RE: Win2003 server, IIS 6 tomcat 5. setup (isapi_redirect) - resolved
Quoting from http://jakarta.apache.org/tomcat/connectors-doc/config/workers.html The workers that are member of load balancer must not appear in the worker.list directive. If your are not using load balancing, you should be able to remove configuration for worker.loadbalancer.XXX Values in worker.list, should not appear in worker.loadbalancer.balanced_workers (or worker.loadbalancer.balance_workers) - Jim -Original Message- From: reynir [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 12:19 AM To: Tomcat Users List Subject: Win2003 server, IIS 6 tomcat 5. setup (isapi_redirect) - resolved Hi all, I've just installed a setup with Win2003 server, IIS 6 (the default 2003 server) and tomcat. I tried this before, and failed but now I succeeded. I know there are more people dealing with the same env. setup. So if you are having problems with this kind of setup you can read all about my solution at : http://www.reynir.net/java/greinar/nr/52 ok, hope it will help someone. Reynir Hübner [EMAIL PROTECTED] The information in this email is confidential and is intended solely for the addressee(s). Access to this email by anyone else is unauthorized. If you are not an intended recipient, please notify the sender of this email immediately. You should not copy, use or disseminate the information contained in the email. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Capco. http://www.capco.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Applying HttpServletResponse.encodeURL to a mailto url
I'm running Tomcat 5.0.16 under Java 1.4.2_05. I have a general url encoding setup to encode any urls it finds before serializing the dom. It does this by calling the HttpServletResponse encodeURL() on all anchor hrefs and form actions. The problem is that when it comes to a url such as: mailto:[EMAIL PROTECTED] to the mailing listbody=Subscribe to the mailing list Tomcat tries to add a jsessionid: mailto:[EMAIL PROTECTED];jsessionid=CB3CAC6C29BE579847BCDDE48CF0670D?subject=subscribe%20to%20the%20mailing%20listbody=Subscribe%20to%20the%20mailing%20list I would have thought that Tomcat's encoder would leave the url alone if it's a mailto, since there'd be no reason to preserve a session through email. If I click on the resulting link, my mail program assumes that I'm sending mail to [EMAIL PROTECTED];jsessionid=CB3CAC6C29BE579847BCDDE48CF0670D and this of course causes the mail server to choke. Is this a bug in Tomcat, or should I be setting something to make it behave differently for mailto urls? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Where is the admin pkg for tomcat 5.5?
When I click on Tomcat Administration I get this message: Tomcat's administration web application is no longer installed by default. Download and install the admin package to use it. I have spend hours of unproductive time on the http://jakarta.apache.org/tomcat/ web site trying to locate this admin package to download. Where is it, if it exists? Richard J. Airhart Computer Software Specialist Ex: 25605 Mailto:[EMAIL PROTECTED] or Mailto:[EMAIL PROTECTED] http://oit.uta.edu/bcs/PCBusApps/deptapps.html Office of Information Technology Enterprise Information Services B-36i Davis Hall University of Texas @ Arlington B0x 19318 Arlington, TX 76019 Voice: 817-272-5605 Fax: 917-272-5800
Re: Where is the admin pkg for tomcat 5.5?
It is here. If you followed binary download link you could locate it. http://jakarta.apache.org/site/downloads/downloads_tomcat-5.cgi On Tue, 22 Mar 2005 23:36:37 -0600, Airhart, Richard J [EMAIL PROTECTED] wrote: When I click on Tomcat Administration I get this message: Tomcat's administration web application is no longer installed by default. Download and install the admin package to use it. I have spend hours of unproductive time on the http://jakarta.apache.org/tomcat/ web site trying to locate this admin package to download. Where is it, if it exists? Richard J. Airhart Computer Software Specialist Ex: 25605 Mailto:[EMAIL PROTECTED] or Mailto:[EMAIL PROTECTED] http://oit.uta.edu/bcs/PCBusApps/deptapps.html Office of Information Technology Enterprise Information Services B-36i Davis Hall University of Texas @ Arlington B0x 19318 Arlington, TX 76019 Voice: 817-272-5605 Fax: 917-272-5800 -- rgds Antony Paul http://www.geocities.com/antonypaul24/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: DIGEST authentication; Does it work??
So at 3:00 AM I decided to read the Basic and Digest Access Authentication spec (RFC 2617), and it says that MD5 is the default hash algorithm. I had previously seen that Tomcat wasn't sending any response headers explicitly specifying the hash algorithm, even though I had specified SHA in the realm/ element in Server.xml. So I changed my digest algorithm for the realm to MD5, and DIGEST authentication is now working. I'd like to make it work with SHA-1. I've looked all through the Tomcat documentation, and I can't find a configuration parameter to set the www-authenticate response header to indicate SHA-1 algorithm for the digest. I see the API that supports this in org.apache.catalina.authenticator.DigestAuthenticator ( setAuthenticateHeader() ), but I can't find a configuration parameter that will determine the value for algorithm passed to this method. Does anyone know how I can set this?* * -Mark Mark Leone wrote: I found a silly classpath error that fixed the problem using RealmBase. I didn't realize that my system still had environment variable %catalina_home% pointing to an old tomcat 4.1.24 directory. So when I opened a command window to generate digest values I was executing RealmBase in tomcat 4.1.24. But guess what. When I digest the same info with the same algorithm specifier (SHA) in Tomcat 4.1.24 and Tomcat 5.5.8 I get different digest values. And DIGEST authentication still doesn't work, in either case. Something very strange is going on here. :( -Mark Mark Leone wrote: Okay, I was using 5.5.7. So I just downloaded the source and built 5.5.8, and things got worse. Digest authentication is not working for me. I believe I've set everything up correctly. Using an HTTP monitor I see a 401 response coming back from Tomcat with a www-authenticate header whose parameters specify digest authentication and identify the realm as JDBCRealm. And I have a digested password that I created by digesting {username}:JDBCRealm:{password} (including the colons- is that correct?), as directed in the how-to documentation. But when I enter that username and password, the authentication fails. Now I used SHA-1 to digest the password, and my realm/ element in Server.xml identifies SHA as the digest algorithm for digesting passwords. Does this mean that the DIGEST authentication will also be done using SHA-1? Or do I need to specify that somewhere? Am I missing something else? I said it got worse with 5.5.8 because now I can't even get RealmBase to generate a digested password. I enter java -cp %catalina_home%\server\lib\catalina.jar org.apache.catalina.realm.RealmBase -a SHA {username}:JDBCRealm:{password} and I get: Exception in thread main java.lang.NoClassDefFoundError: org/apache/commons/lo gging/LogFactory at org.apache.catalina.realm.RealmBase.clinit(RealmBase.java:69) So it's finding RealmBase, but while executing that code it fails to find LogFactory. I don't see an org\apache\commons path in any of the class directories generated during the build. Do I have a defective build? Was I supposed to download something else? -Mark Mark Thomas wrote: Yes it does. I tested this extensively with both IE and Firefox. Any combination of the following is OK: Auth:BASIC, FORM, DIGEST Realm:Memory, UserDatabase, JDBC, DataSource Passwords:Cleartext, digested There is a complication when using digested passwords with the digest realm. You need to be using 4.1.x from CVS HEAD or 5.5.8+ For more info see: http://jakarta.apache.org/tomcat/tomcat-5.5-doc/realm-howto.html Mark Mark Leone wrote: I'm trying to use DIGEST authentication with Tomcat, and it doesn't seem to work. I found some articles with Google about IE implementing DIGEST authentication in a way that only worked with MS servers, and I assume that hasn't been corrected. But I'm also using Firefox with the same results as IE. I saw an article about a workaround in Apache server to make DIGEST authentication work with IE, but I didn't see anything about Tomcat. Anyone know of any way to get DIGEST authentication in Tomcat to work with ANY browser? I should mention that I'm also using digested passwords in a JDBC Realm (implemented with mySQL), and I followed the how-to instructions for creating digested passwords to work with DIGEST authentication. And authentication with JDBCRealm works fine when I use BASIC authentication. For the record, I put the following in the Host element in Server.xml Context path=/MyApp docBase=MyApp Valve className=org.apache.catalina.authenticator.DigestAuthenticator disableProxyCaching=false / /Context I put the following in Server.xml's Engine element Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=com.mysql.jdbc.Driver connectionURL=jdbc:mysql:///Tomcat_RealmuserTable=users userNameCol=user_name userCredCol=user_pass userRoleTable=user_roles roleNameCol=role_name digest=SHA/ And I put
Re: Win2003 server, IIS 6 tomcat 5. setup (isapi_redirect) - resolved
ok thanx for your comments. I will add this in a footnote of the page. -reynir Sng Wee Jim wrote: Quoting from http://jakarta.apache.org/tomcat/connectors-doc/config/workers.html The workers that are member of load balancer must not appear in the worker.list directive. If your are not using load balancing, you should be able to remove configuration for worker.loadbalancer.XXX Values in worker.list, should not appear in worker.loadbalancer.balanced_workers (or worker.loadbalancer.balance_workers) - Jim -Original Message- From: reynir [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 12:19 AM To: Tomcat Users List Subject: Win2003 server, IIS 6 tomcat 5. setup (isapi_redirect) - resolved Hi all, I've just installed a setup with Win2003 server, IIS 6 (the default 2003 server) and tomcat. I tried this before, and failed but now I succeeded. I know there are more people dealing with the same env. setup. So if you are having problems with this kind of setup you can read all about my solution at : http://www.reynir.net/java/greinar/nr/52 ok, hope it will help someone. Reynir Hübner [EMAIL PROTECTED] The information in this email is confidential and is intended solely for the addressee(s). Access to this email by anyone else is unauthorized. If you are not an intended recipient, please notify the sender of this email immediately. You should not copy, use or disseminate the information contained in the email. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Capco. http://www.capco.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Defining authorization problem
Hello ! I have a quite simple problem, but I cannot find doc about it ... It's actually more a general servlet quiestion than directly Tomcat related, but ... I would like to protect all my servlets except 1 or 2 ... something like : url-pattern/*/url-pattern exclude/someServlet/exclude Is this possible ? What's the syntax ? Thanks for your help ! Guillaume -- Guillaume Lederrey Informaticien Développement Tecost - Technology Consulting Studies Fribourg (Switzerland) http://www.tecost.ch/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Defining authorization problem
Guillaume Lederrey wrote: Hello ! I have a quite simple problem, but I cannot find doc about it ... It's actually more a general servlet quiestion than directly Tomcat related, but ... I would like to protect all my servlets except 1 or 2 ... something like : url-pattern/*/url-pattern exclude/someServlet/exclude Is this possible ? What's the syntax ? Thanks for your help ! Guillaume exclude-pattern/someServlet/exclude-pattern -- Geertjan - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Defining authorization problem
On Wednesday 23 March 2005 10.29, Geertjan Wielenga wrote: I would like to protect all my servlets except 1 or 2 ... something like : url-pattern/*/url-pattern exclude/someServlet/exclude Is this possible ? What's the syntax ? exclude-pattern/someServlet/exclude-pattern -- Geertjan S easy ! How come I couldnt find it ? Thanks a lot ! Guillaume -- Guillaume Lederrey Informaticien Développement Tecost - Technology Consulting Studies Fribourg (Switzerland) http://www.tecost.ch/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Defining authorization problem
On Wednesday 23 March 2005 10.29, Geertjan Wielenga wrote: I would like to protect all my servlets except 1 or 2 ... something like : url-pattern/*/url-pattern exclude/someServlet/exclude Is this possible ? What's the syntax ? Thanks for your help ! Guillaume exclude-pattern/someServlet/exclude-pattern I forgot to mention that I am using Tomcat 4.1.31 ... It seems that exclude-pattern/ is not recognized. Is it a Servlet 2.4 addition ? Is there a work around for Servlet 2.3 ? Thanks again ! Guillaume -- Guillaume Lederrey Informaticien Développement Tecost - Technology Consulting Studies Fribourg (Switzerland) http://www.tecost.ch/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Defining authorization problem
Guillaume Lederrey wrote: On Wednesday 23 March 2005 10.29, Geertjan Wielenga wrote: I would like to protect all my servlets except 1 or 2 ... something like : url-pattern/*/url-pattern exclude/someServlet/exclude Is this possible ? What's the syntax ? exclude-pattern/someServlet/exclude-pattern -- Geertjan S easy ! How come I couldnt find it ? Thanks a lot ! Guillaume No problem. I didn't know the answer either, but I thought the question was quite interesting, and so I went to Google and typed in something like exclude servlet URL-pattern and had the answer in 5 seconds. Wonderful thing, Google. -- Gj - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
replacing ROOT
Hi! I'm probably just stupid but I fail to replace the ROOT-context with my own application. I've tried to put path=/ and path= but nothing of those override the default ROOT-context. I've also seen in server.xml that the part that would define ROOT is commented out. This is tomcat 4.1.31. Any ideas? -- Andreas Andersson IT Dept. Travelstart Nordic [EMAIL PROTECTED] http://www.travelstart.se - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
singlesignon problem
Hi, I try to implement signlesignon under Jonas-Tomcat 4.3.3, I d'like to use SSO with two webapps but there are five webapps. I want to specify that I want to use SSO with only two webapps. I try to specify in the webapp context of server.xml the SSO valve : Context className=org.objectweb.jonas.web.catalina50.JOnASStandardContext path=/myWebapp docBase= debug=0 Realm className=org.objectweb.jonas.security.realm.web.catalina50.Standard debug=99 resourceName=dsrlm_jiap_1/ Valve className=org.apache.catalina.authenticator.SingleSignOn debug=0/ /Context Context className=org.objectweb.jonas.web.catalina50.JOnASStandardContext path=/myAdminWebapp docBase= debug=0 Realm className=org.objectweb.jonas.security.realm.web.catalina50.Standard debug=99 resourceName=dsrlm_jiap_1/ Valve className=org.apache.catalina.authenticator.SingleSignOn debug=0/ /Context But this solution doesn't work. So I dl'ike to know if somoene have a exemple or a solution of SSO which work with specified webapps. Best regards Jabouille Jean Charles
jsp imports
Tomcat 5.0.28 In my index.jsp file I have %@ page import=sessionData% % sessionData s = new sessionData(); s.clrSession(session, index.jsp); % And I get the error, Cannot resolve symbol 'sessionData'. It is not in a package. What syntax must I use to locate the class please? Or is it required to be packaged? Regards DaveP. snip here *
Re: jsp imports
It must be in a package. -Tim Pawson, David wrote: Tomcat 5.0.28 In my index.jsp file I have %@ page import=sessionData% % sessionData s = new sessionData(); s.clrSession(session, index.jsp); % And I get the error, Cannot resolve symbol 'sessionData'. It is not in a package. What syntax must I use to locate the class please? Or is it required to be packaged? Regards DaveP. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: jsp imports
-Original Message- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: 23 March 2005 11:31 To: Tomcat Users List Subject: Re: jsp imports It must be in a package. thanks Tim. Is there any logic in that? If tomcat searches %servlet%/WEB-INF/classes/package/class why can't it search without the package layer? Ah well. regards DaveP - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: url of caller?
