criteria for a session
Hi, what are the criteria for tomcat 4.1.26 to say the session is null (((HttpServletRequest)request).getSession(false))? It seams to depend on something in the request. When i open a second new IE Window, not a child from the first IE Window, the session is null. I dontt call session.invalidate() and the timeout is not reached. I know that there are only two reasons for invalidate a session. 1) session.invalidate(); 2) session timeout I thought these where the only reasons. Thanks for your help Günter
Re: HTTP Error 302
No, I can't use a forward(), because the FOP is interpreting a fop:image tag and the FOP-Generator is requesting the image source. The things I can change is the path to the ImageGenerator and the query piece of the image-url. Does the trick with including the session ID in my HTTP request work, when the request comes from different clients Günter - Original Message - From: Antonio Fiol Bonnín [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Monday, November 24, 2003 9:01 PM Subject: Re: HTTP Error 302 If you are calling a servlet from another servlet using HTTP, that does not seem the best approach. Can you use forward()? Otherwise, you can try to include the session ID in your HTTP request. Antonio Fiol Günter Kukies wrote: Hi, after investigating the Problem, we found that we generate a redirect to login when the session is invalid. We have a servlet, that generates Images. If the client requests the Image servlet directly everything is fine. The session is valid and the user gets his image. But when the client want's to generate a PDF with FOP on the same webapplication where the Imigegeneratorservlet is, we dont't get a valid session. The request to the Imagegenerator is comming now from the webapplication and not from the client. So there is no session and we generate a redirect to login. I monitored the datatranfere with tcpdump on the loopback device 127.0.0.1 and there I saw the HTTP 302. What is the best way to handle this kind of session problems. Thanks for answeres Günter - Original Message - From: Christopher Schultz [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Friday, November 21, 2003 2:47 PM Subject: Re: HTTP Error 302 Günter, what are the common reasons, that tomcat 4.1 is returning a HTTP 302 error page? Response code 302 is not an error: it is a redirect. Are you connecting to Tomcat via a browser or some other client? Your client should be following that redirect, which should be specified in the Location header of the response. For more information, check out the HTTP spec at: 1.0 Spec: http://www.ietf.org/rfc/rfc1945.txt 1.1 Spec: http://www.ietf.org/rfc/rfc2616.txt -chris - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HTTP Error 302
Hi, after investigating the Problem, we found that we generate a redirect to login when the session is invalid. We have a servlet, that generates Images. If the client requests the Image servlet directly everything is fine. The session is valid and the user gets his image. But when the client want's to generate a PDF with FOP on the same webapplication where the Imigegeneratorservlet is, we dont't get a valid session. The request to the Imagegenerator is comming now from the webapplication and not from the client. So there is no session and we generate a redirect to login. I monitored the datatranfere with tcpdump on the loopback device 127.0.0.1 and there I saw the HTTP 302. What is the best way to handle this kind of session problems. Thanks for answeres Günter - Original Message - From: Christopher Schultz [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Friday, November 21, 2003 2:47 PM Subject: Re: HTTP Error 302 Günter, what are the common reasons, that tomcat 4.1 is returning a HTTP 302 error page? Response code 302 is not an error: it is a redirect. Are you connecting to Tomcat via a browser or some other client? Your client should be following that redirect, which should be specified in the Location header of the response. For more information, check out the HTTP spec at: 1.0 Spec: http://www.ietf.org/rfc/rfc1945.txt 1.1 Spec: http://www.ietf.org/rfc/rfc2616.txt -chris - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
