000 server box with redirects coming from IIS 5.0. I heard of using java -verbosegc to monitor gc, but as the service points at tomcat_home\bin\tomcat.exe, I don't know where this should be set. I understand the concept of setting for the JVM -Xmx###m and -Xms###m where ### is the amount of RAM to allocate for Tomcat, but again I do not know where this is set. Please help. TIA -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] For additional commands, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] For additional commands, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] For additional commands, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] For additional commands, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Security problem?
HTTPS Alone won't help much in the described szenario. HTTPS can't enshure that the user is not manipulating the request. To disable that you have to sign the data. I think it's better to use a complete different architecture. If this has to be done with EJB as you suggest, a WebService over HTTPS or any other server2server communcationis a different topic) --- Agreed. Nix.
RE: tomcat probs
Howdy, See Mr. Morelock's reply: you need the JDK, not the JRE, as your $JAVA_HOME. And if you have a lot of JSPs, consider using Jikes at runtime or JSPC to pre-compile your JSPs, as Javac has a memory leak (see the README file). To The Powers That Be: We have to put this question in a FAQ somewhere ;) Yoav Shapira Millennium ChemInformatics -Original Message- From: Gordon L. Mc Lellan [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 12:05 AM To: [EMAIL PROTECTED] Subject: tomcat probs Greetings... I'm having a newbie related issue with tomcat, but I feel it is more related to the J2RE than to tomcat itself. I have tried installing tomcat on 3 systems today, and although the install appears to be successfull, whenever I try to execute any of the enclosed JSP examples, I get a huge (long) exception error I haven't been able to find this exact error on google, nor on the jakarta website's faq. The systems I've tried it on: fresh redhat 7.3, x86, (everything installed [3 cd's worth! {bad idea, i know}]) older redhat 7.2, x86, (very spartan install) win xp pro, x86, (too much junk to count) I've tried j2re version's 1.3.1 and 1.4.0 on all three systems. On the linux systems, j2re installed itself into /usr/java/jre-1.3.1_03 (and something similar for 1.4), which I symlinked to /usr/java/jdk for the JAVA_HOME env varible, as well as the similar line in the tomcat3.conf file On the windows box, I told j2re to install to c:\java\jdk and tomcat unzipped into c:\java\tomcat ... I also did a set JAVA_HOME=c:\java\jdk prior to running startup.bat just to be sure. Any thoughts I what I'm doing wrong? Thanks in advance, Gordon exception (as reported by tomcat 4): javax.servlet.ServletException: sun/tools/javac/Main at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:485) (snip) at org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java :110 7 ) at java.lang.Thread.run(Unknown Source) root cause (as reported by tomcat 4): java.lang.NoClassDefFoundError: sun/tools/javac/Main at org.apache.jasper.compiler.SunJavaCompiler.compile(SunJavaCompiler.java :136 ) (snip) at org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java :110 7 ) at java.lang.Thread.run(Unknown Source) -- To unsubscribe, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] For additional commands, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: access to HttpHeader
request.getHeader() response.setHeader() -Original Message- From: Ekkehard Gentz [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 9:01 AM To: Tomcat Users List Subject: access to HttpHeader hi, is there a way to have access to the HttpHeader from Tomcat ? I want to set cache-controls and expires thanks ekkehard -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: tomcat 4.0.3 servlet having problem loading class via rmi ?
Howdy, 1st thing that comes to mind from looking at the stack trace, not having tried tomcat-JINI connectivity: is that file (com.sun.jini.reggie.RegistrarProxy) in your runtime classpath? It should be in the /WEB-INF/lib or /WEB-INF/classes (or one of the common lib/classes directories). Usually ClassNotFoundExceptions are fairly straightforward... Yoav Shapira Millennium ChemInformatics -Original Message- From: java guru [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 5:21 PM To: [EMAIL PROTECTED] Subject: tomcat 4.0.3 servlet having problem loading class via rmi ? Hi., I am trying to access a JINI service thru my servlet.. inspite of following Security Manager, Policy file and setting codebase etc, tomcat 4.0.3 repeatedly give following excption. The JINI service itself is working fine and other standalone clients can access it. Read somewhere that the protocol handler of tomcat had problem but that was two years back.. Any insight to this would be of great help. Thanks srini *** java.lang.ClassNotFoundException: com.sun.jini.reggie.RegistrarProxy at java.net.URLClassLoader$1.run(URLClassLoader.java:198) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:186) at java.lang.ClassLoader.loadClass(ClassLoader.java:306) at java.lang.ClassLoader.loadClass(ClassLoader.java:262) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:322) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:207) at sun.rmi.server.LoaderHandler.loadClass(LoaderHandler.java:427) at sun.rmi.server.LoaderHandler.loadClass(LoaderHandler.java:159) at java.rmi.server.RMIClassLoader$2.loadClass(RMIClassLoader.java:629) at java.rmi.server.RMIClassLoader.loadClass(RMIClassLoader.java:257) at sun.rmi.server.MarshalInputStream.resolveClass(MarshalInputStream.java: 200) at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1503) at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1425) at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:161 6) at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1264) at java.io.ObjectInputStream.readObject(ObjectInputStream.java:322) at java.rmi.MarshalledObject.get(MarshalledObject.java:135) at net.jini.discovery.IncomingUnicastResponse.init(IncomingUnicastRespon se.j ava:78) at net.jini.discovery.LookupDiscovery$UnicastDiscoverer.run(LookupDiscover y.ja va:322) = Thanks and have great day srini ___ _ Everything you always wanted to know about cars and bikes,now at: http://in.autos.yahoo.com -- To unsubscribe, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] For additional commands, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Problem with doPost() method executed twice in parallel
Hi everybody, excuse my poor english ;) , I decided to subscribe because I have a serious problem blocking me and my developments since one week: I work on an classical application using servlet and jsp and a database (INGRES) but no EJB. Unfortunately I don't work with an IDE containing a debuuger, so I must trace my code manually using System.out.println() instructions. So here is my problem : I call a servlet from a jsp page, the servlet is executed correctly, passing in init() method (the first time), then in doPost() method. In doPost() method I make calls to others methods of others classes; the output messages (issued from traces) confirm that all is correct and that the methods of extern methods are well called. And suddenly, whereas the code is executing in an extern method, the traces situed at the begin of doPost() method are displayed a second time !!! It looks like if doPost() method was executed a second time IN PARALLEL of the first doPost() (because the external methods issued from the first doPost() continue to execute). I searched everywhere and I can't explain this strange behaviour, can you ... ? Thanks for your answers. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Details on IIS/Tomcat Question
OK, thanks. You're right, it still didn't help :), but I got my green arrow back. I can't help wondering about the number of people who try to link IIS and Tomcast 4 together, *all* having to go through this exercise. -Original Message- From: Wagoner, Mark [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 8:28 AM To: 'Tomcat Users List' Subject: RE: Details on IIS/Tomcat Question I couldn't help noticing that the extension_uri in the Registry entry has isapi_redirect.dll instead of isapi_redirectOR.dll. I finally noticed that the instructions say to download the Tomcat 3.3 isapi_redirect.dll! Then why is there a file with a different name in the Tomcat 4.0.3 area, and what's THAT supposed to be for? Anyway, I downloaded isapi_redirect.dll, and substituted it for the other file in the ISAPI Filters config. I get a RED arrow. Why should that be? Your are correct, the registry entry is wrong. Switch back to the 4.0 DLL and change the registry value to isapi_redirector.dll. This may not fix all the problems but at least you should get a green arrow again. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Problem with doPost() method executed twice in parallel
[EMAIL PROTECTED] wrote: And suddenly, whereas the code is executing in an extern method, the traces situed at the begin of doPost() method are displayed a second time !!! It looks like if doPost() method was executed a second time IN PARALLEL of the first doPost() (because the external methods issued from the first doPost() continue to execute). This is correct. The servlet container will create a single instance of the servlet class that you have written, calling the init() method at the time of creation. After this, each request to your servlet will map to a separate thread, all of which run through the same object (your servlet). If you are accessing external objects as part of this process, you must ensure that either your external resources are created per-access, so created and referenced within the doPost() method, or that they are thread safe, as you have no control over when they are accessed. Exactly why you are getting two invocations of your doPost() call is unclear, it depends on what is trying to access it, but this kind of behavior is common and intentional. Hope that helps, Tom Oinn -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
tomcat 4 having trouble with loading rmi classes from codebase
