RE: How to listen for shutdown
Let me try to explain this better, The problem seems to be that Tomcat is shutting down the asynchronous threads BEFORE I can cleanly tell them to shutdown (from my servlet contextDestroyed() method). I tried getting control with finalize() in the thread instance, but this didn't seem to get called. In general there should be some way to cleanly shutdown the entire app before Tomcat starts destructing threads and instances. I cannot put a web.xml entry for the thread since it is not a servlet. Any suggestions? -- Frank
RE: How to listen for shutdown
Thanks for all the responses. I have another question about shutdown. My app has several asynchronous threads which it spins off. I need to get them shut down cleanly. These threads are not servlets and if I add a listener spec to web.xml for them I get the startup message: 2003-03-10 12:30:47 StandardContext[]: Error configuring application listener of class com.foo.bar.RequestQMgr java.lang.InstantiationException: com.foo.bar.RequestQMgr . Even tho I can have my servlet communicate with the thread, it seems like Tomcat is busy shutting these down even before my contextDestroyed() method finishes. What is the proper way of shutting down these threads cleanly without Tomcat killing them first? -- Frank
Re: How to listen for shutdown
Thanks for the responses. I tried using ServletContextListener and added my code to the contextDestroyed() method. It never seems to get called. My servlet is listed in web.xml under a servlet tag and is initialized just fine. I also saw that there is a destroy() method which seemed like it might be appropriate. When I add my code there is does get called, but it seems to have a varying amount of time to do its work before everything ends. Sometimes I get everything done, sometime nothing, often somewhere in the middle. Any suggestions on how to get either of these working? What am I missing? Is there any better documentation or examples anywhere? Thanks, -- Frank
Re: How to listen for shutdown
I found the answer to my questions: Documentation on ServletContextListener: http://developer.java.sun.com/developer/technicalArticles/Servlets/servl etapi2.3/ In order to ge the servlet invoked, you need a listener tag, e.g., listener listener-classcom.foo.ControllerServlet/listener-class /listener The appearance that I was not getting time to do my cleanup was due to a couple of things: 1) you need to be careful what you do since other threads, instances, etc. are in the process of disappearing. 2) For some reason my shutdown methods (both contextDestroyed() and destroy()) were being called twice. I think they were not completing operation on the second call. Adding a static variable to ignore the second call seems to have fixed things. -- Frank
How to listen for shutdown
I've looked through a lot of documentation, forums and the Jakarta site and cannot find any documentation that tells me how my Tomcat application can get notified when Tomcat gets a shutdown. I have cleanup I need to do. I would appreciate any pointers to documentation or the correct class/method. Thanks, -- Frank
RE: Automatic Client Login
Send the Authentication header with the username:password but encoded in base64 Donie Thanks, but how do I do that from a JSP-generated HTML page? -- Frank
How to change the user ID during session?
Is there any way to change the logged in user during a session? I tried setting j_username in the session to the new user name but then Tomcat throws a security error. Is there some legal way to change the user during the session? Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Automatic Client Login
My application uses Form-based authentication. However, I would like to be able to have a request from a client automacally log in without their seeing the form by passing the userid/password with an HTTP request. I thought I saw one time some syntax like: http://myhost?user=someonepassword=base64pwd/. Is there some way to set the userid and password in the header from a page (genrated by a JSP) sent from the server to the client so that the login occurs silently (e.g. a page with just javascript that does an automatic submit or a redirect from the server)? Thanks, Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: Give webapps FilePermissions in catalina.policy
I believe the syntax is a bit different for web apps as indicated by the example in the file. Here is my spec for AllPermission for myApp. You should be able to modify it for your purposes: grant codeBase file:${catalina.home}/webapps/myApp/- { permission java.security.AllPermission; }; Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: Mr. McClanahan ... Do you ever take a break?