HTTP Error 302
Hi, what are the common reasons, that tomcat 4.1 is returning a HTTP 302 error page? Thanks for your answere Günter
cookies
Hi, i use a machine1 with tomcat as a portal to do userauthentification and there is an other machine2 without tomcat that is providing a service with its own userauthentification. Machine2 uses POST to receive user and password and stores the session in cookies at the client. Machine 1 and 2 can handle the same users with the same passwords. I want to use only one login at machine1 and pass the login data to machine2. I have a servlet on machine1 that passes the data via POST to Machine2. Its an URL-Connection. I cant use a redirect while machine 2 only accepts POST. Do you see a method to pass the cookie back from machine 2 via machine 1 to the client . Or is it possible to hold the cookies from machine 2 on machine 1, so that machine1 simulates the clients for machine2. Thanks for any help Günter
Re: Thread-Pool growing, never freed
But isn't that real life that an response lasts to long and the user is navigating to other links on a page or a user pressed a link for mistake and wants to navigate to an other link without waiting for the not wanted response. Maybe that is an design problem having a framed page with a static (javascript) menue on the left side and the response as a target on the right frame. If the menue is part of the response i wont have those problems and the user is forced to wait for an response. I waited 5 min after my last activation of the link and there is no response from tomcat anymore. What buffer do you talk about? Is the PrintWriter throwing an IOException when the user doesn't wait for a response or pressing break at the browser?. What chances do I have to detect that the user is not interested in the response anymore. Günter - Original Message - From: Remy Maucherat [EMAIL PROTECTED] To: Günter Kukies [EMAIL PROTECTED] Sent: Thursday, March 13, 2003 9:28 AM Subject: Re: Thread-Pool growing, never freed Günter Kukies wrote: Hi, tomcat 4.1.18 i used your code and added +this to the output and renamed ot to HelloWorld. I used a framed Page with two frames(left and right). In the left frame is a link to helloworld servlet with target right frame. The maxProcesses is 10. I pressed the link more than twenty time as fast as my finger could press the mousebutton. I got this output: Invocation:0 [EMAIL PROTECTED] Invocation:1 [EMAIL PROTECTED] Invocation:2 [EMAIL PROTECTED] Invocation:3 [EMAIL PROTECTED] Invocation:4 [EMAIL PROTECTED] Invocation:5 [EMAIL PROTECTED] Invocation:6 [EMAIL PROTECTED] Invocation:7 [EMAIL PROTECTED] 13.03.2003 07:14:45 org.apache.tomcat.util.log.CommonLogHandler log INFO: All threads are busy, waiting. Please increase maxThreads or check the servlet status10 10 End invocation:0 [EMAIL PROTECTED] End invocation:1 [EMAIL PROTECTED] End invocation:2 [EMAIL PROTECTED] End invocation:3 [EMAIL PROTECTED] End invocation:4 [EMAIL PROTECTED] End invocation:5 [EMAIL PROTECTED] End invocation:6 [EMAIL PROTECTED] End invocation:7 [EMAIL PROTECTED] Tomcat hangs and serves no request anymore. You really have no idea what you're talking about ;-) Basically, you have to wait for the servlets to return or an I/O exception to occur (won't happen here, everything is buffered) for the processors to be available again. Remy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Thread-Pool growing, never freed
Hello, am I alone with these problem in the world of tomcat? waiting for more answeres Günter - Original Message - From: Günter Kukies [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Thursday, March 13, 2003 10:02 AM Subject: Re: Thread-Pool growing, never freed But isn't that real life that an response lasts to long and the user is navigating to other links on a page or a user pressed a link for mistake and wants to navigate to an other link without waiting for the not wanted response. Maybe that is an design problem having a framed page with a static (javascript) menue on the left side and the response as a target on the right frame. If the menue is