Re: Virtual Hosting and SSL
I DID try, but there is no IP address attribute for connector elements. .. at least not in the documentation listed on the 5.5 documentation / configuration setup. How would I do it? Can you please indicate the syntax? Thanks, Justin --- Hassan Schroeder [EMAIL PROTECTED] wrote: Justin Jaynes wrote: I am running tomcat 5.5.12 and need to host two sites, both with ssl. Can you set up two connectors (one port 443 and one port 80) for one specific ip address and another set of connectors for another ip address? Yes. :-) That's exactly what you need to do. Try it, ask if you run into a specific problem... -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JSP Newbie seeking guidance
John, If you need help with setting up the environment I described (and BOY could I have used help my first time--mostly I tutored myself and failed and failed before succeeding) you can ask me and I will know at least where to point you for relevant information. I assume you have done your own building of software packages from source like PostgreSQL, but if you haven't, that alone can feel like a daunting task--really, its quite simple. Just email me directly and I'll fill you in as much as I can. Justin --- John Geiger [EMAIL PROTECTED] wrote: Not at all, Justin. Thank you, thank you! Also, thank you, Mark Eggers. As I am so new to this, I run the risk of veering off-topic, which I realize is inappropriate. That said, I will get my newbie noggin back into the woodshed so that I may be true to this list. Best wishes, John G. on 10/10/05 10:11 PM, Justin Jaynes at [EMAIL PROTECTED] wrote: Justin --with more to say than you probably wanted to here *** John Geiger Fox Parlor Design Pho 415-821-7100 Fax 415-821-7102 Cell 415-307-2554 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Virtual Hosting and SSL
I'll try... thanks so much for such a fast reply. Is there any document about that feature on the tomcat apache site? Justin --- David Smith [EMAIL PROTECTED] wrote: Try address=192.168.56.32 or whatever IP you want tomcat to bind to. The port attribute will do the same thing for defining what port number to bind to. --David Justin Jaynes wrote: I DID try, but there is no IP address attribute for connector elements. .. at least not in the documentation listed on the 5.5 documentation / configuration setup. How would I do it? Can you please indicate the syntax? Thanks, Justin --- Hassan Schroeder [EMAIL PROTECTED] wrote: Justin Jaynes wrote: I am running tomcat 5.5.12 and need to host two sites, both with ssl. Can you set up two connectors (one port 443 and one port 80) for one specific ip address and another set of connectors for another ip address? Yes. :-) That's exactly what you need to do. Try it, ask if you run into a specific problem... -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Yahoo! Music Unlimited Access over 1 million songs. Try it free. http://music.yahoo.com/unlimited/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Virtual Hosting and SSL
Strike that--I just found that documentation after looking the hundredth time. I guess we overlook what we didn't know before, assuming it isn't what we wanted to find--or something strange like that. But I found it. Thanks everyone. Justin --- Justin Jaynes [EMAIL PROTECTED] wrote: I'll try... thanks so much for such a fast reply. Is there any document about that feature on the tomcat apache site? Justin --- David Smith [EMAIL PROTECTED] wrote: Try address=192.168.56.32 or whatever IP you want tomcat to bind to. The port attribute will do the same thing for defining what port number to bind to. --David Justin Jaynes wrote: I DID try, but there is no IP address attribute for connector elements. .. at least not in the documentation listed on the 5.5 documentation / configuration setup. How would I do it? Can you please indicate the syntax? Thanks, Justin --- Hassan Schroeder [EMAIL PROTECTED] wrote: Justin Jaynes wrote: I am running tomcat 5.5.12 and need to host two sites, both with ssl. Can you set up two connectors (one port 443 and one port 80) for one specific ip address and another set of connectors for another ip address? Yes. :-) That's exactly what you need to do. Try it, ask if you run into a specific problem... -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Yahoo! Music Unlimited Access over 1 million songs. Try it free. http://music.yahoo.com/unlimited/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Yahoo! Music Unlimited Access over 1 million songs. Try it free. http://music.yahoo.com/unlimited/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JSP Newbie seeking guidance
