Re: redirect port 8080 to 443
On Sat, 11 Oct 2003 17:38, Bill Barker wrote: It's in the FAQ: http://jakarta.apache.org/tomcat/faq/security.html#https Twan Munster [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, I'm using apache+mod_ssl+mod_jk to make a secure connection. But every time I call a page in cocoon it is called through port 8080. Is it possible to redirect a call to port 8080 to port 443? And not for the entire server, but only for a certain directory?How is this done? Assuming you have configured tomcat correctly to handle SSL its simply a matter of using https:// rather than http:// in you URL's. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat restart.
Hi, I am using Tomcat to host an application. Sometimes it happens that the JSP page giving an error, becomes fine as soon as I restart the tomcat. The error generated is specifically at the place where I am initializing the bean. Why is it so? Thanks in advance. Regards, Anunay Ashish. - Original Message - From: Peter Harrison [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Saturday, October 11, 2003 12:24 PM Subject: Re: redirect port 8080 to 443 On Sat, 11 Oct 2003 17:38, Bill Barker wrote: It's in the FAQ: http://jakarta.apache.org/tomcat/faq/security.html#https Twan Munster [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, I'm using apache+mod_ssl+mod_jk to make a secure connection. But every time I call a page in cocoon it is called through port 8080. Is it possible to redirect a call to port 8080 to port 443? And not for the entire server, but only for a certain directory?How is this done? Assuming you have configured tomcat correctly to handle SSL its simply a matter of using https:// rather than http:// in you URL's. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat hangs after a few days!
Shapira, Yoav schrieb: Howdy, Threads like these are exasperating ;) It almost definitely is a JVM/threading problem. You've already gone into a far less common configuration than most on this list by using Blackdown and green mode. If you do this, you risk not being able to get much support. I, and I imagine many others, read your original question a few days ago, said in my head Blackdown -- don't know/don't care and deleted it. Hi, maybe following hint could be important for you: Nearly ALL persons that make use of FreeBSD do NOT use the - in your words - normal configuration or normal jvms because you get trouble with it under FreeBSD. Green mode has a lot of advantages over threaded mode under some circumstances - especially when you provide a chat server with a lot of simultaneous connections! I suggest you ask John from Volano what's wrong, or alternatively at least try switching to a more common JVM and isolate the problem and benefit from advice such as that Senor Rees has been trying to give you... Like mentioned before the -QUIT signal does not produce a dump in my case, so what should I do? catalina.out grows up by adding [INFO] ChannelSocket - -server has been restarted or reset this connection Maybe someone at least ;-) can explain under which circumstances such an error message is produced? Thx a lot and regards Volker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Jav.util.logging URGENT
Hi, I am learning to use logger. I have a code snippet below
package test
import java.io.IOException;
import java.io.Serializable;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.logging.FileHandler;
import java.util.logging.SimpleFormatter;
public class Logger implements Serializable {
static SimpleDateFormat sdf = new SimpleDateFormat(_MM_dd);
public static void logInfo(String message) {
try {
java.util.logging.Logger logger =
java.util.logging.Logger.getLogger(
test);
FileHandler fh = new FileHandler(C:/ubs_ + sdf.format(new
Date()) + .log, true);
fh.setFormatter(new SimpleFormatter());
logger.addHandler(fh);
logger.info(message);
} catch (SecurityException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
}
after called Logger.logInfo(test) 2 times created 5 files?
ubs_2003_10_11.log
ubs_2003_10_11.log.lck
ubs_2003_10_11.log.1
ubs_2003_10_11.log.1.lck
ubs_2003_10_11.log.2
ubs_2003_10_11.log.2.lck
what's happened? i need Logger create one file?
Thanks in advance
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: tomcat and mac os 10.2.8 update
was /usr/local a symbilic link? If so the installation might have replaced it with a directory. so you should copy the new content to the target and reinstate the symbilic link. BTW Using JAVA_HOME: /usr sounds wrong to me. Giuliano At 13:09 -0700 2003/10/10, Augustina Blair wrote: i have a quick question... i had jakarta-tomcat-4.1.27 installed and working fine on my system. after i installed the update i keep getting this weird error message (i have a little scripty thing as per apple's instructions, that's the first 4 lines of output): Using CATALINA_BASE: /usr/local/jakarta-tomcat-4.1.27 Using CATALINA_HOME: /usr/local/jakarta-tomcat-4.1.27 Using CATALINA_TMPDIR: /usr/local/jakarta-tomcat-4.1.27/temp Using JAVA_HOME: /usr touch: /usr/local/jakarta-tomcat-4.1.27/logs/catalina.out: Bad file descriptor /usr/local/jakarta-tomcat-4.1.27/bin/catalina.sh: 1: Bad file descriptor [...] -- H U M P H || ||| software Java C++ Server/Client/Human Interface applications on MacOS - MacOS X http://www.humph.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Question about the Petstore's SignOnFilter class
Hello,
I am going through the Petstore's SignOnFilter class and I am wondering why it has
been named SignOnFilter and not SignInFilter. Isn't the businesss logic of the class
to help the signing in and not the signing on? Am I right or wrong?
Thanks in advance for your replies.
Julien.
Here is the source for the class:
package com.sun.j2ee.blueprints.signon.web;import java.io.PrintWriter;import
java.io.OutputStreamWriter;import java.io.IOException;import java.util.HashMap;import
java.util.Iterator;import java.net.URL;// J2EE importsimport
javax.servlet.ServletException;import javax.servlet.ServletContext;import
javax.servlet.Filter;import javax.servlet.FilterChain;import
javax.servlet.FilterConfig;import javax.servlet.http.HttpSession;import
javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import
javax.servlet.http.HttpServletRequest;import
javax.servlet.http.HttpServletResponse;import javax.servlet.http.Cookie;import
javax.ejb.CreateException;import javax.naming.NamingException;import
javax.naming.InitialContext;// SignOn EJB Importsimport
com.sun.j2ee.blueprints.signon.ejb.SignOnLocalHome;import
com.sun.j2ee.blueprints.signon.ejb.SignOnLocal;public class SignOnFilter implements
Filter {// these static strings define where to put/get thingspublic static
final String FORM_SIGNON_URL = j_signon_check;public static final String
FORM_USER_NAME = j_username;public static final String FORM_PASSWORD =
j_password;public static final String REMEMBER_USERNAME = j_remember_username;
public static final String USER_NAME = j_signon_username;public static final
String SIGNED_ON_USER = j_signon;public static final String ORIGINAL_URL =
j_signon_original_url;public static final String CREATE_USER_URL =
j_create_user;public static final String COOKIE_NAME = bp_signon;private
HashMap protectedResources;private FilterConfig config = null;private String
signOnErrorPage = null;private String signOnPage = null;private String
userCreationError = null;public void init(FilterConfig config) throws
ServletException {this.config = config;URL protectedResourcesURL =
null;try {protectedResourcesURL =
config.getServletContext().getResource(/WEB-INF/signon-config.xml);
SignOnDAO dao = new SignOnDAO(protectedResourcesURL);signOnErrorPage =
dao.getSignOnErrorPage();signOnPage = dao.getSignOnPage();
protectedResources = dao.getProtectedResources();} catch
(java.net.MalformedURLException ex) {System.err.println(SignonFilter:
malformed URL exception: + ex);}}public void destroy() {
config = null;} public void doFilter(ServletRequest request, ServletResponse
response, FilterChain chain)throws IOException, ServletException {
HttpServletRequest hreq = (HttpServletRequest)request;String currentURI =
hreq.getRequestURL().toString();String currentURL = hreq.getRequestURI();
// get everything after the context rootint firstSlash =
currentURL.indexOf(/,1); // jump past the starting slashString targetURL =
null;if (firstSlash != -1) targetURL = currentURL.substring(firstSlash + 1,
currentURL.length());if ((targetURL != null)
targetURL.equals(FORM_SIGNON_URL)) {validateSignOn(request, response,
chain);// jump out of this methodreturn;}//
check if the user is signed onboolean signedOn = false;if
(hreq.getSession().getAttribute(SIGNED_ON_USER) != null) {signedOn
=((Boolean)hreq.getSession().getAttribute(SIGNED_ON_USER)).booleanValue();}
else {hreq.getSession().setAttribute(SIGNED_ON_USER, new Boolean(false));
}// jump to the resource if signed onif (signedOn) {
chain.doFilter(request,response);return;}// find
out if the patterns match the target URLIterator it =
protectedResources.keySet().iterator();while (it.hasNext()) {
String protectedName = (String)it.next();ProtectedResource resource =
(ProtectedResource)protectedResources.get(protectedName);String urlPattern
= resource.getURLPattern();// now check agains the targetURLif
(urlPattern.equals(targetURL)) {// put the orginal url in the session
so others can accesshreq.getSession().setAttribute(ORIGINAL_URL,
targetURL);config.getServletContext().getRequestDispatcher(/ +
signOnPage).forward(request, response);// Jump out of the filter and
go to the next pagereturn;}}// No matches
if we made it to herechain.doFilter(request,response);} public void
validateSignOn(ServletRequest request,
Difficulty in compiling a servlet.