part of the response i wont have those problems and the user is forced to wait for an response. I waited 5 min after my last activation of the link and there is no response from tomcat anymore. What buffer do you talk about? Is the PrintWriter throwing an IOException when the user doesn't wait for a response or pressing break at the browser?. What chances do I have to detect that the user is not interested in the response anymore. Günter - Original Message - From: Remy Maucherat [EMAIL PROTECTED] To: Günter Kukies [EMAIL PROTECTED] Sent: Thursday, March 13, 2003 9:28 AM Subject: Re: Thread-Pool growing, never freed Günter Kukies wrote: Hi, tomcat 4.1.18 i used your code and added +this to the output and renamed ot to HelloWorld. I used a framed Page with two frames(left and right). In the left frame is a link to helloworld servlet with target right frame. The maxProcesses is 10. I pressed the link more than twenty time as fast as my finger could press the mousebutton. I got this output: Invocation:0 [EMAIL PROTECTED] Invocation:1 [EMAIL PROTECTED] Invocation:2 [EMAIL PROTECTED] Invocation:3 [EMAIL PROTECTED] Invocation:4 [EMAIL PROTECTED] Invocation:5 [EMAIL PROTECTED] Invocation:6 [EMAIL PROTECTED] Invocation:7 [EMAIL PROTECTED] 13.03.2003 07:14:45 org.apache.tomcat.util.log.CommonLogHandler log INFO: All threads are busy, waiting. Please increase maxThreads or check the servlet status10 10 End invocation:0 [EMAIL PROTECTED] End invocation:1 [EMAIL PROTECTED] End invocation:2 [EMAIL PROTECTED] End invocation:3 [EMAIL PROTECTED] End invocation:4 [EMAIL PROTECTED] End invocation:5 [EMAIL PROTECTED] End invocation:6 [EMAIL PROTECTED] End invocation:7 [EMAIL PROTECTED] Tomcat hangs and serves no request anymore. You really have no idea what you're talking about ;-) Basically, you have to wait for the servlets to return or an I/O exception to occur (won't happen here, everything is buffered) for the processors to be available again. Remy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Thread-Pool growing, never freed
Hello, tomcat 4.0.3 and 4.1.18 Linux 7.3 (i386) - Kernel 2.4.13 JDK SUN 1.4.1_01 the Thread-Pool from cojote and httpconnector is growing when user is sending requests without waiting for response. The Thread-Pool will never be freed. Tomcat hangs if maxProcessors is reached. Only one user is connected. Only one servlet is requested. The servlets methods doGet and doPost always return. I put Sytem.out at start and end of doGet and doPost and counting an static int. The output of the int is linear with no breaks. The servlet uses SingleThreadModel. The output shows me that my code in the servlet does not hang. connectionTimeout is 15000 If the user is waiting for response the Pool works like expected. Thanks Günter
Filter - ServletContext
Hello, I want to read some context-param from web.xml within a filter. But the getAttribute is always null. There is no problem to get the same context-param within a Servlet. Thanks Günter Here is the code snippet: import java.io.*; import java.net.*; import java.util.*; import java.text.*; import javax.servlet.*; import javax.servlet.http.*; import java.sql.*; import javax.sql.*; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.naming.*; public class MyFilter implements Filter { // The filter configuration object we are associated with. If // this value is null, this filter instance is not currently // configured. private FilterConfig filterConfig = null; String category_server_ip = ; int category_server_port = 8080; String category_root = ; String category_base = ; /** * Init method for this filter * */ public void init(FilterConfig filterConfig) { this.filterConfig = filterConfig; ServletContext sctx = filterConfig.getServletContext(); sctx.getServletContextName(); category_server_ip = (String)sctx.getAttribute(category_server_ip); category_server_port = stringToInt((String)sctx.getAttribute(category_server_port)); category_root = (String)sctx.getAttribute(category_root); category_base = (String)sctx.getAttribute(category_base); if (filterConfig != null) { if (debug) { log(MyFilter :Initializing filter); } } } public MyFilter () { } .