My theory is that there are really six different people named Craig McClanahan ;-) Seriously, I agree Craig has been a great help to many people. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: Tomcat as a Devlopment Server
When you make changes under WEB-INF/classes you should use the manager app to restart your application. See the manager app documentation in the 4.x distribution (very easy to use). Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: Important : Typical Problem
I'm not sure I understand you post, but you could be having a problem with the browser caching. Flush the browser cache, set the browser options to always check for a new page, etc. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: Tomcat 4 as an NT Service
Take a look at previous posts on this topic. Take a look at what is in your log files. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: 2 Tomcat4 questions
I started with the directions for Tomcat 3.2 and jk_nt_service.exe http://jakarta.apache.org/tomcat/tomcat-3.2-doc/NT-Service-howto.html and its copy of wrapper.properties. I made the following additions/changes to wrapper.properties: The only thing I found I needed in the classpath was bootstrap.jar: wrapper.class_path=$(wrapper.tomcat_home)\bin\bootstrap.jar The startup class is different: wrapper.startup_class=org.apache.catalina.startup.Bootstrap I added some flags and other changes to the startup command. I didn't test to see if these are really all needed. The SAXParser one is probably only needed if your app uses it and you don't explicitly name the parser class. The -Xrs switch is probably only needed for JDK 1.3.1 to keep the service from dying (??) Note the start on the end. Broken across multiple lines here for clarity: wrapper.cmd_line=$(wrapper.javabin) -Xrs -Dorg.xml.sax.driver=org.apache.xerces.parsers.SAXParser -Dcatalina.home=C:\jakarta-tomcat-4.0-rc2 -classpath $(wrapper.class_path) $(wrapper.startup_class) -config $(wrapper.server_xml) start Athens Group, Inc. (512) 345-0600 x151 An employee-owned firm, specializing in technology, strategy and custom software development -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: dtd loading problem on tomcat startup
If you use a non-relative DTD reference you might need to specify a proper file URI, e.g. something like: file:///foo/bar Note also the forward slashes. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: [repost] loading class files
Note on the other stuff: Classes used on the server side should be in a package structure under WEB-INF/classes to work correctly. JSPs, static content, and client-side applets should all be outside the WEB-INF folder for proper operation. This is defined in the spec and is required for all applications conforming to it. Hope this clears some mystery. --David Smith I cannot find any place in the spec that says that JSPs, etc. cannot be under WEB-INF. I have seen many suggestions that this is a good place to put them to prevent direct access. In what way doesn't this provide proper operation. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: servlet information
There are many books on online articles (@ Sun, Apache, etc.) that describe the basics of how to organize web applications. You might look specifically for Model 2 Architecture. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: Servlet Mapping...:(
A couple of things to check Is your servlet class really ActionServlet and not something like com.mycom.ActionServlet? If it IS ActionServlet then the class file should be in WEB-INF/classes (if it is com.mycom.ActionServlet then it should be in WEB-INF/classes/com/mycom/). Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: Security question
You can pass (possibly encrypted) information that only the two parties know. This is essentially authentication like your username/password. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Xerces Parser Security and Path Problems
I encountered a couple of problems trying to use xerces and security in my application. BUG 1: I have xerces.jar in myapp/WEB-INF/lib. This works fine until I turn on security (-security switch) which uses conf/catalina.policy. I added a permission for my application to do anything: grant codeBase file:${catalina.home}/webapps/myapp/- { permission java.security.AllPermission; }; This works fine except when I invoke xerces: XMLReader xr = XMLReaderFactory.createXMLReader(); ... xr.parse(my_xml_file); I get an access violation on the file (which is in myapp). If I move xerces.jar to common/lib this error goes away. There seems to be a problem related to security when loading jars from WEB-INF/lib. This was reported earlier by Sergey V. Udaltsov in the post titled policy for classes in WEB-INF/lib/my.jar. BUG 2: FURTHER, moving xerces.jar to common/lib seems to introduce its own problem related to the handling of DTDs. A couple of my xml files have DTD specs like: !DOCTYPE links SYSTEM ../Links.dtd I found that the parser computes the path relative to the startup directory of catalina, rather than relative to the location of the xml file. It does not do this when it is in WEB-INF/lib. This is clearly unusable since the web app author has no idea where the startup dir will be and no way to get the DTDs there. Am I missing something here on how this is supposed to operate or are these legitimate bugs? Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
FW: Xerces Parser Security and Path Problems