I would HIGHLY recommend using SuSE Linux 10 which can be purchased or download from Novell directly at suse.com. Also, see the openSuSE project (essentially the open source community effort half of the SuSE/novell team). I used to run RedHat but was disappointed in the drop to Fedora. I tried SuSE a few years ago and have never looked back. So easy to install and configure. The YaST systems management tool is amazing. You can still do everything the manual way (and I do sometimes). But the firewall is easy and strong, the package management is simple, the install resizes partitions (even NTFS). Just so many highly polished surfaces there. Try SuSE and see if you ever go back. I have run tomcat and SuSE in production for over a year and not had a problem and am now in the process of upgrading my production server to SuSE 10 and tomcat 5.5.12. So far so good. It's all working in my development area. The improvements in 5.5.12 are EXCELLENT. But there are significant changes in how you set up the server.xml file, so read up on the 5.5 doc page. I had previously only been using 5.0.x. ALso, I had some glitchy problems with 5.5.9. No reason to download it now anyhow, since 5.5.12 is stable release. I also recommend PostgreSQL 8.0 from postgresql.org if you need database (as i imagine you must) (open source and fully ansiSQL standard and RDBMS compliant, unlike mySQL --don't yell at me for saying so, please-- i know how much many people love mySQL. You have to build Postgresql from source on SuSE 10 since no rpms are out in the combination of those versions of SuSE and PGSQL. I tired to use older RPMS--not a good idea. But the build and install went perfectly. Be sure you have the proper dev packages installed before you try. If not, the documentation tells all you need to know. PostgreSQL 8.0, Tomcat 5.5.12, and SuSE 10 are real winners. I have had --no-- problems with the past versions, and these new versions seem up to par or better. I LOVE SuSE 10.0 for my desktop environment/school computing/web surfing/DVD watching(i use KDE) and run everything just described on my Dell Inspiron 6000 notebook. That's my developemnt envrionment. Obviously the combination of KDE and the servers on a notebook are no match for my production environment. but I must say, my notebook and the software on it do all I ever ask them to--school work, web surfing, large SQL routines, JVM, Tomcat--and a fair bit of graphics design. All on open source software. What a wonderful world we live in. (The DVD's I run on XINE, which I had to build, since XINE is stripped down for leagal reasons in SuSE 10, but the build installed great and runs with no problem just by typing xine in KDE). Justin --with more to say than you probably wanted to here --- John Geiger [EMAIL PROTECTED] wrote: Hello: This is a little intimidating, but I am eager. I hope I am in the right place. I am a DHTML developerintermediate level. I¹ve been exposed to JSP on an iPlanet server, Sun OS 5.8 (but it is my client¹s production server, and I¹m reluctant to mess around there!) I now have my own Tomcat install kind-of-working on a Fedora Core 2 box. It is Tomcat 5.0.x with Apache 1.3. I am studying an APress book called ³JSP 2.0 Novice to Professional,² but get errors with some of the exercises. (The book is great! Makes it sound so easy ;-) My main question is: Can someone recommend a proven Linux, Apache 2 Tomcat 5.5 combinationcould be unix, too. I figure I should set up a stable development rig firstone that I could eventually rely on in a light production environment. Also: I am interested in finding a tutor/mentor in the San Francisco Bay Area. Any advice would be much appreciated. Thanks, John G. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Virtual Hosting and SSL
I am running tomcat 5.5.12 and need to host two sites, both with ssl. Obviously one SSL cert/keystore will not do for two sites. I understand that SSL is IP based because the http header is not read until after the connection is established. I know you can configure tomcat to do virtual hosting based on IP's by adding IPVHost=true to connectors in server.xml file. but you have to specify the keystore a connector will use PER the connector--NOT THE HOST. So even though I can distinguish between IP addresses, it is too late already. The connector has already opened the keystore--without understanding which IP address the request has come from. Can you set up two connectors (one