Hi., i am trying to use servlet with tomcat 4.0.3 that tries to load classes from rmi codebase defined by http protocol. catalina.out log is reporting classnot found exception while other stand alone clients are working fine. Read somewhere about Jar handler problems in tomcat but that was as of tomcat 3.0 version. Any help is appreciated.. Thanks srini = Thanks and have great day srini Everything you always wanted to know about cars and bikes,now at: http://in.autos.yahoo.com -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Problem with doPost() method executed twice in paralle
Maybe you're right but I forgot to precise some things : - for the moment I'm the only user testing my application so there is no risk that another user creates a new thread by connecting. - the external classes are objects stored in session __ Reply Separator _ Subject: Re: Problem with doPost() method executed twice in paralle Author: tmo ([EMAIL PROTECTED]) at internet Date:6/7/02 3:15 PM [EMAIL PROTECTED] wrote: And suddenly, whereas the code is executing in an extern method, the traces situed at the begin of doPost() method are displayed a second time !!! It looks like if doPost() method was executed a second time IN PARALLEL of the first doPost() (because the external methods issued from the first doPost() continue to execute). This is correct. The servlet container will create a single instance of the servlet class that you have written, calling the init() method at the time of creation. After this, each request to your servlet will map to a separate thread, all of which run through the same object (your servlet). If you are accessing external objects as part of this process, you must ensure that either your external resources are created per-access, so created and referenced within the doPost() method, or that they are thread safe, as you have no control over when they are accessed. Exactly why you are getting two invocations of your doPost() call is unclear, it depends on what is trying to access it, but this kind of behavior is common and intentional. Hope that helps, Tom Oinn -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
R: Problems in redirecting requests from IIS to Tomcat 4 (new Information)
Escuse me all in the forum I want to point out that in my server.xml of Tomcat I have the following entries: !-- Define the default virtual host -- Host name=localhost debug=0 appBase=webapps unpackWARs=true !-- Define the top level container in our container hierarchy -- Engine name=Standalone defaultHost=localhost debug=0 Maybe I have to modify them and set as Host www.mydomain.com (or the IP address of my Web Server) instead of localhost?? In fact the Web Server's name isn't localhost any more but www.mydomain.com Thanks a lot in advance! Luca -Messaggio originale- Da: Wagoner, Mark [mailto:[EMAIL PROTECTED]] Inviato: venerdì 7 giugno 2002 14.48 A: 'Tomcat Users List' Oggetto: RE: Problems in redirecting requests from IIS to Tomcat 4 If I recall... Go to the Properties page of the web server and select the Directory Security tab. Click the Edit button for Anonymous Access and Authentication Control. Select Anonymous Access and un-select everything under Authenticated Access. HTH -Original Message- From: Luca Ventura [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 8:38 AM To: tomcat-dev; tomcat-user Subject: Problems in redirecting requests from IIS to Tomcat 4 Hello everybody! I have installed Internet Information Services (IIS) as Web Server and Apache Tomcat 4.0 as plug-in of IIS to support JSP-Servlets (to do this I installed an ISAPI filter in IIS that redirects all my JSP-servlet requests to Tomcat). All works fine when I am on localhost but if I use another domain for my Web Server (e.g: www.mydomain.com) I have the following problem: when I try to connect to a site that must be redirected to Tomcat 4 (because it contains JSP pages or servlets), IIS ask me a login or a password to access to it. For example: i try to connect to the url http://www.mydomain.com/mysite; and mysite is a web application defined in webapps folder of tomcat (the document folder is in webapps\mysite\web-inf). What can I do to avoid IIS asks me a password or a login? I want that all users that connects to my site are redirected to Tomcat without asking any login and password I think the problem it isn't in Tomcat's configuration but in IIS's configurationbut I can be wrong. I hope someone can help me...thanks i advance! Luca -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Problem With Params In Web.xml
Guys, could anybody help, please? Having a servlet reading parameters in init() method but it reads nothing. The servlet is in path install_dir/webapps/ROOT/WEB-INF/classes/examples and web.xml is in path install_dir/webapps/ROOT/WEB-INF. The content of web.xml looks like the following: ?xml version=1.0 encoding=ISO-8859-1? !DOCTYPE web-app PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.2//EN http://java.sun.com/j2ee/dtds/web-app_2.2.dtd; web-app servlet servlet-name ShowMsg /servlet-name servlet-class examples.ShowMessage /servlet-class init-param param-name message /param-name param-value blablabla /param-value /init-param init-param param-name repeats /param-name param-value 5 /param-value /init-param /servlet /web-app Does anybody have an idea where's the problem? Thanks in advance for any clue. tom
Problems in redirecting requests from IIS to Tomcat 4 (2nd new Information)
I forgot to say another thing... In my workers.properties file I have the following entries: worker.ajp12.port=8007 worker.ajp12.host=localhost worker.ajp12.type=ajp12 .. worker.ajp13.port=8009 worker.ajp13.host=localhost worker.ajp13.type=ajp13 Must I set www.mydomain.com instead of localhost? Thanks, Luca -Messaggio originale- Da: Luca Ventura [mailto:[EMAIL PROTECTED]] Inviato: venerdì 7 giugno 2002 15.55 A: Tomcat Users List Oggetto: R: Problems in redirecting requests from IIS to Tomcat 4 (new Information) Escuse me all in the forum I want to point out that in my server.xml of Tomcat I have the following entries: !-- Define the default virtual host -- Host name=localhost debug=0 appBase=webapps unpackWARs=true !-- Define the top level container in our container hierarchy -- Engine name=Standalone defaultHost=localhost debug=0 Maybe I have to modify them and set as Host www.mydomain.com (or the IP address of my Web Server) instead of localhost?? In fact the Web Server's name isn't localhost any more but www.mydomain.com Thanks a lot in advance! Luca -Messaggio originale- Da: Wagoner, Mark [mailto:[EMAIL PROTECTED]] Inviato: venerdì 7 giugno 2002 14.48 A: 'Tomcat Users List' Oggetto: RE: Problems in redirecting requests from IIS to Tomcat 4 If I recall... Go to the Properties page of the web server and select the Directory Security tab. Click the Edit button for Anonymous Access and Authentication Control. Select Anonymous Access and un-select everything under Authenticated Access. HTH -Original Message- From: Luca Ventura [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 8:38 AM To: tomcat-dev; tomcat-user Subject: Problems in redirecting requests from IIS to Tomcat 4 Hello everybody! I have installed Internet Information Services (IIS) as Web Server and Apache Tomcat 4.0 as plug-in of IIS to support JSP-Servlets (to do this I installed an ISAPI filter in IIS that redirects all my JSP-servlet requests to Tomcat). All works fine when I am on localhost but if I use another domain for my Web Server (e.g: www.mydomain.com) I have the following problem: when I try to connect to a site that must be redirected to Tomcat 4 (because it contains JSP pages or servlets), IIS ask me a login or a password to access to it. For example: i try to connect to the url http://www.mydomain.com/mysite; and mysite is a web application defined in webapps folder of tomcat (the document folder is in webapps\mysite\web-inf). What can I do to avoid IIS asks me a password or a login? I want that all users that connects to my site are redirected to Tomcat without asking any login and password I think the problem it isn't in Tomcat's configuration but in IIS's configurationbut I can be wrong. I hope someone can help me...thanks i advance! Luca -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Problem With Params In Web.xml
Hi, Try to init your parameters like yhis : web-app context-param param-nameconfigFile/param-name param-value/WEB-INF/conf.xml/param-value descriptionpath .../description /context-param servlet servlet-namemyServlet/servlet-name servlet-classMyServlet/servlet-class /servlet /web-app And to : getServletContext().getInitParameter(configFile) in your servlet. Aline Webcaster -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Problem With Params In Web.xml
Howdy, Can you post your init() method? Does getServletConfig().getInitParameter(message) return null? What does getServletConfig().getInitParameterNames() return? Yoav Shapira Millennium ChemInformatics -Original Message- From: Marek, Tomas [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 10:04 AM To: [EMAIL PROTECTED] Subject: Problem With Params In Web.xml Guys, could anybody help, please? Having a servlet reading parameters in init() method but it reads nothing. The servlet is in path install_dir/webapps/ROOT/WEB-INF/classes/examples and web.xml is in path install_dir/webapps/ROOT/WEB-INF. The content of web.xml looks like the following: ?xml version=1.0 encoding=ISO-8859-1? !DOCTYPE web-app PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.2//EN http://java.sun.com/j2ee/dtds/web-app_2.2.dtd; web-app servlet servlet-name ShowMsg /servlet-name servlet-class examples.ShowMessage /servlet-class init-param param-name message /param-name param-value blablabla /param-value /init-param init-param param-name repeats /param-name param-value 5 /param-value /init-param /servlet /web-app Does anybody have an idea where's the problem? Thanks in advance for any clue. tom -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Help! I am so stuck. Tomcat NT credential