Hi,
The code for my bean is:
package com.scheduler;
import java.sql.*;
public class DBUpdate
{
private Connection conn;
private Statement stmt;
private ResultSet rs;
public DBUpdate()
{
conn = null;
stmt = null;
rs = null;
}
public void process(String query)
{
try
{
Class.forName(oracle.jdbc.driver.OracleDriver).newInstance();
Connection conn =
DriverManager.getConnection(jdbc:oracle:thin:@192.168.10.36:1521:myData,
mangesh, mangesh);
stmt = conn.createStatement();
rs = stmt.executeQuery(query);
System.out.println(Query: + query + executed);
}
catch(Exception exception1)
{
System.out.println(Error occured in DBUpdate.process()
SQLException : + exception1);
}
}
public ResultSet getResultSet() throws SQLException
{
return rs;
}
public void destroy()
{
conn = null;
stmt = null;
rs = null;
}
}
And for my servlet is:
package com.scheduler;
import java.io.*;
import java.sql.*;
import java.text.*;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class addDataServlet extends HttpServlet
{
private String pageFormat;
public void doPost(HttpServletRequest request, HttpServletResponse
response) throws ServletException, IOException
{
ResultSet testRS;
DBUpdate dbupdate = new DBUpdate();
pageFormat = request.getParameter(newPageFormat);
PrintWriter out = response.getWriter();
out.print(pageFormat);
String query = Select * from lookup_page_format;
dbupdate.process(query);
try
{
testRS = dbupdate.getResultSet();
while(testRS.next())
{
out.print(testRS.getString(2));
out.print(hi);
}
}
catch (SQLException e)
{
out.println(SQLException : + e);
}
try
{
//set the attribute and forward to pageFormat.jsp
request.setAttribute(servletName, addDataServlet);
getServletConfig().getServletContext().getRequestDispatcher(/Tracking_syste
m/pageFormat.jsp).forward(request, response);
}
catch (Exception ex)
{
ex.printStackTrace ();
}
}
}
On compiling the addDataServlet.java, an error is coming - Unresolved
symbol:Class DBUpadate is not resolved
Where I am doing wrong?
Thanks in advance.
Regards,
Anunay.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: Question about the Petstore's SignOnFilter class
What is the difference for you between singing in and on ? For me as non native english speaker SignIn and SignOn are equivalent. The opposite is SignOff. -Original Message- From: Julien Martin [mailto:[EMAIL PROTECTED] Sent: Saturday, October 11, 2003 1:52 PM To: Tomcat Users List Subject: Question about the Petstore's SignOnFilter class I am going through the Petstore's SignOnFilter class and I am wondering why it has been named SignOnFilter and not Thanks in advance for your replies. Julien. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JNDIRealm source code -
http://jakarta.apache.org/site/cvsindex.html
JNDIRealm is jakarta-tomcat-catalina for tomcat5,
jakarta-tomcat-4.0/catalina/ for tomcat4
I recommend more exploration before accepting an error code2 as a valid
login. Its a kluge around the MS's ldap implementation and such a kluge
probably won't make it back into the source tree. I have seen problems with
respect to JNDIRealm and MS with respect to commas, or other weird characters
in the DN with respect to escaping. (I don't remember any more details, it is
to horrifing an experience to recall) There might also be a Bugzilla report
with respect to it.
-Tim
Davi Leal wrote:
Hi,
I am using tomcat 4.1.27, Java sdk-1.4.1_02 and JNDIRealm to use the Micro$oft
Site Server service to authenticate our webapps.
I get an error code 2 exception (Protocol Error) only when the user and the
password is right. That is to say, when an OK is expected. I am thinking
about modify the JNDIRealm to support that Micro$oft returned 'code', instead
of raising an exception. It looks easy :) . You can see below the appointed
catalina log.
Can you supply me any URL, CVS repository, or whatever which points me to the
JNDI source code?.
I have read the JNDI API I must use is the one included in Java sdk 1.4.2.
Last question: Can we solve the 'M$ protocol' issue just using Tomcat 5.0?.
Regards,
Davi Leal
Tim Funk wrote:
I have gotten JNDIRealm to work against iPlanet. I have heard others get it
working against:
- Active Directory (I personally had problems due to some IT policies)
- Novell
- OpenLDAP
But in the worst case - the code is open for change so creating a custom
Realm should be simple if one understands JNDI programming. Which is what I
had to do with respect to ActiveDirectory and wacky business rules vs
domain setup.
-Tim
David Diaz wrote:
Reference: http://www.weblogic.com/docs51/admindocs/ldap2.html#intro
The WebLogic LDAP realm has been tested against the following LDAP
servers:
* OpenLDAP
* iPlanet Directory Server
* Microsoft Site Server
I would like to get a similar Tomcat link to show to my boss.
APPENDIX
The catalina log
59 JNDIRealm[Standalone]: Connecting to URL ldap://host:1003
* Testing with a no-existent user:
44 JNDIRealm[Standalone]: lookupUser(davi)
44 JNDIRealm[Standalone]: dn=cn=davi,ou=Members,o=tpi
44 JNDIRealm[Standalone]: validating credentials by binding as the user
44 JNDIRealm[Standalone]: binding as cn=davi,ou=Members,o=org
44 JNDIRealm[Standalone]: bind attempt failed
44 JNDIRealm[Standalone]: Autentificaci¾n fallida para el usuario davi
* Testing with an user which is right, but using a worng password:
36 JNDIRealm[Standalone]: lookupUser(ph32796)
36 JNDIRealm[Standalone]: dn=cn=ph32796,ou=Members,o=org
36 JNDIRealm[Standalone]: validating credentials by binding as the user
36 JNDIRealm[Standalone]: binding as cn=ph32796,ou=Members,o=org
36 JNDIRealm[Standalone]: bind attempt failed
36 JNDIRealm[Standalone]: Autentificaci¾n fallida para el usuario ph32796
* Testing with both user and password right:
09 JNDIRealm[Standalone]: lookupUser(phe2796)
09 JNDIRealm[Standalone]: dn=cn=phe2796,ou=Members,o=org
09 JNDIRealm[Standalone]: validating credentials by binding as the user
09 JNDIRealm[Standalone]: binding as cn=phe2796,ou=Members,o=org
09 JNDIRealm[Standalone]: Excepci¾n al realizar la autentificaci¾n
javax.naming.CommunicationException: [LDAP: error code 2 - Protocol Error];
remaining name ''
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2965)
...
09 JNDIRealm[Standalone]: Closing directory context
The realm we are using in server.xml
Realm className=org.apache.catalina.realm.JNDIRealm debug=99
connectionName=cn=PHE2796,ou=Members,o=org
connectionPassword=
connectionURL=ldap://host:1003;
userPattern=cn={0},ou=Members,o=org
userSubtree=true
roleBase=ou=UserCFuncional,ou=CFuncional,ou=Groups,o=org
roleName=cn
roleSearch=(uniqueMember={0})
/
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Question about the Petstore's SignOnFilter class
Hello Ralph, I am not a native english speaker either. I thought that to sign on meant to register and to sign in meant to authenticate oneself. Can anyone help? Julien. - Original Message - From: Ralph Einfeldt [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Saturday, October 11, 2003 2:37 PM Subject: RE: Question about the Petstore's SignOnFilter class What is the difference for you between singing in and on ? For me as non native english speaker SignIn and SignOn are equivalent. The opposite is SignOff. -Original Message- From: Julien Martin [mailto:[EMAIL PROTECTED] Sent: Saturday, October 11, 2003 1:52 PM To: Tomcat Users List Subject: Question about the Petstore's SignOnFilter class I am going through the Petstore's SignOnFilter class and I am wondering why it has been named SignOnFilter and not Thanks in advance for your replies. Julien. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Clustering Tomcat - Loadbalancing and Failover
Very nice! does the mcastAddr=228.1.2.3 imply tcp multicasting using java.net.MulticastSocket? What is in place for security? Does the cluster support loadbalancing? or failover? how can its config be tweeked? The filter, shown at the link provided, doesnt seem to support jsp/servlets. can this be done too? how? thanks again = = Management is doing things right; leadership is doing the = = right things.- Peter Drucker= =___= = http://www.sun.com/service/sunps/jdc/javacenter.pdf = = www.sun.com | www.javasoft.com | http://www.sun.com/sunone = = Filip Hanik wrote: http://cvs.apache.org/~fhanik/ how are session states replicated? once, after the entire request is completed. If the session is not dirty, no replication will be done Doesn't use java groups, instead pure UDP/TCP. Filip - Original Message - From: jerome moliere [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Wednesday, October 08, 2003 11:34 PM Subject: Re: Clustering Tomcat - Loadbalancing and Failover Hanasaki JiJi wrote: Hello, What is available, in Tomcat, or as an add-on, and preferably free/open-source to cluster tomcat for: load balancing fail over humm filip hanik could answer with more details (or remy maucherat) but as far as I know new Tomcat 5 code (backported to 4.1) use the Javagroups library for replication mechanism. For tomcat 4.1, adding jars (javagroups + patch) is enough to add theses features... For tomcat 5, nothing needed because it's one of the new features... how are session states replicated? It's one of the limits of this system, because every put made, induces replication for the entire object using broadcast (by default). So heavy traffic... Also, in general, and a bit off-topic (my apologies), are there any resources for the design, or open source implementation, of load balancing / fail-over frameworks? javagroups :) google may point you to the current address !!! I think that this porject recently joined the JBOSS project Thanks Jerome - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Difficulty in compiling a servlet.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On compiling the addDataServlet.java, an error is coming - Unresolved symbol:Class DBUpadate is not resolved DBUpdate is not in the classpath of the compiler when the servlet is being compiled. Mit freundlichem Gruß / With kind regards Holger Klawitter - -- lists at klawitter dot de -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/iAQC1Xdt0HKSwgYRAnGTAJ9mVognPcpOFgLfwBU94CxNvK/9+wCeMw9N xDuLDar8XqXTOOncKktqvq4= =p4dV -END PGP SIGNATURE- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Getting segmentation faults with Apache 2.0.47/Tomcat 4.1.27/mod_jk2
Hi, I have a hard time configuring Apache 2.0.47 with Tomcat 4.1.27 using mod_jk2/jni/jdk 1.4.2 on a Mandrake Linux 9.1 box. I compiled Apache and tomcat connectors myself. Both Apache and Tomcat work fine for them selves. Connecting them produces the following output in /var/log/httpd/error_log: [Sat Oct 11 09:03:16 2003] [error] jk2_init() Can't find child 30753 in scoreboard [Sat Oct 11 09:03:16 2003] [notice] Apache/2.0.47 (Unix) mod_jk2/2.0.3-dev configured -- resuming normal operations [Sat Oct 11 09:03:16 2003] [notice] child pid 562 exit signal Segmentation fault (11) and I get lots of [Sat Oct 11 09:03:16 2003] [notice] child pid X exit signal Segmentation fault (11) [Sat Oct 11 09:03:16 2003] [error] jk2_init() Can't find child X in scoreboard In my /var/log/syslog I also get grsecurity warnings of the following kind: Oct 11 14:33:59 blofeld kernel: grsec: signal 11 sent to (httpd:X) UID(65534) EUID(65534), parent (httpd:5213) UID(0) EUID(0) Before I even begin annoying someone with my configuration setup (and I allready tried a lot), there might be someone who could answer the following question first: Is this an Apache/grsecurity problem or an Apache/Tomcat configuration issue or both? In the first case it might be better to address another mailing list. I appreciate any input. Cheers Mario - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JNDIRealm source code - (was: Re: Tomcat vs Bea WebLogic)
Hi,
I am using tomcat 4.1.27, Java sdk-1.4.1_02 and JNDIRealm to use the Micro$oft
Site Server service to authenticate our webapps.