port 443 and one port 80) for one specific ip address and another set of connectors for another ip address? This seems to me (and I am sometimes wrong) the logical way tomcat should work. What good is virtual hosting capability based on IP's if you can't use SSL in conjunction with them? Everybody needs some SSL these days for something or other. Can you tell jsvc to make the daemon listen only on one ip address when you start it, and simply start two dameons listening to different IP's (which would mean two servers running on my machine, and NOT the scenario I would prefer)? I hope some very seasoned pserson can help me. This list has never failed me yet and I have been asking questions for over a year. Mad-Props to all of you! Thanks for everything. Justin __ Yahoo! Music Unlimited Access over 1 million songs. Try it free. http://music.yahoo.com/unlimited/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Resizing JPEG Images
I am accepting JPEG uploads on a website I developed in JSP and Java Beans. It all runs on Tomcat. I once knew of a Java Bean that would accept a JPEG and scale and resize the image and save it. I need my web-app to resize the images as it accpets them. That was years ago. I can't find it any longer. Does anyone know how or where I should start? If writing my own bean would be easy using some part of the Enterprise Java SDK, please point me in the right direction and I'll do the work. I am using the lates version of the JDK. Thanks, Justin __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JNDI DBCP Resources: Pool Leak
Concerning JNDI Database Connection Pooling Sources, I
have read that if you fail to explicitely close Result
Sets, Statements, or Connections to the DataSource
from WITHIN the web application, a connection in the
pool will be lost. (I read this at:
http://jakarta.apache.org/tomcat/tomcat-5.5-doc/jndi-datasource-examples-howto.html).
I understand that you can set an option to reclaim
lost connections. That's great.
But to avoid this in the first place, I have a
question.
I have a JSP which sends Statement objects to a Bean
(not a bean by exact definition) which accesses the
database and returns a ResultSet.
The jsp code is like this:
% com.x.DatabaseInterface web = new
com.x.DatabaseInterface(); %
% web.connect(); %
% String selectSQL = SELECT * FROM place;; %
% ResultSet result = web.selectQuery(selectSQL); %
% while ( result.next() ) { %
%= result.getString(placename) %
% } %
% web.disconnect(); %
Of course, there are statement objects and resultset
objects in the code above. Do I have to explicitely
close them IN JSP AND also the ones IN THE BEAN or
just the ones in the BEAN? I suppose this is a
fundamental principle of Java which I do not fully
understand as the objects . Can someone please
enlighten me?
The Bean looks like this:
package com.;
import java.sql.*;
import javax.sql.*;
import java.io.*;
import javax.naming.InitialContext;
import javax.naming.Context;
public class DatabaseInterface {
String error;
DataSource ;
Connection database;
ResultSet result;
Statement select;
Statement update;
public DatabaseInterface() { }
public void connect() throws Exception {
try {
InitialContext initContext = new InitialContext();
= (DataSource)
initContext.lookup(java:comp/env/jdbc/);
database = .getConnection();
} catch (Exception e) {
error = Data Source Opening Connection Error: +
e;
throw new Exception(error);
}
}
public void disconnect() throws Exception {
try {
database.close();
} catch (Exception e) {
error = Data Source Closing Connection Error: +
e;
throw new Exception(error);
}
}
public ResultSet selectQuery(String webStatement)
throws SQLException, Exception {
try {
if ( database != null) {
select = database.createStatement();
result = select.executeQuery(webStatement);
}
} catch (SQLException sqle) {
error = SQL Error Disconnecting: + sqle;
throw new SQLException(error);
} catch (Exception e) {
error = Error in selectQuery block: + e;
throw new Exception(e);
}
return result;
}
public void insertQuery(String webStatement) throws
SQLException, Exception {
try {
if ( database != null) {
update = database.createStatement();
update.execute(webStatement);
}
} catch (SQLException sqle) {
error = SQL Error: + sqle;
throw new SQLException(error);
} catch (Exception e) {
error = Error in insertQuery block: + e;
throw new Exception(e);
}
}
}
__
Click here to donate to the Hurricane Katrina relief effort.
http://store.yahoo.com/redcross-donate3/
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Using more than one SSL cert in keystore?