On Wed, Mar 23, 2005 at 07:56:01AM -, Pawson, David wrote: : for this use, internal to my organisation, Norton isn't installed : luckily! : : Another Gotcha worth noting though, thanks Mark. This may have been mentioned already, but some browsers can be configured to not provide referrer information (for privacy reasons). Like anything else that can be disabled by the end-user, be careful about code that assumes the referrer field is available. -QM -- software -- http://www.brandxdev.net/ tech news -- http://www.RoarNetworX.com/ code scan -- http://www.JxRef.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: jsp imports
On Wed, Mar 23, 2005 at 11:49:38AM -, Pawson, David wrote: : Is there any logic in that? :If tomcat searches %servlet%/WEB-INF/classes/package/class :why can't it search without the package layer? It's got naught to do with a Tomcat failing; packageless classes are considered a poor programming practice. As such, they're not allowed under servlet spec 2.4. Is this question in the wiki/FAQ? (I can't check right now.) It seems to come up often enough. -QM -- software -- http://www.brandxdev.net/ tech news -- http://www.RoarNetworX.com/ code scan -- http://www.JxRef.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: jsp imports
The java file generated by the JSP is in a package. The java lanaguage disallows a packageless class if you are in a package. -Tim Pawson, David wrote: -Original Message- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: 23 March 2005 11:31 To: Tomcat Users List Subject: Re: jsp imports It must be in a package. thanks Tim. Is there any logic in that? If tomcat searches %servlet%/WEB-INF/classes/package/class why can't it search without the package layer? Ah well. regards DaveP - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: replacing ROOT
Hello, In server.xml just comment original root context entry, and write your new context. Eg.- Original Entry - !--Context path= docBase=webapps/ROOT debug=0 reloadable=true /Context-- New Entry - Context path=/ docBase=physical path for source files debug=0 reloadable=true /Context -- Rajesh Bagade -Original Message- From: Andreas Andersson [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 3:31 PM To: tomcat-user@jakarta.apache.org Subject: replacing ROOT Hi! I'm probably just stupid but I fail to replace the ROOT-context with my own application. I've tried to put path=/ and path= but nothing of those override the default ROOT-context. I've also seen in server.xml that the part that would define ROOT is commented out. This is tomcat 4.1.31. Any ideas? -- Andreas Andersson IT Dept. Travelstart Nordic [EMAIL PROTECTED] http://www.travelstart.se - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.7.4 - Release Date: 3/18/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.7.4 - Release Date: 3/18/2005 -- iota technologies limited, pune, india - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: replacing ROOT
Rajesh Bagade wrote: In server.xml just comment original root context entry, and write your new context. The weird think is that that context is already commented and has been so since I installed tomcat. It looks like this. !-- Tomcat Root Context -- !-- Context path= docBase=ROOT debug=0/ -- When are the xml-files from /webapps read? -- Andreas Andersson IT Dept. Travelstart Nordic [EMAIL PROTECTED] http://www.travelstart.se - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
question about multiple instances and multiple domains
Hi all, I have successfully set up multiple tc instances on one server on differtent ports. so application 1 runs on 9100, application2 at 9110 and so on. It works fine when i type directly the portnumber after the ipaddress. What I want now is when someone is entering a domainname it goes directly to the appropiate application. e.g. www.application1.com goes to application 1 runs on 9100 and so on. How can I achieve this?? The second thing is that we closed the ports 9100 etc in the firewall so is it possible to go to the application on a different port when a http request on port 80 is coming in? Maarten - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: question about multiple instances and multiple domains
You have 2 ways (actually more, but I'm gonna suggest 2). Both involve running apache on port 80. 1) Run apache on port 80 and use JK to route the requests to the approrpriate tomcat. This involves some more config tweaks for your existing tomcat instance. 2) Run apache on port 80 and use mod_proxy to port back the the ip:port. -Tim Bedrijven.nl wrote: Hi all, I have successfully set up multiple tc instances on one server on differtent ports. so application 1 runs on 9100, application2 at 9110 and so on. It works fine when i type directly the portnumber after the ipaddress. What I want now is when someone is entering a domainname it goes directly to the appropiate application. e.g. www.application1.com goes to application 1 runs on 9100 and so on. How can I achieve this?? The second thing is that we closed the ports 9100 etc in the firewall so is it possible to go to the application on a different port when a http request on port 80 is coming in? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: question about multiple instances and multiple domains
And what if i don't want to use apache?? Maarten -Oorspronkelijk bericht- Van: Tim Funk [mailto:[EMAIL PROTECTED] Verzonden: Wednesday, March 23, 2005 1:12 PM Aan: Tomcat Users List Onderwerp: Re: question about multiple instances and multiple domains You have 2 ways (actually more, but I'm gonna suggest 2). Both involve running apache on port 80. 1) Run apache on port 80 and use JK to route the requests to the approrpriate tomcat. This involves some more config tweaks for your existing tomcat instance. 2) Run apache on port 80 and use mod_proxy to port back the the ip:port. -Tim Bedrijven.nl wrote: Hi all, I have successfully set up multiple tc instances on one server on differtent ports. so application 1 runs on 9100, application2 at 9110 and so on. It works fine when i type directly the portnumber after the ipaddress. What I want now is when someone is entering a domainname it goes directly to the appropiate application. e.g. www.application1.com goes to application 1 runs on 9100 and so on. How can I achieve this?? The second thing is that we closed the ports 9100 etc in the firewall so is it possible to go to the application on a different port when a http request on port 80 is coming in? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: question about multiple instances and multiple domains
Then you need another hardware (or software) solution which can proxy http requests. -Tim Bedrijven.nl wrote: And what if i don't want to use apache?? Maarten -Oorspronkelijk bericht- Van: Tim Funk [mailto:[EMAIL PROTECTED] Verzonden: Wednesday, March 23, 2005 1:12 PM Aan: Tomcat Users List Onderwerp: Re: question about multiple instances and multiple domains You have 2 ways (actually more, but I'm gonna suggest 2). Both involve running apache on port 80. 1) Run apache on port 80 and use JK to route the requests to the approrpriate tomcat. This involves some more config tweaks for your existing tomcat instance. 2) Run apache on port 80 and use mod_proxy to port back the the ip:port. -Tim Bedrijven.nl wrote: Hi all, I have successfully set up multiple tc instances on one server on differtent ports. so application 1 runs on 9100, application2 at 9110 and so on. It works fine when i type directly the portnumber after the ipaddress. What I want now is when someone is entering a domainname it goes directly to the appropiate application. e.g. www.application1.com goes to application 1 runs on 9100 and so on. How can I achieve this?? The second thing is that we closed the ports 9100 etc in the firewall so is it possible to go to the application on a different port when a http request on port 80 is coming in? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: question about multiple instances and multiple domains
From: Bedrijven.nl [mailto:[EMAIL PROTECTED] And what if i don't want to use apache?? Alternative approaches could include allocating each application its own IP address, ensuring that each Tomcat instance binds to port 80 on its own IP address. This assumes you have sufficient IP addresses available. Or, as Tim says, you need an alternative proxy. - Peter - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: question about multiple instances and multiple domains
how can I bind each ipaddress to port 80?? And how to assign a ipaddress to an application? Maarten -Oorspronkelijk bericht- Van: Peter Crowther [mailto:[EMAIL PROTECTED] Verzonden: Wednesday, March 23, 2005 1:17 PM Aan: Tomcat Users List Onderwerp: RE: question about multiple instances and multiple domains From: Bedrijven.nl [mailto:[EMAIL PROTECTED] And what if i don't want to use apache?? Alternative approaches could include allocating each application its own IP address, ensuring that each Tomcat instance binds to port 80 on its own IP address. This assumes you have sufficient IP addresses available. Or, as Tim says, you need an alternative proxy. - Peter - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: question about multiple instances and multiple domains
From: Bedrijven.nl [mailto:[EMAIL PROTECTED] how can I bind each ipaddress to port 80?? And how to assign a ipaddress to an application? 1. On paper, allocate an IP address range to your applications. Remember that if these apps are going to be accessed externally, you'll need a separate *external* IP for each app. Let's say that you have 5 apps, and have allocated 172.20.1.241 to .245 to them. 2. Configure your Tomcat server machine's network interface(s) to bind to all of these addresses. Details vary by OS. Ping the IPs and check that the server responds to each one (firewall permitting). 3. Configure your DNS so that www.application1.com points to the IP 172.20.1.241, application2.com to ...242, and so on. Ping the names and check that the server responds to each one (firewall permitting). 4. Add an 'address' attribute to each instance's connector in conf/server.xml (see, for example, http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/http.html ). Make sure it matches the application. So for application 1's instance, add 'address=172.20.1.241' to the connector. Start the instances. Use a browser to check that each application responds on its old port (9000, 9100 etc) but only on the IP address that you've assigned to it. 5. Stop the instances. Modify the 'port' attribute of each connector to 80. Start the instances. They should now all start on port 80; verify that you can connect to application 1 simply by typing http://www.application1.com . Note that the apps will no longer respond on localhost - they will *only* be available on their designated IP address. - Peter - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: replacing ROOT
Comment for context should start from same line where context line starts. It should be as follows !-- Context path= docBase=ROOT debug=0/ -- --Rajesh Bagade -Original Message- From: Andreas Andersson [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 5:33 PM To: Tomcat Users List Subject: Re: replacing ROOT Rajesh Bagade wrote: In server.xml just comment original root context entry, and write your new context. The weird think is that that context is already commented and has been so since I installed tomcat. It looks like this. !-- Tomcat Root Context -- !-- Context path= docBase=ROOT debug=0/ -- When are the xml-files from /webapps read? -- Andreas Andersson IT Dept. Travelstart Nordic [EMAIL PROTECTED] http://www.travelstart.se - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.7.4 - Release Date: 3/18/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.7.4 - Release Date: 3/18/2005 -- iota technologies limited, pune, india - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: question about multiple instances and multiple domains
do you have a good documentation set/link of how to do this?? I mean to install Apache and using JK or mod_proxy incombination of Tomcat. maarten -Oorspronkelijk bericht- Van: Tim Funk [mailto:[EMAIL PROTECTED] Verzonden: Wednesday, March 23, 2005 1:12 PM Aan: Tomcat Users List Onderwerp: Re: question about multiple instances and multiple domains You have 2 ways (actually more, but I'm gonna suggest 2). Both involve running apache on port 80. 1) Run apache on port 80 and use JK to route the requests to the approrpriate tomcat. This involves some more config tweaks for your existing tomcat instance. 2) Run apache on port 80 and use mod_proxy to port back the the ip:port. -Tim Bedrijven.nl wrote: Hi all, I have successfully set up multiple tc instances on one server on differtent ports. so application 1 runs on 9100, application2 at 9110 and so on. It works fine when i type directly the portnumber after the ipaddress. What I want now is when someone is entering a domainname it goes directly to the appropiate application. e.g. www.application1.com goes to application 1 runs on 9100 and so on. How can I achieve this?? The second thing is that we closed the ports 9100 etc in the firewall so is it possible to go to the application on a different port when a http request on port 80 is coming in? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: replacing ROOT
Comments in xml can start anywhere on or above the line you want commented out and end anywhere after. New lines are treated as whitespace and have no meaning when parsed. !-- Context ../Context -- is just as valid as !-- Context/Context -- Comments can't be nested, but that's a whole different ball of wax. --David Rajesh Bagade wrote: Comment for context should start from same line where context line starts. It should be as follows !-- Context path= docBase=ROOT debug=0/ -- --Rajesh Bagade -Original Message- From: Andreas Andersson [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 5:33 PM To: Tomcat Users List Subject: Re: replacing ROOT Rajesh Bagade wrote: In server.xml just comment original root context entry, and write your new context. The weird think is that that context is already commented and has been so since I installed tomcat. It looks like this. !-- Tomcat Root Context -- !-- Context path= docBase=ROOT debug=0/ -- When are the xml-files from /webapps read? -- Andreas Andersson IT Dept. Travelstart Nordic [EMAIL PROTECTED] http://www.travelstart.se - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.7.4 - Release Date: 3/18/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.7.4 - Release Date: 3/18/2005 -- iota technologies limited, pune, india - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: jsp imports