There seems to be a problem related to security when loading jars from WEB-INF/lib. This was reported earlier by Sergey V. Udaltsov in the post titled policy for classes in WEB-INF/lib/my.jar. It's not clear to me that this is a bug. The exception goes away because the default catalina.policy grants all permissions to code loaded from the common/lib directory. If you want an individual webapp to access files, you need to grant specific file permissions to it -- see the examples at the bottom of conf/catalina.policy for hints on how to do this. Note that this would be required even if you wanted to use file I/O directly in your servlet (as opposed to indirectly via the parser) -- the default policy file completely disables file access for classes loaded from /WEB-INF/classes or /WEB-INF/lib of your webapp. I don't think this is correct. As I indicated, I granted my application All Permissions. It does do a lot of file access (including to the file to be parsed). Without the permissions it gets access errors, so it seems to be working. If I open the target file for the parser, it can access it: xr.parse(new InputSource(new java.io.FileReader(my_xml_file))); I did try specific file permissions granted to the app and to the xerces.jar and that didn't help. Is there some special way that the file permission needs to be granted (BTW there are no examples of FILE permissions in my version of catalina.policy). This seems like a fairly basic problem that should be easy to verify. Here is the actual error info: java.security.AccessControlException: access denied (java.io.FilePermission D:\jakarta-tomcat-4.0-rc2\webapps\AGCW\agcw.xml read) at org.apache.xerces.framework.XMLParser.parse(XMLParser.java:1094) at org.apache.xerces.framework.XMLParser.parse(XMLParser.java:1122) at com.athensgroup.shared.sax.Agcw_Walker.processConfiguration(Agcw_Walker.java :52) Thanks, -- Frank -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: Invoking Servlet - trying to remove servlet prefix
There are a couple of possible problem areas: servlet-class LoginServlet /servlet-class most classes are of the form com.mycom.classname. The above says yours is just classname. i just want http://localhost:8080/login/login but you have defined the mapping /login, not /login/login. If you look in the logs you should see some more infromation. By turning on more debug info, esp. for the ContextManager, you should see more mapping information which will help you see how it is trying to resolve the URL. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: Jakarta NT Service
It helps to look thru previous posts. Go to http://mikal.org/interests/java/tomcat/index.jsp and look for Catalina as an NT Service Look to see it there is anything in the logs directory. It there is little or nothing there it is usually a problem with the specs in the wrapper.properties file. Be very sure the wrapper.tomcat_home and wrapper.java_home are correct. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
RE: Re: Jakarta NT Service
I could install as many as I wanted but only one would run at a time. Some possibilities: - you didn't give each a unique service name - you are encountering the JVM 3.0 service shutdown bug, (see other posts: search on -Xrs) Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: Sending all request to one servlet?
Just the /generator/* mapping should be sufficient. What is the full URL you are entering? Should be something like http://host:port/your_webapp/generator/TestView What do the logs say? Turn on debugging for ContextManager to see how it is trying to resolve the mapping. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
The Infamous ClassCastException Problem
I've noticed a couple of threads about strange ClassCastException problems (Call EJB in OC4J from Tomcat, pulling my hair out re: EJB in tomcat). I've run into a strange ClassCastException in a slightly different context, but it seems that it might be related and might help narrow down the problem. I have an application that is broken into two tomcat web-apps (contexts) (MainApp, HelperApp). One thing I am trying to do is have the MainApp populate a request with some beans and then include a jsp from HelperApp: populateRequestWithBeans(); // uses RequestDispatcher.include() sc.getRequestDispatcher(TargetPage).include(request, response); If the TargetPage is in MainApp this works fine. If the TargetPage is in HelperApp and I run it from my development environment (Tomcat 3.2.1) it runs fine (gets context of HelperApp). If the TargetPage is in HelperApp and I run it in Tomcat 4.0 then I get a ClassCastException in TargetPage on the line where the TargetPage jsp tries to retrieve the bean (2nd line below): com.athensgroup.autoweb_projects.ClientInfo ClientInfo = null; ... ClientInfo= (com.athensgroup.autoweb_projects.ClientInfo) pageContext.getAttribute(ClientInfo,PageContext.REQUEST_SCOPE); The runtime error complains that the object is actually of type com.athensgroup.autoweb_projects.ClientInfo which is clearly the SAME (textually)! Since this works in some environments it eliminates issues of typos, logic errors, etc in the code. The key seems to be that the two web-apps think that the same class is a different class! (Both have copies of the SAME class file in their WEB-INF\classes directories. Is there something in Tomcat or the JVM which would make two different web-apps think that the same class is not the same class? Obviously there is something MORE than just the class name that is being used to distinguish them. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
RE: The Infamous ClassCastException Problem