Paul, Thanks. I am doing as you have instructed. I hope to set up client-side redirects. Can you please tell me how? Does it require javascript, or just HTML? Where can I learn about client side re-directs? Justin Jaynes --- Paul Singleton [EMAIL PROTECTED] wrote: Justin Jaynes wrote: ...But now I would like to put up a new site that is completely independant of the others. It needs its own SSL cert and it needs four host names to all point to the same place and redirect to just one of the domain names so that the SSL cert will be valid, regardless of how the users chose to get to my site. An SSL cert is for a specific domain name. If you want your users to be able to make HTTPS requests to all four domains without warnings from the browser, I reckon you need four certificates. But if they make non-SSL requests, and you respond with a client-side redirect to your one true certificated site using HTTPS, that may work OK? Is it possible to do Virtual Hosting using IP's on a Tomcat standalone installation? Yes, I'm doing this now with 5.5.9 You need e.g. this server.xml stuff for each host: Service Connector (HTTP) Connector (HTTPS) Engine Host Context You can use the default keystore for all hosts, and use the (undocumented) keyAlias=myalias Connector attribute to offer the appropriate certificate for each host, e.g. Connector address=288.104.197.211 port=8443 scheme=https secure=true sslProtocol=TLS keyAlias=mrk2 / (in 5.5.9 you also need sslProtocol=TLS explicitly, fixed in later versions) Paul Singleton -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.338 / Virus Database: 267.10.0/63 - Release Date: 3/Aug/2005 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How bind Tomcat to an IP address?
Andrea, Let's say you install tomcat on machine A, (your server), and your network administrator has given that machine the address of 192.168.0.7. You and want to reach the server from a machine B, your workstation. All you need to do (assuming they are on the same network and properly configured, which are NOT tomcat issues) is sit down at the workstation, machine B, and open your browser. Enter the address of the server (here, 192.168.0.7:8080). Thats it. No address=xxx.xxx.xxx field is needed. Ommit them from your server.xml file unless you plan to have your server host virtual domains based on IP address. Usually a machine only has one IP address, but even so, if you do not set up the address parameter in your server.xml file, tomcat should listen to all the network devices on the server and respond to your requests to each of the IP's. If this does not answer your question, either I misunderstood it altogether and you need to be more specific about what you are trying to do, or you might try a brief chapter on basic networking in any good internet,how it works type reference book. Or a good linux reference book, same chapter. Justin --- Andrea Senatore [EMAIL PROTECTED] wrote: Hi all, I have installed jakarta-tomcat-4.1.18-LE-jdk14 on my windows 2000. I tried it locally typing in my browser http://localhost:8080 and all works fine. As I need to use Tomcat on machine different from mine I tried to change the address which Tomcat is listening to. I read on HOW-TO that you can change the listening address through the field address of Connector in conf/server.xml. I tried this advice but nothing happens. Any suggestions? Thanks in advance, Andrea - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: 1 jakarta server + multiple ip's
Peter, I tried the solution you offered (below) about creating more than one service and using the address=xxx parameter in the Connectors tags. It works great. However, what do you mean in your disclaimer that it is from the documentation and is untested? Did you mean to say NOT from the documentation? And if it is untested, but it is working, are there any reasons not to use it in a production server? Is it safe? Justin --- Peter Crowther [EMAIL PROTECTED] wrote: From: [EMAIL PROTECTED] I'm configuring a tomcat-server and the server has multiple ip's. I would like to setup virtual hosts based on the ip-address. I wouldn't like running multiple servers. What I've done: I have setup aliases for the possible dns-names of the second virtual host (the possible names for one of the ip's). I have also added the ip itself to the aliases link. However, I don't know how tomcat filter based on these names. The ip-alias seems to work, so I'm wondering what tomcat is comparing it with. Try this. Beware, this is from the documentation and is untested! Based on my 5.0.28 installation. In your server.xml for Tomcat, set up two different Services - copy and paste the existing chunk of XML for the Service, its Engine (and the bits inside that) and its Connectors. Change the appBase of the second Host to the place you want the second virtual host to find its files. In the Connectors of each Service, add: address=ip.of.virtual.host near the port=port attribute. THis should cause the Connector to bind to that IP rather than every IP on the machine. Hope this helps. - Peter - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Question for Bruno Re: Forwarding Domains