-Original Message- From: QM :If tomcat searches %servlet%/WEB-INF/classes/package/class :why can't it search without the package layer? It's got naught to do with a Tomcat failing; I'm not 'blaming' Tomcat, just saying its a mismatch with standard java. packageless classes are considered a poor programming practice. As such, they're not allowed under servlet spec 2.4. Sounds like a 'sound' committee decision :-) That's a view I don't share. I'd say its a judgement that Sun shouldn't have made IMHO. regards DaveP - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: jsp imports
-Original Message- From: Tim Funk The java file generated by the JSP is in a package. The java lanaguage disallows a packageless class if you are in a package. Makes more sense Tim. Thanks for that. Boring rewrites ahead, or convert the jsp to java. Probably the latter. regards DaveP - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
different versions of libraries
Hi! I need to use a really new version of xalan/xerces in one of my applications. Where should I put the .jars to make application specific? Is it even possible? -- Andreas Andersson IT Dept. Travelstart Nordic [EMAIL PROTECTED] http://www.travelstart.se - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: replacing ROOT
Whooaa... You mean you can't do !-- Context whatever... -- This sounds very fishy to me. I've been using that in my server.xml file forever. In any case, this is XML, so I don't see why this would be a problem. I suspect that the original poster's problem, if this is a Tomcat 5.x issue and not tomcat 4, has to do with problems in the ../conf/Catalina/hostname/context.xml file, which if you're upgrading from Tomcat 4, you might not think about. Gene On Mar 23, 2005, at 7:48 AM, Rajesh Bagade wrote: Comment for context should start from same line where context line starts. It should be as follows !-- Context path= docBase=ROOT debug=0/ -- --Rajesh Bagade -Original Message- From: Andreas Andersson [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 5:33 PM To: Tomcat Users List Subject: Re: replacing ROOT Rajesh Bagade wrote: In server.xml just comment original root context entry, and write your new context. The weird think is that that context is already commented and has been so since I installed tomcat. It looks like this. !-- Tomcat Root Context -- !-- Context path= docBase=ROOT debug=0/ -- When are the xml-files from /webapps read? -- Andreas Andersson IT Dept. Travelstart Nordic [EMAIL PROTECTED] http://www.travelstart.se - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.7.4 - Release Date: 3/18/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.7.4 - Release Date: 3/18/2005 -- iota technologies limited, pune, india - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: replacing ROOT
Gene Volovich wrote: Whooaa... You mean you can't do !-- Context whatever... -- The above is correct, it works this way. This sounds very fishy to me. I've been using that in my server.xml file forever. In any case, this is XML, so I don't see why this would be a problem. I suspect that the original poster's problem, if this is a Tomcat 5.x issue and not tomcat 4, has to do with problems in the ../conf/Catalina/hostname/context.xml file, which if you're upgrading from Tomcat 4, you might not think about. I'm running tomcat 4.1.31 and just solved the problem. It's part my fault, part a stupid way of tomcat to handle compiled jsp. After installing my own app under / tomcat refused to recompile the .jsp and showed the old page all the time. Not until I removed all the .class-files I got it to work. This was a hard nut to crack, to me it's completly illogical that tomcat doesn't recompile the files :) Thanks everyhone for the help. -- Andreas Andersson IT Dept. Travelstart Nordic [EMAIL PROTECTED] http://www.travelstart.se - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: different versions of libraries
From: Andreas Andersson [mailto:[EMAIL PROTECTED] I need to use a really new version of xalan/xerces in one of my applications. Where should I put the .jars to make application specific? The only place where it can be application-specific is in the webapp's WEB-INF/lib. Is it even possible? Depends on your version of Tomcat - which version are you using? I've placed them in WEB-INF/lib (apparently successfully - certainly good enough for the app) under Tomcat 5.0.28. For Tomcat 4, I have a separate installation with some new versions dropped in. I use this installation for one rather poorly-behaved app that insists on using its own version of Xerces, but it's not application-specific as other webapps on the same instance would see the same version. - Peter - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: different versions of libraries
Peter Crowther wrote: Depends on your version of Tomcat - which version are you using? I've placed them in WEB-INF/lib (apparently successfully - certainly good enough for the app) under Tomcat 5.0.28. For Tomcat 4, I have a separate installation with some new versions dropped in. I use this installation for one rather poorly-behaved app that insists on using its own version of Xerces, but it's not application-specific as other webapps on the same instance would see the same version. That sounds just like my problem. I just tomcat 4.1.31 and one of my apps needs an old (and poorly functioning) version av xerces/xalan. It seems to me that the files I place under WEB-INF/lib isn't really read at all, at least not overriding the other once. I guess that a separat install is the only way to go :( -- Andreas Andersson IT Dept. Travelstart Nordic [EMAIL PROTECTED] http://www.travelstart.se - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: different versions of libraries
WEB-INF/lib of the app you need it in. That's the simple answer. For a complete answer, read: http://jakarta.apache.org/tomcat/tomcat-5.0-doc/class-loader-howto.html and the servlet spec --David Andreas Andersson wrote: Hi! I need to use a really new version of xalan/xerces in one of my applications. Where should I put the .jars to make application specific? Is it even possible? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: replacing ROOT
This reminds me that we've been having a lot of issues with Tomcat caching (refusing to recompile) changed JSP files. Not sure if there's a bug on it, but it stinks having to restart the whole container sometimes, just for a small JSP change. This problem seems to have gotten worse if anything in Tomcat 5.0.x. Gene On Mar 23, 2005, at 8:37 AM, Andreas Andersson wrote: Gene Volovich wrote: Whooaa... You mean you can't do !-- Context whatever... -- The above is correct, it works this way. This sounds very fishy to me. I've been using that in my server.xml file forever. In any case, this is XML, so I don't see why this would be a problem. I suspect that the original poster's problem, if this is a Tomcat 5.x issue and not tomcat 4, has to do with problems in the ../conf/Catalina/hostname/context.xml file, which if you're upgrading from Tomcat 4, you might not think about. I'm running tomcat 4.1.31 and just solved the problem. It's part my fault, part a stupid way of tomcat to handle compiled jsp. After installing my own app under / tomcat refused to recompile the .jsp and showed the old page all the time. Not until I removed all the .class-files I got it to work. This was a hard nut to crack, to me it's completly illogical that tomcat doesn't recompile the files :) Thanks everyhone for the help. -- Andreas Andersson IT Dept. Travelstart Nordic [EMAIL PROTECTED] http://www.travelstart.se - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Default servlet unavailable
Hallo, I recent installed Tomcat. I'm getting the error INFO: Marking servlet default as unavailable (see below) I installed it the third time now and the two first installations hadnt this problem. The HW with the third installation is an older two processor machine (PIII) with a newer Debian installation. The installation is standard under /usr/local and with JDK 5.0 (jdk1.5.0_02) Does anyone knows this behaviour and can tell me whats wrong? Search the whole web and found no hint. Thanx Stanislav Bauer WebDesign Studio Praha Using CATALINA_BASE: /usr/local/jakarta-tomcat-5.5.7 Using CATALINA_HOME: /usr/local/jakarta-tomcat-5.5.7 Using CATALINA_TMPDIR: /usr/local/jakarta-tomcat-5.5.7/temp Using JRE_HOME: /usr/local/jdk1.5.0_02 catalania.out startup 23.3.2005 15:04:25 org.apache.coyote.http11.Http11Protocol init INFO: Initializing Coyote HTTP/1.1 on http-8080 23.3.2005 15:04:25 org.apache.catalina.startup.Catalina load INFO: Initialization processed in 3931 ms 23.3.2005 15:04:25 org.apache.catalina.core.StandardService start INFO: Starting service Catalina 23.3.2005 15:04:25 org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/5.5.7 23.3.2005 15:04:25 org.apache.catalina.core.StandardHost start INFO: XML validation disabled 23.3.2005 15:04:27 org.apache.catalina.core.ApplicationContext log INFO: Marking servlet default as unavailable 23.3.2005 15:04:27 org.apache.catalina.core.ApplicationContext log SEVERE: Error loading WebappClassLoader^M delegate: false^M repositories:^M -- Parent Classloader:^M [EMAIL PROTECTED] org.apache.catalina.servlets.DefaultServlet java.lang.ClassNotFoundException: org.apache.catalina.servlets.DefaultServlet at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1332) at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1181) at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1002) at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:900) at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:3823) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4087) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:759) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:739) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:524) at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:590) at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:535) at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:470) at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1106) at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:310) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1019) at org.apache.catalina.core.StandardHost.start(StandardHost.java:718) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1011) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:440) at org.apache.catalina.core.StandardService.start(StandardService.java:450) at org.apache.catalina.core.StandardServer.start(StandardServer.java:683) at org.apache.catalina.startup.Catalina.start(Catalina.java:537) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:271) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 5 on VPS service stops, FIXED.
Well surprise, surprise, I moved to a dedicated server and it works great now. It even uses less memory. Can someone say, Tomcat doesn't work on VPS's? -- Justin Stanczak Stanczak Group 812-735-3600 All that is necessary for the triumph of evil is that good men do nothing. Edmund Burke .....__. ./ _/....._/..|_..... /...\../.__.\./\...__\/.._.\./._..\ \\_\..\..___/|...|..\..|.(.._.|._..) .\__../\___.._\__|../__|..\/.\/.. \/.\/.\/.. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Cluster Deployment Question
Make sure your WAR file gets properly installed on both instances SEVERE: Unable to install WAR file java.io.FileNotFoundException: C:\tmp\war-deploy\clustertest.war (The system cannot find the path specified) Durfee, Bernard wrote: I am ready to set Tomcat up in a clustered environment. So to test I have installed two instances of Tomcat 5.5.7 on the same XP machine. One listens on 8080 and the other on 8081. I configured the server.xml as follows... Cluster className=org.apache.catalina.cluster.tcp.SimpleTcpCluster managerClassName=org.apache.catalina.cluster.session.DeltaManager expireSessionsOnShutdown=false useDirtyFlag=true notifyListenersOnReplication=true Membership className=org.apache.catalina.cluster.mcast.McastService mcastAddr=228.0.0.4 mcastPort=45564 mcastFrequency=500 mcastDropTime=3000 / Receiver className=org.apache.catalina.cluster.tcp.ReplicationListener tcpListenAddress=auto tcpListenPort=4001 tcpSelectorTimeout=100 tcpThreadCount=10 / Sender className=org.apache.catalina.cluster.tcp.ReplicationTransmitter replicationMode=pooled ackTimeout=15000 / Valve className=org.apache.catalina.cluster.tcp.ReplicationValve filter=.*\.gif;.*\.js;.*\.jpg;.*\.htm;.*\.html;.*\.txt; / Deployer className=org.apache.catalina.cluster.deploy.FarmWarDeployer tempDir=/tmp/war-temp/ deployDir=/tmp/war-deploy/ watchDir=/tmp/war-listen/ watchEnabled=false / /Cluster ...with tcpListenPort as 4001 in one instance and 4002 in the other. With watchEnabled false on one but true on the other. The Tomcat instances start fine and both indicate... INFO: Replication member added ...when started. This tells me that they see each other. When I try to deploy a web-app by dropping it in the war-listen directory I get... SEVERE: Unable to install WAR file java.io.FileNotFoundException: C:\tmp\war-deploy\clustertest.war (The system cannot find the path specified) ...okay, so that doesn't work. So I try to deploy through the manager on 8080 using Select WAR file to upload... The 8080 server says: WARNING: Manager[/clustertest], requesting session state from org.apache.catalina.cluster.mcast.McastMember[tcp://123.321.21.25:4002,1 41.254.21.25,4002, alive=227500]. This operation will timeout if no session state has been received within... The 8081 server then says: Mar 18, 2005 3:03:35 PM org.apache.catalina.cluster.tcp.SimpleTcpCluster messageDataReceived WARNING: Context manager doesn't exist:/clustertest ...then the 8080 server waits, then times out and says... SEVERE: Manager[/clustertest], No session state received, timing out. ...any ideas? Seems like the Tomcats are talking and trying, but can't send the WAR from one to the other. Bernard Durfee - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
tomcat 5 as service in redhat
Hi, Just looking to deploy a customized tomcat 5.0.25 in a Redhat ES 3 environment. According to the documentation http://jakarta.apache.org/tomcat/tomcat-5.0-doc/setup.html The best course of action is to run it as a daemon using jsvc. However, I have seen possible other options such as simply editing /etc/rc.d/init.d/httpd and adding in little commands in start() and stop(). Could you tell me what the ad/disadvantages of doing it either way are? /michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Where is the admin pkg for tomcat 5.5?