This is normal then. Class foo loaded by class loader A is not castable to class foo loaded by class loader B (if they are really independent, of course - if A is the parent of B and B delegates, it will work). You have to put the class in a spot shared by both webapps (that means the shared class loader. Remy Then how does this work in a general client- server relationship such as RMI servers, EJB servers, etc. Don't they usually just give you a jar with the classes that you add to your client? Having to use the exact same file seems excessive???! Isn't there some way to allow use of a copy of the class? -- Frank -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: The Infamous ClassCastException Problem
Thanks. I packaged the classes in a jar and put them in common\lib and now things work fine. I'm still curious tho on how RMI/EJB clients manage to do this without having the same class/classloader. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: Embedding Tomcat with intra-app Servlets
One appraoch for data sharing is to structure the application as separate web-apps and use beans in the request (response, session context, whatever) to pass information back and forth. I currently have a web-app that gets the original request, populates the request with needed beans and includes the target page from the other web app. Sounds complex, but it is only a couple of lines of code. One big advantage is that I can let non-secure people define the pages making up the backend portion of the app. Since they can only use the beans I give then and I update based upon beans I'll accept, I don't need to worry about inappropriate behavior by the backend jsps. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: login from home page
You (normally) should not be doing the login from your home page. If you use the tomcat security by specifying a security-constraint in web.xml it will invoke your login.jsp the first time someone trys to access the secured area. If they log in ok then it will continue on to whatever page you were trying to get to (e.g., your home page). The client should type something as a URL which you will target to the home page. This might be a direct reference to your home page, a generic reference which uses a welcome-file-list element to default to your home page, or servlet mapping, etc. There are lots of books with introductory examples, tutorials online, and I think an example in the tomcat distribution. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: TC4: stopping/starting an application works, reloading does not
How did you deploy the new classes? Just place the war file in webapps or did you explode the war or place the new classes where they belong yourself? The manager documentation does mention that there are some problems that seem to be related to re-deploying a war with the same name. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: JDBC Realm
Sounds like you have your http server (IIS, Apache?) set to provide security. Turn it off. (are you serving everything, even html, from tomcat?) Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: Security Question
I've started looking at some of the security issues but I'm still behind where you are in the area of your questions. Where did you find this document that has section 8 on Existing Risks and Problems Thanks, Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: JSP - How do I make it invisible to the browser's back button
I think you are going about this the wrong way. Instead of explicitly targeting the counter.jsp you could use a number of different approaches 1) have a counter bean. Each page you want to count could include the counter bean invocation 2) map your app accesses thru a control servlet. It will do any housekeeping, including counting accesses and then forwarding on to the desired servlet. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: XML ClassCastException and tomcat 4.0 documentation
Joel, You asked for help from Someone who knows what they're doing so I probably don't qualify, but you might try putting the xerces jar in your jre/lib/ext and see if it helps. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: Tomcat 4.0.1 Final and Xerces Parser
Have you read http://jakarta.apache.org/tomcat/tomcat-4.0-doc/class-loader-howto.html If this doesn't answer your questions, then it might be good to identify it here and try to get the howto updated. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: Launching subprocess under Tomcat as a Service
You should try to figure out what it is hanging on. Add some tracing. You can launch a subprocess, but it is running as the service user in a service environment. This is VERY likely different from your non-service environment. To help debug: - print out the path to a file - print out the classpath ... - print out the env ... - remember that services are usually set to NOT be able to interact with the desktop. Try changing it to yes. - remember that it may have different permissions so it might not have access to resources that you do. - remember that you cannot access mounted drives Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Providing for persistent files in a web-app
I have a web app that allows users to add files to the app, some of which can be displayed via URL references (many different file types). Currently these files are in a subdirectory (New) of the web-app. This creates a maintenance problem since replacing the web-app (erase webapps/MyApp.war, erase webapps/MyApp directory, and deploy new MyApp.war) also destroys the New directory. Rather that having a complicated process of saving and restoring the New directory it seems like it would be better to keep it elsewhere. However, the contents still need to be displayable in a browser as URLs. The best approach I could think of was to add a simple tomcat web-app whose only purpose is to hold the contents of New. Any problems with this approach? Is there a better/simpler approach? Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: Multiple web.xml files?
