Detect Cookie Rejection
Does anyone know of a way to detect when cookies are not accepted by a browser. My site uses session cookies and I'd like to be able to redirect people somewhere to tell them that the site requires cookies and what to do to activate them... I'm sure that someone else has already solved this problem. Any ideas? Cavan Morris -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Which Apache-To-Tomcat Connector
I've recently done some benchmarking on mod_webapp and I wasn't too impressed. I am using it anyway though until I can compare to something better. The upshot was this. Apache+tomcat was taking 5 times as long to serve a request as tomcat standalone was. Also, Apache+tomcat would choke on concurrent requests; sometimes requiring an apache restart... Bad. It seams to me that Apache+tomcat should take on the order of the time it takes apache to handle a request plus the time it takes tomcat to handle a request since that is basically what happens. Of course that's just my though without knowing any of the technical details at all. I could be an idiot. I'd be interested if anyone has performance data for the other connectors. I used the apache ab to get my data. I compared my host through apache and my host standalone over 100 request and got under 20 requests per second with apache and over 100 requests / sec standalone. Cavan Morris - Original Message - From: Anthony W. Marino [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, April 23, 2002 4:02 PM Subject: Which Apache-To-Tomcat Connector Any reason for using AJP14 over AJP13? And what about mod_webapp? Thanks in advance, Anthony -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Help with user-data-constraint
Hey Guys, Is anybody successfully using user-data-constraint in tomcat 4 web.xml? I've tried the following: security-constraint web-resource-collection web-resource-nameSSL Area/web-resource-name url-pattern/user/*/url-pattern /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint Any security-constraint that I include a user-data-constraint in seems to be completely ignored. Has anybody been able to make this work? -Cavan Morris
Any mod_webapp + user-data-constraint gotchas in 4.0?
Hey guys, I'm getting ready to go live with my webapp and need to ensure confidentiality on my credit card billing page. I'm running Tomcat 4.0.2 on Redhat 7.2 with apache 2.0.32 and mod_webapp 1.0.2. I just got my ssl certificate from verisign and set up apache to require ssl on port 443. HTTPS request to the site work great. I am trying to user the following security constraint in my web.xml to require ssl in certain areas. security-constraint web-resource-collection web-resource-nameSSL Area/web-resource-name url-pattern/user/*/url-pattern /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint I also set the redirect port on my warp connector like so in server.xml Connector className=org.apache.catalina.connector.warp.WarpConnector port=8008 minProcessors=5 maxProcessors=75 enableLookups=false redirectPort=443 acceptCount=10 debug=0/ The result... Absolutely Nothing. The changes have no discernable effect, /user/* is not redirected. It may be important to note that I also have a standalone HTTP connector running that does is set to redirect to port 8443 but the site is being accessed through the warp connector. What am I missing here?? Any thoughts on this would be very helpful. -Cavan Morris -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: Linking Apache 2 and Tomcat 4.0.3
I don't believe the mod_webapp binaries were built for apache 2.0. Apache 2 uses a new module api and modules for 1.3 are incompatible. You will probably have to build mod_webapp.so from source. Doing that for apache 2 can be a tricky process though. It would be nice if future releases would include binaries for 2.0 since that is now the official version of apache. -Cavan Morris - Original Message - From: Ken Miller [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Friday, April 19, 2002 5:26 PM Subject: RE: Linking Apache 2 and Tomcat 4.0.3 I got (found it) the mod_webapp.so module and have it in the /modules directory. I then added the following to httpd.conf: LoadModule webapp_module modules/mod_webapp.so AddModule mod_webapp.c WebAppConnection conn warp localhost:8008 WebAppDeploy examples conn /examples When I add these lines, Apache failes to start. When I comment them out again, Apache starts ok. Am I missing something :) Thanks in advance. Ken -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: Linking Apache 2 and Tomcat 4.0.3