Hi Bruno, I am NOT using apache in front of tomcat. Sorry. I really like standalone tomcat. So I would like to learn more about the first solution you described here. However, I do not understand it at all. What exacty do you mean, and where can I read/learn about it? Second question--in the discussion thread titled something like [one tomcat + multiple ip's] I tried the proposed solution and have asked if it is suitable/safe for production environment. Do you have any input on the question? Justin --- Bruno Georges [EMAIL PROTECTED] wrote: Hi justin You can achieve url forwarding/rewriting using a simple servlet filter, or better if you have apache in the front, use mod-rewrite, which is configurable in your httpd.conf. If you are using iis, there are few available isapi filter which you can use, alternatively you can write your own, which reacts on the preprocheaders or urlmap notifications. Hope this helps. Bruno Georges Bruno Georges Glencore International AG Tel. +41 41 709 3204 Fax +41 41 709 3000 - Original Message - From: Justin Jaynes [EMAIL PROTECTED] Sent: 01.08.2005 23:53 To: tomcat-user@jakarta.apache.org Subject: Forwarding Domains Is it possible for me to host somedomain.com on my tomcat, and as that is my prefered domain name format, and want all users who go to www.somedomain.com (YES, I have A records set up for both and they point to the same tomcat server) to be re-directed to somedomain.com, using my tomcat setup? In other words, I want to move all my users from the domain they enter to a domain I prefer USING my tomcat setup. I imagine there is some way to set up my server.xml to do it. Justin Thanks in advance. I have never had an issue unresolved after submitting to this list. Bravo! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] * * LEGAL DISCLAIMER * This message contains confidential information for * the exclusive use of the person mentioned above. * - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: 1 jakarta server + multiple ip's
My host is not very busy. The loads on the sites are minimal. I want to use two services so that each virtual host I run can have individual SSL certificates to match. SSL prevents Virtual Hosting using domain name distinguishing. It must be IP based. Justin --- MC Moisei [EMAIL PROTECTED] wrote: Quick question on this one: So you have an apache2 that fronts tomcat via jk2 connector, are there two instances of tomcat or just one ? If there would be two I'd see the benefits if one is busy the round robin algorithm redistributes the request to the second one. But its only one instance with two jk2 services how is that helping if the tomcat is busy handling a lot of requests ? C From: Justin Jaynes [EMAIL PROTECTED] Reply-To: Tomcat Users List tomcat-user@jakarta.apache.org To: Tomcat Users List tomcat-user@jakarta.apache.org Subject: RE: 1 jakarta server + multiple ip's Date: Wed, 3 Aug 2005 10:21:29 -0700 (PDT) Peter, I tried the solution you offered (below) about creating more than one service and using the address=xxx parameter in the Connectors tags. It works great. However, what do you mean in your disclaimer that it is from the documentation and is untested? Did you mean to say NOT from the documentation? And if it is untested, but it is working, are there any reasons not to use it in a production server? Is it safe? Justin --- Peter Crowther [EMAIL PROTECTED] wrote: From: [EMAIL PROTECTED] I'm configuring a tomcat-server and the server has multiple ip's. I would like to setup virtual hosts based on the ip-address. I wouldn't like running multiple servers. What I've done: I have setup aliases for the possible dns-names of the second virtual host (the possible names for one of the ip's). I have also added the ip itself to the aliases link. However, I don't know how tomcat filter based on these names. The ip-alias seems to work, so I'm wondering what tomcat is comparing it with. Try this. Beware, this is from the documentation and is untested! Based on my 5.0.28 installation. In your server.xml for Tomcat, set up two different Services - copy and paste the existing chunk of XML for the Service, its Engine (and the bits inside that) and its Connectors. Change the appBase of the second Host to the place you want the second virtual host to find its files. In the Connectors of each Service, add: address=ip.of.virtual.host near the port=port attribute. THis should cause the Connector to bind to that IP rather than every IP on the machine. Hope this helps. - Peter - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Using more than one SSL cert in keystore?