That would be nice. In my app, when I add a Client I need to add a set of security constraints, mappings, etc. It would make maintenance MUCH easier if these could be modularized. This would also require more flexibility in the organization of the web.xml file. Ideally this functionality should have been a set of APIs which could be invoked programmatically (e.g. addSecurityConstraint()) so this could be done more dynamically without having to bounce the app to read a rigidly structured xml file. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: Tomcat 4.0.1 Final and Xerces Parser
I don't know what the right answer is, but I got my app to pick up the xerces parser by putting it in the jre lib\ext directory (e.g. F:\jdk1.3.1\jre\lib\ext). You might also try the tomcat common\lib. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Manager App Bug
On occasion I have need from my app to update the web.xml and cause the app to get restarted. I tried to do this using the manager application and found that whenever the reload command is issued from a servlet in the target app (the one to be reloaded) it causes the manager and target apps to hang: 2001-10-22 16:32:34 StandardWrapper[/AGCW:Manager]: Loading container servlet Manager 2001-10-22 16:32:34 Manager: init 2001-10-22 16:32:34 Manager: init: Associated with Deployer 'localhost' 2001-10-22 16:32:34 Manager: restart: Reloading web application at '/AGCW' 2001-10-22 16:32:34 StandardContext[/AGCW]: Reloading this Context has started 2001-10-22 16:32:34 StandardWrapper[/AGCW:Manager]: Waiting for 1 instance(s) to be deallocated the last entry indicates the hanging servlet. If I issue the command from somewhere other than the target app, it completes normally: 2001-10-23 17:29:09 StandardWrapper[/manager:Manager]: Loading container servlet Manager 2001-10-23 17:29:09 Manager: init 2001-10-23 17:29:09 Manager: init: Associated with Deployer 'localhost' 2001-10-23 17:29:09 Manager: restart: Reloading web application at '/AGCW' 2001-10-23 17:29:09 StandardContext[/AGCW]: Reloading this Context has started 2001-10-23 17:29:09 AutowebControl: destroy 2001-10-23 17:29:09 DBCheck: destroy 2001-10-23 17:29:09 AutowebLogonControl: destroy 2001-10-23 17:29:09 WebappLoader[/AGCW]: Deploying class repositories to work directory C:\Cat_Test\work\localhost\AGCW 2001-10-23 17:29:09 StandardManager[/AGCW]: Seeding random number generator class java.security.SecureRandom 2001-10-23 17:29:09 StandardManager[/AGCW]: Seeding of random number generator has been completed 2001-10-23 17:29:09 StandardWrapper[/AGCW:default]: Loading container servlet default 2001-10-23 17:29:09 default: init 2001-10-23 17:29:09 StandardWrapper[/AGCW:invoker]: Loading container servlet invoker 2001-10-23 17:29:09 invoker: init 2001-10-23 17:29:09 StandardWrapper[/AGCW:jsp]: Using Jasper classloader for servlet jsp 2001-10-23 17:29:10 jsp: init 2001-10-23 17:29:11 StandardContext[/AGCW]: Reloading this Context is completed Allowing an app to restart itself seems like an important use of this function. I'd call this a bug. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
WebDAV
I just tried to use WebDAV with my application and I have some questions about configuring WebDAV which I cannot find in the distribution or any of the links. Can someone suggest a source of information? The kinds of questions I ran into were: I set the servlet-mapping as servlet-namewebdav/servlet-name url-pattern/MyDir/*/url-pattern I have security specified for /MyDIr/*. From Windows NT explorer Web Folders I can navigate to MyDir and it shows the subfolders BUT a) If I navigate to a subfolder, sometimes I get an error b) It shows the folders without asking for a login. How do I require a login to browse the folders? c) If I try to access a file I get the login and then it tries to serve up the file. Works fine for .html files but for extensions like .txt, .text, etc I just get a 404! Why is this and how do I fix it (there is a MIME for .text)? What are the WebDAV servlet invocation parameters and what do they mean? Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: realm for non-catalina
There is usually some information in the log files even at debug=0. If it clearly says that login is failing, check you case (must match), that userid and pwd are varchar in the DB, etc. Maybe you REALLY are not matching. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Tomcat Manager Application Questions and Problems
1) Does reload pick up changes to web.xml? 2) I added manager servlet to my web app (/AGCW) and when I send the manager a command to reload I get the following in the localhost_log: 2001-10-22 16:32:34 StandardWrapper[/AGCW:Manager]: Loading container servlet Manager 2001-10-22 16:32:34 Manager: init 2001-10-22 16:32:34 Manager: init: Associated with Deployer 'localhost' 2001-10-22 16:32:34 Manager: restart: Reloading web application at '/AGCW' 2001-10-22 16:32:34 StandardContext[/AGCW]: Reloading this Context has started 2001-10-22 16:32:34 StandardWrapper[/AGCW:Manager]: Waiting for 1 instance(s) to be deallocated and then everything hangs. Is this because the app is trying to restart itself? Do I need to create another app just to do the restart? Sure would be nice if an app could restart itself (e.g., to pick up web.xml or other changes) Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Catalina as an NT Service
I've seen several queries about running Catalina as an NT service but didn't find any clear replies, at least regarding using the jk_nt_service.exe. I got it working, but it was all pure guesswork. Maybe someone who knows something about this can add some information or, BETTER STILL, add some information to Catalina about running it as an NT service. I started with the directions for Tomcat 3.2 and jk_nt_service.exe http://jakarta.apache.org/tomcat/tomcat-3.2-doc/NT-Service-howto.html I made the following additions/changes to wrapper.properties: The only thing I found I needed in the classpath was bootstrap.jar: wrapper.class_path=$(wrapper.tomcat_home)\bin\bootstrap.jar The startup class is different: wrapper.startup_class=org.apache.catalina.startup.Bootstrap I added some flags and other changes to the startup command. I didn't test to see if these are really all needed. The SAXParser one is probably only needed if your app uses it and you don't explicitly name the parser class. The -Xrs switch is probably only needed for JDK 1.3.1 to keep the service from dying (??) Note the start on the end. Broken across multiple lines here for clarity: wrapper.cmd_line=$(wrapper.javabin) -Xrs -Dorg.xml.sax.driver=org.apache.xerces.parsers.SAXParser -Dcatalina.home=C:\jakarta-tomcat-4.0-rc2 -classpath $(wrapper.class_path) $(wrapper.startup_class) -config $(wrapper.server_xml) start Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Catalina as an NT Service - WebDAV