I would, but I did it on Linux and I believe that you're on windows. The directions are actually clear and easy to follow. The problem is that, on my system at least, they don't work. My advice would be to follow the directions and hope for the best. -Cavan Morris - Original Message - From: Ken Miller [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Friday, April 19, 2002 5:43 PM Subject: RE: Linking Apache 2 and Tomcat 4.0.3 Can you tell me how to do it if it is tricky :) I assume you get the source at the same place I got the binary. Thanks. Ken -Original Message- From: Cavan Morris [mailto:[EMAIL PROTECTED]] Sent: Friday, April 19, 2002 5:40 PM To: Tomcat Users List; [EMAIL PROTECTED] Subject: Re: Linking Apache 2 and Tomcat 4.0.3 I don't believe the mod_webapp binaries were built for apache 2.0. Apache 2 uses a new module api and modules for 1.3 are incompatible. You will probably have to build mod_webapp.so from source. Doing that for apache 2 can be a tricky process though. It would be nice if future releases would include binaries for 2.0 since that is now the official version of apache. -Cavan Morris -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: mod_webapp with apache 2.0
Your right about the makefile. I guess what I said before wasn't exactly so. What I ment was that the output of the make command didn't link it shared. What I actually did to fix it was copy the last libtool opperation from the output to the command line, edit it, and rerun it. Here is exactly what I do to build mod_webapp.so. If this doesn't work, contact me directly and I'll send you my binary. tar -xvzf ./webapp-module-1.0.2-tc402-src.tar.gz cd webapp-module-1.0.2-tc402/ ./support/buildconf.sh ./configure --with-apxs=/usr/local/apache2/bin/apxs make This produces some output that I examine for the line which I copy and past and edit to get the .so file. cd apache-2.0/ I copy the following from the output: /usr/local/apache2/build/libtool --silent --mode=link gcc -o mod_webapp.la -rpath /usr/local/apache2/modules -module -avoid-version -I../include -L../lib -lwebapp mod_webapp.lo And edit it like so to produce the last command. The changes I made were after the gcc, I added -shared and changed the name of the output file after -o from mod_webapp.la to mod_webapp.so /usr/local/apache2/build/libtool --silent --mode=link gcc -shared -o mod_webapp.so -rpath /usr/local/apache2/modules -module -avoid-version -I../include -L../lib -lwebapp mod_webapp.lo That is all I had to do... But it did not work with apache 2.0.28. It only worked with apache 2.0.32 Cavan Morris - Original Message - From: John Chan [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Monday, March 04, 2002 10:41 AM Subject: Re: mod_webapp with apache 2.0 Hi... Would you be so kind as to send the makefile you used. I don't really understand how the whole compile process here works. From what I can see, running make (the one generated by configure) only runs apxs... Thanks in advance. Regards, John I believe the makefile is wrong. I had to look at the output of the make command and find a command near the end that was run in the base/apache-2.0 dir that was linking mod_webapp.la. I then copies that command, added the -shared flag and changed the output to mod_webapp.so. This worked for me with apache 2.0.32 but not 2.0.28. - Original Message - From: John Chan [EMAIL PROTECTED] To: Tomcat [EMAIL PROTECTED] Sent: Friday, March 01, 2002 4:27 PM Subject: mod_webapp with apache 2.0 Hi, I'm trying to build webapp on Red Hat 7.2 to use with Apache 2.0. All the documentation refers to the output being a .so file but I don't get one. I get a .o .la .slo and a .lo (which is pointing to the .o file). I took a look at the make file, and it doesn't make any mention of .so. I also tried a couple different versions of libtool (shot in the dark) but no go. Not being very knowledgeable in this matter, is there a problem or is this the expected output. Thanks. John -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Help? tomcat 4.0.2 and jdk1.4 with poolman