Thanks it was a case of looking for something that didn't move. Richard J. Airhart OIT Enterprise Information Services mailto: [EMAIL PROTECTED] Ex: 25606 -Original Message- From: Antony Paul [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 2:52 AM To: Tomcat Users List Subject: Re: Where is the admin pkg for tomcat 5.5? It is here. If you followed binary download link you could locate it. http://jakarta.apache.org/site/downloads/downloads_tomcat-5.cgi On Tue, 22 Mar 2005 23:36:37 -0600, Airhart, Richard J [EMAIL PROTECTED] wrote: When I click on Tomcat Administration I get this message: Tomcat's administration web application is no longer installed by default. Download and install the admin package to use it. I have spend hours of unproductive time on the http://jakarta.apache.org/tomcat/ web site trying to locate this admin package to download. Where is it, if it exists? Richard J. Airhart Computer Software Specialist Ex: 25605 Mailto:[EMAIL PROTECTED] or Mailto:[EMAIL PROTECTED] http://oit.uta.edu/bcs/PCBusApps/deptapps.html Office of Information Technology Enterprise Information Services B-36i Davis Hall University of Texas @ Arlington B0x 19318 Arlington, TX 76019 Voice: 817-272-5605 Fax: 917-272-5800 -- rgds Antony Paul http://www.geocities.com/antonypaul24/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: DIGEST authentication; Does it work??
The docs say this: When a standard realm authenticates by retrieving the stored password and comparing it with the value presented by the user, you can select digested passwords by specifying the *digest* attribute on your Realm element. The value for this attribute must be one of the digest algorithms supported by the java.security.MessageDigest class (SHA, MD2, or MD5). When you select this option, the contents of the password that is stored in the Realm must be the cleartext version of the password, as digested by the specified algorithm. I have starred the word digest. If you look at the source for the page you will notice the word digest is in code tags, and I think they are trying to indicate this is a key word you can use in the realm tag. Let us know if this works for you. |)ave -Original Message- From: Mark Leone [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 1:53 AM To: Tomcat Users List Subject: Re: DIGEST authentication; Does it work?? So at 3:00 AM I decided to read the Basic and Digest Access Authentication spec (RFC 2617), and it says that MD5 is the default hash algorithm. I had previously seen that Tomcat wasn't sending any response headers explicitly specifying the hash algorithm, even though I had specified SHA in the realm/ element in Server.xml. So I changed my digest algorithm for the realm to MD5, and DIGEST authentication is now working. I'd like to make it work with SHA-1. I've looked all through the Tomcat documentation, and I can't find a configuration parameter to set the www-authenticate response header to indicate SHA-1 algorithm for the digest. I see the API that supports this in org.apache.catalina.authenticator.DigestAuthenticator ( setAuthenticateHeader() ), but I can't find a configuration parameter that will determine the value for algorithm passed to this method. Does anyone know how I can set this?* * -Mark Mark Leone wrote: I found a silly classpath error that fixed the problem using RealmBase. I didn't realize that my system still had environment variable %catalina_home% pointing to an old tomcat 4.1.24 directory. So when I opened a command window to generate digest values I was executing RealmBase in tomcat 4.1.24. But guess what. When I digest the same info with the same algorithm specifier (SHA) in Tomcat 4.1.24 and Tomcat 5.5.8 I get different digest values. And DIGEST authentication still doesn't work, in either case. Something very strange is going on here. :( -Mark Mark Leone wrote: Okay, I was using 5.5.7. So I just downloaded the source and built 5.5.8, and things got worse. Digest authentication is not working for me. I believe I've set everything up correctly. Using an HTTP monitor I see a 401 response coming back from Tomcat with a www-authenticate header whose parameters specify digest authentication and identify the realm as JDBCRealm. And I have a digested password that I created by digesting {username}:JDBCRealm:{password} (including the colons- is that correct?), as directed in the how-to documentation. But when I enter that username and password, the authentication fails. Now I used SHA-1 to digest the password, and my realm/ element in Server.xml identifies SHA as the digest algorithm for digesting passwords. Does this mean that the DIGEST authentication will also be done using SHA-1? Or do I need to specify that somewhere? Am I missing something else? I said it got worse with 5.5.8 because now I can't even get RealmBase to generate a digested password. I enter java -cp %catalina_home%\server\lib\catalina.jar org.apache.catalina.realm.RealmBase -a SHA {username}:JDBCRealm:{password} and I get: Exception in thread main java.lang.NoClassDefFoundError: org/apache/commons/lo gging/LogFactory at org.apache.catalina.realm.RealmBase.clinit(RealmBase.java:69) So it's finding RealmBase, but while executing that code it fails to find LogFactory. I don't see an org\apache\commons path in any of the class directories generated during the build. Do I have a defective build? Was I supposed to download something else? -Mark Mark Thomas wrote: Yes it does. I tested this extensively with both IE and Firefox. Any combination of the following is OK: Auth:BASIC, FORM, DIGEST Realm:Memory, UserDatabase, JDBC, DataSource Passwords:Cleartext, digested There is a complication when using digested passwords with the digest realm. You need to be using 4.1.x from CVS HEAD or 5.5.8+ For more info see: http://jakarta.apache.org/tomcat/tomcat-5.5-doc/realm-howto.html Mark Mark Leone wrote: I'm trying to use DIGEST authentication with Tomcat, and it doesn't seem to work. I found some articles with Google about IE implementing DIGEST authentication in a way that only worked with MS servers, and I assume that hasn't been corrected. But I'm also using Firefox with the same results as IE. I saw an article about a
RE: LDAP/JNDI Realm Tomcat 5.0 vs 5.5
Okay, I figured out the problem. My password had some the '$' characters in it. Originally, back in 5.0, to get this to work, I had to escape the '$' with another '$'. It looks like this 'problem' has been 'fixed' in 5.5. So in summary, if you had a 5.0 password of $imple then you had to use $$imple in you realm definition. But for 5.5 you just use $imple in your realm definition, as there is no need to escape the dollar sign. Hope this helps other who may encounter this problem. |)ave -Original Message- From: David Owens Sent: Monday, March 21, 2005 10:41 AM To: 'tomcat-user@jakarta.apache.org' Subject: LDAP/JNDI Realm Tomcat 5.0 vs 5.5 I am doing some investigation into upgrading from our Tomcat 5.0.x servers to Tomcat 5.5.x and I am trying to get everything working. In the old tomcat 5.0.x I was able to create a realm which authenticated against our ADS server. However, I cannot get it to work in Tomcat 5.5.7. The only thing I have changed besides the version of tomcat is the location of the file containing the realm information. Originally I had put it in as $CATALINA_HOME/conf/Catalina/localhost/myapp.xml but for Tomcat 5.5 I have put the realm information in webapps/myapp/META-INF/context.xml. My understanding is that the location/name of the context information should not change how the realm works, but I thought it worth mentioning. Here is the realm definition I used for both Tomcat 5.0.27 and Tomcat 5.5.7 Context ... Realm className=org.apache.catalina.realm.JNDIRealm debug=1 connectionURL=ldap://test.testtrust.com:389; alternateURL=ldap://192.168.0.10:389; connectionName=CN=ADSAdmin,OU=Service Accounts,DC=testtrust,DC=com connectionPassword=secretpassword contextFactory=com.sun.jndi.ldap.LdapCtxFactory authentication=simple referrals=follow userBase=OU=People,DC=testtrust,DC=com userRoleName=memberOf userSubtree=true userSearch=(samaccountname={0}) roleBase=OU=Groups,DC=testtrust,DC=com roleName=cn roleSearch=(member={0}) roleSubtree=true / . . . /Context The error I get when deploying the app is: SEVERE: Error deploying web application archive myapp.war java.lang.IllegalStateException: ContainerBase.addChild: start: LifecycleException: Exception opening directory server connection: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 52e, v893 ] at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.ja va:763) . . . My understanding is that it is picking up my realm information, and trying to use it, but his error means it is not properly authenticating. So my question is, why did this exact realm setup work under Tomcat 5.0.x and not 5.5.x? Any help would be greatly appreciated! Thanks in advance, Dave
IIS6 and Tomcat
Hi, I've a webapp running into Tomcat 5.0, behind an IIS 6 server. This IIS server uses integrated authentication. My problem is that I can't get the user's login with the request.getRemoteUser() method. Does someone know why and how I could do ??? Thanks in advance. Fred. Ce message et toutes les pieces jointes (ci-apres le message) sont confidentiels et etablis a l'intention exclusive de ses destinataires. Toute utilisation ou diffusion non autorisee est interdite.Tout message electronique est susceptible d'alteration. Le CREDIT DU NORD et ses filiales declinent toute responsabilite au titre de ce message s'il a ete altere, deforme ou falsifie. This message and any attachments ( the message) are confidential and intended solely for the addressees. Any unauthorised use or dissemination is prohibited.E-mails are susceptible to alteration. Neither CREDIT DU NORD nor any of its subsidiaries or affiliates shall be liable for the message if altered, changed or falsified.
where are my files?
I've installed TomCat-Jakarta 5.0.19 (from SuSE9.1 which I'm running) as well as the demo-server package. I'm trying to work through the Apress book Apache Jakarta-Tomcat, which is written around 4.0. My problem in a nut shell is that I cannot find which directory tomcat seems to be using. I load the page on port 8080 and note the file name, grab a shell run locate index.jsp and can find the page that the application loads, or so I think. I've edited the If you're seeing this page via a web ... so that seeing is pseeing, saved the page, and reloaded into the browser, and did could not find any change to the page. Any thoughts on why I'm lost? (Other than I'm new :) Mike - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
setting sys properties in context? yea / nay?
Hi there - I have what I consider a Tomcat question but it lies somewhere between tomcat and log4j. I've looked elsewhere in the log4j and tomcat user lists and I have not been able to find an answer to this one but please forgive me if it is out there and I missed it. Can I set a system property in my Context? My understanding is that I can set a JNDI property using the Environment tag, but not a system property? The issue is that I would like to use this property in my log4j.properties file, like this: log4j.appender.fileout.File=${log.path}/logs/logfile.log Any suggestions or links? Thanks, William
RE: where are my files?
It does not really use index.jsp It is remapped to a servlet in web.xml. So first edit webapps/ROOT/WEB-INF/web.xml and remove the mapping, then edit index.jsp. Hope this helps. |)ave -Original Message- From: Mike McMullin [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 10:13 AM To: Tomcat Subject: where are my files? I've installed TomCat-Jakarta 5.0.19 (from SuSE9.1 which I'm running) as well as the demo-server package. I'm trying to work through the Apress book Apache Jakarta-Tomcat, which is written around 4.0. My problem in a nut shell is that I cannot find which directory tomcat seems to be using. I load the page on port 8080 and note the file name, grab a shell run locate index.jsp and can find the page that the application loads, or so I think. I've edited the If you're seeing this page via a web ... so that seeing is pseeing, saved the page, and reloaded into the browser, and did could not find any change to the page. Any thoughts on why I'm lost? (Other than I'm new :) Mike - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
HELP: How the DBCP works ? (and the JMXProxy)
Hi all (tomcat 5.5 developers), In my context.xml, I use a DataSource like this : Resource auth=Container name=myDB type=javax.sql.DataSource .../ So, I suppose the dataSource.getConnection() is taken from DataBase Connection Pool... 1- But How do this works ? 2- If all my contexts have their own DataSource, each context have their own Pool ? 3- How Do I Manage these Pools ? I'd want to test with the JMX Proxy but I don't succeed in the good URL for asking the only MBean I'm interested in... I test : http://localhost:8080/manager/jmxproxy/?get=%3Atype=RequestProcessor%3C I have a section with the desired MBean : Name: Catalina:type=DataSource,path=/myContext,host=localhost,class=javax.sql.DataSource,name=myDB But I don't succeed with : http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DDataSource%2Cpath%3D/myContext%2Chost%3Dlocalhost%2Cclass%3Djavax.sql.DataSource%2Cname%3D%22myBD%22%3Catt=maxActive ... or something like this... I need help, please. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: bug with Delegate ?