I get an error code 2 exception (Protocol Error) only when the user and the
password is right. That is to say, when an OK is expected. I am thinking
about modify the JNDIRealm to support that Micro$oft returned 'code', instead
of raising an exception. It looks easy :) . You can see below the appointed
catalina log.
Can you supply me any URL, CVS repository, or whatever which points me to the
JNDI source code?.
I have read the JNDI API I must use is the one included in Java sdk 1.4.2.
Last question: Can we solve the 'M$ protocol' issue just using Tomcat 5.0?.
Regards,
Davi Leal
Tim Funk wrote:
I have gotten JNDIRealm to work against iPlanet. I have heard others get it
working against:
- Active Directory (I personally had problems due to some IT policies)
- Novell
- OpenLDAP
But in the worst case - the code is open for change so creating a custom
Realm should be simple if one understands JNDI programming. Which is what I
had to do with respect to ActiveDirectory and wacky business rules vs
domain setup.
-Tim
David Diaz wrote:
Reference: http://www.weblogic.com/docs51/admindocs/ldap2.html#intro
The WebLogic LDAP realm has been tested against the following LDAP
servers:
* OpenLDAP
* iPlanet Directory Server
* Microsoft Site Server
I would like to get a similar Tomcat link to show to my boss.
APPENDIX
The catalina log
59 JNDIRealm[Standalone]: Connecting to URL ldap://host:1003
* Testing with a no-existent user:
44 JNDIRealm[Standalone]: lookupUser(davi)
44 JNDIRealm[Standalone]: dn=cn=davi,ou=Members,o=tpi
44 JNDIRealm[Standalone]: validating credentials by binding as the user
44 JNDIRealm[Standalone]: binding as cn=davi,ou=Members,o=org
44 JNDIRealm[Standalone]: bind attempt failed
44 JNDIRealm[Standalone]: Autentificaci¾n fallida para el usuario davi
* Testing with an user which is right, but using a worng password:
36 JNDIRealm[Standalone]: lookupUser(ph32796)
36 JNDIRealm[Standalone]: dn=cn=ph32796,ou=Members,o=org
36 JNDIRealm[Standalone]: validating credentials by binding as the user
36 JNDIRealm[Standalone]: binding as cn=ph32796,ou=Members,o=org
36 JNDIRealm[Standalone]: bind attempt failed
36 JNDIRealm[Standalone]: Autentificaci¾n fallida para el usuario ph32796
* Testing with both user and password right:
09 JNDIRealm[Standalone]: lookupUser(phe2796)
09 JNDIRealm[Standalone]: dn=cn=phe2796,ou=Members,o=org
09 JNDIRealm[Standalone]: validating credentials by binding as the user
09 JNDIRealm[Standalone]: binding as cn=phe2796,ou=Members,o=org
09 JNDIRealm[Standalone]: Excepci¾n al realizar la autentificaci¾n
javax.naming.CommunicationException: [LDAP: error code 2 - Protocol Error];
remaining name ''
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2965)
...
09 JNDIRealm[Standalone]: Closing directory context
The realm we are using in server.xml
Realm className=org.apache.catalina.realm.JNDIRealm debug=99
connectionName=cn=PHE2796,ou=Members,o=org
connectionPassword=
connectionURL=ldap://host:1003;
userPattern=cn={0},ou=Members,o=org
userSubtree=true
roleBase=ou=UserCFuncional,ou=CFuncional,ou=Groups,o=org
roleName=cn
roleSearch=(uniqueMember={0})
/
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: Jav.util.logging URGENT
What version of Java are you using?
-Original Message-
From: Galbayar [mailto:[EMAIL PROTECTED]
Sent: Saturday, October 11, 2003 2:54 AM
To: Tomcat Users List
Subject: Jav.util.logging URGENT
Hi, I am learning to use logger. I have a code snippet below
package test
import java.io.IOException;
import java.io.Serializable;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.logging.FileHandler;
import java.util.logging.SimpleFormatter;
public class Logger implements Serializable {
static SimpleDateFormat sdf = new SimpleDateFormat(_MM_dd);
public static void logInfo(String message) {
try {
java.util.logging.Logger logger =
java.util.logging.Logger.getLogger(
test);
FileHandler fh = new FileHandler(C:/ubs_ + sdf.format(new
Date()) + .log, true);
fh.setFormatter(new SimpleFormatter());
logger.addHandler(fh);
logger.info(message);
} catch (SecurityException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
}
after called Logger.logInfo(test) 2 times created 5 files?
ubs_2003_10_11.log
ubs_2003_10_11.log.lck
ubs_2003_10_11.log.1
ubs_2003_10_11.log.1.lck
ubs_2003_10_11.log.2
ubs_2003_10_11.log.2.lck
what's happened? i need Logger create one file?
Thanks in advance
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
NEWBEE: try to connect to Firebird database.
Hi all I'm lost, I try to connect to a firebird database with the Jaybird jdbc. I have her the syntax of my page, because I don't now if it is tomcat, the JDBC or my page who is making the error. The error is at the bottom of this msg. So can some body tell me what is wrong here, or where to start. Thnx Richard ## Here is the syntax of my page ### %@ page contentType=text/html; charset=iso-8859-1 language=java import=java.sql.*, javax.naming.*,javax.sql.* errorPage= % html head titleUntitled Document/title meta http-equiv=Content-Type content=text/html; charset=iso-8859-1 /head body % Connection con; String databaseURL = jdbc:firebirdsql:192.168.0.115/3050:/home/firebird/data/employee.fdb; String user = sysdba; String password = richard; //String driverName = org.firebirdsql.jdbc.FBDriver; java.sql.Connection c = null; java.sql.Statement s = null; java.sql.ResultSet rs = null; //Load driver Class.forName(org.firebirdsql.jdbc.FBDriver); //Attempt to connect to a driver. c = DriverManager.getConnection(databaseURL, user, password); //Create a Statement object s = c.createStatement(); //java.sql.ResultSet result = stmt.executeQuery (select full_name from employee where salary 5); rs = s.executeQuery(SELECT * FROM SALES); % /table /body /html ## Error msg # Error: 500 Location: /connect3.jsp Internal Servlet Error: javax.servlet.ServletException at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:508) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:405) at org.apache.tomcat.core.Handler.service(Handler.java:287) at org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372) at org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:81 2) at org.apache.tomcat.core.ContextManager.service(ContextManager.java:758) at org.apache.tomcat.service.connector.Ajp12ConnectionHandler.processConnection (Ajp12ConnectionHandler.java:166) at org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416) at org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:501) at java.lang.Thread.run(Thread.java:484) Root cause: java.lang.NoClassDefFoundError at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:120) at _0002fconnect_00033_0002ejspconnect3_jsp_20._jspService(_0002fconnect_00033_ 0002ejspconnect3_jsp_20.java:82) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:119) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.jasper.servlet.JspServlet$JspCountedServlet.service(JspServlet.ja va:130) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.jasper.servlet.JspServlet$JspServletWrapper.service(JspServlet.ja va:282) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:429) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:500) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:405) at org.apache.tomcat.core.Handler.service(Handler.java:287) at org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372) at org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:81 2) at org.apache.tomcat.core.ContextManager.service(ContextManager.java:758) at org.apache.tomcat.service.connector.Ajp12ConnectionHandler.processConnection (Ajp12ConnectionHandler.java:166) at org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416) at org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:501) at java.lang.Thread.run(Thread.java:484) ### # - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Performance problem?
Hello All:
While profiling my app, I also see another baffling output from my code:
10/10/2003 7:00:56.391 PM [Thread-96] Before synchronized block
10/10/2003 7:00:56.391 PM [Thread-96] Getting server context
10/10/2003 7:04:07.762 PM [Thread-96] Setting server context attribute
This corresponds to this code in my class:
ServerContext serverContext = null;
addNote(req,Before synchronized block );
synchronized (serverContextManager) {
// Record the time when we entered the synchronized block
Calendar synchronizedStart = new GregorianCalendar();
addNote(req,Getting server context );
serverContext =
(ServerContext)serverContextManager.get(httpHost);
//
// If doing a reset.
//
if (req.getParameter(_RESET_PARAM) != null serverContext !=
null) {
addNote(req,Destrying server context );
serverContext.destroy();
serverContext = null;
}
//
// If serverContext null then create it.