Hey everybody, I've been running tomcat 4.0.2 with jdk 1.3.1 and poolman 2.0.4 supported JDBC Realms for a while now with no problems. I recently tried to switch to jdk 1.4 (Something that I think I need to do for it's Headless support on my Linux box) and it gave me the following exception on startup. java.lang.NullPointerException at com.codestudio.management.PoolManConfiguration.parseXML(PoolManConfiguration.java:117) at com.codestudio.management.PoolManConfiguration.loadConfiguration(PoolManConfiguration.java:75) at com.codestudio.management.PoolManBootstrap.init(PoolManBootstrap.java:61) at com.codestudio.util.SQLManager.assertLoaded(SQLManager.java:109) at com.codestudio.util.SQLManager.requestConnection(SQLManager.java:190) at com.codestudio.sql.PoolMan.connect(PoolMan.java:184) at org.apache.catalina.realm.JDBCRealm.open(JDBCRealm.java:548) at org.apache.catalina.realm.JDBCRealm.start(JDBCRealm.java:613) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1108) at org.apache.catalina.core.StandardContext.start(StandardContext.java:3345) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1123) at org.apache.catalina.core.StandardHost.start(StandardHost.java:614) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1123) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:343) at org.apache.catalina.core.StandardService.start(StandardService.java:388) at org.apache.catalina.core.StandardServer.start(StandardServer.java:506) at org.apache.catalina.startup.Catalina.start(Catalina.java:781) at org.apache.catalina.startup.Catalina.execute(Catalina.java:681) at org.apache.catalina.startup.Catalina.process(Catalina.java:179) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:42) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:28) at java.lang.reflect.Method.invoke(Method.java:327) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:243) Line 117 of PoolManConfiguration.java is the following. URL confURL = PoolManConfiguration.class.getClassLoader().getResource(configFile); It's basically trying to load poolman.xml from common/classes. It looks like it's having a major problem with the classloader. I.e., PoolManConfiguration.class.getClassLoader() is what is null. I've checked this with some println()'s. The strange thing is that this is not simply due to the change from jdk1.3.1 to jdk1.4 because I can run tomcat 4.0.1 with the same configuration with no problems. Incidentally, I have to use 4.0.2 because I need to use the error-page element in my application and it is broken in 4.0.1. Does anyone have any idea what changed in both tomcat and the jdk from versions 4.0.1 and 1.3.1 to versions 4.0.2 and 1.4 that would account for this? Does anyone know of an easy way to fix the error-page problem in 4.0.1? If so I'll just use that. If not I'll have to investigate another connection pooler for MySQL. Any ideas on that? Hope I hear from you guys. Cavan Morris
Re: mod_webapp with apache 2.0
I believe the makefile is wrong. I had to look at the output of the make command and find a command near the end that was run in the base/apache-2.0 dir that was linking mod_webapp.la. I then copies that command, added the -shared flag and changed the output to mod_webapp.so. This worked for me with apache 2.0.32 but not 2.0.28. - Original Message - From: John Chan [EMAIL PROTECTED] To: Tomcat [EMAIL PROTECTED] Sent: Friday, March 01, 2002 4:27 PM Subject: mod_webapp with apache 2.0 Hi, I'm trying to build webapp on Red Hat 7.2 to use with Apache 2.0. All the documentation refers to the output being a .so file but I don't get one. I get a .o .la .slo and a .lo (which is pointing to the .o file). I took a look at the make file, and it doesn't make any mention of .so. I also tried a couple different versions of libtool (shot in the dark) but no go. Not being very knowledgeable in this matter, is there a problem or is this the expected output. Thanks. John -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: JAVA Process on Solaris 8 is taking 52M
I think that the amount of mem used will be dependent on the webapps that are loaded. I seem to remember running at about 8 MB at one point. I've since added a 12 MB war file and am now at about 22 MB. As far as the difference between win2000 and Solaris I'm not 100% sure but I know that on Linux each java thread is shown using the amount of mem of the full server. So if I've got 5 threads running at 22 MB it looks like tomcat is using about 110 MB. In actuality it's only the 22 MB being counted 5 times. Solaris may do something similar. - Original Message - From: Randy Layman [EMAIL PROTECTED] To: 'Tomcat Users List' [EMAIL PROTECTED] Sent: Wednesday, January 30, 2002 6:30 AM Subject: RE: JAVA Process on Solaris 8 is taking 52M 52MB is a little on the low side for out installations, and I've never seen Tomcat run with 8MB. Does the Win2K system actually work? Randy -Original Message- From: Tamim, Samir [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 30, 2002 10:06 AM To: 'Tomcat Users List' Subject: JAVA Process on Solaris 8 is taking 52M Hi everybody, Did install tomcat with the WARP Connector to Apache on Solaris 8 and Windows 2000. The JAVA.EXE (tomcat process) is taking 8Mb on Windows 2000 and 52Mb on Solaris. Is it normal Thanks, Sam -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Alternate Page for HTTP Status 403?