Hi Simon, I wanted to use this flag because, in my $CATALINA_HOME/common/lib, I have mysql-connector-java-2.0.14-bin.jar but, in some wars, I have WEB-INF/lib/mysql-connector-java-3.0.15-ga-bin.jar WEB-INF/lib/naming-factory-dbcp.jar and in other wars, I don't have any Driver Mysql So, I'd want the war_WEB-INF/lib/Mysql_jar to be taken BEFORE the common/lib/Mysql_jar one when it is possible and the common/lib/Mysql_jar to be taken in other cases. So I tried to put Loader className=org.apache.catalina.loader.WebappLoader delegate=false / or Loader className=org.apache.catalina.loader.WebappLoader delegate=true / in my Context.xml But it is always the common/lib/jar one which is taken :-(( I don't know if it is a bug or a bad config from me If a Tomcat Developer can say to me what I am wrong ... Note : To confirm the Driver version, I print : dataSource.getClass().getClassLoader().getResource(org/gjt/mm/mysql/Driver.class); Cheers On Sat, 19 Mar 2005 17:44:40 +1300 Simon Kitching [EMAIL PROTECTED] wrote: Hi, I see here that there is an option for the webapp-specific classloader to use parent-first classloading instead of the (default) child-first classloading. Can someone suggest why this might be useful? Clearly someone thought so, but I can't see any point in it. It is in catalina since version 1.1 (committer: Remy Maucherat). See delegate option in this page: http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/loader.html Using this option makes life exceedingly complicated for some libs like commons-beanutils and commons-logging, so I would like to know under what conditions someone might enable this feature. Regards, Simon - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: bug with Delegate ?
Hi Simon, I wanted to use this flag because, in my $CATALINA_HOME/common/lib, I have mysql-connector-java-2.0.14-bin.jar but, in some wars, I have WEB-INF/lib/mysql-connector-java-3.0.15-ga-bin.jar WEB-INF/lib/naming-factory-dbcp.jar and in other wars, I don't have any Driver Mysql So, I'd want the war_WEB-INF/lib/Mysql_jar to be taken BEFORE the common/lib/Mysql_jar one when it is possible and the common/lib/Mysql_jar to be taken in other cases. So I tried to put Loader className=org.apache.catalina.loader.WebappLoader delegate=false / or Loader className=org.apache.catalina.loader.WebappLoader delegate=true / in my Context.xml But it is always the common/lib/jar one which is taken :-(( I don't know if it is a bug or a bad config from me If a Tomcat Developer can say to me what I am wrong ... Note : To confirm the Driver version, I print : dataSource.getClass().getClassLoader().getResource(org/gjt/mm/mysql/Driver.class); Cheers On Sat, 19 Mar 2005 17:44:40 +1300 Simon Kitching [EMAIL PROTECTED] wrote: Hi, I see here that there is an option for the webapp-specific classloader to use parent-first classloading instead of the (default) child-first classloading. Can someone suggest why this might be useful? Clearly someone thought so, but I can't see any point in it. It is in catalina since version 1.1 (committer: Remy Maucherat). See delegate option in this page: http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/loader.html Using this option makes life exceedingly complicated for some libs like commons-beanutils and commons-logging, so I would like to know under what conditions someone might enable this feature. Regards, Simon - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
ugly urls
Hi everyone I wanted to see if in JSP or Tomcat there was an easy way to transform ugly urls into pretty urls. So taking category.jsp?catid=12type=2 and changing it to category/catid/12/type/2? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: jsp imports
I am not sure if this is relevant but, is session data a full name of the package? I would expect to see something like com.packagename.sessionData DarekC On Wed, 2005-03-23 at 03:20, Pawson, David wrote: Tomcat 5.0.28 In my index.jsp file I have %@ page import=sessionData% % sessionData s = new sessionData(); s.clrSession(session, index.jsp); % And I get the error, Cannot resolve symbol 'sessionData'. It is not in a package. What syntax must I use to locate the class please? Or is it required to be packaged? Regards DaveP. snip here * - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
tomcat 5.0.25 question
Hello, Last year I downloaded the Tomcat 5.0.25 binary for Solaris and installed it with java sdk 1.4.2. I now want to upgrade to the java sdk 1.5 but I don't want to upgrade Tomcat yet. I am trying to determine if this upgrade will affect my version of Tomcat. One piece of information that I cannot find on the Tomcat website is information about how the Tomcat binaries were built. Specifically, was it compiled using the java compiler from sdk 1.4, 1.5 or some other version of the sdk? If my version of Tomcat was built with javac from the java sdk 1.5 then I know my upgrade should go smoothly. If anyone knows where I can find the details of how the Tomcat binaries were built it would be greatly appreciated. Thanks, Eric Moreo Web Developer Art Center College of Design x2392 [EMAIL PROTECTED]
Re: DIGEST authentication; Does it work??
Dave, thanks very much for your help. Unfortunately, the passage you quoted is referring to how the password is digested when it is stored in the realm. This is working fine for me, and I've been able to configure it to use SHA-1 or MD-5 algorithms by setting the digest attribute in the realm/ element to either SHA or MD5, which are the appropriate keywords to identify those algorithms. What I described above works fine when I select BASIC authentication by putting the following in my web.xml login-config auth-methodBASIC/auth-method realm-nameJDBCRealm/realm-name /login-config However, I change BASIC above to DIGEST to induce the server to tell the client that DIGEST authentication is required, meaning that instead of sending the username and password as a Base64 encoded text string, which anyone can decode and thereby compromise the user's credentials, it will send a hash of the username and password, with a random value and a sequence counter generated by the server also included as an input to the hash function. This of course is a much more secure way to send login credentials. According to the spec that governs DIGEST access authentication (rfc2617), if the server does not explicitly specify a hash algorithm in the www-authenticate header of the HTTP response message (status 401- unauthorized), it defaults to MD5. So after much thrashing around, I discovered that I could only get DIGEST authentication to work by specifying MD-5 in the realm/ digest attribute, and then letting the client default to using MD5 for the DIGEST authentication algorithm, since Tomcat is not specifying the algorithm in the HTTP header (which I verified with an HTTP monitor tool). What I would LIKE to do is use SHA-1, since it's a more secure algorithm (and because I have engineer's disease, and I have to figure out how to do something even if there's an almost-as-good alternative). I know I can set the realm/ digest attribute to SHA-1, but I don't know how I cant tell Tomcat to require SHA-1 algorithm in the www-authenticate response header. I found a method that does this org.apache.catalina.authenticator.DigestAuthenticator.setAuthenticateHeader() But I'd like to do it with a configuration parameter. I've looked thorough all the Tomcat docs, and I see nothing that appears to do this. I opened the Servlet spec and looked at the XSD for the web.xml document, and there appears to be nothing there that can set the DIGEST algorithm. Perhaps it can be set in the server.xml file. I'm going to look for that XSD next, but if anyone knows off-hand what the parameter is, please enlighten me. If there's not a configuration parameter, could someone tell me how to do this programmatically? I'm fairly new to Tomcat, and I think I can figure out how to get access to the aforementioned setAuthenticateHeader() method in the servlet context, but I don't know how to make the container do that for the duration of a browser session, as opposed to setting the www-authenticate header every time my JSP or servlet is called. -Mark David Owens wrote: The docs say this: When a standard realm authenticates by retrieving the stored password and comparing it with the value presented by the user, you can select digested passwords by specifying the *digest* attribute on your Realm element. The value for this attribute must be one of the digest algorithms supported by the java.security.MessageDigest class (SHA, MD2, or MD5). When you select this option, the contents of the password that is stored in the Realm must be the cleartext version of the password, as digested by the specified algorithm. I have starred the word digest. If you look at the source for the page you will notice the word digest is in code tags, and I think they are trying to indicate this is a key word you can use in the realm tag. Let us know if this works for you. |)ave -Original Message- From: Mark Leone [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 1:53 AM To: Tomcat Users List Subject: Re: DIGEST authentication; Does it work?? So at 3:00 AM I decided to read the Basic and Digest Access Authentication spec (RFC 2617), and it says that MD5 is the default hash algorithm. I had previously seen that Tomcat wasn't sending any response headers explicitly specifying the hash algorithm, even though I had specified SHA in the realm/ element in Server.xml. So I changed my digest algorithm for the realm to MD5, and DIGEST authentication is now working. I'd like to make it work with SHA-1. I've looked all through the Tomcat documentation, and I can't find a configuration parameter to set the www-authenticate response header to indicate SHA-1 algorithm for the digest. I see the API that supports this in org.apache.catalina.authenticator.DigestAuthenticator ( setAuthenticateHeader() ), but I can't find a configuration parameter that will determine the value for algorithm passed to this method. Does anyone know how I
Re: ClientAbortException: java.net.SocketException: Software caused connection abort: socket write error
Has anyone run into this problem before. I started getting this error message when i moved from Tomcat 4.0 to 4.1 in JBuilder, it does not neccessarily forward to the error page and i did not click the stop butoon on the browser. any help would be great ClientAbortException: java.net.SocketException: Software caused connection abort: socket write error at org.apache.coyote.tomcat4.OutputBuffer.doFlush(OutputBuffer.java:368) at org.apache.coyote.tomcat4.OutputBuffer.flush(OutputBuffer.java:336) at org.apache.coyote.tomcat4.CoyoteResponse.flushBuffer(CoyoteResponse.java:541) at org.apache.coyote.tomcat4.CoyoteResponseFacade.flushBuffer(CoyoteResponseFacade.java:225) at org.apache.catalina.valves.ErrorDispatcherValve.status(ErrorDispatcherValve.java:329) at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:181) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:163) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:199) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:828) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:700) at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:584) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683) at java.lang.Thread.run(Thread.java:534) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: DIGEST authentication; Does it work??