Re: Filter - ServletContext
Oh, sorry getInitParameter() was the solution. Thanks for your hint. But why is the ServletContext not the same in Filter and HTTPServlet? Günter - Original Message - From: Erik Price [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Thursday, February 27, 2003 4:54 PM Subject: Re: Filter - ServletContext Günter Kukies wrote: Hello, I want to read some context-param from web.xml within a filter. But the getAttribute is always null. There is no problem to get the same context-param within a Servlet. Don't you want getInitParameter() ? Erik - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
StandardWrapperValve - Allocate exception
Hello, the StandardWrapper is throwing an exception after reloading an compiled servlet. My IDE is Forte. Tomcat 4.0.3 is running on a linux-box. Forte is running on W2000 and the webapp is mounted via samba. JDK is 1.4.1. In element Context the attribute reloadable=true. I have to restart tomcat after every compilation of my servlets. Any ideas? Thanks Günter 2003-02-25 11:34:05 StandardWrapperValve[myservlet]: Allocate exception for servlet myservlet java.lang.NullPointerException at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:673) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214) at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:190) at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566) at org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:246) at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943) at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2343) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180) at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566) at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:170) at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:170) at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:468) at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174) at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943) at org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor.java:1012) at org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java:1107) at java.lang.Thread.run(Thread.java:536)
Delete name-value pairs from request
Hello, how can I delete a name-value pair from a HTTPServletRequest. I need to do it within a Filter request, because I need a ServletRequest Object for chain.doFilter(request,response); Thanks Günter
Xrunhprof
Hello, I tried to get a profiling file from tomcat. I set the JAVA_OPTS in catalina.sh to -server -Xrunhprof:file=/home/test/test.eprof -Xms64 But no file was generated. System: Linux JDK1.4.0 tomcat 4.0.3 Thanks Günter
mime-types
Hi, I want tomcat to serve Exel(.xsl) and Snapshot (snp) files. I added the following mime-mapping to the global web.xml in .../conf/web.xml. But no Application is starting automaticaly at the client site. It seams that the mime-type is text/plain. If the same files where served from an Apache HTTP-Server everything works fine. mime-mapping extensionsnp/extension mime-typeapplication/octet-stream/mime-type /mime-mapping mime-mapping extensionxls/extension mime-typeapplication/vnd.ms-excel/mime-type /mime-mapping Thanks Günter Kukies
default mime-type
Hello, what is the default mime-type when tomcat can't find a matching extention in the servers conf/web.xml? Thanks Günter Kukies
Re: default mime-type
How can I change it? Günter - Original Message - From: unplug [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Friday, October 11, 2002 11:02 AM Subject: Re: default mime-type It is text/plain. Günter Kukies wrote: Part 1.1Type: Plain Text (text/plain) Encoding: quoted-printable -- http://dotw.no-ip.com -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
session
Hello, is there any trick to let the apache server know the session that tomcat created? I use an Apache Server in front of tomcat with mod_jk. I want to protect the static pages and image dirs. Thanks in advance Günter Kukies
mod_jk.conf Listener
Hi, is it possible to have a Listener to get SSL information into the mod_jk.conf file? For Example 'SSLEngine on' or any other SSL directive. What are the possible places for placing a Listener Element within server.xml? Günter Kukies
SSL ApacheServer-Tomcat
Hi, I have a Apache Server 1.3.20 and a Tomcat 4.03 and mod_jk from Johns HowTo running on the same box. Open_SSL and mod_jk is setup for Apache Server. For Tomcat a keystore with a Testcertificate is available. If tomcat is running alone :8443 the SSL connection to my webapp is running well. I cant get ApacheServer serving over :443 my webapp. Apache Server serves my webapp over :80 well. Is it possible to let know Apache Server the keystore from tomcat? I'm using an auto mod_jk.conf generated by Tomcat - Listener. I know that the sekret should be in the mod_jk.conf. How to setup the server.xml to generate a auto mod_jk.conf with SSL information about my webapp. Thanks Günter kukies