Hi all, Thanks for all of your help. I did a test by taking the administrators group off the allowed NT credential list on my JSP folder. It stops working. Put it back in, it works. So, Tomcat must be using that credential to load JSPs. My question now is that how can we direct Tomcat to use the credential of the person who logged in. Also, do you guys know what the values of the auth-method element (FORM, BASIC, ...) in the web.xml means? I read the dtd and digged for documentation but nothing came up. Thanks very much. Bao-Ha Dam Bui [EMAIL PROTECTED] S. Jude Medical, Inc 651.765.1018 -Original Message- From: Reynir Hübner [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 12:09 PM To: Tomcat Users List Subject: RE: Help! I am so stuck. Tomcat NT credential Hi, It's possible to understand your question in two different ways, so I answer in two different ways. First answer : If you are running tomcat as a service you should be able to see which user it is that runs it (from the services dialog). If you are not running it as service it is using the nt user that starts it. Second answer : I dont know if there is any NT-authentication realm with tomcat, but still, it's always possible to implement one, by implementing the interface org.apache.catalina.realm.RealmBase. I guess I would use JAAS to access the user-accounts in NT. http://java.sun.com/j2se/1.4/docs/guide/security/jaas/tutorials/index.html If you are using ADSI-userbase (or Exchange 5.5 or newer) you might want to check out JNDI access over LDAP to ADSI. In that context you might want to take a look at JNDIRealm. I suggest you read http://jakarta.apache.org/tomcat/tomcat-4.0-doc/realm-howto.html hope it helps -reynir -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: 6. júní 2002 16:49 To: [EMAIL PROTECTED] Subject: Help! I am so stuck. Tomcat NT credential Hi all, When Tomcat is installed on W2K, what NT Security Role does it use to access files? How can I tell Tomcat4 to use NT Security? Thanks very much. Bao-Ha Dam Bui [EMAIL PROTECTED] S. Jude Medical, Inc 651.765.1018 -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Problem With Params In Web.xml
Sure: public void init(ServletConfig config) throws ServletException { // Always call super.init super.init(config); message = config.getInitParameter(message); if (message == null) { message = defaultMessage; } try { String repeatString = config.getInitParameter(repeats); repeats = Integer.parseInt(repeatString); } catch(NumberFormatException nfe) { // NumberFormatException handles case where repeatString // is null *and* case where it is something in an // illegal format. Either way, do nothing in catch, // as the previous value (1) for the repeats field will // remain valid because the Integer.parseInt throws // the exception *before* the value gets assigned // to repeats. } } it's form the book core Servlets... by Marty Hall -Original Message- From: Shapira, Yoav [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 4:11 PM To: Tomcat Users List Subject: RE: Problem With Params In Web.xml Howdy, Can you post your init() method? Does getServletConfig().getInitParameter(message) return null? What does getServletConfig().getInitParameterNames() return? Yoav Shapira Millennium ChemInformatics -Original Message- From: Marek, Tomas [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 10:04 AM To: [EMAIL PROTECTED] Subject: Problem With Params In Web.xml Guys, could anybody help, please? Having a servlet reading parameters in init() method but it reads nothing. The servlet is in path install_dir/webapps/ROOT/WEB-INF/classes/examples and web.xml is in path install_dir/webapps/ROOT/WEB-INF. The content of web.xml looks like the following: ?xml version=1.0 encoding=ISO-8859-1? !DOCTYPE web-app PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.2//EN http://java.sun.com/j2ee/dtds/web-app_2.2.dtd; web-app servlet servlet-name ShowMsg /servlet-name servlet-class examples.ShowMessage /servlet-class init-param param-name message /param-name param-value blablabla /param-value /init-param init-param param-name repeats /param-name param-value 5 /param-value /init-param /servlet /web-app Does anybody have an idea where's the problem? Thanks in advance for any clue. tom -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Tomcat Unexplained Shutdown
I am running Tomcat 4.0.2 on Windows NT 4.0, it is running a web based faxing application that users can attach a document to send to a server process that sends it as an attachment. This is done using servlets. Every so often, if a user uploads an attachment the server doesn't like, it shuts down Tomcat, other times it seems if the user tries to view a file on the server that doesn't exist, the Tomcat server shuts itself down. This is very annoying, and the customer is not impressed - is there is a way to simply throw an exception and continue running, instead of Tomcat shutting itself down? I can't really be more specific as there are no errors in the log files to correspond to these occurrences, all I know is that it happens and makes the app look WAY less stable than if it was built using ASP's and running under IIS.. Any suggestions? Geoff -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Aliasing ROOT path to /XXX: How To?
I am using JBoss/Tomcat RC3 and automatically deploying .war files with no problem. However I would like the default path for these apps to be /XXX rather than . For example, if I deploy a.war and b.war, the roots of these contexts are addressed: http://host:port/a/ http://host:port/a/ and http://host:port/b http://host:port/b by default. I would like all my automatically deployed apps to be addressed like: http://host:port/XXX/a http://host:port/XXX/a, etc. Any help would be greatly appreciated. Thanks. -- John Sissler, SVP/Credit Analytics Lehman Brothers Inc., [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] W: (212)526-5456 C: (201)317-6837 F: (646)758-1733 -- This message is intended only for the personal and confidential use of the designated recipient(s) named above. If you are not the intended recipient of this message you are hereby notified that any review, dissemination, distribution or copying of this message is strictly prohibited. This communication is for information purposes only and should not be regarded as an offer to sell or as a solicitation of an offer to buy any financial product, an official confirmation of any transaction, or as an official statement of Lehman Brothers. Email transmission cannot be guaranteed to be secure or error-free. Therefore, we do not represent that this information is complete or accurate and it should not be relied upon as such. All information is subject to change without notice.
Re: Solaris JVM never seems to garbage collect, runs out eventually.
Rick Fincher wrote: The javac in J2SE 1.4 has the memory leak 1.1.1 works OK under Solaris. - Original Message - From: Ralph Einfeldt [EMAIL PROTECTED] - First make shure that you don't have memory leaks on your own. - Make shure that you store as few data in sessions as possible. Remember that the sessions stay around for 30 minutes after the last action in the action. (30 minutes is the default for the session timeout). This way the number of concurrent sessions can be much higher than the number of active sessions. If you get 1 user per minute and each stays for one minute you will have 30 concurrent session, but only 1 active session. - The only memory leak that I know in this environment is the java compiler of the JDK. It has been reported that in some versions of the JDK javac has a memory leak. So each time tomcat compiles a page you will lose some memory. There are two solutions to this problem: - Use only precompiled JSP's (jspc) - Use another compiler (jikes) (Don't know if it's available for solaris) - I have read that some VM versions have trouble to invoke the gc if there isn't any available memory. It was suggested to issue a System.gc() if your free memory is below a watermark. I didn't investigate this further. - Use OptimizeIT to find out where the leaks are. -Ursprüngliche Nachricht- Von: David Hladky [mailto:[EMAIL PROTECTED]] snip/ Could someone with experience tuning Solaris JVMs give me and my friends a hint or two on how to force the JVM to garbage collect/tune. Or is this just a memory leak in Tomcat and or JBOSS? snip/ Thanks for the hints, We've torn our code apart with OptimizeIt and found out that it really isn't the problem. I think you are on to something about the jsp precompiled thing though. Thanks again. I'll try a few of the other things you've mentioned. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
AW: Pl help : I am stuck : Getting the manager app to work with t omcat 4.0.3 and IIS 5.0
Just an idea: In http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/host.html I read the following: Network name of this virtual host, as registered in your Domain Name Service server. One of the Hosts nested within an Engine MUST have a name that matches the defaultHost setting for that Engine. See Host Name Aliases for information on how to assign more than one network name to the same virtual host. I would try to change your server.xml the following way old: Engine name=Standalone defaultHost=localhost debug=99 new: Engine name=Standalone defaultHost=www.yourIISHostname.com debug=99 old: Host name=localhost debug=99 appBase=webapps unpackWARs=true new: Host name=www.yourIISHostname.com debug=99 appBase=webapps unpackWARs=true As I have no Tomcat at hand I'm not able to check if this works but please let me know what happens. mit freundlichen Grüssen Galexis AG Beat Friedli · SW-Entwicklung (DDIS/ASW) Grubenstrasse 11 · CH-3322 Schoenbuehl tel: +41 (0)31 858 72 32 · fax: +41 (0)31 858 78 81 -Ursprüngliche Nachricht- Von: Cox, Charlie [mailto:[EMAIL PROTECTED]] Gesendet: Donnerstag, 6. Juni 2002 21:07 An: 'Tomcat Users List' Betreff: RE: Pl help : I am stuck : Getting the manager app to work with t omcat 4.0.3 and IIS 5.0 You need to define the manager app under the 'Tomcat-Apache' service as well as under 'Tomcat-Standalone' Charlie -Original Message- From: Sankaranarayanan (Ganesh) Ganapathy [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 2:27 PM To: Tomcat Users List Subject: RE: Pl help : I am stuck : Getting the manager app to work with tomcat 4.0.3 and IIS 5.0 Thanx for the response. The manager app does work with tomcat in standalone mode. IT doesnt work only when I have tomcat talking to IIS. The example app does work in this mode, only the manager