//
if (serverContext == null) {
addNote(req,Creating server context );
System.out.println(Config: + systemRoot + /config/ +
httpHost);
serverContext = new ServerContext(this,
systemRoot +
/config/+httpHost,req);
serverContextManager.put(httpHost, serverContext);
}
addNote(req,Setting server context attribute );
req.setAttribute(SERVER_CONTEXT, serverContext);
As you can see, the delay occurred while getting the server context from
serverContextManager (which is a java.util.Hashtable) and doing some
simple
if statement checks (which never get executed).
Looking at the GC logs to ensure that this is not a GC delay, I see the
next GC statement after this output is:
9422.37: [GC 178147K-160010K(298744K), 0.0233400 secs]
Grepping the log for GC statements, I get these around this event:
9102.61: [GC 295917K-278423K(298744K), 0.0055240 secs]
9102.67: [GC 296443K-278451K(298744K), 0.0055600 secs]
9102.74: [GC 296984K-278479K(298744K), 0.0051700 secs]
9102.81: [GC 296607K-278507K(298744K), 0.0053320 secs]
9102.88: [GC 296961K-278535K(298744K), 0.0052320 secs]
9102.94: [GC 296304K-278559K(298744K), 0.0052560 secs]
9103.01: [GC 296738K-278585K(298744K), 0.0054490 secs]
9103.07: [GC 295993K-278609K(298744K), 0.0052450 secs]
9103.13: [GC 296458K-278713K(298744K), 0.0055630 secs]
9103.2: [GC 296852K-278737K(298744K), 0.0056190 secs]
9103.27: [GC 297221K-278761K(298744K), 0.0054230 secs]
9103.33: [GC 296333K-278784K(298744K), 0.0054540 secs]
9103.39: [GC 296679K-278805K(298744K), 0.0053570 secs]
9103.46: [GC 297002K-278828K(298744K), 0.0054750 secs]
9110.38: [GC 297375K-280719K(300056K), 0.0164410 secs]
9110.4: [Full GC 280719K-151025K(300056K), 0.2755410 secs]
9115.45: [GC 169584K-151883K(298744K), 0.0064940 secs]
9116.49: [GC 170439K-152421K(298744K), 0.0068510 secs]
9117.41: [GC 170978K-152646K(298744K), 0.0075410 secs]
9123.96: [GC 171202K-152704K(298744K), 0.0071470 secs]
9126: [GC 171264K-152757K(298744K), 0.0063730 secs]
9130.04: [GC 171302K-153194K(298744K), 0.0068320 secs]
9133.61: [GC 171726K-153551K(298744K), 0.0077230 secs]
9136.89: [GC 172096K-153762K(298744K), 0.0074560 secs]
9140.67: [GC 172322K-154029K(298744K), 0.0077430 secs]
9140.77: [GC 172722K-154313K(298744K), 0.0067860 secs]
9147.56: [GC 173003K-154481K(298744K), 0.0125330 secs]
9158.27: [GC 173011K-154929K(298744K), 0.0127420 secs]
9158.75: [GC 173468K-155000K(298744K), 0.0076740 secs]
9167.62: [GC 173551K-155512K(298744K), 0.0081280 secs]
9169.75: [Full GC 170487K-155074K(298744K), 0.2686600 secs]
9170.11: [GC 173634K-155720K(298744K), 0.0056310 secs]
9174.28: [GC 174280K-156023K(298744K), 0.0054010 secs]
9181.61: [GC 174577K-156404K(298744K), 0.0073980 secs]
9186.08: [GC 174964K-156546K(298744K), 0.0078340 secs]
9187.57: [GC 175104K-156833K(298744K), 0.0072990 secs]
9193.42: [GC 175387K-157125K(298744K), 0.0076240 secs]
9212.22: [GC 175685K-157160K(298744K), 0.0077510 secs]
9213.55: [Full GC 158189K-154977K(298744K), 0.2687580 secs]
9218.27: [GC 173593K-155527K(298744K), 0.0048250 secs]
9224.63: [GC 174039K-156180K(298744K), 0.0069800 secs]
9226.92: [GC 174717K-156202K(298744K), 0.0066730 secs]
9284.39: [GC 174762K-156688K(298744K), 0.0113370 secs]
9413.07: [GC 175248K-159587K(298744K), 0.0239160 secs]
9422.37: [GC 178147K-160010K(298744K), 0.0233400 secs]
9422.52: [GC 178570K-160892K(298744K), 0.0201960 secs]
9422.66: [GC 179452K-161365K(298744K), 0.0130190 secs]
9422.79: [GC 179925K-162077K(298744K), 0.0210060 secs]
9422.96: [GC 180637K-163041K(298744K), 0.0185410 secs]
9423.11: [GC 181594K-163586K(298744K), 0.0169170 secs]
9423.22: [GC 182146K-164363K(298744K), 0.0081180 secs]
9423.3: [GC 183055K-165082K(298744K), 0.0153120 secs]
9423.37: [GC 183681K-165560K(298744K), 0.0078910 secs]
9428.96: [GC 184120K-165820K(298744K), 0.0067790 secs]
9429.67: [GC
form-based authentication session.invalidate
I am using session.invalidate() to try to cause the user to receive another login request, using CMS form-based authentication. I saw the same issue in bugzilla but for basic authentication: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12147 where the tomcat developer/bugzilla person resolved the issue saying that CMS basic authentication cannot be manipulated in this way since the browser sends the login info with every request, requiring the user to close the browser before seeing another login request. Is this the same for form-based authentication? I thought that in tomcat4 I was getting new login request for the users just by invalidating their sessions. Am I deluding myself? Thanks Adam -- struts 1.1 + tomcat 5.0.12 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: form-based authentication session.invalidate
Authentication information is somewhat stored in the session for form based authentication. (I can't remember the specifics) So using session.invalidate should log the user out. This works since the session id which is a cookie or URL rewriting scheme is what the browser keys in on. By invalidating that id on the server, the browser is now sending an invalid credential and thus logged out. In BASIC authentication, the credentials are stored in the web browser and sent when/if requested. So the only way to get rid of those stored credentials is by closing the web browser. [Of course, when the web server is restarted or web app restarted - I can't recall what happens to the authentication information. ] -Tim Adam Hardy wrote: I am using session.invalidate() to try to cause the user to receive another login request, using CMS form-based authentication. I saw the same issue in bugzilla but for basic authentication: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12147 where the tomcat developer/bugzilla person resolved the issue saying that CMS basic authentication cannot be manipulated in this way since the browser sends the login info with every request, requiring the user to close the browser before seeing another login request. Is this the same for form-based authentication? I thought that in tomcat4 I was getting new login request for the users just by invalidating their sessions. Am I deluding myself? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Apache+Tomcat with mod_jk on OS X
I'm trying to get Apache (1.3.27) integrated with Tomcat (4.1.27) on OS X. I've read the following article (http://tinyurl.com/qkgp), which didn't help much, as well as my own (http://raibledesigns.com/tomcat), but I've found no success. I downloaded mod_jk.so (for 1.3.27) from http://tinyurl.com/qkh6. Currently, the issue I'm having is with Apache, hopefully someone can help. When I restart Apache, I get: Invalid command 'JkWorkersFile' I've heard that folks are using 'webapp' for Apache+Tomcat integration on OS X, but I'd rather use mod_jk b/c I'm familiar with it (or jk2). Has anyone got either of these working? Please share your experiences. Thanks, Matt
Re: NEWBEE: try to connect to Firebird database.
Root cause: java.lang.NoClassDefFoundError at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:120) The problem is that you don't deploy the FirebirdSQL driver. Put all the following files firebirdsql-full.jar jaas.jar log4j-core.jar mini-concurrent.jar mini-j2ee.jar in the WEB-INF\lib folder. That's all. Diego - Original Message - From: Richard Drent (Drent IT BV) [EMAIL PROTECTED] To: 'Tomcat Users List' [EMAIL PROTECTED] Sent: Saturday, October 11, 2003 5:33 PM Subject: NEWBEE: try to connect to Firebird database. Hi all I'm lost, I try to connect to a firebird database with the Jaybird jdbc. I have her the syntax of my page, because I don't now if it is tomcat, the JDBC or my page who is making the error. The error is at the bottom of this msg. So can some body tell me what is wrong here, or where to start. Thnx Richard ## Here is the syntax of my page ### %@ page contentType=text/html; charset=iso-8859-1 language=java import=java.sql.*, javax.naming.*,javax.sql.* errorPage= % html head titleUntitled Document/title meta http-equiv=Content-Type content=text/html; charset=iso-8859-1 /head body % Connection con; String databaseURL = jdbc:firebirdsql:192.168.0.115/3050:/home/firebird/data/employee.fdb; String user = sysdba; String password = richard; //String driverName = org.firebirdsql.jdbc.FBDriver; java.sql.Connection c = null; java.sql.Statement s = null; java.sql.ResultSet rs = null; //Load driver Class.forName(org.firebirdsql.jdbc.FBDriver); //Attempt to connect to a driver. c = DriverManager.getConnection(databaseURL, user, password); //Create a Statement object s = c.createStatement(); //java.sql.ResultSet result = stmt.executeQuery (select full_name from employee where salary 5); rs = s.executeQuery(SELECT * FROM SALES); % /table /body /html ## Error msg # Error: 500 Location: /connect3.jsp Internal Servlet Error: javax.servlet.ServletException at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:508) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:405) at org.apache.tomcat.core.Handler.service(Handler.java:287) at org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372) at org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:81 2) at org.apache.tomcat.core.ContextManager.service(ContextManager.java:758) at org.apache.tomcat.service.connector.Ajp12ConnectionHandler.processConnection (Ajp12ConnectionHandler.java:166) at org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416) at org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:501) at java.lang.Thread.run(Thread.java:484) Root cause: java.lang.NoClassDefFoundError at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:120) at _0002fconnect_00033_0002ejspconnect3_jsp_20._jspService(_0002fconnect_00033_ 0002ejspconnect3_jsp_20.java:82) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:119) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.jasper.servlet.JspServlet$JspCountedServlet.service(JspServlet.ja va:130) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.jasper.servlet.JspServlet$JspServletWrapper.service(JspServlet.ja va:282) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:429) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:500) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:405) at org.apache.tomcat.core.Handler.service(Handler.java:287) at org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372) at org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:81 2) at org.apache.tomcat.core.ContextManager.service(ContextManager.java:758) at org.apache.tomcat.service.connector.Ajp12ConnectionHandler.processConnection (Ajp12ConnectionHandler.java:166) at org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416) at org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:501) at java.lang.Thread.run(Thread.java:484) ### # - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[ANN] Apache Tomcat mod_jk 1.2.5 Web Server Connector released
[October 11, 2003] The Tomcat team is pleased to announce the release of version 1.2.5 of the Apache Tomcat mod_jk web server connector. Tomcat is the reference implementation of a web application server which implements the Java Servlet and JavaServer Pages specifications. mod_jk is a connector which allows a web server such as Apache HTTPD or IIS to act as a front end to the Tomcat web application server. This version fixes a number of minor bugs. See the file CHANGES.txt in the source distribution for a complete list of changes. Soucre distribtions can be downloaded from an Apache Software Foundation mirror at: http://jakarta.apache.org/site/sourceindex.cgi Binary distributions for a number of different operating systems and web servers can be downloaded from an Apache Software Foundation mirror at: http://jakarta.apache.org/site/binindex.cgi Documentation for using mod_jk with Tomcat 3.3, 4.1, and 5.0 can be found at: http://jakarta.apache.org/tomcat/ The Apache Tomcat team. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[HELP!] Which key alias names to use for SSL?