I just discovered something else: WebDAV failed to start (sealing violation). I added: wrapper.class_path=$(wrapper.tomcat_home)\server\lib\jaxp.jar wrapper.class_path=$(wrapper.tomcat_home)\server\lib\crimson.jar wrapper.class_path=$(wrapper.tomcat_home)\server\lib\servlets-webdav.jar and that seemed to fix it. Again, not all these may be necessary and there may be others that are for reasons I haven't discovered. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
RE: ResultSet
As a test you should try retrieving the data and navigating thru it (using the ResultSet methods you intent to use) from a simple bean (class) that connects to the database. This will verify that the methods are working properly (many drivers/modes don't support them all - read the documentation). It wasn't clear to me how you are passing your ResultSet, but since it is not generally serializable (it is a live connection to the database) you cannot pass it over RMI (e.g. from an EJB). But I would expect this to throw a serialization error. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: My java.security.AccessControlException@Waterloo.be
Third try since I never saw this show up: Do you need to specify a security provider in java.security, e.g., security.provider.3=com.sun.crypto.provider.SunJCE (the above is for Sun's encryption provider). Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
How do I know what security manager is in use?
There are now (at least) 3 different web security managers which could be in use by a web app (JDBC, JNDI, in-memory). How can I tell which one? I am writing some general support classes to manage users and roles. To support a call like addUser() I need to know which security manager is in use so I can do the right thing. Doing things like checking for tomcat-usrs.xml or a particular security class don't seem adequate. Further, if the class is, say, JDBCRealm, I would like to also get the xml properties for connectionURL, connectionName, connectionPassword, etc. or maybe even the connection itself. It seems like this is something the servlet spec should address. Any suggestions? Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: ResultSet
Many of the especially older jdbc drivers did a very poor job of implementing the spec and many of the methods were not implemented. What database/driever are you using? Often the documentation was poor. You can try getting the latest driver and checking what was supported. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
RE: request for suggestions on how to secure a web application... .
Re protection via Realms: - a useful mechanism, but by itself might not do the whole job. For example, if you need to have users log into a specific domain (e.g. different clients get different data) (as happens in many apps) where the userid isn't enough info (one value of Realms is non-unique IDs), then you need to still force people thru a specific login. Re object in a session. - Note that this can be fabricated by a hacker. For real security you need to look at encrypting it with varying keys. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Using Windows Native Security
Does anyone have any references or information on using native windows security (NTLM?) for Tomcat security? Are there any Java JNI wrappers for the native system calls? Are there any higher-lever implementations to some other more usable interface (JAAS, LDAP, etc.)? Thanks, Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
charset Problem
I was having a problem in that I could see Japanese text on my development system, but when I put the app on the main server, I could no longer see the Japanese text, but others could. I am using IE 5.5 browser. I finally tracked it down to the fact that the JSP compiler was generating response.setContentType(text/html;charset=8859_1); on my system, but on the server it was generating response.setContentType(text/html;charset=ISO-8859-1); I wasn't setting anything in my JSP source. If I force the server to generate 8859_1 or nothing it works fine. What determines the charset setting which Jasper generates when nothing is specified? Is this a bug? Thanks, Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: JSP DataBases: Types
why not use %= Recordset.getString(CLASS_NAME) % for everything? Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: Problems running as an NT Service
What error are you getting? FIle not found? Security error? Not found would be a path problem. Security error would be more related to the java.policy of the user you are running under. Is the file on a mounted drive? (service can't access these). etc. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Security
I'm starting to look at how to manage security and am wondering what people's experiences are with various security managers. For example, NT-security, Win2k Active directory/LDAP, IBM/Tivoli SecureWay, RYO, etc. In my environment there may be multiple applications on a single server/host. What are the pros and cons of the various approaches (e.g., single vs. multiple realms)? Thanks, Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: There is no disk in the drive
Thanks for the responses. I think I have found the problem and a workaround. For some reason that I don't understand, some commands, like xcopy, decide to search the path (even when the parametes are fully specific). For the System ID on this machine it had D: in its path, which is a removable drive. Why it stops and puts up a message is a mystery to me. Anyway, fixing the path or forcing it to something acceptable in the .cmd file cures the problem. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
There is no disk in the drive!