Dave, thanks very much for your help. Unfortunately, the passage you quoted is referring to how the password is digested when it is stored in the realm. This is working fine for me, and I've been able to configure it to use SHA-1 or MD-5 algorithms by setting the digest attribute in the realm/ element to either SHA or MD5, which are the appropriate keywords to identify those algorithms. What I described above works fine when I select BASIC authentication by putting the following in my web.xml login-config auth-methodBASIC/auth-method realm-nameJDBCRealm/realm-name /login-config However, I change BASIC above to DIGEST to induce the server to tell the client that DIGEST authentication is required, meaning that instead of sending the username and password as a Base64 encoded text string, which anyone can decode and thereby compromise the user's credentials, it will send a hash of the username and password, with a random value and a sequence counter generated by the server also included as an input to the hash function. This of course is a much more secure way to send login credentials. According to the spec that governs DIGEST access authentication (rfc2617), if the server does not explicitly specify a hash algorithm in the www-authenticate header of the HTTP response message (status 401- unauthorized), it defaults to MD5. So after much thrashing around, I discovered that I could only get DIGEST authentication to work by specifying MD-5 in the realm/ digest attribute, and then letting the client default to using MD5 for the DIGEST authentication algorithm, since Tomcat is not specifying the algorithm in the HTTP header (which I verified with an HTTP monitor tool). What I would LIKE to do is use SHA-1, since it's a more secure algorithm (and because I have engineer's disease, and I have to figure out how to do something even if there's an almost-as-good alternative). I know I can set the realm/ digest attribute to SHA-1, but I don't know how I cant tell Tomcat to require SHA-1 algorithm in the www-authenticate response header. I found a method that does this -- org.apache.catalina.authenticator.DigestAuthenticator.setAuthenticateHeader()-- But I'd like to do it with a configuration parameter. I've looked thorough all the Tomcat docs, and I see nothing that appears to do this. I opened the Servlet spec and looked at the XSD for the web.xml document, and there appears to be nothing there that can set the DIGEST algorithm. Perhaps it can be set in the server.xml file. I'm going to look for that XSD next, but if anyone knows off-hand what the parameter is, please enlighten me. If there's not a configuration parameter, could someone tell me how to do this programmatically? I'm fairly new to Tomcat, and I think I can figure out how to get access to the aforementioned setAuthenticateHeader() method in the servlet context, but I don't know how to make the container do that for the duration of a browser session, as opposed to setting the www-authenticate header every time my JSP or servlet is called. -Mark David Owens wrote: The docs say this: When a standard realm authenticates by retrieving the stored password and comparing it with the value presented by the user, you can select digested passwords by specifying the *digest* attribute on your Realm element. The value for this attribute must be one of the digest algorithms supported by the java.security.MessageDigest class (SHA, MD2, or MD5). When you select this option, the contents of the password that is stored in the Realm must be the cleartext version of the password, as digested by the specified algorithm. I have starred the word digest. If you look at the source for the page you will notice the word digest is in code tags, and I think they are trying to indicate this is a key word you can use in the realm tag. Let us know if this works for you. |)ave -Original Message- From: Mark Leone [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 1:53 AM To: Tomcat Users List Subject: Re: DIGEST authentication; Does it work?? So at 3:00 AM I decided to read the Basic and Digest Access Authentication spec (RFC 2617), and it says that MD5 is the default hash algorithm. I had previously seen that Tomcat wasn't sending any response headers explicitly specifying the hash algorithm, even though I had specified SHA in the realm/ element in Server.xml. So I changed my digest algorithm for the realm to MD5, and DIGEST authentication is now working. I'd like to make it work with SHA-1. I've looked all through the Tomcat documentation, and I can't find a configuration parameter to set the www-authenticate response header to indicate SHA-1 algorithm for the digest. I see the API that supports this in org.apache.catalina.authenticator.DigestAuthenticator ( setAuthenticateHeader() ), but I can't find a configuration parameter that will determine the value for algorithm passed to this method. Does anyone
Re: ugly urls
On Wed, 23 Mar 2005 16:47:19 +, Didier McGillis [EMAIL PROTECTED] wrote: Hi everyone I wanted to see if in JSP or Tomcat there was an easy way to transform ugly urls into pretty urls. So taking category.jsp?catid=12type=2 and changing it to category/catid/12/type/2? Best way would be to put Apache (Webserver) in front of tomcat and then use mod_rewrite rules. Regards, -- Jason Bainbridge http://kde.org - [EMAIL PROTECTED] Personal Site - http://jasonbainbridge.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tomcat 5.0.25 question
I don't know where you can find more details ... but Tomcat 5.0.x is built for jdk1.4 So, I don't think you can use jdk1.5 with it... On Wed, 23 Mar 2005 09:32:28 -0800 Eric Moreo [EMAIL PROTECTED] wrote: Hello, Last year I downloaded the Tomcat 5.0.25 binary for Solaris and installed it with java sdk 1.4.2. I now want to upgrade to the java sdk 1.5 but I don't want to upgrade Tomcat yet. I am trying to determine if this upgrade will affect my version of Tomcat. One piece of information that I cannot find on the Tomcat website is information about how the Tomcat binaries were built. Specifically, was it compiled using the java compiler from sdk 1.4, 1.5 or some other version of the sdk? If my version of Tomcat was built with javac from the java sdk 1.5 then I know my upgrade should go smoothly. If anyone knows where I can find the details of how the Tomcat binaries were built it would be greatly appreciated. Thanks, Eric Moreo Web Developer Art Center College of Design x2392 [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: ugly urls
http://tuckey.org/urlrewrite/ Does the same for Tomcat. No need for Apache - Original Message - From: Jason Bainbridge [EMAIL PROTECTED] To: Tomcat Users List tomcat-user@jakarta.apache.org Sent: Wednesday, March 23, 2005 6:45 PM Subject: Re: ugly urls On Wed, 23 Mar 2005 16:47:19 +, Didier McGillis [EMAIL PROTECTED] wrote: Hi everyone I wanted to see if in JSP or Tomcat there was an easy way to transform ugly urls into pretty urls. So taking category.jsp?catid=12type=2 and changing it to category/catid/12/type/2? Best way would be to put Apache (Webserver) in front of tomcat and then use mod_rewrite rules. Regards, -- Jason Bainbridge http://kde.org - [EMAIL PROTECTED] Personal Site - http://jasonbainbridge.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: ugly urls
On Mar 23, 2005, at 17:47, Didier McGillis wrote: I wanted to see if in JSP or Tomcat there was an easy way to transform ugly urls into pretty urls. So taking category.jsp?catid=12type=2 and changing it to category/catid/12/type/2? What about creating pretty URLs in the first place? Choose URIs wisely http://www.w3.org/TR/chips/#gl1 URL as UI http://www.useit.com/alertbox/990321.html Cheers -- PA, Onnay Equitursay http://alt.textdrive.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
configure loggers
Hi I`ve been searching about logging level of the server(tomcat), and i can`t find a way to logging the request in the same way of apache: 200.118.108.230 - - [16/Jan/2005:20:42:53 -0500] GET /Archivos/Trabajo.doc. HTTP/1.1 200 81920 I need to log the option(GET, POST, HEAD), the file requested, and the response code from the server, the only one thing that i found was the verbosity level of the logger, but any of the levels show the information that i need. thx - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
strange Jasper2 + JSTL behavior after upgrading from TC 5.0.29 to TC 5.5.7
Hi, i declared an anttask which precompiles my JSPs. All works fine with TC 5.0.29. After upgrading to TC 5.5.7 i got this error: BUILD FAILED: C:\eclipse3\eclipse\workspace\ecs2\build.xml:134: org.apache.jasper.JasperException: The absolute uri: http://java.sun.com/jsp/jstl/fmt cannot be resolved in either web.xml or the jar files deployed with this application Only one JSP would be precompiled. This was the first page (error.jsp) in my JSP-hierarchy and makes no use of JSTL. After simply changing my TOMCAT_HOME environment variable back to TC 5.0.29's home it works again for all JSPs. Now i tried to localize the root of this behavior by simply adding this taglib directive to my error.jsp: %@ taglib prefix=fmt uri=http://java.sun.com/jsp/jstl/fmt; % I would excpect that now error.jsp could not be precompiled too. But oh wonder after this all JSPs could be precompiled correct. I think this behavior is not correct or did i something wrong? regards and thanks in advance, thomas build.xml fragment path id=build.classpath pathelement path=${build.dir}/ fileset dir=${lib.dir} include name=*.jar/ /fileset fileset dir=${shared.lib.dir} include name=*.jar/ /fileset fileset dir=${env.TOMCAT_HOME}/bin include name=*.jar/ /fileset fileset dir=${env.TOMCAT_HOME}/server/lib include name=*.jar/ /fileset fileset dir=${env.TOMCAT_HOME}/common/endorsed include name=*.jar/ /fileset fileset dir=${env.TOMCAT_HOME}/common/lib include name=*.jar/ /fileset /path taskdef name=jasper2 classname=org.apache.jasper.JspC classpath refid=build.classpath/ /taskdef jasper2 validateXml=false uriroot=${basedir}/web webXmlFragment=${basedir}/jspc/generated_web.xml addWebXmlMappings=true outputDir=${basedir}/jspc / - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Wild Card Hosting
Does anyone know if Tomcat supports Wild card hosting? Can I specify a pattern say *.domain.com And have all requests get forwarded to a specific host? Making the host the default host is not an option, because there is already another default host that is used. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: configure loggers
On Wed, 23 Mar 2005 13:29:12 -0500, Juan Manuel Soler Rincón [EMAIL PROTECTED] wrote: Hi I`ve been searching about logging level of the server(tomcat), and i can`t find a way to logging the request in the same way of apache: 200.118.108.230 - - [16/Jan/2005:20:42:53 -0500] GET /Archivos/Trabajo.doc. HTTP/1.1 200 81920 I need to log the option(GET, POST, HEAD), the file requested, and the response code from the server, the only one thing that i found was the verbosity level of the logger, but any of the levels show the information that i need. Uncomment: Valve className=org.apache.catalina.valves.AccessLogValve directory=logs prefix=localhost_access_log. suffix=.txt pattern=common resolveHosts=false/ In your server.xml. Regards, -- Jason Bainbridge http://kde.org - [EMAIL PROTECTED] Personal Site - http://jasonbainbridge.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tomcat 5.0.25 question
I have it working here on Tomcat 5.0.x, JDK 5, WinXP -- no problems to note so far and I installed it from a binary download. The only gotcha that I know about is you can't build for JDK 5 and then use it on JDK 1.4.x --David Lionel Farbos wrote: I don't know where you can find more details ... but Tomcat 5.0.x is built for jdk1.4 So, I don't think you can use jdk1.5 with it... On Wed, 23 Mar 2005 09:32:28 -0800 Eric Moreo [EMAIL PROTECTED] wrote: Hello, Last year I downloaded the Tomcat 5.0.25 binary for Solaris and installed it with java sdk 1.4.2. I now want to upgrade to the java sdk 1.5 but I don't want to upgrade Tomcat yet. I am trying to determine if this upgrade will affect my version of Tomcat. One piece of information that I cannot find on the Tomcat website is information about how the Tomcat binaries were built. Specifically, was it compiled using the java compiler from sdk 1.4, 1.5 or some other version of the sdk? If my version of Tomcat was built with javac from the java sdk 1.5 then I know my upgrade should go smoothly. If anyone knows where I can find the details of how the Tomcat binaries were built it would be greatly appreciated. Thanks, Eric Moreo Web Developer Art Center College of Design x2392 [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
clientAuth=true; non-SSL?
Hello folks - I am working with Tomcat 5.0.28; j2sdk 1_4_2_07 The question is this: Do I need an SSL connection in order to get Tomcat to force the presentation of a client side certificate? In other words, I only want to force authentication, not wrap the connection in SSL. Here is the connector config: Connector port=8080maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false redirectPort=8443 scheme=http secure=true clientAuth=true acceptCount=100keystoreType=JKS keystoreFile=C:\j2sdk1.4.2_07\bin\client.keystore keystorePass=changeit debug=0 connectionTimeout=2 disableUploadTimeout=true / The result is that I am not able to access the page at port 8080, but I am not getting the normal certificate request either. Any help welcome and appreciated! - wjs - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: CERT Vulnerability Note VU#204710 on Tomcat 3.x
Thanks Jess for replying to this. If I recall correctly the vulnerability was in the handling for a request for status via the AJP12 connector which continues to be used as the default shutdown mechanism. The report mentions a new DOS attack, but fails to note that if a remote attacker has access to this port, the attacker can shutdown Tomcat as well. Since the need to restrict access to the server's shutdown port is nothing new, no changes were made to address the report. Cheers, Larry -Original Message- From: Jess Holle [mailto:[EMAIL PROTECTED] Sent: Monday, March 21, 2005 7:42 PM To: Tomcat Users List Subject: Re: CERT Vulnerability Note VU#204710 on Tomcat 3.x This vulnerability note has to be amongst the most vague and least informative I've ever seen. It says that Tomcat 3.x and AJP12 has an issue and that the issue is not present in Tomcat 5. What about Tomcat 4 and 4.1? What about AJP13? The report simply does not address any of these variations. On the other hand, any production installation should block communication on the AJP 12 or AJP13 port except where it is coming from Apache. This completely addresses the vulnerability irrespective of version. -- Jess Holle [EMAIL PROTECTED] wrote: Hi, CERT released a vulnerability note on Tomcat 3.x last week. See the following url for details: http://www.kb.cert.org/vuls/id/204710 We are running two configurations of Apache and Tomcat: Apache v1.3.27 with Tomcat v4.1.29 Apache v1.3.27 with Tomcat v4.0.6 I'm trying to determine if these versions of Tomcat are vulnerable. Can anyone confirm or deny? If you like, respond to summers_ed () emc ! com Thanks, Ed - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Getting other Sessions
Michael Greer wrote: List servers = MBeanServerFactory.findMBeanServer(null); MBeanServer server = (MBeanServer)servers.get(0); ObjectName objName = new ObjectName(Catalina:type=Manager,path=/contextPath,host=localhost); String sessionIds = (String)server.invoke(objName,listSessionIds,null, null); You can get the rest by each sessionId. How do I get a refrence to the Session once I have the id? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: tomcat 5.0.25 question