app that is configured to do basic authentication doesnt work. IIS does seem to forward the request to the AJP Connector in Tomcat - but the request seems to be immediately rejected with the 'access to the specified resource is denied'. I was expecting tomcat to put the challenge/reponse box like in the regular case. In the case of the Tomcat working with external webserver, is there anything extra that I need to do to get its basic authentication to work? Has any one got the manager app working with Tomcat and IIS? If so can you help? --Ganesh -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 11:15 AM To: [EMAIL PROTECTED] Subject: RE: Pl help : I am stuck : Getting the manager app to work with tomcat 4.0.3 and IIS 5.0 Have you looked in the Catalina.policy file? I think somewhere in there you should have a grant statement to that manager directory. Bao-Ha Dam Bui [EMAIL PROTECTED] S. Jude Medical, Inc 651.765.1018 -Original Message- From: Sankaranarayanan (Ganesh) Ganapathy [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 1:06 PM To: Tomcat Users List Subject: Pl help : I am stuck : Getting the manager app to work with tomcat 4.0.3 and IIS 5.0 Can somebody help, I am clueless as to how fix it, I have searched the net exhaustively! Has any one got this to work? Hi All, I have setup IIS and tomcat successfully - I can get to the example webapps. But when I try to access the manager app I get the message - Access to the specified resource is denied. The jakarta virtual directory has read and execute premission and the anonymous acces is enabled. What should I do to get this working Thanx Ganesh -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Servlet / Tomcat question
Sorry, I was tired when I wrote this and my answer makes no sense. Obviously, the context is lt2001 and the syntax provided by Shapira is propper. The only other reason why this might not be working is that the path in which Tomcat is installed contains spaces. If so, an you are on a Windows system, do something like the following: CATALINA_HOME=C:\Program Files\Apache Group\Jakarta\Tomcat-4.0.3 change the above to: CATALINA_HOME=C:\Progra~1\Apache~1\Jakarta\Tomcat-4.0.3 Other than that problem, I'm really not sure what is going on. Jake At 12:38 AM 6/7/2002 -0500, you wrote: the /servlet/ mapping is only available off the root of the context. It should work if you go to: http://localhost:8080/servlet/ltshoppingcart.Login Jake At 11:02 PM 6/6/2002 -0500, you wrote: Thanks for the help, but I'm still having problems. The package of the servlet I'm trying to access is ltshoppingcart and the servlet name is Login. So I have tried accessing the servlet by going to http://localhost:8080/lt2001/servlet/ltshoppingcart.Login and all I get is a message from Tomcat saying that the requested resource is unavailable. Any ideas? Thanks -Original Message- From: Shapira, Yoav [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 8:39 AM To: Tomcat Users List Subject: RE: Servlet / Tomcat question Howdy, If your web-application is called MyApp, and your servlet class is com.mycompany.myclass, you'd access it as http://myserver.mydomain:myport/MyApp/servlet/com.mycompany.myclass If you deployed to the ROOT web app, so that your context is the root context, you would remove the /MyApp/ part from the above URL. If you have a web.xml file (a Deployment Descriptor is a good thing to have -- it'll become a good friend of yours ;)), you can alias the servlet like servlet servlet-nameMyServlet/servlet-name servlet-classcom.mycompany.myclass/servlet-class /servlet servlet-mapping servlet-nameMyServlet/servlet-name url-pattern/MyServlet/url-pattern /servlet-mapping And then you could access it as http://myserver.mydomain:myport/MyApp/MyServlet See the Servlet Spec (v2.3 if you're using tomcat v4.x) for what goes in the Deployment Descriptor etc. Yoav Shapira Millennium ChemInformatics -Original Message- From: Scott Seidl [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 05, 2002 9:19 PM To: [EMAIL PROTECTED] Subject: Servlet / Tomcat question I'm stumped. I have a web application (term used loosely) which was created using Borland's JBuilder. The servlets in this application worked fine when I ran them in JBuilder and accessed them locally. I now want to place them on an Apache Tomcat web server. I can compile and deploy the code using ant and Tomcats manager (which also show that the web-app is running). The problem I have is that I don't know how to correctly call these servlets from the html. With JBuilder we called them with the following type of command: http://localhost:8080/servlet/ltshoppingcart.cart. Can someone give me some idea on how to call these servlets with tomcat? I do not have a web.xml file within my WEB-INF. I do not quite understand the role of this file, and how to configure it. Any help with either of these topics is welcome :-). Thanks Scot -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Problems in redirecting requests from IIS to Tomcat 4 (new Information)
Luca, Does there have to be a separate Host tag for each host name? I haven't gotten this far, but since the default Host tag has the name localhost I'm deducing that it's only good for requests that come in for the host localhost. To be sure, this seems clunky, since it means you have to duplicate and maintain the entirety of the tag and its contents for every host name you want to use, so I'm not sure I'm interpreting this correctly. But since you do seem to have it working for localhost, could you tell me if, from the information I provided here this morning, you can see what step I might be overlooking? Harlan -Original Message- From: Luca Ventura [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 9:55 AM To: Tomcat Users List Subject: R: Problems in redirecting requests from IIS to Tomcat 4 (new Information) Escuse me all in the forum I want to point out that in my server.xml of Tomcat I have the following entries: !-- Define the default virtual host -- Host name=localhost debug=0 appBase=webapps unpackWARs=true !-- Define the top level container in our container hierarchy -- Engine name=Standalone defaultHost=localhost debug=0 Maybe I have to modify them and set as Host www.mydomain.com (or the IP address of my Web Server) instead of localhost?? In fact the Web Server's name isn't localhost any more but www.mydomain.com Thanks a lot in advance! Luca -Messaggio originale- Da: Wagoner, Mark [mailto:[EMAIL PROTECTED]] Inviato: venerdì 7 giugno 2002 14.48 A: 'Tomcat Users List' Oggetto: RE: Problems in redirecting requests from IIS to Tomcat 4 If I recall... Go to the Properties page of the web server and select the Directory Security tab. Click the Edit button for Anonymous Access and Authentication Control. Select Anonymous Access and un-select everything under Authenticated Access. HTH -Original Message- From: Luca Ventura [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 8:38 AM To: tomcat-dev; tomcat-user Subject: Problems in redirecting requests from IIS to Tomcat 4 Hello everybody! I have installed Internet Information Services (IIS) as Web Server and Apache Tomcat 4.0 as plug-in of IIS to support JSP-Servlets (to do this I installed an ISAPI filter in IIS that redirects all my JSP-servlet requests to Tomcat). All works fine when I am on localhost but if I use another domain for my Web Server (e.g: www.mydomain.com) I have the following problem: when I try to connect to a site that must be redirected to Tomcat 4 (because it contains JSP pages or servlets), IIS ask me a login or a password to access to it. For example: i try to connect to the url http://www.mydomain.com/mysite; and mysite is a web application defined in webapps folder of tomcat (the document folder is in webapps\mysite\web-inf). What can I do to avoid IIS asks me a password or a login? I want that all users that connects to my site are redirected to Tomcat without asking any login and password I think the problem it isn't in Tomcat's configuration but in IIS's configurationbut I can be wrong. I hope someone can help me...thanks i advance! Luca -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Redirect port 80 requests to 443
This seems simple, but ... I am running Tomcat 4.0.3, standalone on w2k. I would like all requests to http://oursite/ to be automatically redirected to https://oursite/ but am not finding an elegant/simple solution. Below is a snippet from server.xml: Connector className=org.apache.catalina.connector.http.HttpConnector port=80 minProcessors=2 redirectPort=443 maxProcessors=15 enableLookups=false acceptCount=10/ Connector className=org.apache.catalina.connector.http.HttpConnector port=443 minProcessors=2 maxProcessors=15 enableLookups=false acceptCount=10 scheme=https secure=true Factory className=org.apache.catalina.net.SSLServerSocketFactory keystoreFile=***.keystore keystorePass=* clientAuth=false protocol=TLS/ /Connector Any ideas/pointers? Thanks, John Roth, Director net.Media Provider Solutions Corp. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Classpaths
Since you are using Tomcat 3.3, see: http://jakarta.apache.org/tomcat/tomcat-3.3-doc/tomcat-ug.html#configuring_classes It describes how to add classes. Item 2, describes two System properties that can be used to add directories or jars to the Common and Apps classloaders. Cheers, Larry -Original Message- From: Muñoz Ordenes Andrés (Casa Matriz) [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 4:42 PM To: 'Tomcat Users List' Subject: RE: Classpaths -Mensaje original- De: Shapira, Yoav [mailto:[EMAIL PROTECTED]] Enviado el: Thursday, June 06, 2002 4:39 PM Para: Tomcat Users List Asunto: RE: Classpaths Howdy, How can i do for add classes to Tomcat Classpath?... i have an application The short answer: in many many ways ;) hahahahaha... :D The long answer: depends on where you want the classes to be visible. If you just want them for one web-app, add them to that web-app's /WEB-INF/classes directory. Or package them as a jar and add them to the /WEB-INF/lib directory. I can't do this... i mean, i must no move classes If you want the classes to be visible to more than one web-app, you can put them in $CATALINA_HOME/classes, or again package them up as a jar and put them in $CATALINA_HOME/lib. Mmmm... i have Tomcat 3.3... and i can't move classes... Another chance? Atte. Andrés Muñoz O. Fono: 690 3155 -- To unsubscribe, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Classpaths