When I run my web application using Tomcat as a service under windows 2000 (Tomcat 3.1.1) I'm running into a strange message. My app runs an eternal .cmd file to populate some directories. One of the lines in the cmd file is xcopy InitialProject\*.* Projects\%1 /E This works fine when Tomcat is not a service, but when it is a service, the server machine twice puts up a message box with: There is no disk in the drive. Please insert a disk in the drive \Device\Harddisk\DR1. If I hit Continue it goes on to work just fine. If I put in two xcopy statements the message comes up four times, so it seems to be a result of the two xcopy arguments. Changing the argument paths to explicit paths doesn't help. E.g., xcopy C:\Tomcat\XXX\InitialProject\*.* C:\Tomcat\XXX\Projects\%1 /E Other commands (e.g., mkdir) don't seem to have any problem. Any idea how to fix this? Thanks, Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Problem: Servlet Mappings RequestDispatcher
Re problem B. I found that after some re-directions Tomat ContextManager seemed to be messing up the context path (see Please explain this Context). You can tell if this is happening by having the ContextManager log its mappings: ContextManager debug=1 workDir=work showDebugInfo=true in Server.xml. It is either a bug or some strange semantics I don't understand. I worked around it by doing a sendRedirect with an explicit path rather than forward. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Please explain this Context
I have a login.jsp in my application in the path security/login/login.jsp and certain URLs are protected with a security constraint. However, I expect users to go to a certain URL in order to log in. If they don't, I need to have them first fill in a form. So, in login.jsp I have a tag that does the check and if they need to fill in the form I redirect to the form: rd = sc.getRequestDispatcher(/MyForm.jsp); rd.forward(request, response); Once they fill in the form and submit the processing servlet forwards the request to the proper target URL: rd = sc.getRequestDispatcher(/ + project); rd.forward(request, response); The Question: The first part of this works just fine. It gets to MyForm.jsp and does its thing, but when I forward to /project it fails. The dispatcher trace shows that it is trying to find context/security/login/project rather than context/project. After passing thru a couple of servlets, why is now insisting on adding security/login to the path? I have worked around the problem by just doing a sendRedirect, but the above behavior confuses me and seems to contradict the spec. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Re: Can't happen - classname is null, who added this
I get this message if I replace one of my classes while Tomcat is running. Try restarting Tomcat. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Problem with Tomcat as a Service
I am using JavaService to start Tomcat as a service. It installs and starts just fine, but when I try to access a jsp, it hangs. In jasper.log it shows the usual lines about the jsp being accessed, but hangs after the line: Classpath according to the Servlet Engine is ... Noting shows up in the work directory and no error messages in any log. I tried putting tools.jar in the Tomcat lib, adding it to the service classpath, but it doesn't help. Any ideas why jasper is hanging and how to fix/identify the problem? Thanks, Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Finding the XML parser in Tomcat
In my VisualAge Java development environemnt (jdk 1.2.2) I can say, for example, Parser parser = ParserFactory.makeParser(org.apache.xerces.parsers.SAXParser); but when I deploy to a standalone Tomcat environment, I get a class not found on the parser name, even tho I put the jar in Tomcat's WEB-INF\lib directory. If I put the jar into jre\lib\ext, it is found, but having to put it there is more imposition on the user and requires extra work beyond normal web app deployment (just putting the WAR file in the webapps dir). Further, If I put the jar there, then programs that use the no parameter form Parser parser = ParserFactory.makeParser(); then start to throw an error: Null Pointer Exception: sax.parser is null This can break other applications! Why will it not find the parser in the Tomcat WEB-INF\lib directory? Is this an XML, jdk, Tomcat issue or what? If I add the XML lib to jre\lib\ext, what/how system properties must be set? Thanks, -- Frank Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
JSP to Servlet Loosing Session Info
I noticed some posts about people having problems loosing the session information when using JSPs with servlets. For examples if I did the following in a JSP: FORM ACTION=/servlet/com.mycom.MyServlet ... when MyServlet got control, the Session was empty. I found out that if I did this the right way and defined the servlet in my web.xml, e.g., servlet servlet-nametheServlet/servlet-name servlet-classcom.mycom.MyServlet/servlet-class /servlet servlet-mapping servlet-nametheServlet/servlet-name url-patternsomeServlet/url-pattern /servlet-mapping and in the JSP said: FORM ACTION=someServlet ... then all worked fine. You may have to adjust the path a bit depending upon where your JSP is, etc. The Tomcat mapping trace can help you debug mapping problems. Apparently there is some encoding function which can be applied to make the FORM reference work, but I don't know what it is (anyone know?). Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