David and Lionel, Thank you both for your input. I think I am going to experiment with upgrading to jdk 1.5 in development to see how it works. I'll post my results just in case anyone else ever has this issue. Eric -Original Message- From: David Smith [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 11:25 AM To: Tomcat Users List Subject: Re: tomcat 5.0.25 question I have it working here on Tomcat 5.0.x, JDK 5, WinXP -- no problems to note so far and I installed it from a binary download. The only gotcha that I know about is you can't build for JDK 5 and then use it on JDK 1.4.x --David Lionel Farbos wrote: I don't know where you can find more details ... but Tomcat 5.0.x is built for jdk1.4 So, I don't think you can use jdk1.5 with it... On Wed, 23 Mar 2005 09:32:28 -0800 Eric Moreo [EMAIL PROTECTED] wrote: Hello, Last year I downloaded the Tomcat 5.0.25 binary for Solaris and installed it with java sdk 1.4.2. I now want to upgrade to the java sdk 1.5 but I don't want to upgrade Tomcat yet. I am trying to determine if this upgrade will affect my version of Tomcat. One piece of information that I cannot find on the Tomcat website is information about how the Tomcat binaries were built. Specifically, was it compiled using the java compiler from sdk 1.4, 1.5 or some other version of the sdk? If my version of Tomcat was built with javac from the java sdk 1.5 then I know my upgrade should go smoothly. If anyone knows where I can find the details of how the Tomcat binaries were built it would be greatly appreciated. Thanks, Eric Moreo Web Developer Art Center College of Design x2392 [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: CERT Vulnerability Note VU#204710 on Tomcat 3.x
I had not even thought of that. So yet another issue with the original report Larry Isaacs wrote: Thanks Jess for replying to this. If I recall correctly the vulnerability was in the handling for a request for status via the AJP12 connector which continues to be used as the default shutdown mechanism. The report mentions a new DOS attack, but fails to note that if a remote attacker has access to this port, the attacker can shutdown Tomcat as well. Since the need to restrict access to the server's shutdown port is nothing new, no changes were made to address the report. Cheers, Larry -Original Message- From: Jess Holle [mailto:[EMAIL PROTECTED] Sent: Monday, March 21, 2005 7:42 PM To: Tomcat Users List Subject: Re: CERT Vulnerability Note VU#204710 on Tomcat 3.x This vulnerability note has to be amongst the most vague and least informative I've ever seen. It says that Tomcat 3.x and AJP12 has an issue and that the issue is not present in Tomcat 5. What about Tomcat 4 and 4.1? What about AJP13? The report simply does not address any of these variations. On the other hand, any production installation should block communication on the AJP 12 or AJP13 port except where it is coming from Apache. This completely addresses the vulnerability irrespective of version. -- Jess Holle [EMAIL PROTECTED] wrote: Hi, CERT released a vulnerability note on Tomcat 3.x last week. See the following url for details: http://www.kb.cert.org/vuls/id/204710 We are running two configurations of Apache and Tomcat: Apache v1.3.27 with Tomcat v4.1.29 Apache v1.3.27 with Tomcat v4.0.6 I'm trying to determine if these versions of Tomcat are vulnerable. Can anyone confirm or deny? If you like, respond to summers_ed () emc ! com Thanks, Ed - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Filter-mapping
I've created a toy filter and servlet to experiment with filters in Tomcat 5.0.28. If I map the filter to the servlet like this filter-mapping ... dispatcherERROR/dispatcher ... /filter-mapping and invoke the following JSP %@ page errorPage=/filtex-dummy.do % ${10%0} %-- throw exception --% then the servlet executes but the filter does not. If I change the mapping to filter-mapping ... dispatcherFORWARD/dispatcher ... /filter-mapping then both the filter and the servlet execute. A lengthy search seems to indicate that other folks have encountered this, but I can't determine whether it's a bug or just a misunderstanding of the standard. If it's my misunderstanding, please point me to an explanation of when dispatcherERROR/dispatcher will cause the filter to execute. Note: the v2.4 servlet spec seems to indicate that the filter-mapping must use url-pattern when dispatcher has a value of ERROR, but I tried both servlet-name and url-pattern with no apparent difference in behavior. Thanks in advance and best regards, Steve Farmer - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JasperException, JSP calling wrong overloaded method
I have a custom tag MessageTag that has an overloaded setValue method. It is being used like this. title fmt:message value=exception.title / /title Instead of calling the setValue(String v) method, the generated code for the JSP is calling _jspx_th_fmt_message_0.setValue( (com.cisco.tims.utils.MessageBundle.Descriptor) org.apache.jasper.runtime.JspRuntimeLibrary.getValueFromPropertyEditorManager( com.cisco.tims.utils.MessageBundle.Descriptor.class, value, exception.title) ); The exception stacktrace starts like this org.apache.jasper.JasperException: jsp.error.beans.property.conversion at org.apache.jasper.runtime.JspRuntimeLibrary.getValueFromPropertyEditorManager(JspRuntimeLibrary.java:885) at org.apache.jsp.jsp.exception_jsp._jspx_meth_fmt_message_0(exception_jsp.java:329) at org.apache.jsp.jsp.exception_jsp._jspService(exception_jsp.java:132) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:94) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) I would have expected the generated code to be _jspx_th_fmt_message_0.setValue(exception.title) Oddly, this code works fine on a Mac OSX machine and a Solaris machine. I'm only seeing this error on my Thinkpad, which is running a customized RedHat Enterprise Linux install. I've tried running with Tomcat 5.0.28 and 5.0.30. I've also tried both IBM's and Sun's JDK 1.4.2. Same error with every combination. Are overloaded setters like this supported? If so, any pointers on where to turn next to troubleshoot this problem? I've killed a day on it, and I'm out of ideas. I'm hoping that I've just misconfigured something that's easy to overlook in my Tomcat installation. -- Tom Bryan Test Information Systems Central Engineering Services Cisco Systems USA NC RTP - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
unicode ??
Hi I have a stupid question to ask. Does Tomcat 5.5 supports UTF-8 encoding format ? thanks regards Gaurav Arora __ Do you Yahoo!? Yahoo! Small Business - Try our new resources site! http://smallbusiness.yahoo.com/resources/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: unicode ??
yup -Tim Gaurav Arora wrote: Hi I have a stupid question to ask. Does Tomcat 5.5 supports UTF-8 encoding format ? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JasperException, JSP calling wrong overloaded method
You shouldn't overload settors which act as beans or you'll get this problem. -Tim Tom Bryan wrote: I have a custom tag MessageTag that has an overloaded setValue method. It is being used like this. title fmt:message value=exception.title / /title Instead of calling the setValue(String v) method, the generated code for the JSP is calling _jspx_th_fmt_message_0.setValue( (com.cisco.tims.utils.MessageBundle.Descriptor) org.apache.jasper.runtime.JspRuntimeLibrary.getValueFromPropertyEditorManager( com.cisco.tims.utils.MessageBundle.Descriptor.class, value, exception.title) ); The exception stacktrace starts like this org.apache.jasper.JasperException: jsp.error.beans.property.conversion at org.apache.jasper.runtime.JspRuntimeLibrary.getValueFromPropertyEditorManager(JspRuntimeLibrary.java:885) at org.apache.jsp.jsp.exception_jsp._jspx_meth_fmt_message_0(exception_jsp.java:329) at org.apache.jsp.jsp.exception_jsp._jspService(exception_jsp.java:132) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:94) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) I would have expected the generated code to be _jspx_th_fmt_message_0.setValue(exception.title) Oddly, this code works fine on a Mac OSX machine and a Solaris machine. I'm only seeing this error on my Thinkpad, which is running a customized RedHat Enterprise Linux install. I've tried running with Tomcat 5.0.28 and 5.0.30. I've also tried both IBM's and Sun's JDK 1.4.2. Same error with every combination. Are overloaded setters like this supported? If so, any pointers on where to turn next to troubleshoot this problem? I've killed a day on it, and I'm out of ideas. I'm hoping that I've just misconfigured something that's easy to overlook in my Tomcat installation. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: FW: RE: Tomcat 5.5.7+JRockit = windows service won't start
From: Caldarale, Charles R [EMAIL PROTECTED] Subject: RE: Tomcat 5.5.7+JRockit = windows service won't start Date: Tue, 15 Mar 2005 14:40:33 -0600 That's odd, since the -Xrs is in my registry entry, albeit this is with an older Tomcat level. - Chuck No, the -Xrs is not available in the registry using the tomcat5 with 5.5.7 (or any version since 5.0.22 it seems). In the related Bugzilla entry (http://issues.apache.org/bugzilla/show_bug.cgi?id=33777) Mladen Turk states 'If you wish to use JRockit then simply update your params'. What does this mean? Was this also a reference to the registry params? I tried using tomcat/tomcat5 from older versions with 5.5.7 with no success. Is this a possible workaround? Do I need to also regress the bootstrap.jar (and/or others)? Brad - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How to edit and automatically upload to a servlet ???
Howdy, I am using tomcat and the jakarta commons fileupload utilities. I can upload a file and store it in the db, then download it and have it come up in the appropriate editor for its mime type. What I want to do is, when I download it, and it opens in its editor- I want to reupload it toa servlet that updates the database with the changes. I have the servlet, but how do I get the file to automatically upload after the editing is done John McClain Senior Software Engineer TCS Healthcare [EMAIL PROTECTED] (530)886-1700x235 Before you criticize someone, walk a mile in their shoes. That way, you'll be a mile from them, and you'll have their shoes. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Wild Card Hosting
On Wed, Mar 23, 2005 at 11:42:09AM -0700, George Sexton wrote: : Does anyone know if Tomcat supports Wild card hosting? Can I specify a : pattern say : : *.domain.com : : And have all requests get forwarded to a specific host? Not possible with a stock Tomcat install. Perhaps possible with some source tweakage, but then you have the fun of running a custom install. -QM -- software -- http://www.brandxdev.net/ tech news -- http://www.RoarNetworX.com/ code scan -- http://www.JxRef.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: clientAuth=true; non-SSL?
On Wed, Mar 23, 2005 at 01:21:11PM -0800, Sweeney, Bill wrote: : The question is this: Do I need an SSL connection in order to get : Tomcat to force the presentation of a client side certificate? In other : words, I only want to force authentication, not wrap the connection in : SSL. If you want to force authentication using certs (which is what clientAuth is all about) then I don't see a way around SSL. The cert exchange takes place during the SSL handshake. If you want to just protect access to certain areas of the webapp, check the Tomcat docs for realms and skim the servlet spec for FORM authentication. -QM -- software -- http://www.brandxdev.net/ tech news -- http://www.RoarNetworX.com/ code scan -- http://www.JxRef.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Address localhost:8080 already in use
Here is a big problem that I've run into so many times. I run start tomcat. And then by accident I start it again while it is running. After that I can't shut it down again. And if I try to run it it says the address is in use. Have someone found any solution to this problem? Any suggestions would be appreciated. /Fredrik - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Address localhost:8080 already in use
Reboot ! -Original Message- From: Fredrik Liden [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 7:30 PM To: Tomcat Users List Subject: Address localhost:8080 already in use Here is a big problem that I've run into so many times. I run start tomcat. And then by accident I start it again while it is running. After that I can't shut it down again. And if I try to run it it says the address is in use. Have someone found any solution to this problem? Any suggestions would be appreciated. /Fredrik - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[QUAR]Re: clientAuth=true; non-SSL?
Thanks QM - Agreed. No way around SSL, as the client certificate request is dependent on the SSL handshake. For those in the list who have followed these links while building their own keystores and self signed certs and client certs for authentication: http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/http.html#SSL%20S upport http://java.sun.com/webservices/docs/1.1/tutorial/doc/WebAppSecurity5.ht ml http://java.sun.com/j2se/1.4.2/docs/tooldocs/solaris/keytool.html#genkey Cmd http://mark.foster.cc/kb/openssl-keytool.html I needed to add to the Java Options: -Djavax.net.ssl.trustStore=[path to]\myClient.keystore -Djavax.net.ssl.trustStorePassword=mypassword Else the server was not finding the client.keystore and was throwing bad_certificate errors. Now works fine. Tested in IE6 and Firefox. - wjs -Original Message- From: QM [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 7:10 PM To: Tomcat Users List Subject: [QUAR]Re: clientAuth=true; non-SSL? On Wed, Mar 23, 2005 at 01:21:11PM -0800, Sweeney, Bill wrote: : The question is this: Do I need an SSL connection in order to get : Tomcat to force the presentation of a client side certificate? In other : words, I only want to force authentication, not wrap the connection in : SSL. If you want to force authentication using certs (which is what clientAuth is all about) then I don't see a way around SSL. The cert exchange takes place during the SSL handshake. If you want to just protect access to certain areas of the webapp, check the Tomcat docs for realms and skim the servlet spec for FORM authentication. -QM -- software -- http://www.brandxdev.net/ tech news -- http://www.RoarNetworX.com/ code scan -- http://www.JxRef.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Address localhost:8080 already in use
I killed the java processes that were bound to 8080 but there must be a better way. I'm sure I'm not the only one that accidentally tried to start tomcat 2 times. -Original Message- From: Folashade Adeyosoye [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 4:42 PM To: 'Tomcat Users List' Subject: RE: Address localhost:8080 already in use Reboot ! -Original Message- From: Fredrik Liden [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 7:30 PM To: Tomcat Users List Subject: Address localhost:8080 already in use Here is a big problem that I've run into so many times. I run start tomcat. And then by accident I start it again while it is running. After that I can't shut it down again. And if I try to run it it says the address is in use. Have someone found any solution to this problem? Any suggestions would be appreciated. /Fredrik - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [QUAR]RE: Address localhost:8080 already in use
try %catalina_home%\bin\catalina stop Has always worked for me. - wjs -Original Message- From: Fredrik Liden [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 7:52 PM To: Tomcat Users List Subject: [QUAR]RE: Address localhost:8080 already in use I killed the java processes that were bound to 8080 but there must be a better way. I'm sure I'm not the only one that accidentally tried to start tomcat 2 times. -Original Message- From: Folashade Adeyosoye [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 4:42 PM To: 'Tomcat Users List' Subject: RE: Address localhost:8080 already in use Reboot ! -Original Message- From: Fredrik Liden [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 7:30 PM To: Tomcat Users List Subject: Address localhost:8080 already in use Here is a big problem that I've run into so many times. I run start tomcat. And then by accident I start it again while it is running. After that I can't shut it down again. And if I try to run it it says the address is in use. Have someone found any solution to this problem? Any suggestions would be appreciated. /Fredrik - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [QUAR]Re: clientAuth=true; non-SSL?