Hey everybody, I'd like to be able to have tomcat respond with a custom page instead of just returning the Tomcat HTTP Status 403 error page. Does anyone know if this is possible? Does anyone have any ideas on this? I'm using Tomcat 4.0.1. Thanks for you help. -Cavan Morris -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: can't access to MySQLfrom java on Linux RedHat 7
The example of the JDBC realm for MySQL that comes with Tomcat is incorrect. The correct method is below. Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://host/db connectionName=username connectionPassword=password userTable=userTable userNameCol=userNameCol userCredCol=userCredCol userRoleTable=userRoleTable roleNameCol=roleNameCol / Note that login name and password are separate parameters and are not included in the connectionURL. - Original Message - From: amol [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Tuesday, January 15, 2002 9:05 AM Subject: Re: can't access to MySQLfrom java on Linux RedHat 7 try the string without password it may work - Original Message - From: Sajida Kalsoom [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Tuesday, January 15, 2002 3:00 PM Subject: Re: can't access to MySQLfrom java on Linux RedHat 7 have you tried using IPAddress instead of localhost in connection string ?? and remember to add this IPAddress of your linux box in mysql privileges table . - Original Message - From: Galbayar [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Tuesday, January 15, 2002 2:22 PM Subject: Re: can't access to MySQLfrom java on Linux RedHat 7 My Connection is mysql=DriverManager.getConnection(jdbc:mysql://localhost:3306/mysql?user=ro otpassword=password); and correctly running on Win2000 but can't working on Linux - Original Message - From: Sajida Kalsoom [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Tuesday, January 15, 2002 17:17 Subject: Re: can't access to MySQLfrom java on Linux RedHat 7 add the host name/ipaddress in mysql database named as mysql . - Original Message - From: Galbayar [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Tuesday, January 15, 2002 2:12 PM Subject: can't access to MySQLfrom java on Linux RedHat 7 Hello all? I'm installed JDK,MySQL,Tomcat on Linux RedHat 7 and all services running ok. If i connect to the MySQL from java(use MySQL MM driver) have Server configuration denied access error. How to solve this problem? -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Get active Sessions from webapp
Does anyone know if there's a way to get some kind of a reference to all of the active sessions in a webapp? I just want to know how many Sessions there are. I'd just like to be able to say something like There are currently X Number of users online on some page. -Cavan Morris -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
mod_webapp build problem
Hey Everybody, I'm having trouble building mod_webapp.so v1.0.1 on my redhat 7.2 system. Possibly because my libtool is version 1.4 instead of 1.3something. There is a binary copy of mod_webapp v1.0 at the Jakarta site but only source for v1.0.1. Does anybody know were I can get a binary of v1.0.1? I'm looking for one for both apache 1.3.22 and 2.0.28. It seems to me that these would be good things to have in the binaries dir on the Jakarta site. Are there any plans to add these in the future? Any information would be helpful. Thanks. -Cavan Morris -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: tomcat startup script (AW: Auto starting Tomcat during boot?)
catalina.sh worked fine for me. I think that I may have had to add the path to tomcat to the script though. - Original Message - From: Nelson Yip [EMAIL PROTECTED] To: 'Tomcat Users List' [EMAIL PROTECTED] Sent: Thursday, January 10, 2002 11:52 AM Subject: RE: tomcat startup script (AW: Auto starting Tomcat during boot?) I was wondering why you can't just add a symbolic link in the rc3.d point to Catalina.sh, startup.sh or shutdown.sh. I tried linking those files but it still doesn't work after I restarted the server? But I will give your script a try. Thanks Nelson -Original Message- From: Michael Weissenbacher [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 10, 2002 2:41 PM To: 'Tomcat Users List' Subject: tomcat startup script (AW: Auto starting Tomcat during boot?) i've already mailed this before. this is a tomcat startup/shutdown/control script. place it in /etc/init.d and place a symbolic link S99tomcat to it under /etc/inid.d/rc3.d (and probably rc5.d if you start graphical) for startup and a symbolic link K99tomcat for stopping tomcat on shutdown. don't forget to set it executable. edit the variables in the beginning of the script to match your path and your port settings. specify a user under which tomcat will be started (normally user tomcat). then insert the line: START_TOMCAT=yes in /etc/rc.config (note: script tested only with SuSE Linux 7.x but should work elsewhere without problems) have fun! michael -Ursprüngliche Nachricht- Von: Nelson Yip [mailto:[EMAIL PROTECTED]] Gesendet: Donnerstag, 10. Jänner 2002 19:51 An: [EMAIL PROTECTED] Betreff: Auto starting Tomcat during boot? Hi, I've just installed Tomcat 4.0.1 on my Red Hat 7.2 Linux box. Everything works fine but Tomcat won't auto start after a reboot. I added a symbolic link to the Catalina.sh file in my rc3.d level. ln -s /usr/local/bin/tomcat/bin/Catalina.sh S99tomcat Am I doing something wrong? Thanks Nelson -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