thanks a lot!!! Atte. Andrés Muñoz O. Fono: 690 3155 -Mensaje original- De: Larry Isaacs [mailto:[EMAIL PROTECTED]] Enviado el: Friday, June 07, 2002 11:13 AM Para: 'Tomcat Users List' Asunto: RE: Classpaths Since you are using Tomcat 3.3, see: http://jakarta.apache.org/tomcat/tomcat-3.3-doc/tomcat-ug.htm l#configuring_classes It describes how to add classes. Item 2, describes two System properties that can be used to add directories or jars to the Common and Apps classloaders. Cheers, Larry -Original Message- From: Muñoz Ordenes Andrés (Casa Matriz) [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 4:42 PM To: 'Tomcat Users List' Subject: RE: Classpaths -Mensaje original- De: Shapira, Yoav [mailto:[EMAIL PROTECTED]] Enviado el: Thursday, June 06, 2002 4:39 PM Para: Tomcat Users List Asunto: RE: Classpaths Howdy, How can i do for add classes to Tomcat Classpath?... i have an application The short answer: in many many ways ;) hahahahaha... :D The long answer: depends on where you want the classes to be visible. If you just want them for one web-app, add them to that web-app's /WEB-INF/classes directory. Or package them as a jar and add them to the /WEB-INF/lib directory. I can't do this... i mean, i must no move classes If you want the classes to be visible to more than one web-app, you can put them in $CATALINA_HOME/classes, or again package them up as a jar and put them in $CATALINA_HOME/lib. Mmmm... i have Tomcat 3.3... and i can't move classes... Another chance? Atte. Andrés Muñoz O. Fono: 690 3155 -- To unsubscribe, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: tomcat with IIS
Also, check out this document which Ii have used to install tomcat 4.0.1 with IIS 5.0 on several windows 2000 server boxes: http://members.ozemail.com.au/~lampante/howto/tomcat/iisnt/index.html http://members.ozemail.com.au/%7Elampante/howto/tomcat/iisnt/index.html To add contexts to tomcat that you want IIS to redirect, just add it to tomcat home\conf\ntiis\uriworkermap.properties file and restart IIS and tomcat Steven Sporen wrote: Hi, I take it you've read through something along the lines of http://www.aoindustries.com/docs/jakarta-tomcat-3.2b6/tomcat-iis-howto.h tml And done http://www.google.com/search?hl=enie=UTF8oe=UTF8q=isapi_redirect.dll; btnG=Google+Search Have you confirmed that the ISAPI filter is installed into IIS? Are the registry keys confirmed correctly. These change be checked by IIS Manager | ServerName | Properties | WWW Service | Properties | ISAPI Filter I'm hoping some guru will one day have the inclination of writing an APP Filter for .jsp on IIS. As a side note any good firewall allows you to route directories to different servers so you could potentially drop the ISAPI filter. This is a good thing because (although I haven't looked at the code) ISAPI filters are typically how IIS is compromised. Regards Steven -Original Message- From: Chris Ruegger [mailto:[EMAIL PROTECTED]] Sent: 07 June 2002 12:35 To: Tomcat Users List Subject: Re: tomcat with IIS Steve, I think you misunderstood my question. Here is what we want to do. We want to put all of our files, static html, images, jsps under the IIS server and tell Tomcat that its docroot is under IIS (point to the IIS docroot from Tomcat's server.xml file) When the user asks for an HTML page, they get it from IIS. When they ask for a JSP page *from IIS*, IIS forwards the request to Tomcat, acting as a proxy. We are trying to use the isapi_redirect.dll within IIS and it's not forwarding JSP/servlet requests. -Chris - Original Message - From: Steven Sporen [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Friday, June 07, 2002 6:20 AM Subject: RE: tomcat with IIS Use hard links (FQ URL eg. http://wwwiis.xxx.com/graphics1.gif vs. ./graphics1.gif) on your jsp pages ref the static content on the IIS service. Question is why would you want to - twice the risk of being hacked. -Original Message- From: Chris Ruegger [mailto:[EMAIL PROTECTED]] Sent: 07 June 2002 12:24 To: Tomcat Users List Subject: tomcat with IIS We are attempting to get IIS to work with Tomcat such that IIS forwards JSP requests to Tomcat and otherwise handles static content. Has anyone gotten this to work? Thanks, Chris -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
How to prevent users from listing the content of directory in Tomcat 4?
Hello all, How to prevent users from listing the content of directory in Tomcat 4? Thanks, Jack Li
AW: Redirect port 80 requests to 443
According to http://jakarta.apache.org/tomcat/tomcat-4.0-doc/config/http11.html redirectPort=443 only works if you set a security constraint (in web.xml). This should look like this. (Haven't tried it, but should give you a direction where to look and go on.) security-constraint web-resource-collection web-resource-nameEntire Application/web-resource-name url-pattern/*/url-pattern /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint -Ursprüngliche Nachricht- Von: John Roth [mailto:[EMAIL PROTECTED]] Gesendet: Freitag, 7. Juni 2002 17:09 An: Tomcat User Group (E-mail) Betreff: Redirect port 80 requests to 443 This seems simple, but ... I am running Tomcat 4.0.3, standalone on w2k. I would like all requests to http://oursite/ to be automatically redirected to https://oursite/ but am not finding an elegant/simple solution. Below is a snippet from server.xml: Connector className=org.apache.catalina.connector.http.HttpConnector port=80 minProcessors=2 redirectPort=443 maxProcessors=15 enableLookups=false acceptCount=10/ Connector className=org.apache.catalina.connector.http.HttpConnector port=443 minProcessors=2 maxProcessors=15 enableLookups=false acceptCount=10 scheme=https secure=true Factory className=org.apache.catalina.net.SSLServerSocketFactory keystoreFile=***.keystore keystorePass=* clientAuth=false protocol=TLS/ /Connector Any ideas/pointers? Thanks, John Roth, Director net.Media Provider Solutions Corp. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Installation of a signed SSL certificate
Hi, I have a problem installing an SSL certificate. I am using Tomcat 4.0.4-b3 standalone on Linux. First, I created a key pair with keytool -genkey... and configured the server.xml. I am now able to view my webpages with https://myserver Of course, my browser tells me that the certificate is not trusted, so I created a certificate signing request and created a test certificate on www.thawte.com. I installed the certificate signing request using keytool -import... into the same keystore where I created the key. The keystore has 2 entries now, a keyEntry and a trustedCertEntry. I restarted Tomcat and tried https://myserver again. But it still displays the untrusted self-signed certificate, not the one I got from Thawte. Can anyone tell me how to configure Tomcat to use the signed certificate instead? Thanks, Sven -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: How to prevent users from listing the content of directory in Tom cat 4?
either add an index.? in the directory you want protected or look in $TOMCAT_HOME/conf/web.xml, find something like this ~ line 45 servlet servlet-namedefault/servlet-name servlet-classorg.apache.catalina.servlets.DefaultServlet/servlet-class init-param param-namedebug/param-name param-value0/param-value /init-param init-param param-namelistings/param-name param-valuetrue/param-value /init-param load-on-startup1/load-on-startup /servlet change the value of the listings param to false -Original Message- From: Jack Li [mailto:[EMAIL PROTECTED]] Sent: 07 June 2002 16:24 To: '[EMAIL PROTECTED]' Subject: How to prevent users from listing the content of directory in Tom cat 4? Hello all, How to prevent users from listing the content of directory in Tomcat 4? Thanks, Jack Li ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify [EMAIL PROTECTED] This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. **
AW: Installation of a signed SSL certificate
Hi all, I finally managed to install the certificate. In case someone else gets into the same situation, here's the solution: 1. I installed a test root certificate from Thawte into $JAVA_HOME/jre/lib/security/cacerts. 2. When importing the certificate for my website, I had to use the same alias as the key and use the option -trustcacerts. When I tried this before I always got the error message Keytool-Fehler: java.lang.Exception: Kette konnte nicht aus Antwort entnommen werden. (Sorry, I have a German Java installation, this means something like Couldn't find chain in response). Sven -Ursprüngliche Nachricht- Von: Sven Woltmann Gesendet: Freitag, 7. Juni 2002 17:49 An: '[EMAIL PROTECTED]' Betreff: Installation of a signed SSL certificate Hi, I have a problem installing an SSL certificate. I am using Tomcat 4.0.4-b3 standalone on Linux. First, I created a key pair with keytool -genkey... and configured the server.xml. I am now able to view my webpages with https://myserver Of course, my browser tells me that the certificate is not trusted, so I created a certificate signing request and created a test certificate on www.thawte.com. I installed the certificate signing request using keytool -import... into the same keystore where I created the key. The keystore has 2 entries now, a keyEntry and a trustedCertEntry. I restarted Tomcat and tried https://myserver again. But it still displays the untrusted self-signed certificate, not the one I got from Thawte. Can anyone tell me how to configure Tomcat to use the signed certificate instead? Thanks, Sven -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
IIS/Tomcat redirection solved
Folks, Chris Ruegger and I solved the problem we reported earlier. I had isapi_redirector.dll properly installed as an ISAPI filter for the *site*, but we discovered that ISAPI filters are also installed at the *server* level, and one of them was from a JRun installation that I'm no longer using. I removed that, and now IIS is routing JSP pages onward. Now, we have a new pair of problems, which I'll report under a new subject line. Harlan -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Tomcat 4.0 nightly build binary downloads broken?