[I sent this once before, but got no response, and I'm not sure what to do. Thanks in advance.] Hi guys, I'm trying to setup my Tomcat (4.1.27) server to work with SSL. I got a CA-signed cert to go with my private key and CA root cert, but I'm confused as to how to name the alias for the CA-signed-cert and my private key. The Tomcat SSL How-To is confusing me, becuase it says to give the tomcat alias to both the private key and the CA-signed key. I tried it and it overwrote my private key (luckily I made a backup of my keystore). I'm looking at this documentation: http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl-howto.html It also doesn't seem possible to configure the alias names in server.xml. So what alias names should I use? :-) Thanks! Sonny _ Instant message with integrated webcam using MSN Messenger 6.0. Try it now FREE! http://msnmessenger-download.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Question about the Petstore's SignOnFilter class
IMHO sign in and sign on are equivalent. To register is, well, register :-) The only suggestion I would make is that you use Sign in/Sign out or Sign on/Sign off consistently. Steve -Original Message- From: Julien Martin [mailto:[EMAIL PROTECTED] Sent: October 11, 2003 6:17 AM To: Tomcat Users List Subject: Question about the Petstore's SignOnFilter class Hello Ralph, I am not a native english speaker either. I thought that to sign on meant to register and to sign in meant to authenticate oneself. Can anyone help? Julien. - Original Message - From: Ralph Einfeldt [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Saturday, October 11, 2003 2:37 PM Subject: RE: Question about the Petstore's SignOnFilter class What is the difference for you between singing in and on ? For me as non native english speaker SignIn and SignOn are equivalent. The opposite is SignOff. -Original Message- From: Julien Martin [mailto:[EMAIL PROTECTED] Sent: Saturday, October 11, 2003 1:52 PM To: Tomcat Users List Subject: Question about the Petstore's SignOnFilter class I am going through the Petstore's SignOnFilter class and I am wondering why it has been named SignOnFilter and not Thanks in advance for your replies. Julien. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Invoking Perl script through Tomcat
Hi, I'm trying to run a Perl script in Tomcat 4.1.27 (perl version: ActivePerl build 5.8.0 build 806) and it's giving me the error pasted below, when I submit to the script from an html. I have done the renaming of jars and uncommenting in two places in web.xml. I've also tried having the cgi script under my own application directory under webapps folder, and also under ROOT - am still getting the same error. Please let me know if you have any idea to resolve the problem. java.io.IOException: CreateProcess: perl c:\Tomcat\jakarta-tomcat-4.1.27\webapps\ROOT\WEB-INF\cgi\encrypt.cgi error=2 at java.lang.Win32Process.create(Native Method) at java.lang.Win32Process.(Win32Process.java:66) at java.lang.Runtime.execInternal(Native Method) at java.lang.Runtime.exec(Runtime.java:566) at java.lang.Runtime.exec(Runtime.java:428) at org.apache.catalina.servlets.CGIServlet$CGIRunner.run(CGIServlet.java:1588) at org.apache.catalina.servlets.CGIServlet.doGet(CGIServlet.java:635) at javax.servlet.http.HttpServlet.service(HttpServlet.java:740) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:256) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2416) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643) at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:171) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:223) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:601) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:392) at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:565) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:619) at java.lang.Thread.run(Thread.java:534)
Re: form-based authentication session.invalidate
I have just figured out that the SSO in JSESSIONIDSSO stands for single-sign-on. I have the following JSP: remote user %=request.getRemoteUser() % in session %= session.getId() % % session.invalidate(); % and after doing a login, I saw I got JSESSIONID and JSESSIONIDSSO cookies. I then go to a second site on my tomcat and get a second JSESSIONID without having to do a login coz of SSO. Now going to this page which has the stuff above, and refreshing over and over always showed the following: remote user adam in session EB2543D909D52551EA58C77E963CDD17 remote user adam in session EA33F35CCB3D1205A88226029C65939C remote user adam in session 8814C0365D3F0BDD97B1DE9B7EAECD17 remote user adam in session 1B7F0424190985F24A294EA2344888C5 I see the JSESSIONIDSSO cookie is keeping my remoteUser info active. This shouldn't be the case I'm sure. If I delete the SSO cookie in mozilla, I get a login request on my next request. Also if I only login to one site, even though I get the SSO cookie, when I invalidate the session, I immediately get a login request. Strange. This is not correct behaviour for tomcat, is it? Adam On 10/11/2003 06:04 PM Tim Funk wrote: Authentication information is somewhat stored in the session for form based authentication. (I can't remember the specifics) So using session.invalidate should log the user out. This works since the session id which is a cookie or URL rewriting scheme is what the browser keys in on. By invalidating that id on the server, the browser is now sending an invalid credential and thus logged out. In BASIC authentication, the credentials are stored in the web browser and sent when/if requested. So the only way to get rid of those stored credentials is by closing the web browser. [Of course, when the web server is restarted or web app restarted - I can't recall what happens to the authentication information. ] -Tim Adam Hardy wrote: I am using session.invalidate() to try to cause the user to receive another login request, using CMS form-based authentication. I saw the same issue in bugzilla but for basic authentication: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12147 where the tomcat developer/bugzilla person resolved the issue saying that CMS basic authentication cannot be manipulated in this way since the browser sends the login info with every request, requiring the user to close the browser before seeing another login request. Is this the same for form-based authentication? I thought that in tomcat4 I was getting new login request for the users just by invalidating their sessions. Am I deluding myself? -- struts 1.1 + tomcat 5.0.12 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [HELP!] Which key alias names to use for SSL?
On 10/11/2003 09:08 PM Sonny Sukumar wrote: [I sent this once before, but got no response, and I'm not sure what to do. Thanks in advance.] Hi guys, I'm trying to setup my Tomcat (4.1.27) server to work with SSL. I got a CA-signed cert to go with my private key and CA root cert, but I'm confused as to how to name the alias for the CA-signed-cert and my private key. The Tomcat SSL How-To is confusing me, becuase it says to give the tomcat alias to both the private key and the CA-signed key. I tried it and it overwrote my private key (luckily I made a backup of my keystore). I'm looking at this documentation: http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl-howto.html It also doesn't seem possible to configure the alias names in server.xml. So what alias names should I use? :-) Hi Sonny, the following is from a thread I kept since I knew I would need it one day. There's more in the list archives in this thread if you need it (sorry don't have the link to the thread): I still don't know what I did wrong in the first place, but after starting over with VeriSign, all is well now. I thought I'd share the (simple!) steps I took to get SSL running using keytool/tomcat in case anyone else might find this useful: # keytool -genkey -alias tomcat -keyalg RSA [enter a password and all necessary information, then just enter at next password prompt] # cp ~/.keystore ~/.keystore-backup # keytool -certreq -keyalg RSA -alias tomcat -file certreq.csr [enter same password] [give contents of certreq.csr to VeriSign and wait for response...] [NOTE: when asked to select my server software, I chose apache since they didn't have Tomcat in their list...I don't know if this matters, but it worked] # keytool -import -trustcacerts -file intermediate.crt -alias root [enter same password] [NOTE: intermediate.crt is the file found here: http://www.verisign.com/support/install/intermediate.html] # keytool -import trustcacerts -file public.crt -alias tomcat [enter same password] [where public.crt is the certificate sent from VeriSign after they complete their approval process] [finally, edit ...tomcat/conf/server.xml and enable the SSL connector section, adding keystorePass=[password] as an attribute to the Factory tag] Hope this helps. Thanks to all who provided suggestions along the way. -- struts 1.1 + tomcat 5.0.12 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Apache+Tomcat with mod_jk on OS X
At 10:52 -0600 2003/10/11, Matt Raible wrote: I'm trying to get Apache (1.3.27) integrated with Tomcat (4.1.27) on OS X. [...] I downloaded mod_jk.so (for 1.3.27) from http://tinyurl.com/qkh6. Currently, the issue I'm having is with Apache, hopefully someone can help. When I restart Apache, I get: Invalid command 'JkWorkersFile' have you LoadModule jk_module modules/mod_jk.so haven't you? (clearly with the correct location for your mod_jk.so) Giuliano - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [HELP!] Which key alias names to use for SSL?