Bruno, I am hosting a few sites on Tomcat standalone and they all share on SSL certificate because they all use the same domain name (they are just forwards to different directories). But now I would like to put up a new site that is completely independant of the others. It needs its own SSL cert and it needs four host names to all point to the same place and redirect to just one of the domain names so that the SSL cert will be valid, regardless of how the users chose to get to my site. Is it possible to do Virtual Hosting using IP's on a Tomcat standalone installation? Or will it only do the host entries that I am already using? It would solve all my problems if I could. Then, to get four addresses redirected to one, I would simply have to set my default domain name set in server.xml, enter no other host entries, and all the requests sent there would shift to the default domain. I am not sure if this scenario is achieveable. Tomcat may not even be set up for IP virtual hosting. One other thought--Is this more easily achieved by setting up a second instance of tomcat on my machine? Justin --- Bruno Georges [EMAIL PROTECTED] wrote: Justin In this situation, I would use apache + modrewrite If you want some example I can help you Bruno Bruno Georges Glencore International AG Tel. +41 41 709 3204 Fax +41 41 709 3000 - Original Message - From: Justin Jaynes [EMAIL PROTECTED] Sent: 02.08.2005 00:54 To: Tomcat Users List tomcat-user@jakarta.apache.org Subject: Re: Using more than one SSL cert in keystore? In the (brief) interim between my asking the original question below, and now, I have found additional information--SSL must occur before HTTP handshake, and will therefore not work on hosts based on the same IP. I have more than one IP available from my ISP. I suppose the question would better be this: How do I cofigure virtual hosting of more than one SSL enabled host over ONE interface using multiple IP addresses? Sorry for the confusion. --- Justin Jaynes [EMAIL PROTECTED] wrote: If I host more than one domain on my tomcat installation (standalone, not with apache), can I imort an SSL certificate for each domain and will tomcat just know which to use for which hosts? Justin Jaynes - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] * * LEGAL DISCLAIMER * This message contains confidential information for * the exclusive use of the person mentioned above. * - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Using more than one SSL cert in keystore?
If I host more than one domain on my tomcat installation (standalone, not with apache), can I imort an SSL certificate for each domain and will tomcat just know which to use for which hosts? Justin Jaynes - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Forwarding Domains
Is it possible for me to host somedomain.com on my tomcat, and as that is my prefered domain name format, and want all users who go to www.somedomain.com (YES, I have A records set up for both and they point to the same tomcat server) to be re-directed to somedomain.com, using my tomcat setup? In other words, I want to move all my users from the domain they enter to a domain I prefer USING my tomcat setup. I imagine there is some way to set up my server.xml to do it. Justin Thanks in advance. I have never had an issue unresolved after submitting to this list. Bravo! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Using more than one SSL cert in keystore?
In the (brief) interim between my asking the original question below, and now, I have found additional information--SSL must occur before HTTP handshake, and will therefore not work on hosts based on the same IP. I have more than one IP available from my ISP. I suppose the question would better be this: How do I cofigure virtual hosting of more than one SSL enabled host over ONE interface using multiple IP addresses? Sorry for the confusion. --- Justin Jaynes [EMAIL PROTECTED] wrote: If I host more than one domain on my tomcat installation (standalone, not with apache), can I imort an SSL certificate for each domain and will tomcat just know which to use for which hosts? Justin Jaynes - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Virtual Hosting Questions
Bill, I believe I know what you are trying to do. I have done the a smiliar thing. Let me answer your questions one at a time. I need to set up a few virtual hosts for a development project, and being new to Tomcat virtual hosts, have a couple of questions: By virtual hosts, I assume you mean multiple domains all hosted on the same box, like www.firstsite.com, www.secondsite.com, etc with all different pages being displayed at each site, with one tomcat server running. To do this, you have to get your server.xml configuration just right, as well as have your hosts files setup (or DNS entries). Right now, on my server, I have four virtual hosts. I have 4 different DNS entries all pointing to the same IP. The configuration in server.xml makes tomcat point each address to a different directory with my web content for each site. 1. In development, the clients and tomcat will be on an intranet. I plan to use the hosts