I found that it looks like the nightly binary builds are broken. As you can see, for some reason the many of the file sizes are only 45 bytes. Also, the .zip file builds are missing. http://jakarta.apache.org/builds/jakarta-tomcat-4.0/nightly/ of /builds/jakarta-tomcat-4.0/nightly Name Last modified Size Description Parent Directory- jakarta-tomcat-4.0-20020524.tar.gz 24-May-2002 02:57 45 GZIP compressed file jakarta-tomcat-4.0-20020525.tar.gz 25-May-2002 02:44 5.1M GZIP compressed file jakarta-tomcat-4.0-20020525.zip25-May-2002 02:52 6.6M jakarta-tomcat-4.0-20020526.tar.gz 26-May-2002 03:02 45 GZIP compressed file jakarta-tomcat-4.0-20020527.tar.gz 27-May-2002 03:01 45 GZIP compressed file jakarta-tomcat-4.0-20020528.tar.gz 28-May-2002 03:02 5.1M GZIP compressed file jakarta-tomcat-4.0-20020528.zip28-May-2002 03:10 6.6M jakarta-tomcat-4.0-20020529.tar.gz 29-May-2002 03:11 5.1M GZIP compressed file jakarta-tomcat-4.0-20020529.zip29-May-2002 03:18 6.6M jakarta-tomcat-4.0-20020530.tar.gz 30-May-2002 03:17 5.1M GZIP compressed file jakarta-tomcat-4.0-20020530.zip30-May-2002 03:27 6.6M jakarta-tomcat-4.0-20020531.tar.gz 31-May-2002 02:59 45 GZIP compressed file jakarta-tomcat-4.0-20020601.tar.gz 01-Jun-2002 02:59 45 GZIP compressed file jakarta-tomcat-4.0-20020602.tar.gz 02-Jun-2002 03:00 45 GZIP compressed file jakarta-tomcat-4.0-20020603.tar.gz 03-Jun-2002 03:00 45 GZIP compressed file jakarta-tomcat-4.0-20020604.tar.gz 04-Jun-2002 03:08 45 GZIP compressed file jakarta-tomcat-4.0-20020605.tar.gz 05-Jun-2002 03:00 45 GZIP compressed file jakarta-tomcat-4.0-20020606.tar.gz 06-Jun-2002 02:58 45 GZIP compressed file jakarta-tomcat-4.0-20020607.tar.gz 07-Jun-2002 03:02 45 GZIP compressed file src/ 07-Jun-2002 03:04- test1/ 02-May-2002 01:02- Apache/2.0.37-dev Server at jakarta.apache.org Port 80 Jon -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
IIS/Tomcat: scriptlets, POST not working
In my new IIS/Tomcat configuration, IIS *seems* to be forwarding requests for JSPs to Tomcat, because it displays them. IIS on its own doesn't display JSPs, it just asks if you want to open them or save them to your local drive. BUT: the scriptlets and expressions aren't being executed, so only the HTML is being rendered. AND: Only GET works. POST doesn't work. POST gives HTTP status code 405, which Internet Explorer identifies as Resource not allowed, though the W3C HTTP spec says it's Method not allowed. Regarding the first problem above: I'm interested to note that the IIS web log shows HTTP status code 200 for the GET when the request immediately follows a change I've made to the JSP page, and a 304 (Resouce Not Modified) for subsequent requests. My question is: why does IIS record an entry at all when it isn't the server that ultimately serves the page? And now I see that the Tomcat logs don't show any record of receiving these requests. And no log called isapi_redirect.txt is being created as it should be. It's as though IIS now feels empowered to handle JSP requests by itself--but since it doesn't know how to handle JSP, it ignores it, and just serves the HTML. Ideas? Thanks. Harlan Messinger -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Number of Tomcat Instances/Applications
I am doing some Tomcat cost/benefit projections for my company. I need to determine the maximum number of applications that will run on Tomcat and still provide stable performance. I am not interested in a theoretical number at this time, just seeking information about what real developers are actually doing with real applications. At this time, I am not interested in what machine types, OSs, configurations, versions, are being used. I understand the answer to my questions will depend heavily on these issues as well as on the applications themselves. I just need to come up with a realistic number of instances/apps which are being run on a single machine by real users. I am seeking an answer to the following two questions: Maximum number of Tomcat instances running on one machine: Maximum number of individual applications running in all instances of Tomcat on one machine: Please feel free to respond to the mail list, or to me directly at [EMAIL PROTECTED] (if we don't want to clog the list with answers to this question). I will post a final resolution message to the mail list when I have come to some sort of conclusion. Thanks in advance for your help! -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Solaris JVM never seems to garbage collect, runs out eventually.
Rick Fincher wrote: The javac in J2SE 1.4 has the memory leak 1.1.1 works OK under Solaris. Sorry, that should have been JVM 1.3.1 works OK under Solaris. Rick -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Encrypted passwords in a JDBC Realm
Hi Markus, You can use the same calls in Java to encrypt that Tomcat does. When you use encrypted passwords with form based authentication, Tomcat reads the clear text password from the user, then encrypts it according to your settings (MD-5 for exmple), then retrieves the pre-encrypted password from whatever source it is stored in. Then Tomcat compares its encrypted version with what it reads in clear text (pre-encrypted) to authenticate. You just write your code and call the encrypter before sending the new password to the database. I believe there is mention of this in the docs somewhere, listing the packages and methods needed. Rick - Original Message - From: Markus Kirsten [EMAIL PROTECTED] I've just went through the documentation concerning setting up a JDBC Realm as well as some of the MySQL documentation. It seems to me that to use encrypted passwords I need to manually encrypt them before I store them in my database since it is not possible to set the digest attribute in the Realm element to the encryption algorithm MySQL uses for storing passwords (with the function password()). Is this correct? This hardly causes any problems since it's simple to encrypt the password in my application before storing it in the database, but I loose the possibility to manage passwords directly through SQL. Any workaround? Markus -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Redirect port 80 requests to 443
Hi John, Tomcat will do this automatically with your app but it has to know that it is meant for the secure port only. You tell it this by including something like the following in your web.xml for the app. security-constraint web-resource-collection web-resource-nameappName/web-resource-name url-pattern/*/url-pattern /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint Rick - Original Message - From: John Roth [EMAIL PROTECTED] This seems simple, but ... I am running Tomcat 4.0.3, standalone on w2k. I would like all requests to http://oursite/ to be automatically redirected to https://oursite/ but am not finding an elegant/simple solution. Below is a snippet from server.xml: Connector className=org.apache.catalina.connector.http.HttpConnector port=80 minProcessors=2 redirectPort=443 maxProcessors=15 enableLookups=false acceptCount=10/ Connector className=org.apache.catalina.connector.http.HttpConnector port=443 minProcessors=2 maxProcessors=15 enableLookups=false acceptCount=10 scheme=https secure=true Factory className=org.apache.catalina.net.SSLServerSocketFactory keystoreFile=***.keystore keystorePass=* clientAuth=false protocol=TLS/ /Connector Any ideas/pointers? Thanks, John Roth, Director net.Media Provider Solutions Corp. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: How to prevent users from listing the content of directory in Tom cat 4?
Thanks, it works after I changed listings to false in web.xml. But it gives you a tomcat 404 error message when you try to browse the directory. How can I customerize this message? Thanks Jack Li -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 12:16 PM To: [EMAIL PROTECTED] Subject: RE: How to prevent users from listing the content of directory in Tom cat 4? either add an index.? in the directory you want protected or look in $TOMCAT_HOME/conf/web.xml, find something like this ~ line 45 servlet servlet-namedefault/servlet-name servlet-classorg.apache.catalina.servlets.DefaultServlet/servlet-class init-param param-namedebug/param-name param-value0/param-value /init-param init-param param-namelistings/param-name param-valuetrue/param-value /init-param load-on-startup1/load-on-startup /servlet change the value of the listings param to false -Original Message- From: Jack Li [mailto:[EMAIL PROTECTED]] Sent: 07 June 2002 16:24 To: '[EMAIL PROTECTED]' Subject: How to prevent users from listing the content of directory in Tom cat 4? Hello all, How to prevent users from listing the content of directory in Tomcat 4? Thanks, Jack Li ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify [EMAIL PROTECTED] This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. ** -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Logout using FORM based authentication
Hi, I use a JDBC Realm with FORM based authentication but haven't figured out a way for users to log out. Is it just to call session.invalidate() or is there any better way to do it? Markus -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
ROOT.war / server.xml context / tomcat 4.0.3 problem.. help!