Hi Adam, Your first step was: # keytool -genkey -alias tomcat -keyalg RSA and your last step was: # keytool -import trustcacerts -file public.crt -alias tomcat So you used the same alias (tomcat) for both the private key and the signed public key. This is what doesn't work for me, because when I import the signed public key using the same (tomcat) alias, my private key gets overwritten. I've verified this using keytool list -keystore ./.keystore I also have the root cert from GeoTrust in there with alias root. The root cert is actually an Equifax cert valid from 1998 to 2018, but the GeoTrust tech support rep told me to use that one. Could this be the problem? Other ideas? Thanks, Sonny From: Adam Hardy [EMAIL PROTECTED] On 10/11/2003 09:08 PM Sonny Sukumar wrote: [I sent this once before, but got no response, and I'm not sure what to do. Thanks in advance.] Hi guys, I'm trying to setup my Tomcat (4.1.27) server to work with SSL. I got a CA-signed cert to go with my private key and CA root cert, but I'm confused as to how to name the alias for the CA-signed-cert and my private key. The Tomcat SSL How-To is confusing me, becuase it says to give the tomcat alias to both the private key and the CA-signed key. I tried it and it overwrote my private key (luckily I made a backup of my keystore). I'm looking at this documentation: http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl-howto.html It also doesn't seem possible to configure the alias names in server.xml. So what alias names should I use? :-) _ Instant message with integrated webcam using MSN Messenger 6.0. Try it now FREE! http://msnmessenger-download.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Apache+Tomcat with mod_jk on OS X
Yep, and that appears to work just fine. On Saturday, October 11, 2003, at 02:54 PM, Giuliano Gavazzi wrote: At 10:52 -0600 2003/10/11, Matt Raible wrote: I'm trying to get Apache (1.3.27) integrated with Tomcat (4.1.27) on OS X. [...] I downloaded mod_jk.so (for 1.3.27) from http://tinyurl.com/qkh6. Currently, the issue I'm having is with Apache, hopefully someone can help. When I restart Apache, I get: Invalid command 'JkWorkersFile' have you LoadModule jk_module modules/mod_jk.so haven't you? (clearly with the correct location for your mod_jk.so) Giuliano - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: NEWBEE: try to connect to Firebird database.
The weird this is that they are in WEB-INF/lib And also in the Jakarta-tomcat/lib And I tried also with attribute 777, but Im lost in this one... Is my syntax of connecting OK??? Greetz richard Root cause: java.lang.NoClassDefFoundError at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:120) The problem is that you don't deploy the FirebirdSQL driver. Put all the following files firebirdsql-full.jar jaas.jar log4j-core.jar mini-concurrent.jar mini-j2ee.jar in the WEB-INF\lib folder. That's all. Diego - Original Message - From: Richard Drent (Drent IT BV) [EMAIL PROTECTED] To: 'Tomcat Users List' [EMAIL PROTECTED] Sent: Saturday, October 11, 2003 5:33 PM Subject: NEWBEE: try to connect to Firebird database. Hi all I'm lost, I try to connect to a firebird database with the Jaybird jdbc. I have her the syntax of my page, because I don't now if it is tomcat, the JDBC or my page who is making the error. The error is at the bottom of this msg. So can some body tell me what is wrong here, or where to start. Thnx Richard ## Here is the syntax of my page ### %@ page contentType=text/html; charset=iso-8859-1 language=java import=java.sql.*, javax.naming.*,javax.sql.* errorPage= % html head titleUntitled Document/title meta http-equiv=Content-Type content=text/html; charset=iso-8859-1 /head body % Connection con; String databaseURL = jdbc:firebirdsql:192.168.0.115/3050:/home/firebird/data/employee.fdb; String user = sysdba; String password = richard; //String driverName = org.firebirdsql.jdbc.FBDriver; java.sql.Connection c = null; java.sql.Statement s = null; java.sql.ResultSet rs = null; //Load driver Class.forName(org.firebirdsql.jdbc.FBDriver); //Attempt to connect to a driver. c = DriverManager.getConnection(databaseURL, user, password); //Create a Statement object s = c.createStatement(); //java.sql.ResultSet result = stmt.executeQuery (select full_name from employee where salary 5); rs = s.executeQuery(SELECT * FROM SALES); % /table /body /html ## Error msg # Error: 500 Location: /connect3.jsp Internal Servlet Error: javax.servlet.ServletException at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:508) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:405) at org.apache.tomcat.core.Handler.service(Handler.java:287) at org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372) at org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:81 2) at org.apache.tomcat.core.ContextManager.service(ContextManager.java:758) at org.apache.tomcat.service.connector.Ajp12ConnectionHandler.processConnection (Ajp12ConnectionHandler.java:166) at org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416) at org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:501) at java.lang.Thread.run(Thread.java:484) Root cause: java.lang.NoClassDefFoundError at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:120) at _0002fconnect_00033_0002ejspconnect3_jsp_20._jspService(_0002fconnect_00033_ 0002ejspconnect3_jsp_20.java:82) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:119) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.jasper.servlet.JspServlet$JspCountedServlet.service(JspServlet.ja va:130) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.jasper.servlet.JspServlet$JspServletWrapper.service(JspServlet.ja va:282) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:429) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:500) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:405) at org.apache.tomcat.core.Handler.service(Handler.java:287) at org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372) at org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:81 2) at org.apache.tomcat.core.ContextManager.service(ContextManager.java:758) at org.apache.tomcat.service.connector.Ajp12ConnectionHandler.processConnection (Ajp12ConnectionHandler.java:166) at org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416) at org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:501) at java.lang.Thread.run(Thread.java:484) ### # - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL
Resource needed for bean:write!?
Hi. Running Tomcat 4.0.6 w. Struts 1.1. I have some JSP like the following: logic:iterate collection=%=dao.getItems()% id=bean type=... bean:write name=bean property=value/br/ /logic:iterate When I try to execute this, I get: javax.servlet.ServletException: Cannot find message resources under key org.apache.struts.action.MESSAGE at org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:471) ... Why? If I comment out the bean:write, it runs fine. I have no need of configuring resources (and thus none are present in my struts config file). Any way I can fool the WriteTag to not go alooking for resource bundles? :) Morten - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [HELP!] Which key alias names to use for SSL?
Update: I did a keytool -list with the -rfc options and discovered that all the certs *are* in fact there, but just that public/private key were bundled together under the same alias. The way it lists the certs by default is what confused me. HOWEVER, I uploaded the keystore to our server, set up server.xml, and restarted Tomcat, but every single secure connection I attempt just times out. I don't understand why this happens. Here's my server.xml SSL connector: !-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -- Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=8443 minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=true compression=on Factory className=org.apache.coyote.tomcat4.CoyoteServerSocketFactory clientAuth=false protocol=TLS keystorePass=changeit keystoreFile=conf/.keystore/ /Connector Btw, does anybody know how to secure the server.xml file? It contains some clear text passwords, so this really concerns me! (Yes, I know changeit is the default password even without specifying it here). Also, I don't currently have any security-contraints set in my web.xml. Thanks for any insights! Sonny From: Sonny Sukumar [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [HELP!] Which key alias names to use for SSL? Date: Sat, 11 Oct 2003 14:12:17 -0700 Hi Adam, Your first step was: # keytool -genkey -alias tomcat -keyalg RSA and your last step was: # keytool -import trustcacerts -file public.crt -alias tomcat So you used the same alias (tomcat) for both the private key and the signed public key. This is what doesn't work for me, because when I import the signed public key using the same (tomcat) alias, my private key gets overwritten. I've verified this using keytool list -keystore ./.keystore I also have the root cert from GeoTrust in there with alias root. The root cert is actually an Equifax cert valid from 1998 to 2018, but the GeoTrust tech support rep told me to use that one. Could this be the problem? Other ideas? Thanks, Sonny From: Adam Hardy [EMAIL PROTECTED] On 10/11/2003 09:08 PM Sonny Sukumar wrote: [I sent this once before, but got no response, and I'm not sure what to do. Thanks in advance.] Hi guys, I'm trying to setup my Tomcat (4.1.27) server to work with SSL. I got a CA-signed cert to go with my private key and CA root cert, but I'm confused as to how to name the alias for the CA-signed-cert and my private key. The Tomcat SSL How-To is confusing me, becuase it says to give the tomcat alias to both the private key and the CA-signed key. I tried it and it overwrote my private key (luckily I made a backup of my keystore). I'm looking at this documentation: http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl-howto.html It also doesn't seem possible to configure the alias names in server.xml. So what alias names should I use? :-) _ Instant message with integrated webcam using MSN Messenger 6.0. Try it now FREE! http://msnmessenger-download.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Share your photos without swamping your Inbox. Get Hotmail Extra Storage today! http://join.msn.com/?PAGE=features/es - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
FYIL My favoirete JSP tag is:
Here is my favorite tag: http://displaytag.sf.net and see examples (in upper right). Grid, Sorting, nested, group, export, everything you like, plus its free. Here is example code of how I used it: http://cvs.sourceforge.net/viewcvs.py/basicportal/bPproj/bP/WEB-INF/pgs/forums/ArticleLst.jsp You can view here run time by clicking here: http://basebeans.com/do/channelsPg Any better tags? -- Victor Cekvenich, Struts Instructor (215) 312-9146 Advanced Struts Training http://basebeans.com/do/cmsPg?content=TRAINING Server Side Java training with Rich UI, mentoring, designs, samples and project recovery in North East. Simple best practice basic Portal, a Struts CMS, Membership, Forums, Shopping and Credit processing, http://basicportal.com software, ready to develop/customize; requires a db to run. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [HELP!] Which key alias names to use for SSL?