files of the client and tomcat boxes to map domain names to IP addresses, thereby preempting invocation of DNS, and thus exposure of our product-specific domain names to the Internet at-large, until the site is deployed publicly. Therefore, without DNS entries, you must put an entry for each desired virtual host into the hosts file on each client you wish to have pointing to the server, with the ip address. Question 1: Is this hosts-file approach feasible? Yes. Quite feasible. Does tomcat care HOW domain names are mapped to IP addresses? Not that I know of. But I am no expert. The following fragment is extracted from conf/server.xml of the the tomcat distribution: Host name=localhost debug=0 appBase=webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Logger className=org.apache.catalina.logger.FileLogger directory=logs prefix=localhost_log. suffix=.txt timestamp=true/ /Host To get each virtual host to direct to its own page, you must have one whole host entry for each virtual host where localhost is replaced by the domain that you desire (e.g. www.firstdomain.com). Then, within the host entry, create a context to point to the proper directory structure. Question 2: Why is the host named localhost? Just a convention of UNIX machines. You pick any other name you want for mapping to ip's that you put in your hosts file or a DNS entry (assuming it is registered to you). I expected that only URL's of the form http://localhost:8080/... would be handled by this virtual host, but it seems to handle any URL's that map to the IP and port of the real host that tomcat serves. By default (i believe) any name that does not have a corresponding Host entry in the server.xml file is routed to the first entry (or something like that) so your virtual hosts won't split to different pages until you create a host entry for each one. --- Question 3: How would one configure a 'local' virtual host, i.e. a host visible only on the box that runs tomcat? --- Just put the entry for the desired domain in the hosts file of only the local machine (the server) and not in the hosts files on the other machines on the network. It's that easy. If I can give any other pointers, just ask another question. Good luck, Justin Jaynes __ Do you Yahoo!? The all-new My Yahoo! - Get yours free! http://my.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Counting Page Hits
Thanks! Justin Jaynes --- Shapira, Yoav [EMAIL PROTECTED] wrote: Hi, Could you give me a quick pointer in the right direction for a good, popular log analyzer? Then I can study up. I would appreciate the help so much. Easy. Enable the AccessLogValve in conf/server.xml, with pattern common (the default) or combined (for additional info). Use the server a bit so that access log has some data. Then download Webalizer from http://www.mrunix.net/webalizer/ and run it on the access log file. It will generate a set of HTML files, including an index.html starting point. Open a web browser, go to this index.html, and enjoy looking at your site stats. ;) There are plenty of other good, free analyzers out there in addition to webalizer. I just picked one that I use, but if you don't like it or want to try something else, they're easy to find online. Yoav This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Check out the new Yahoo! Front Page. www.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Counting Page Hits
The general answer I've seen in the past is that you should use log analysis tools Unfortunatly, I have never been introduced to log analysis tools. Could you give me a quick pointer in the right direction for a good, popular log analyzer? Then I can study up. I would appreciate the help so much. And I have not done much research on logging in Tomcat, so I am reading the texts on the jakarta website. However, the tomcat/faq/logging.html page states that logging previous to 5.5 is provided as a LOGGER element and in 5.5, as COMMONS-LOGGING. I am using 5.0.28 on my production server. Do I have to wait until 5.5 comes out stable to use COMMONS-LOGGING? Justin Jaynes __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Counting Page Hits
What is the easiest way to monitor hits to resources (files or pages) on my tomcat 5 server? Do I write my own ticker into each page I want to monitor and store the incremented value to a database? Or is there a much simpler solution already implimented in some tomcat management software (I have never used any of the pre-installed software, and have actually been disabling it. A book recommended it not be installed for security purposes on a production server-- they could be wrong, I know). Any suggestions? Justin Jaynes __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat Question - HELP