I've got a ROOT.war file that I build for my app, when i deploy it to tomcat/webapps with the default server.xml config file, it extracts upon tomcat startup. The problem is i need to configure some logging connection pool info that my app uses in my server.xml. When i modify the server.xml file as shown below to configure the the default webapp it only works if ROOT.war is already extracted. If I remove the ROOT directory, tomcat barfs on startup saying that it couldn't find /WEB-INF/web.xml (because it hasn't extracted the ROOT.war file yet). Is it possible to move all my configuration into web.xml or is there some other file that tomcat can read in the .war file to get this info??? Or is there someone to tell tomcat that this info is in a .war file and it needs to be extracted first??? I just don't know how to configure the connection pool info if not in the server.xml file, and if I put it there, it just doesn't get around to extracting the ROOT.war file before it tries to access the files. Does this make any sense??? !-- FROM TOMCAT\conf\server.xml -- Context path= docBase=ROOT debug=1 reloadable=true Logger className=org.apache.catalina.logger.FileLogger directory=e:\java\spitfire\logs prefix=tomcat_output. pattern=combined/ Resource name=jdbc/midgard_dev auth=Container type=javax.sql.DataSource/ ResourceParams name=jdbc/midgard_dev parameter nameuser/name valuecastor/value /parameter parameter namepassword/name value/value /parameter parameter namedriverClassName/name valuecom.inet.tds.TdsDriver/value /parameter parameter namedriverName/name valuejdbc:inetdae7:spitfiredev.X.com:1433?database=midgardDb/valu e /parameter parameter namemaxActive/name value30/value /parameter parameter namemaxIdle/name value2/value /parameter parameter namevalidationQuery/name valueSelect * from tbl_states where id=1/value /parameter /ResourceParams /Context Thanks, Andy Miller [EMAIL PROTECTED]
RE: IIS/Tomcat: scriptlets, POST not working
It DOES seem to be that IIS is handling the JSP pages itself: the same thing happens even when Tomcat is shut down. I checked, and there are no other ISAPI filters or app filters handling JSP files in the web site I set up for Tomcat OR at the server level. -Original Message- From: Harlan Messinger Sent: Friday, June 07, 2002 1:33 PM To: Tomcat Users List (E-mail) Subject: IIS/Tomcat: scriptlets, POST not working In my new IIS/Tomcat configuration, IIS *seems* to be forwarding requests for JSPs to Tomcat, because it displays them. IIS on its own doesn't display JSPs, it just asks if you want to open them or save them to your local drive. BUT: the scriptlets and expressions aren't being executed, so only the HTML is being rendered. AND: Only GET works. POST doesn't work. POST gives HTTP status code 405, which Internet Explorer identifies as Resource not allowed, though the W3C HTTP spec says it's Method not allowed. Regarding the first problem above: I'm interested to note that the IIS web log shows HTTP status code 200 for the GET when the request immediately follows a change I've made to the JSP page, and a 304 (Resouce Not Modified) for subsequent requests. My question is: why does IIS record an entry at all when it isn't the server that ultimately serves the page? And now I see that the Tomcat logs don't show any record of receiving these requests. And no log called isapi_redirect.txt is being created as it should be. It's as though IIS now feels empowered to handle JSP requests by itself--but since it doesn't know how to handle JSP, it ignores it, and just serves the HTML. Ideas? Thanks. Harlan Messinger -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Problem With Params In Web.xml
Tomas: How are you invoking the servlet? If you don't have a servlet-mapping element in your web.xml (I don't see one in what you posted, but I realize you might have posted an extract) and you're accessing it using something like http://localhost:8080/App/servlet/examples.ShowMessage, then the servlet won't read the initialization parameters you've set. Why? Because when you use the .../servlet/class.name form, you're actually using the invoker servlet that is provided by default. See the following in Tomcat's default web.xml (located in $CATALINA_HOME/conf): servlet servlet-nameinvoker/servlet-name servlet-classorg.apache.catalina.servlets.InvokerServlet/servlet-class init-param param-namedebug/param-name param-value0/param-value /init-param load-on-startup2/load-on-startup /servlet ... other sections not shown ... !-- The mapping for the invoker servlet -- servlet-mapping servlet-nameinvoker/servlet-name url-pattern/servlet/*/url-pattern /servlet-mapping What's happening is that when the url includes '/servlet', the request gets passed to the invoker servlet, which simply creates an instance of your servlet class and calls its init() and service() methods without any initialization parameters. You need to put your own servlet-mapping method into the web.xml, which calls out your servlet class and your url pattern. Then the init paramters will be available to you. Cheers, Greg Trasuk, President StratusCom Manufacturing Systems Inc. - We use information technology to solve business problems on your plant floor. http://stratuscom.ca -Original Message- From: Marek, Tomas [mailto:[EMAIL PROTECTED]] Sent: June 07, 2002 10:04 To: [EMAIL PROTECTED] Subject: Problem With Params In Web.xml Guys, could anybody help, please? Having a servlet reading parameters in init() method but it reads nothing. The servlet is in path install_dir/webapps/ROOT/WEB-INF/classes/examples and web.xml is in path install_dir/webapps/ROOT/WEB-INF. The content of web.xml looks like the following: ?xml version=1.0 encoding=ISO-8859-1? !DOCTYPE web-app PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.2//EN http://java.sun.com/j2ee/dtds/web-app_2.2.dtd; web-app servlet servlet-name ShowMsg /servlet-name servlet-class examples.ShowMessage /servlet-class init-param param-name message /param-name param-value blablabla /param-value /init-param init-param param-name repeats /param-name param-value 5 /param-value /init-param /servlet /web-app Does anybody have an idea where's the problem? Thanks in advance for any clue. tom -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
How to write files when web-app is a WAR?