2nd Update: --I reconfigured the SSL port from 8443 to 443 on our server (as well as the redirect port), and all of a sudden I can connect using SSL. I don't understand why 8443 didn't work. Any ideas?? --Now when I request static HTML pages, I get a browser alert saying that some of the info on the requested page is NOT encrypted, so it displays a lock broken in half instead of the golden lock I so desire. :-( I can't understand how a page would get partially encrypted--especially a static HTML page. I'm not sure if it's relevant, but I use Cocoon for the backend (2.1.2) in conjunction with Tomcat (4.1.27) on Linux (RedHat 7.3). Sonny From: Sonny Sukumar [EMAIL PROTECTED] Update: I did a keytool -list with the -rfc options and discovered that all the certs *are* in fact there, but just that public/private key were bundled together under the same alias. The way it lists the certs by default is what confused me. HOWEVER, I uploaded the keystore to our server, set up server.xml, and restarted Tomcat, but every single secure connection I attempt just times out. I don't understand why this happens. Here's my server.xml SSL connector: !-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -- Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=8443 minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=true compression=on Factory className=org.apache.coyote.tomcat4.CoyoteServerSocketFactory clientAuth=false protocol=TLS keystorePass=changeit keystoreFile=conf/.keystore/ /Connector Btw, does anybody know how to secure the server.xml file? It contains some clear text passwords, so this really concerns me! (Yes, I know changeit is the default password even without specifying it here). Also, I don't currently have any security-contraints set in my web.xml. Thanks for any insights! Sonny From: Sonny Sukumar [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [HELP!] Which key alias names to use for SSL? Date: Sat, 11 Oct 2003 14:12:17 -0700 Hi Adam, Your first step was: # keytool -genkey -alias tomcat -keyalg RSA and your last step was: # keytool -import trustcacerts -file public.crt -alias tomcat So you used the same alias (tomcat) for both the private key and the signed public key. This is what doesn't work for me, because when I import the signed public key using the same (tomcat) alias, my private key gets overwritten. I've verified this using keytool list -keystore ./.keystore I also have the root cert from GeoTrust in there with alias root. The root cert is actually an Equifax cert valid from 1998 to 2018, but the GeoTrust tech support rep told me to use that one. Could this be the problem? Other ideas? Thanks, Sonny From: Adam Hardy [EMAIL PROTECTED] On 10/11/2003 09:08 PM Sonny Sukumar wrote: [I sent this once before, but got no response, and I'm not sure what to do. Thanks in advance.] Hi guys, I'm trying to setup my Tomcat (4.1.27) server to work with SSL. I got a CA-signed cert to go with my private key and CA root cert, but I'm confused as to how to name the alias for the CA-signed-cert and my private key. The Tomcat SSL How-To is confusing me, becuase it says to give the tomcat alias to both the private key and the CA-signed key. I tried it and it overwrote my private key (luckily I made a backup of my keystore). I'm looking at this documentation: http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl-howto.html It also doesn't seem possible to configure the alias names in server.xml. So what alias names should I use? :-) _ Instant message with integrated webcam using MSN Messenger 6.0. Try it now FREE! http://msnmessenger-download.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Share your photos without swamping your Inbox. Get Hotmail Extra Storage today! http://join.msn.com/?PAGE=features/es - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Frustrated with dial-up? Get high-speed for as low as $29.95/month (depending on the local service providers in your area). https://broadband.msn.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: form-based authentication session.invalidate
Hmm. I always thought that when using the SSO valve, logging out of one
webapp automatically logs you out of all webapps.
The 5 code looks broken based on *very quick* inspection compared to 4.1
based on lines 304-308.
if ( event.getData() != null
logout.equals( event.getData().toString() )) {
// logout of all applications
deregister(ssoId);
} else {
// invalidate just one session
deregister(ssoId, session);
}
I haven't been able to locate how logout can be a value in a SessionEvent.
-Tim
Adam Hardy wrote:
I have just figured out that the SSO in JSESSIONIDSSO stands for
single-sign-on.
I have the following JSP:
remote user %=request.getRemoteUser() % in
session %= session.getId() %
%
session.invalidate();
%
and after doing a login, I saw I got JSESSIONID and JSESSIONIDSSO
cookies. I then go to a second site on my tomcat and get a second
JSESSIONID without having to do a login coz of SSO.
Now going to this page which has the stuff above, and refreshing over
and over always showed the following:
remote user adam in session EB2543D909D52551EA58C77E963CDD17
remote user adam in session EA33F35CCB3D1205A88226029C65939C
remote user adam in session 8814C0365D3F0BDD97B1DE9B7EAECD17
remote user adam in session 1B7F0424190985F24A294EA2344888C5
I see the JSESSIONIDSSO cookie is keeping my remoteUser info active.
This shouldn't be the case I'm sure. If I delete the SSO cookie in
mozilla, I get a login request on my next request.
Also if I only login to one site, even though I get the SSO cookie, when
I invalidate the session, I immediately get a login request. Strange.
This is not correct behaviour for tomcat, is it?
Adam
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Apache+Tomcat with mod_jk on OS X
HELP ever since the big virus ive been plagued with emails from thei comapny or whatever it is.. i get at least 800 a day and i can t make them stop.. i dont know what you are all are talkingabout and i really dont care.. i cant seem to unsubscribe successfully HELP!! i want my email inbox back! Trinity Jacobs. __ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [HELP!] Which key alias names to use for SSL?
Sonny Sukumar [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] 2nd Update: --I reconfigured the SSL port from 8443 to 443 on our server (as well as the redirect port), and all of a sudden I can connect using SSL. I don't understand why 8443 didn't work. Any ideas?? There is a well-know bug in MSIE related to security-constraints, but that doesn't seem to apply here. --Now when I request static HTML pages, I get a browser alert saying that some of the info on the requested page is NOT encrypted, so it displays a lock broken in half instead of the golden lock I so desire. :-( I can't understand how a page would get partially encrypted--especially a static HTML page. This means that the page has links to pages with 'http://server/folder/file; in it. It could be images or stylesheets or anything else that gets included. Usually the easiest is to change all of your resource references to be relative (so the browser requests them with the same protocol as the main page). If you are including images from third-party servers that don't support SSL (or even if they do :), you should consider re-negotiating your contract with them. I'm not sure if it's relevant, but I use Cocoon for the backend (2.1.2) in conjunction with Tomcat (4.1.27) on Linux (RedHat 7.3). Sonny From: Sonny Sukumar [EMAIL PROTECTED] Update: I did a keytool -list with the -rfc options and discovered that all the certs *are* in fact there, but just that public/private key were bundled together under the same alias. The way it lists the certs by default is what confused me. HOWEVER, I uploaded the keystore to our server, set up server.xml, and restarted Tomcat, but every single secure connection I attempt just times out. I don't understand why this happens. Here's my server.xml SSL connector: !-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -- Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=8443 minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=true compression=on Factory className=org.apache.coyote.tomcat4.CoyoteServerSocketFactory clientAuth=false protocol=TLS keystorePass=changeit keystoreFile=conf/.keystore/ /Connector Btw, does anybody know how to secure the server.xml file? It contains some clear text passwords, so this really concerns me! (Yes, I know changeit is the default password even without specifying it here). Also, I don't currently have any security-contraints set in my web.xml. Thanks for any insights! Sonny From: Sonny Sukumar [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [HELP!] Which key alias names to use for SSL? Date: Sat, 11 Oct 2003 14:12:17 -0700 Hi Adam, Your first step was: # keytool -genkey -alias tomcat -keyalg RSA and your last step was: # keytool -import trustcacerts -file public.crt -alias tomcat So you used the same alias (tomcat) for both the private key and the signed public key. This is what doesn't work for me, because when I import the signed public key using the same (tomcat) alias, my private key gets overwritten. I've verified this using keytool list -keystore ./.keystore I also have the root cert from GeoTrust in there with alias root. The root cert is actually an Equifax cert valid from 1998 to 2018, but the GeoTrust tech support rep told me to use that one. Could this be the problem? Other ideas? Thanks, Sonny From: Adam Hardy [EMAIL PROTECTED] On 10/11/2003 09:08 PM Sonny Sukumar wrote: [I sent this once before, but got no response, and I'm not sure what to do. Thanks in advance.] Hi guys, I'm trying to setup my Tomcat (4.1.27) server to work with SSL. I got a CA-signed cert to go with my private key and CA root cert, but I'm confused as to how to name the alias for the CA-signed-cert and my private key. The Tomcat SSL How-To is confusing me, becuase it says to give the tomcat alias to both the private key and the CA-signed key. I tried it and it overwrote my private key (luckily I made a backup of my keystore). I'm looking at this documentation: http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl-howto.html It also doesn't seem possible to configure the alias names in server.xml. So what alias names should I use? :-) _ Instant message with integrated webcam using MSN Messenger 6.0. Try it now FREE! http://msnmessenger-download.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Share your photos without
Re: [HELP!] Which key alias names to use for SSL?