tomcat and relative links
Hi, what does tomcat do with relative links like this /mywebapp/public/images/image.gif. What I see (in the logs) is tomcat cuts off /mywebapp to find the correct webapp. Then it tries to map /public/images/image.gif. In the log i can see 3 or 4 tries to map something (Extention etc.). But I don't understand why tomcat can't get the image directly. Can I switch off this behavior. Is this behavior waste of time? Thanks Günter Kukies
reload servlet after any Exception
Hi, my servlet opens a jdbc connection in init() (connection pooling) and saves the connection in a variable. If the database becomes out of service for any reason, the connection gets corrupted and the servlet throws a SQLException. Is it possible to reload (init()) the servlet after an Exception (at the next servlet request), to try to connect when the database is up again? Günter Kukies
exclude dirs from packing a .war file
Hello, how can I setup the filter to exclude whole dirs from my web-app getting packed to a .war- file? The POSIX reg-expressions work only on file-names, but not on path-names. Günter Kukies
exclude dirs from packing a .war file
Hello, how can I setup the filter to exclude whole dirs from my web-app getting packed to a .war- file? The POSIX reg-expressions work only on file-names, but not on path-names. Günter Kukies
'charSet' property JDBC-Driver
Hi, is it possible to set the 'charSet' property of the JDBC-Driver via Context-Resource in the server.xml? If not, any solution for setting 'charSet'?? Example: Resource name=jdbc/db auth=Container type=javax.sql.DataSource / ResourceParams name=jdbc/db parameternamefactory/namevalueorg.apache.commons.dbcp.BasicDataSourceFactory/value/parameter parameternamemaxActive/namevalue100/value/parameter parameternamemaxIdle/namevalue3/value/parameter parameternamemaxWait/namevalue100/value/parameter parameternameusername/namevaluetomcat/value/parameter parameternamepassword/namevaluexxoxxo/value/parameter parameternamecharSet/namevalueCP1252/value/parameter parameternamedriverClassName/namevalueorg.postgresql.Driver/value/parameter parameternameurl/namevaluejdbc:postgresql://192.14.47.11:5432/mydb/value/parameter /ResourceParams Günter Kukies
Apache Tomcat Filter
Hi, is it possible to let Apache serve static HTML-Pages from a dir in web-module from tomcat? This dir should be protected by a Filter-Servlet. Is that combination faster than letting tomcat serve the static Pages? Günter Kukies
increase performance dual processor board
Hi, is it possible to increase performance of tomcat using linux and a dual processor bord ? Günter Kukies
SSL new StreamSource
Hi, I do this within a Servlet: Source xslSource = new StreamSource((new URL(https://147.47.47.11:8443/xxx/yyy.xsl)).openStream()); but i get this Exception: Couldn't find trusted certificatejavax.net.ssl.SSLHandshakeException: Couldn't find trusted certificate at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.ClientHandshaker.a(DashoA6275) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(DashoA6275) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275) at java.io.OutputStream.write(OutputStream.java:58) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275) at sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA6275) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(DashoA6275) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:556) at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl.getInputStream(DashoA6275) at java.net.URL.openStream(URL.java:955) at pretest.processor.processRequest(processor.java:76) at pretest.processor.doGet(processor.java:103) at javax.servlet.http.HttpServlet.service(HttpServlet.java:740) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter . when I type in the URL directly into IE i have asccess to yyy.xsl. Günter
Session for static and dynamic Pages
Hi, I need to protect some static html pages. For that i use the FORM based mechanism from tomcat but without these special formtags. For user login i use my own servlet, that does useridentification and starts a session. So, if the user is logged in and the session is startet. Is this session also valid for the protected static pages? Günter
Re: tomcat and SSL (keyfile password)