From what I've read, it seems that if you package your web application in a WAR file, you have no way of attaining a path on the server's file system that you can use to write files. Reference: http://mikal.org/interests/java/tomcat/archive/view?mesg=15006. I have a web app that we'd like to package as a WAR. But, we need to be able to write various data files out to the server's file system. What solution(s) are people using for this? Writing the files to a database is not acceptable for us (I'm not a DBMS expert, but have been told that BLOB performance is not great, and that using a DB as a file system replacement is not good, etc.). I was thinking we'd have to do a bit of a hack... Basically, at the time we install our application, the user will pick the real path on their disk where the data files are stored. We then store this in a property in web.xml, and retrieve that in the app for using as the path. For links/hrefs on a web page, we'd just use something like /data_files, but then set up a path-mapping that had /data_files mapped to say /home/appname/data_files or whatever. I also am assuming I will need to ensure that this real path lies outside of the WAR expanded directory because someday Tomcat (and maybe others already?) will not expand the WAR file. Anyway, what have folks come up with? While we use Tomcat for all our development work, we'll likely have to support a variety of Servlet containers (I think we can require at least Servlet 2.2, hopefully 2.3). Chris Bailey mailto:[EMAIL PROTECTED] Code Intensity http://www.codeintensity.com -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
guys plz..help..servlet not responding
hi friends well today i stuck..so badly.. Argentina lost..and ...i'm not solving a simple ..error i might be ...doing some silly mistake well ... I made new app directory by name sachar and new virtual host by name puneet i'm not able to access the servlets from this , giving me error 404 ..not avaliable , the resourse is not avaliable. ** 127.0.0.1 - - [07/Jun/2002:23:21:08 5050] GET /sachar/servlet/snoop HTTP/1.1 404 636 ** but when i do with local host i'm getting the servlet my directory structure is like webapps sachar(all html and .jsp files) | | WEB-INF classes---(has all .class files) and i'm calling this by http://puneet:80/sachar/servlet/snoop (the connector has been changed in server.xml file and servlet mapping is also done in web.xml file) and plz look at my server.xml file == Context path=/sachar docBase=sachar debug=0 reloadable=true crossContext=true why i'm not getting the servlet and error i'm geting in the log file is this Exception noClassfoundException and Cannot allocate servlet instance for path /servlet/HelloWorldExample javax.servlet.ServletException: Wrapper cannot find servlet class HelloWorldExample or a class it depends on at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:871) java.lang.ClassNotFoundException: HelloWorldExample i know i'm lacking ...something ... but i'm very tense today plz...help me i have to make small project by monday and ...i'm helpless Plz..i need everyones help Regards Puneet __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Release date for 4.0.4
Is there a FAQ that states when releases occur? I see there is a vote by committers, but no more information. In particular - I am interested in when Tomcat 4.0.4 final may be released. Or are there plans for a beta4 first? -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Number of Tomcat Instances/Applications (improved question)
I am doing some Tomcat cost/benefit projections for my company. I need to determine the maximum number of applications that will run on Tomcat and still provide stable performance. I am not interested in a theoretical number at this time, just seeking information about what real developers are actually doing with real applications. At this time, I am not interested in what machine types, OSs, configurations, versions, are being used. I understand the answer to my questions will depend heavily on these issues as well as on the applications themselves. I just need to come up with a realistic number of instances/apps which are being run on a single machine by real users. I am seeking an answer to the following two questions: Number of Tomcat instances I am running on one machine: Number of individual applications I am running in all instances of Tomcat on one machine: Please feel free to respond to the mail list, or to me directly at [EMAIL PROTECTED] (if we don't want to clog the list with answers to this question). I will post a final resolution message to the mail list when I have come to some sort of conclusion. Thanks in advance for your help! -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Logout using FORM based authentication
Prior to the Servlet 2.3 spec, it was ambiguous as to when a client was no longer logged in. The 2.3 servlet spec states that a client is logged out when their session is invalidated. So if Tomcat works as advertised, session.invalidate() should do what you expect. Eric Everman At 12:49 PM 6/7/2002, you wrote: Hi, I use a JDBC Realm with FORM based authentication but haven't figured out a way for users to log out. Is it just to call session.invalidate() or is there any better way to do it? Markus -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
jk2 Connector Problem [jk_worker_lb.c (322)]
Hello, I was able to get the filter loaded, but I am getting the following error in the event log: Event Type: Warning Event Source: Apache Jakarta Connector2 Event Category: None Event ID: 2 Date: 6/7/2002 Time: 1:53:27 PM User: N/A Computer: WDEV-PRIEST1 Description: The description for Event ID ( 2 ) in Source ( Apache Jakarta Connector2 ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. The following information is part of the event: [jk_worker_lb.c (322)]: lb_worker.service() all workers in error or disabled state . I guess the important part is [jk_worker_lb.c (322)]: lb_worker.service() all workers in error or disabled state Here is is what my workers2.properties file looks like. It is a similar to the one specified in config.html (jakarta-tomcat-connectors\jk\doc\jk2\config.html). Problem here maybe?: logger.level=DEBUG [channel.socket:tomcat1] host=localhost port=8009 lbfactor=0.5 [channel.socket:DEFAULT] # no property here, but the channel will be constructed # with the default properties #my webapps [uri:/WEL] [uri:/slide] -Original Message- From: Ignacio J. Ortega [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 7:06 PM To: 'Tomcat Users List' Subject: RE: Switching isapi configuration from jk to jk2 De: Robert Priest [mailto:[EMAIL PROTECTED]] Enviado el: 6 de junio de 2002 22:01 Para: 'Tomcat Users List' Asunto: RE: Switching isapi configuration from jk to jk2 Besides my other questions, does the registry entry still remain the same? [HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Jakarta Isapi Redirector\2.0] See http://cvs.apache.org/viewcvs.cgi/*checkout*/jakarta-tomcat-connectors/ jk/native2/server/isapi/isapi_redirector2.reg 3. Modify ISAPI Filter Registry entries -- what are the new keys and values? the same that the new registry key names -- can I use a properties file (instead of registry) yet? yes, the same way it did before, and using exactly the same names than the new registry names.. 4. create a workers2.properties in TOMCAT_HOME/conf/ dir. that looks similar to this: logger.level=DEBUG # That's created by default if no other channel is definedc channel.socket.DEFAULT.port=8009 channel.socket.local_9009.port=9009 # that defines automatically a worker named # 'tomcat1' and an 'engine' named tomcat1 channel.socket.tomcat1.host=host1.my.com channel.socket.tomcat1.lbfactor=0.5 [uri:/examples/*] # Automatically define the lb worker and sets balanced_workers # for this particular uri. engine=DEFAULT,tomcat1 [uri:/examples2/*] # the /examples2 is only available on tomcat2 engine=tomcat1 I dont know already config very well already, :), perhaps someone could help, Costin? Please describe what you have , and what you need.. please.. Anything else? Do I need to make any changes to server.xml? I'm not a 4.0.3 user, perhaps you could try with 4.1.3 too, it's beta i think, and JK2 it's slightly more tested in 4.1.3 than in 4.0.3 i think.. Saludos , Ignacio J. Ortega -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
serious issues with tomcat and rmi
I am encountering serious issues with tomcat and rmi.. I am getting all sorts of problems ranging from 1. version 4.0.3 cannot load classes from rmi codebase.. reading the codebase but returning classnotfound exceptions.. 2. version 4.0.4 webappclass loader dying with 'Life cycle error' and access control exceptions on web-inf/lib even when used with all.policy with most liberal security settings.. 3. And all these different class loaders and exceptions look very confusing and impossible to make it work. Hope someone would throw some light.. Thanks srini = Thanks and have great day srini Everything you always wanted to know about cars and bikes,now at: http://in.autos.yahoo.com -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: guys plz..help..servlet not responding
If you haven't done so, you need to config your WEB-INF/web.xml. Read the docs for such. Sample below (may be buggy) servlet servlet-nameMyExample/servlet-name servlet-classcom.me.HelloWorldExample/servlet-class run-as descriptionSecurity role for anonymous access/description role-nametomcat/role-name /run-as /servlet servlet-mapping servlet-nameMyExample/servlet-name url-pattern/sachar/servlet/snoop/url-pattern /servlet-mapping puneet sachar puneetsachar@ya To: Tomcat Users List [EMAIL PROTECTED] hoo.com cc: Subject: guys plz..help..servlet not responding 06/07/2002 01:00 PM Please respond to Tomcat Users List hi friends well today i stuck..so badly.. Argentina lost..and ...i'm not solving a simple ..error i might be ...doing some silly mistake well ... I made new app directory by name sachar and new virtual host by name puneet i'm not able to access the servlets from this , giving me error 404 ..not avaliable , the resourse is not avaliable. ** 127.0.0.1 - - [07/Jun/2002:23:21:08 5050] GET /sachar/servlet/snoop HTTP/1.1 404 636 ** but when i do with local host i'm getting the servlet my directory structure is like webapps sachar(all html and .jsp files) | | WEB-INF classes---(has all .class files) and i'm calling this by http://puneet:80/sachar/servlet/snoop (the connector has been changed in server.xml file and servlet mapping is also done in web.xml file) and plz look at my server.xml file == Context path=/sachar docBase=sachar debug=0 reloadable=true crossContext=true why i'm not getting the servlet and error i'm geting in the log file is this Exception noClassfoundException and Cannot allocate servlet instance for path /servlet/HelloWorldExample javax.servlet.ServletException: Wrapper cannot find servlet class HelloWorldExample or a class it depends on at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:871) java.lang.ClassNotFoundException: HelloWorldExample i know i'm lacking ...something ... but i'm very tense today plz...help me i have to make small project by monday and ...i'm helpless Plz..i need everyones help Regards Puneet __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Redirect port 80 requests to 443
John Roth said: This seems simple, but ... I am running Tomcat 4.0.3, standalone on w2k. I would like all requests to http://oursite/ to be automatically redirected to https://oursite/ but am not finding an elegant/simple solution. Below is a snippet from server.xml: Why not simply create a web page that automatically redirects the request to the https page? That is what I did and it works fine. -Richard -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: serious issues with tomcat and rmi
Srini: Could you post the full stack trace that contains the ClassNotFound exception? Is it contained within an RMIServerException, with some message like Can't unmarshall ? Also, where are the access control exceptions showing up? Log files, or does Tomcat return a '404' message? Cheers, Greg Trasuk, President StratusCom Manufacturing Systems Inc. - We use information technology to solve business problems on your plant floor. http://stratuscom.ca -Original Message- From: java guru [mailto:[EMAIL PROTECTED]] Sent: June 07, 2002 15:18 To: [EMAIL PROTECTED] Subject: serious issues with tomcat and rmi I am encountering serious issues with tomcat and rmi.. I am getting all sorts of problems ranging from 1. version 4.0.3 cannot load classes from rmi codebase.. reading the codebase but returning classnotfound exceptions.. 2. version 4.0.4 webappclass loader dying with 'Life cycle error' and access control exceptions on web-inf/lib even when used with all.policy with most liberal security settings.. 3. And all these different class loaders and exceptions look very confusing and impossible to make it work. Hope someone would throw some light.. Thanks srini = Thanks and have great day srini __ __ Everything you always wanted to know about cars and bikes,now at: http://in.autos.yahoo.com -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]