You may not be able to get around SSL, but you can go through it, so to speak. If you want cert-based authentication but you don't want to pay the overhead price for crypto processing, or you want your session to be accessible to third party systems, then you should be able to configure SSL or TLS with null values for the encryption algorithm and Message Authentication Code (MAC) (aka hash) algorithm. This is the default way that SSL/TLS work until the handshake protocol negotiates a cypherspec to use. By specifying null values in the cypherspec you can cause the record layer protocol (the underlying transport layer in SSL/TLS) to pass the application protocol in the clear just as it does the handshake protocol during cypherspec negotiation. I'm just learning Tomcat, so I can't tell you how to do this in Tomcat. But I'm very familiar with the SSL and TLS protocol specs, and I know they support null cypherspecs. Hopefully there's a way to configure that in Tomcat- or if it's really important you could try hacking the code. -Mark Sweeney, Bill wrote: Thanks QM - Agreed. No way around SSL, as the client certificate request is dependent on the SSL handshake. For those in the list who have followed these links while building their own keystores and self signed certs and client certs for authentication: http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/http.html#SSL%20S upport http://java.sun.com/webservices/docs/1.1/tutorial/doc/WebAppSecurity5.ht ml http://java.sun.com/j2se/1.4.2/docs/tooldocs/solaris/keytool.html#genkey Cmd http://mark.foster.cc/kb/openssl-keytool.html I needed to add to the Java Options: -Djavax.net.ssl.trustStore=[path to]\myClient.keystore -Djavax.net.ssl.trustStorePassword=mypassword Else the server was not finding the client.keystore and was throwing bad_certificate errors. Now works fine. Tested in IE6 and Firefox. - wjs -Original Message- From: QM [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 7:10 PM To: Tomcat Users List Subject: [QUAR]Re: clientAuth=true; non-SSL? On Wed, Mar 23, 2005 at 01:21:11PM -0800, Sweeney, Bill wrote: : The question is this: Do I need an SSL connection in order to get : Tomcat to force the presentation of a client side certificate? In other : words, I only want to force authentication, not wrap the connection in : SSL. If you want to force authentication using certs (which is what clientAuth is all about) then I don't see a way around SSL. The cert exchange takes place during the SSL handshake. If you want to just protect access to certain areas of the webapp, check the Tomcat docs for realms and skim the servlet spec for FORM authentication. -QM - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How does Tomcat interact with filesystem file permissions
I'm curious to know how Tomcat interacts with file permissions in the native filesystem. For example, I'm running Tomcat 5.5 on Windows XP SP2 as a service under the Local System account. I'm also using Tagisj JAAS as a JAAS Realm so Tomcat can use my XP credentials. I have my default context set to a directory with some static HTML content. I also have folders in that directory that have reestricted permissions to certain groups I have defined in XP. However, just hitting my website as an anonymous user, Tomcat willingly lets people into those folders. Instead, I've had to put security constraints in my web.xml listing the groups that I wanted the folders restricted to. So is all file access from the DefaultServlet performed as the Local System account? Regards, Brian. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: ugly urls
Don't know if this will help you or not, but Web Services Description Language (WSDL) provides a standard way to create URLs that encode parameters passed to web apps. If you need to publish your web app URLs or make them available to lots of people, or if clients want to programmatically ingest your published URLs, WSDL can be a convenient mechanism. Most people think of the SOAP bindings that describe web services when they think of WSDL, but it also provides HTTP bindings for exposing web apps. Go to http://www.w3.org/TR/wsdl#_http and see Section 4. Excerpt below. 4. HTTP GET POST Binding WSDL includes a binding for HTTP 1.1's GET and POST verbs in order to describe the interaction between a Web Browser and a web site. This allows applications other than Web Browsers to interact with the site. The following protocol specific information may be specified: * An indication that a binding uses HTTP GET or POST * An address for the port * A relative address for each operation (relative to the base address defined by the port) 4.1 HTTP GET/POST Examples The following example shows three ports that are bound differently for a given port type. If the values being passed are part1=1, part2=2, part3=3, the request format would be as follows for each port: port1: GET, URL=http://example.com/o1/A1B2/3; port2: GET, URL=http://example.com/o1?p1=1p2=2p3=3 port3: POST, URL=http://example.com/o1;, PAYLOAD=p1=1p2=2p3=3 Hein Behrens wrote: http://tuckey.org/urlrewrite/ Does the same for Tomcat. No need for Apache - Original Message - From: Jason Bainbridge [EMAIL PROTECTED] To: Tomcat Users List tomcat-user@jakarta.apache.org Sent: Wednesday, March 23, 2005 6:45 PM Subject: Re: ugly urls On Wed, 23 Mar 2005 16:47:19 +, Didier McGillis [EMAIL PROTECTED] wrote: Hi everyone I wanted to see if in JSP or Tomcat there was an easy way to transform ugly urls into pretty urls. So taking category.jsp?catid=12type=2 and changing it to category/catid/12/type/2? Best way would be to put Apache (Webserver) in front of tomcat and then use mod_rewrite rules. Regards, -- Jason Bainbridge http://kde.org - [EMAIL PROTECTED] Personal Site - http://jasonbainbridge.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How does Tomcat interact with filesystem file permissions
On Wed, 23 Mar 2005 20:38:31 -0500, Brian J. Sayatovic [EMAIL PROTECTED] wrote: So is all file access from the DefaultServlet performed as the Local System account? Sure is and running any service like Tomcat as LocalSystem is a bad idea, you should create either a domain or local account (some companies prefer domain accounts as it is easier to manage) that only has the bare necessity of permissions to run Tomcat. I just went through this exercise myself and still need to document exactly what I did as I couldn't find any online resources about it. I have never used or heard of Tagisj JAAS though but that does sound like something that would be worthwhile looking into. Regards, -- Jason Bainbridge http://kde.org - [EMAIL PROTECTED] Personal Site - http://jasonbainbridge.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Wild Card Hosting
I'll try looking through the alias handling code and see how hard it would be to come up with something to cover it. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: QM [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 5:09 PM To: Tomcat Users List Subject: Re: Wild Card Hosting On Wed, Mar 23, 2005 at 11:42:09AM -0700, George Sexton wrote: : Does anyone know if Tomcat supports Wild card hosting? Can I specify a : pattern say : : *.domain.com : : And have all requests get forwarded to a specific host? Not possible with a stock Tomcat install. Perhaps possible with some source tweakage, but then you have the fun of running a custom install. -QM -- software -- http://www.brandxdev.net/ tech news -- http://www.RoarNetworX.com/ code scan -- http://www.JxRef.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: DIGEST authentication; Does it work??
When all else fails, look at the source code (Dave, thanks for the suggestion). There is no support for SHA-1 in Tomcat's implementation of DigestAuthenticator. It should be easy enough to implement, provided the core JDK supports the creation of an instance of java.security.MessageDigest that is implemented with SHA-1. I'll give this a try tomorrow- no midnight java tonight. -Mark Mark Leone wrote: Dave, thanks very much for your help. Unfortunately, the passage you quoted is referring to how the password is digested when it is stored in the realm. This is working fine for me, and I've been able to configure it to use SHA-1 or MD-5 algorithms by setting the digest attribute in the realm/ element to either SHA or MD5, which are the appropriate keywords to identify those algorithms. What I described above works fine when I select BASIC authentication by putting the following in my web.xml login-config auth-methodBASIC/auth-method realm-nameJDBCRealm/realm-name /login-config However, I change BASIC above to DIGEST to induce the server to tell the client that DIGEST authentication is required, meaning that instead of sending the username and password as a Base64 encoded text string, which anyone can decode and thereby compromise the user's credentials, it will send a hash of the username and password, with a random value and a sequence counter generated by the server also included as an input to the hash function. This of course is a much more secure way to send login credentials. According to the spec that governs DIGEST access authentication (rfc2617), if the server does not explicitly specify a hash algorithm in the www-authenticate header of the HTTP response message (status 401- unauthorized), it defaults to MD5. So after much thrashing around, I discovered that I could only get DIGEST authentication to work by specifying MD-5 in the realm/ digest attribute, and then letting the client default to using MD5 for the DIGEST authentication algorithm, since Tomcat is not specifying the algorithm in the HTTP header (which I verified with an HTTP monitor tool). What I would LIKE to do is use SHA-1, since it's a more secure algorithm (and because I have engineer's disease, and I have to figure out how to do something even if there's an almost-as-good alternative). I know I can set the realm/ digest attribute to SHA-1, but I don't know how I cant tell Tomcat to require SHA-1 algorithm in the www-authenticate response header. I found a method that does this org.apache.catalina.authenticator.DigestAuthenticator.setAuthenticateHeader() But I'd like to do it with a configuration parameter. I've looked thorough all the Tomcat docs, and I see nothing that appears to do this. I opened the Servlet spec and looked at the XSD for the web.xml document, and there appears to be nothing there that can set the DIGEST algorithm. Perhaps it can be set in the server.xml file. I'm going to look for that XSD next, but if anyone knows off-hand what the parameter is, please enlighten me. If there's not a configuration parameter, could someone tell me how to do this programmatically? I'm fairly new to Tomcat, and I think I can figure out how to get access to the aforementioned setAuthenticateHeader() method in the servlet context, but I don't know how to make the container do that for the duration of a browser session, as opposed to setting the www-authenticate header every time my JSP or servlet is called. -Mark David Owens wrote: The docs say this: When a standard realm authenticates by retrieving the stored password and comparing it with the value presented by the user, you can select digested passwords by specifying the *digest* attribute on your Realm element. The value for this attribute must be one of the digest algorithms supported by the java.security.MessageDigest class (SHA, MD2, or MD5). When you select this option, the contents of the password that is stored in the Realm must be the cleartext version of the password, as digested by the specified algorithm. I have starred the word digest. If you look at the source for the page you will notice the word digest is in code tags, and I think they are trying to indicate this is a key word you can use in the realm tag. Let us know if this works for you. |)ave -Original Message- From: Mark Leone [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 1:53 AM To: Tomcat Users List Subject: Re: DIGEST authentication; Does it work?? So at 3:00 AM I decided to read the Basic and Digest Access Authentication spec (RFC 2617), and it says that MD5 is the default hash algorithm. I had previously seen that Tomcat wasn't sending any response headers explicitly specifying the hash algorithm, even though I had specified SHA in the realm/ element in Server.xml. So I changed my digest algorithm for the realm to MD5, and DIGEST authentication is now working. I'd like to make it work with SHA-1. I've looked all through the
Re: ugly urls
- Original Message - From: Mark Leone [EMAIL PROTECTED] To: Tomcat Users List tomcat-user@jakarta.apache.org Sent: Thursday, March 24, 2005 2:46 AM Subject: Re: ugly urls Don't know if this will help you or not, but Web Services Description Language (WSDL) provides a standard way to create URLs that encode parameters passed to web apps. If you need to publish your web app URLs or make them available to lots of people, or if clients want to programmatically ingest your published URLs, WSDL can be a convenient mechanism. Most people think of the SOAP bindings that describe web services when they think of WSDL, but it also provides HTTP bindings for exposing web apps. Go to http://www.w3.org/TR/wsdl#_http and see Section 4. Excerpt below. 4. HTTP GET POST Binding WSDL includes a binding for HTTP 1.1's GET and POST verbs in order to describe the interaction between a Web Browser and a web site. This allows applications other than Web Browsers to interact with the site. The following protocol specific information may be specified: * An indication that a binding uses HTTP GET or POST * An address for the port * A relative address for each operation (relative to the base address defined by the port) 4.1 HTTP GET/POST Examples The following example shows three ports that are bound differently for a given port type. If the values being passed are part1=1, part2=2, part3=3, the request format would be as follows for each port: port1: GET, URL=http://example.com/o1/A1B2/3; port2: GET, URL=http://example.com/o1?p1=1p2=2p3=3 port3: POST, URL=http://example.com/o1;, PAYLOAD=p1=1p2=2p3=3 Hein Behrens wrote: http://tuckey.org/urlrewrite/ Does the same for Tomcat. No need for Apache - Original Message - From: Jason Bainbridge [EMAIL PROTECTED] To: Tomcat Users List tomcat-user@jakarta.apache.org Sent: Wednesday, March 23, 2005 6:45 PM Subject: Re: ugly urls On Wed, 23 Mar 2005 16:47:19 +, Didier McGillis [EMAIL PROTECTED] wrote: Hi everyone I wanted to see if in JSP or Tomcat there was an easy way to transform ugly urls into pretty urls. So taking category.jsp?catid=12type=2 and changing it to category/catid/12/type/2? Best way would be to put Apache (Webserver) in front of tomcat and then use mod_rewrite rules. Regards, -- Jason Bainbridge http://kde.org - [EMAIL PROTECTED] Personal Site - http://jasonbainbridge.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]