Hello, so, what about the solution for non plain text passwords in the config files. There are the SSL-password and the JDBC-Realm password a.s.o. Günter - Original Message - From: Glenn Parsons [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Thursday, April 25, 2002 10:43 PM Subject: RE: tomcat and SSL (keyfile password) Hello Peter, Forgive my ignorance (perhaps this is why people aren't finding this sort of information), but whatr exactly *IS* the CVS? And *WHERE* is it? Thanks, Glenn At 10:34 PM 4/25/02 +0200, you wrote: Mhhh, there is an updated version of the ssl-howto in the CVS for MONTHS now, that describes the installation of official certs (like Verisign, Thawte, Trustcenter...) step by step. But it is *NOT* in TC 4.03 and it is not on the jakarta-webpage. I simply wonder why? People are dealing with this topic again and again... And I know how frustrating this can get... :-( Peter -Original Message- From: Dave North [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 25, 2002 8:33 PM To: Tomcat Users List Subject: RE: tomcat and SSL (keyfile password) OK, here's what I did (this was using a test versign cert but the procedure is the same for a real production cert): STEP A - generate your private key Pre-req: JDK must be installed 1) cd to $JAVA_HOME/jre/bin 2) run ./keytool -genkey -alias tomcat -keyalg RSA -keystore FULL PATH TO KEYSTORE 3) You will be prompted for a password for the keystore 3) at the prompts, enter: What is your first and last name? [Unknown]: DO NOT USE NAME - ENTER THE NAME OF YOUR MACHINE AS IT'S KNOWN TO VISITORS What is the name of your organizational unit? [Unknown]: WHATEVER YOU LIKE What is the name of your organization? [Unknown]: TYPICALLY COMPANY NAME What is the name of your City or Locality? [Unknown]: YOUR CITY What is the name of your State or Province? [Unknown]: STATE OR PROV What is the two-letter country code for this unit? [Unknown]: COUNTRY CODE 4) You will then be prompted for another password - use the same (ie. Press ENTER) STEP B - Generate a Certificate Request 1) cd to $JAVA_HOME/jre/bin 2) ./keytool -certreq -alias tomcat -file csr.txt -keystore FULL PATH TO SAME KEYSTORE CREATED IN STEP A STEP C - Get the new cert from Verisign www.versign.com has all the info here STEP D - Install the Verisign ROOT CA cert AND your server cert When you get your cert in step C, they will provide you with the root cert 1) cd to $JAVA_HOME/jre/bin 2) ./keytool -import -alias verisign -file FILE THAT CONTAINS THE VERSIGN ROOT CA CERT -keystore PATH TO KEYSTORE 3) ./keytool -import -trustcacerts -alias tomcat -file FILE THAT CONTAINS YOUR CERT FROM VERISIGN -keystore PATH TO KEYSTORE STEP E - Configure an SSL listener for tomcat 1) edit $JAKARTA_HOME/conf/server.xml and add the following: !-- Define an SSL HTTP/1.1 Connector on port 443 -- Connector className=org.apache.catalina.connector.http.HttpConnector port=443 minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=10 debug=10 scheme=https secure=true Factory className=org.apache.catalina.net.SSLServerSocketFactory clientAuth=false protocol=TLS keystoreFile=FULL PATH TO KEYSTORE FILE keystorePass=PASSWORD HERE/ /Connector 2) Stop and start the tomcat server -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 25, 2002 2:29 PM To: Tomcat Users List Subject: Re: tomcat and SSL (keyfile password) Hi Dave ohhh...good to know that. I need to set up the tomcat 4.0.3 with verisign. Can you please send those doc to me ? I appreciate your help thanks in advance BM Dave North wrote: Hello, After a few hours trying to get this working, I've finally got my tomcat server working with a certificate signed by Verisign. This all works great. However, to do this, I need to configure the keyfilePass into the server.xml file. This is bad as our security policy is thou shall not have any passwords in plain text. We also use SSL on our iPlanet server and it prompts at start time for the password (they use the term software token but it's the same). So, the question is: is it possible to have tomcat prompt for this and/or how have others got around keeping this in plain text? BTW: if anyone's interested, I have the complete step-by-step of how I got the versign cert working...the info is out there but it seems to be all over the place. Thanks Dave Dave North SIGNIANT Inc. Trusted Data Transfer Services www.signiant.com Phone:
FileReader within a Servlet
Hello, how can I get the path base for a file within a web application? I want to use a FileReader within a Servlet. Günter
Re: FileReader within a Servlet
Thank's that's it. Günter - Original Message - From: Donie Kelly [EMAIL PROTECTED] To: 'Tomcat Users List' [EMAIL PROTECTED] Sent: Wednesday, April 24, 2002 3:43 PM Subject: RE: FileReader within a Servlet ServletContext sc; String RootPath=null; sc = getServletContext(); RootPath = sc.getRealPath(/); This will get you the path of the $TOMCAT/webapps/yourappdir Donie -Original Message- From: Günter Kukies [mailto:[EMAIL PROTECTED]] Sent: April 24, 2002 14:38 To: Tomcat Users List Subject: FileReader within a Servlet Hello, how can I get the path base for a file within a web application? I want to use a FileReader within a Servlet. Günter -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
extends JDBCRealm
Hello, I want to write a new MyRealm class that extend from JDBCRealm. The new class should do a BASE64 password protection. The compilation of the class was sucessfull. Where should I place that class and what entries do I need in the server.xml. Günter -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]