mod_webapp/form login problem
I've been trying to use Tomcat 4.0.1/Apache 1.3.22/mod_webapp 1.0. I'm having trouble getting form based login to work through the connector. If I try to use the form login through apache/mod_webapp on port 80 I get my login error page. If I try to go in through tomcat directly on port 8080 everything works fine. Does anyone know if this is because of a bug in mod_webapp 1.0? I have tried to build mod_webapp 1.0.1 from source but have been unsuccessful. I'm doing all of this on Redhat 7.2 for i386. Any one know how to solve this problem? Anyone know where I can find a binary of mod_webapp.so for Linux i386? Any help is appreciated. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: Standard SSL question
When using form based login, how would you instruct tomcat to forward requests to the secure version of the login forms? - Original Message - From: Brian Adams [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Wednesday, January 09, 2002 3:56 PM Subject: RE: Standard SSL question actually you can just use request.isSecure(); it is built in to ServletRequest :) -Original Message- From: Corey A. Johnson [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 09, 2002 5:55 PM To: Tomcat Users List Subject: Re: Standard SSL question I have done something similar.. by checking the start of the String returned by request.getHeader(host) And do a response.semdRedirect to the secure version of the page. if(!request.getHeader(host).startsWith(https:)) response.sendRedirect(https://www.domain.com/securePage.jsp;); Or you can redirect to an error page.. and have it META REFRESH and link to the secure version. Hope that helps. Cj Steve Mactaggart wrote: Hello all, I need to make it that certain pages on the site are accessed via SSL, is there a way in tomcat to reject the connection of http to a specific page (ie securePage.jsp) but still allow http access to other pages (ie. standardPage.jsp). Pages like login, CC submission etc.. need to be secure and I want to make sure that they are always accessed via SSL. Hope there's an answer.. Steve Mactaggart Senior Java Developer / Team Leader 303 Sport BH: 9620 7477 FAX 9620 7377 -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- corey a. johnson cni 1.321.259.1984 1.800.264.5547 -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: mod_webapp compile problems
you need to run ./support/buildconf.sh first. That will create the .configure file. - Original Message - From: Lars Nielsen Lind [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Friday, December 21, 2001 12:04 AM Subject: mod_webapp compile problems Hi. I have downloadet the source version of mod_webapp and now I want to compile it with -deapi. I have unpacked the mod_webapp tar file with the source but there is no configure file. The readme.txt file says that I could use the following command to compile mod_webapp: ./configure -deapi That is not possible without the configure file. Are the someone that have successfully compiled mod_webapp with -deapi for the Linux platform that can help (which version of mod_webapp, how to compile and where to get it)? I have used this version of mod_webapp: http://jakarta.apache.org/builds/jakarta-tomcat-4.0/release/v4.0.1/src/webapp-module-1.0.1-tc401-src.tar.gz Best regards, Lars Nielsen Lind -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: Tomcat4 standalone and port 80
On Linux you need to be a root level user to open a port below 1028. If you try to run the startup on port 80 from a normal user account it will fail. Is this your problem? -Cavan - Original Message - From: Jonas Arvidson [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, December 18, 2001 2:17 AM Subject: Tomcat4 standalone and port 80 I'd like to use Tomcat4 standalone and use port 80 for requests. It works just fine on my Windows box when I use the standard HTTP/1.1 Connector and change the server.xml from port 8080 to 80. But when I want to do the same on my Linux box the background threads isn't created - and Tomcat4 fail to operate. Since it works just fine with port 8080 or 8085 or just about every port but not port 80 I suspect a conflict, that is - some process is already listening on port 80. But Apache is not installed and I can't figure out the problem. From catalina.out (logs): Catalina.start: LifecycleException: null.open: java.net.BindException: Permission denied LifecycleException: null.open: java.net.BindException: Permission denied at org.apache.catalina.connector.http.HttpConnector.initialize(HttpConnector.ja va) at org.apache.catalina.core.StandardService.initialize(StandardService.java) ... Installed on system: * Tomcat4.0.1 * Red Hat 7.2 * j2sdk1.4.0 * mySQL 3.23 Any clues? /Jonas Arvidson -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