JSP to Servlet Loosing Session Info
I noticed some posts about people having problems loosing the session information when using JSPs with servlets. For examples if I did the following in a JSP: FORM ACTION=/servlet/com.mycom.MyServlet ... when MyServlet got control, the Session was empty. I found out that if I did this the right way and defined the servlet in my web.xml, e.g., servlet servlet-nametheServlet/servlet-name servlet-classcom.mycom.MyServlet/servlet-class /servlet servlet-mapping servlet-nametheServlet/servlet-name url-patternsomeServlet/url-pattern /servlet-mapping and in the JSP said: FORM ACTION=someServlet ... then all worked fine. You may have to adjust the path a bit depending upon where your JSP is, etc. The Tomcat mapping trace can help you debug mapping problems. This seems like it is a Tomcat bug, but the above is not only a workaround, but a more maintainable way of doing things. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Odd Tomcat Error Messages - please file a bug report
After using Tomcat for a while during development, especially after deleting some old JSP .java/.class files from the work directory, I get the follwing error: - Error: 500 Location: /examples/AGCW/home.jsp Internal Servlet Error: org.apache.jasper.JasperException: Unable to compile class for JSPerror: An error has occurred in the compiler; please file a bug report (http://java.sun.com/cgi-bin/bugreport.cgi). 1 error java.lang.Throwable(java.lang.String) java.lang.Exception(java.lang.String) javax.servlet.ServletException(java.lang.String) org.apache.jasper.JasperException(java.lang.String) boolean org.apache.jasper.compiler.Compiler.compile() boolean org.apache.jasper.runtime.JspServlet.loadJSP(java.lang.String, java.lang.String, boolean, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) void org.apache.jasper.runtime.JspServlet$JspServletWrapper.loadIfNecessary(javax .servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) void org.apache.jasper.runtime.JspServlet$JspServletWrapper.service(javax.servlet .http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean) void org.apache.jasper.runtime.JspServlet.serviceJspFile(javax.servlet.http.HttpS ervletRequest, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.Throwable, boolean) void org.apache.jasper.runtime.JspServlet.service(javax.servlet.http.HttpServletR equest, javax.servlet.http.HttpServletResponse) void javax.servlet.http.HttpServlet.service(javax.servlet.ServletRequest, javax.servlet.ServletResponse) void org.apache.tomcat.core.ServletWrapper.handleRequest(org.apache.tomcat.core.R equest, org.apache.tomcat.core.Response) void org.apache.tomcat.core.ContextManager.service(org.apache.tomcat.core.Request , org.apache.tomcat.core.Response) void org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(org.a pache.tomcat.service.TcpConnection, java.lang.Object []) void org.apache.tomcat.service.TcpConnectionThread.run() void java.lang.Thread.run() - I have a main page with frames that invokes a number of other pages. A number of them give this error. If I directly invoke the other pages I get no error and when I then invoke the main page, it is fine. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Odd Page Caching Behavior
Sometimes after developing for a while, Tomcat will stop showing my changes and insist on showing an old version of one or more of my pages. I have IE (5.50) set to re-access the page on every visit and deleting all the files and restarting IE doesn't fix the problem. Re-starting Tomcat and VisualAge doesn't fix it. Only re-boot works. I had one page, index.jsp, which I replace with a completely different content. It kept showing the old one. If I removed index.jsp, I would get a not found as expected, but as soon as I put the new index.jsp in, I would get the old content again. Weird. Any ideas on what is caching the pages? How to stop it. Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Where is IIS-HowTo file
I've seen mention of an IIS-HowTo file, but cannot find it on the Apache site. Can someone provide a reference? In general, there seems to be a real lack of information on how to put the whole security thing together: define security on pages, define roles, define users, etc. for a particular environment (e.g., IIS + Tomacat). The Apache.org site only has a few of the pieces. Are there any good references? Thanks, Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.
Inconsistent JSP Compilation Behavior
I'm using TOMCAT Version 3.1.1 in IBM VisualAge Java environment. After developing for a while I find that my JSPs with code like: jsp:useBean id=Foo ... % String s = Foo.someMethod(); % ... %= s %. ... Stops working properly. What happens is the compile JSP generates a .java file without the code for the % String =... resulting in a compiler error that s is not define. Stopping and restarting Tomcat and VAJ don't help. Re-booting does. Any suggestions? Frank Lawlor Athens Group, Inc. (512) 345-0600 x151 Athens Group, an employee-owned consulting firm integrating technology strategy and software solutions.