3rd update: For the 2nd issue below, I had some http references in my static html file--that's why I was getting the message about the page having unencrypted elements on it. :-) I still haven't figured out the 1st issue regarding ports 443/8443, but 443 is the one I want anyhow, so it's not critical that I figure that out (although I'm curious!) Sonny From: Sonny Sukumar [EMAIL PROTECTED] 2nd Update: --I reconfigured the SSL port from 8443 to 443 on our server (as well as the redirect port), and all of a sudden I can connect using SSL. I don't understand why 8443 didn't work. Any ideas?? --Now when I request static HTML pages, I get a browser alert saying that some of the info on the requested page is NOT encrypted, so it displays a lock broken in half instead of the golden lock I so desire. :-( I can't understand how a page would get partially encrypted--especially a static HTML page. I'm not sure if it's relevant, but I use Cocoon for the backend (2.1.2) in conjunction with Tomcat (4.1.27) on Linux (RedHat 7.3). Sonny From: Sonny Sukumar [EMAIL PROTECTED] Update: I did a keytool -list with the -rfc options and discovered that all the certs *are* in fact there, but just that public/private key were bundled together under the same alias. The way it lists the certs by default is what confused me. HOWEVER, I uploaded the keystore to our server, set up server.xml, and restarted Tomcat, but every single secure connection I attempt just times out. I don't understand why this happens. Here's my server.xml SSL connector: !-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -- Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=8443 minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=true compression=on Factory className=org.apache.coyote.tomcat4.CoyoteServerSocketFactory clientAuth=false protocol=TLS keystorePass=changeit keystoreFile=conf/.keystore/ /Connector Btw, does anybody know how to secure the server.xml file? It contains some clear text passwords, so this really concerns me! (Yes, I know changeit is the default password even without specifying it here). Also, I don't currently have any security-contraints set in my web.xml. Thanks for any insights! Sonny From: Sonny Sukumar [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [HELP!] Which key alias names to use for SSL? Date: Sat, 11 Oct 2003 14:12:17 -0700 Hi Adam, Your first step was: # keytool -genkey -alias tomcat -keyalg RSA and your last step was: # keytool -import trustcacerts -file public.crt -alias tomcat So you used the same alias (tomcat) for both the private key and the signed public key. This is what doesn't work for me, because when I import the signed public key using the same (tomcat) alias, my private key gets overwritten. I've verified this using keytool list -keystore ./.keystore I also have the root cert from GeoTrust in there with alias root. The root cert is actually an Equifax cert valid from 1998 to 2018, but the GeoTrust tech support rep told me to use that one. Could this be the problem? Other ideas? Thanks, Sonny From: Adam Hardy [EMAIL PROTECTED] On 10/11/2003 09:08 PM Sonny Sukumar wrote: [I sent this once before, but got no response, and I'm not sure what to do. Thanks in advance.] Hi guys, I'm trying to setup my Tomcat (4.1.27) server to work with SSL. I got a CA-signed cert to go with my private key and CA root cert, but I'm confused as to how to name the alias for the CA-signed-cert and my private key. The Tomcat SSL How-To is confusing me, becuase it says to give the tomcat alias to both the private key and the CA-signed key. I tried it and it overwrote my private key (luckily I made a backup of my keystore). I'm looking at this documentation: http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl-howto.html It also doesn't seem possible to configure the alias names in server.xml. So what alias names should I use? :-) _ Instant message with integrated webcam using MSN Messenger 6.0. Try it now FREE! http://msnmessenger-download.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Share your photos without swamping your Inbox. Get Hotmail Extra Storage today! http://join.msn.com/?PAGE=features/es - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Frustrated with dial-up? Get
Re: [HELP!] Which key alias names to use for SSL?
From: Bill Barker [EMAIL PROTECTED] --I reconfigured the SSL port from 8443 to 443 on our server (as well as the redirect port), and all of a sudden I can connect using SSL. I don't understand why 8443 didn't work. Any ideas?? There is a well-know bug in MSIE related to security-constraints, but that doesn't seem to apply here. Hmm, what's that bug? I'd like to know because I next plan to implement some security-constraints to prevent insecure access to certain pages and sets of pages. _ Frustrated with dial-up? Get high-speed for as low as $29.95/month (depending on the local service providers in your area). https://broadband.msn.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[OT] Re: Question about the Petstore's SignOnFilter class
It is also off-topic, since Petstore is maintained by Sun, not Jakarta. Steve Raeburn [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] IMHO sign in and sign on are equivalent. To register is, well, register :-) The only suggestion I would make is that you use Sign in/Sign out or Sign on/Sign off consistently. Steve -Original Message- From: Julien Martin [mailto:[EMAIL PROTECTED] Sent: October 11, 2003 6:17 AM To: Tomcat Users List Subject: Question about the Petstore's SignOnFilter class Hello Ralph, I am not a native english speaker either. I thought that to sign on meant to register and to sign in meant to authenticate oneself. Can anyone help? Julien. - Original Message - From: Ralph Einfeldt [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Saturday, October 11, 2003 2:37 PM Subject: RE: Question about the Petstore's SignOnFilter class What is the difference for you between singing in and on ? For me as non native english speaker SignIn and SignOn are equivalent. The opposite is SignOff. -Original Message- From: Julien Martin [mailto:[EMAIL PROTECTED] Sent: Saturday, October 11, 2003 1:52 PM To: Tomcat Users List Subject: Question about the Petstore's SignOnFilter class I am going through the Petstore's SignOnFilter class and I am wondering why it has been named SignOnFilter and not Thanks in advance for your replies. Julien. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: FYIL My favoirete JSP tag is:
On Sat, October 11, 2003 at 3:52 pm, Vic Cekvenich sent the following Here is my favorite tag: http://displaytag.sf.net and see examples (in upper right). Grid, Sorting, nested, group, export, everything you like, plus its free. Thanks for the heads up on this, it will save me loads of time! -Dave - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat JDBCRealm And security-constraint in the web.xml
My applications behave wierd after I configured the JDBCRealm. After experimenting in many different ways, I found that as long as I have the JDBCRealm in the server.xml, the Tomcat does not accept security-constraint specified in the application's web.xml file. Please help me. My configuration in the $TOMCAT_HOME/conf/sever.xml is shown below: Engine Host Context Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=com.mysql.jdbc.Driver connectionURL=jdbc:mysql://localhost:3306/artimus user=javauserpassword=javadude userTable=members userNameCol=user_name userCredCol=user_password userRoleTable=user_roles roleNameCol=user_role/ /Context /Host /Engine What happened is: First, I have an application artimus_1_1 that had worked well before JDBCRealm was inserted in the server.xml. Now, whenever I run the same application, I get: HTTP Status 404 -/artimus_1_1 description: The requested resource(/artimus_1_1) is not availabe. The web.xml of the application artimus_1_1 has security-constraint element in it and uses BASIC to authenticate users (i.e. the roles of the users are stored in the $TOMCAT_HOME/conf/tomcat-users.xml.) Second, I am working on another application. And I want to user FORM-based container-managed authentication for this application. I had login-config auth-methodFORM/auth-method form-login-config form-login-page/signin/logon.jsp/form-login-page form-error-page/signin/logon.jsp?error=true/form-error-page /form-login-config /login-config in the web.xml file and I had JDBCRealm in the $TOMCAT_HOME/conf/server.xml. I was able to display the welcome page. Thereafter,I inserted security-constraint preceding the login-config element, and inserted security-role following the login-config element. The application stops functioning. I get: HTTP Status 404 -/PracticeVersion description: The requested resource(/PracticeVersion) is not availabe. in the browser, and I have this message in the Tomcat log file (the Tomcat log file can be found in the attachment): LifecycleException: Container StandardContext[/PracticeVersion] has not been started This is what my PracticeVersion/WEB-INF/web.xml looks like when the problem happens (nothing is wrong with the specification and order of the tags): security-constraint web-resource-collection web-resource-nameAdministrative/web-resource-name !-- The URLs to protect -- url-pattern/do/admin/*/url-pattern /web-resource-collection auth-constraint !-- The authorized users -- role-nameadministrator/role-name role-nameeditor/role-name role-namecontributor/role-name role-nameadvisor/role-name /auth-constraint /security-constraint login-config auth-methodFORM/auth-method form-login-config form-login-page/signin/logon.jsp/form-login-page form-error-page/signin/error.jsp/form-error-page /form-login-config /login-config security-role role-nameadministrator/role-name /security-role security-role role-nameadvisor/role-name /security-role security-role role-nameeditor/role-name /security-role security-role role-namecontributor/role-name /security-role __ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com2003-10-11 22:30:16 WebappLoader[]: Deploying class repositories to work directory C:\jakarta-tomcat-4.1.18-LE-jdk14\work\Standalone\localhost\_ 2003-10-11 22:30:16 WebappLoader[]: Deploy class files /WEB-INF/classes to C:\jakarta-tomcat-4.1.18-LE-jdk14\webapps\ROOT\WEB-INF\classes 2003-10-11 22:30:16 StandardManager[]: Seeding random number generator class java.security.SecureRandom 2003-10-11 22:30:16 StandardManager[]: Seeding of random number generator has been completed 2003-10-11 22:30:16 StandardWrapper[:default]: Loading container servlet default 2003-10-11 22:30:16 StandardWrapper[:invoker]: Loading container servlet invoker 2003-10-11 22:30:16 HostConfig[localhost]: Deploying configuration descriptor admin.xml 2003-10-11 22:30:17 HostConfig[localhost]: Deploying configuration descriptor manager.xml 2003-10-11 22:30:17 WebappLoader[/manager]: Deploying class repositories to work directory C:\jakarta-tomcat-4.1.18-LE-jdk14\work\Standalone\localhost\manager 2003-10-11 22:30:17 ContextConfig[/manager]: No Realm has been configured to authenticate against 2003-10-11 22:30:17 ContextConfig[/manager]: Marking this application unavailable due to previous error(s) 2003-10-11 22:30:17 StandardManager[/manager]: Seeding random number generator class java.security.SecureRandom 2003-10-11 22:30:17 StandardManager[/manager]: Seeding of random number generator has been completed 2003-10-11 22:30:18 StandardContext[/manager]: Context startup failed due to previous errors 2003-10-11 22:30:18 HostConfig[localhost]: Expanding web