mod-webapp Bugs
Hey everybody, I'm running tomcat 4.0.1 under apache 1.3.22 through mod_webapp from webapp-module-1.0-tc40-linux-glibc2.2.tar.gz and I've noticed a couple of quirks in the way it's working. I'm wondering if these are bugs that will/should be corrected or they are the result of misconfigureation on my part. The first problem is that if I go to www.mydomain1.com/webapp-info or www.mydomain1.com/examples I get: Not Found The requested URL /examples was not found on this server. If I go to www.mydomain1.com/webapp-info/ or www.mydomain1.com/examples/ it works fine. That happens whether I include a trailing slash in the httpd.conf WebAppDeploy or not. (Examples from docs say not) The other, more serious problem is this. I can't authenticate to the protected areas of my ROOT app through mod-_webapp. I'm using form based login and a JDBC Realm on tomcat to protect one of the subdirectories. Everything works fine if I go directly to tomcat on port 8080, but if I go through apache the authentication fails every time. The 302 redirects work fine, it's just that no mater what username and password I use it acts like they're bad. They're not though. I can see them in the database and use them on port 8080. Any ideas what's going wrong or where I made a mistake? Are these known issues with this configureation? Here's my mod_webapp lines in httpd.conf. I hope somebody can give me a hand. LoadModule webapp_module libexec/mod_webapp.so #apache 1.3.22 seems to nolonger require AddModule lines [...] WebAppConnection conn warp localhost:8008 VirtualHost * ServerName www.mydomain1.com UseCanonicalName On WebAppInfo /webapp-info WebAppDeploy examples conn /examples /VirtualHost VirtualHost * ServerAdmin [EMAIL PROTECTED] ServerName www.mydomain2.com ServerAlias mydomain2.com *.mydomain2.com UseCanonicalName On WebAppDeploy ROOT conn / /VirtualHost -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: Session
If anyone solves this it would be a great help to me as well. I am currently using a
clumsy work around that doesn't always work.
I have a User object that contains a lot of information about the users that could be
very useful on various pages. I'd like to simply fill this object and add it to the
session upon authentication for later use. I haven't found a way to do that yet.
My work around is to do a pageContext.include() of a jsp that does the following on
every page.
String name = request.getRemoteUser();
User user = (User)session.getAttribute(USER_OBJECT);
if(name!=nulluser==null) {
user = User.getUserByName(datasource, name);
session.setAttribute(USER_OBJECT, user);
}
This has two problems though.
1) It's a waste of time to have to do this on every page.
2) It can create a race condition if the page it's include in needs to use the User
object immediately. If I do the following the User object generally ends up being
null.
pageContext.include(login.jsp);
User user = (User)session.getAttribute(USER_OBJECT);
I think the ability to do this properly would be a great help to a lot of people and
contribute to cleaner and faster servlet and jsp applications.
Being able to specify a method that takes the username and password to be run on
successful authentication would do it.
-Cavan
- Original Message -
From: Jon Weinberg [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, December 18, 2001 4:08 PM
Subject: Session
I am running Tomcat 4.0 with form-based authentication. I would like to add some
user-specific variables into the session as soon as the user logs in (that is, as soon
as the user logs in, I want to get the username from the form, use it to query my DB,
put some results into the user's session, and have the user continue on to the page he
originally requested.)
I have tried a number of solutions that don't work:
1) I've tried having the login form's action send the info to a servlet that does the
processing and then forwards the request to j_security_check, but that solution only
works in 3.2 and not in 4.0
2) I have attached an HttpSessionListener, but since the session is created before the
user actually logs in, my listener does not yet have the username and cannot complete
the preprocessing.
Is there a way for me to execute something right AFTER a user authenticates?
Thanks,
Jon
--
To unsubscribe: mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]
Re: Session
I'm pretty sure that this is the same thing I described you just wrote all the servlet
code yourself instead of having the jsp engine do it for you. That still leaves the
ugly and race condition problems I described. Am I wrong?
-Cavan
- Original Message -
From: Jayson Yu [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Tuesday, December 18, 2001 6:27 PM
Subject: Re: Session
You are right, this is not very efficient, I strongly suggest using
servlets.If you do you can
place all user info you would possibly need in an httpsession.
You can in fact create a new session after athentication, you can also
create a class
containing the attributes you want to save on each session (e.g. name,
address, sex,
access code etc.).
For example:
// this is your function to verify the user agains your DB
if CheckUser(loginname, password)
{
HttpSession websession = request.getSession(true);
// Sessions is a user made class that contains the
// methods and properties you want the session to have.
Sessions thissession = new Sessions();
// 30 minutes
websession.setMaxInactiveInterval(1800);
String sessid;
// Just replace this method with one of yours.
sessid=GenericTools.generateRandomSessionCode(25);
websession.putValue(mysession,thissession);
((Sessions)websession.getValue(mysession)).setSessionCode(sessid);
((Sessions)websession.getValue(mysession)).setName(login_name);
}
getting information from your session is equally easy:
HttpSession websession = request.getSession(true);
if (websession.getValue(mysession)!=null)
{
login_name=((Sessions)websession.getValue(mysession)).getName();
}
Of course your Sessions class must have the setSessionCode, setName and
getName methods.
Hope this helps.
json
At 05:41 PM 12/18/01 -0800, you wrote:
If anyone solves this it would be a great help to me as well. I am
currently using a clumsy work around that doesn't always work.
I have a User object that contains a lot of information about the users
that could be very useful on various pages. I'd like to simply fill this
object and add it to the session upon authentication for later use. I
haven't found a way to do that yet.
My work around is to do a pageContext.include() of a jsp that does the
following on every page.
String name = request.getRemoteUser();
User user = (User)session.getAttribute(USER_OBJECT);
if(name!=nulluser==null) {
user = User.getUserByName(datasource, name);
session.setAttribute(USER_OBJECT, user);
}
This has two problems though.
1) It's a waste of time to have to do this on every page.
2) It can create a race condition if the page it's include in needs to use
the User object immediately. If I do the following the User object
generally ends up being null.
pageContext.include(login.jsp);
User user = (User)session.getAttribute(USER_OBJECT);
I think the ability to do this properly would be a great help to a lot of
people and contribute to cleaner and faster servlet and jsp applications.
Being able to specify a method that takes the username and password to be
run on successful authentication would do it.
-Cavan
- Original Message -
From: Jon Weinberg [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, December 18, 2001 4:08 PM
Subject: Session
I am running Tomcat 4.0 with form-based authentication. I would like to
add some user-specific variables into the session as soon as the user logs
in (that is, as soon as the user logs in, I want to get the username from
the form, use it to query my DB, put some results into the user's session,
and have the user continue on to the page he originally requested.)
I have tried a number of solutions that don't work:
1) I've tried having the login form's action send the info to a servlet
that does the processing and then forwards the request to
j_security_check, but that solution only works in 3.2 and not in 4.0
2) I have attached an HttpSessionListener, but since the session is
created before the user actually logs in, my listener does not yet have
the username and cannot complete the preprocessing.
Is there a way for me to execute something right AFTER a user authenticates?
Thanks,
Jon
--
To unsubscribe: mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]
--
To unsubscribe: mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]
Anyone built mod_webapp for Apache 2.0?
I've been trying to build mod_webapp for apache 2.0 and have been completely unsuccessful. I'm just about ready to give up, but I know there are people out there who have done it. So if there's anyone out there who has built mod_webapp.so for apache 2.0 on a Redhat like system could you please just email it to me at [EMAIL PROTECTED] Thanks a lot. -Cavan P.S. I'm serious. I just need that file. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Web Archive for Lists?
Is there a web based interface to these list archives? If there was it could greatly facilitate finding infomation that has already been covered. For instance, I have no idea whether or not this questin was answered in a previous message. -cmorris