Daniel, You really SHOULD care. I just started a web hosting business on the Linux platform using Tomcat. I had no prior experience using the software and I have read as much as I can in books, but they are always out of date, even when new. Press time is always too long. Open source just keeps getting better so much faster. So an open community forum with the WRITERS of the software is a MODERN MIRACLE. This forum, and Yoav, have been invaluble resources to me. No propiretary software provider would EVER be willing to provide such support. They aren't smart enough and they don't care enough. So if you want, stick with your proprietary solutions and your Technical Support Staff (untrained teenagers and non-english speakers reading general answers to your not-so-general questions). But don't disreguard the ADVICE my friend Yoav gave you on HOW TO USE THE RESOURSE he has offered to you FREE OF CHARGE as a common human courtesy. Listen to him. He knows how to help you help yourself. Justin Jaynes --- [EMAIL PROTECTED] wrote: I really don't care what your personal views are. I am not a decision maker here. We use apache/tomcat for non-mission critical app. Actually we don't have a choice because the vendor who wrote the code bundled everything with all those open source stuff. Why don't we make this forum simple. If you are willing help, just focus on helping to address specific technical issues and not express your personal opinions about things that are not relevant like attacking somebody's technical know-how, etc.(not you but one of those who reply to my posting). Like KISS...keep it simple and straight to the point. I didn't post the log because I am 99.99 sure that will only see a clean startup message and nothing else. We actually replicated the issue and killing a tomcat PID, sometimes does not release the port it is listening to/or using. I killed the tomcat PID, clear port 8080 and make sure nothing else is using it or holding it and restarted tomcat with my rc2.d script that calls catalina.sh and it solved my issue. I got that idea from one of the good replies I got for this particular issue. My 2 cents. Daniel Salud (310)665-6583 Shapira, Yoav [EMAIL PROTECTED] 10/01/2004 11:49 AM Please respond to Tomcat Users List To: Tomcat Users List [EMAIL PROTECTED] cc: Subject:RE: Tomcat Question - HELP Hi, Personally, I'd take this support list over any commercial support organization, hands down. But that's just my personal experience as someone who's had to make that decision (commercial versus open-source, paid support versus community support, dedicated support staff versus outsourced, etc.), and live with the consequences, many times over the years, and YMMV ;) In this specific case, no commercial support organization would be able to help you more given the negligible information content you posted. Instead, you'd be dragged along until you posted your logs and/or provided steps to reproduce the problem, and be charged according to your support agreement, so at least you'll have the satisfaction of knowing your $$$ spent on support aren't being completely wasted, only mostly wasted. If the problem happens again, and you provide more details, the probability of you getting concrete help is higher than with the scant details provided in your original post. Yoav Shapira Millennium Research Informatics -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, October 01, 2004 1:01 PM To: Tomcat Users List Subject: RE: Tomcat Question - HELP I know all those. I already have our web engineer looked at it and he found nothing from the log so I wouldn't post the log. I guess between you and my web engineer, I will trust his judgement. I am hoping that somebody has seen something like this before and would share what they did. Have you? That's one of the issues with open source as you already know. No support so sometimes you have to rely on user forums for open source stuff. Thanks anyway. Daniel Salud (310)665-6583 Gerardo Juarez [EMAIL PROTECTED] 10/01/2004 09:48 AM Please respond to Tomcat Users List To: Tomcat Users List [EMAIL PROTECTED] cc: Subject:RE: Tomcat Question - HELP I think a UNIX admin should know how hard it is to debug a problem when it is not accompanied by any other information. A UNIX admin should also know that novice users normally don't see anything abnormal in the logs. They have to list the output of a program for you to notice something. Ninety percent of the time the assertion 'the log says nothing' is false. UNIX admins know that. Please post the log and any information that may give us more context. Gerardo On Fri, 1 Oct 2004 [EMAIL PROTECTED] wrote
Re: Allowing users of web app to upload files
I just realized I misspelled Yoav's name in my earlier question. My appologies Yoav. So my question: How do I USE the fileupload Commons package? I don't see any instructions with the COMMONS packages. Thanks for the quick directions in response to my problem. However, I am not familiar with the COMMONS project. I admit that I have a difficult time understanding how to implement other peoples programming in a way that it works with mine. I know how to use my own, because I wrote it. So I am at the stage in my programming 'carreer' that I need to learn how to tie in other work with my own. If someone could answer my fileupload Commons question directly, that would be nice. Pointing me in the proper direction to LEARN how to use it would be useful as well. Justin Jaynes --- Tim Funk [EMAIL PROTECTED] wrote: See http://jakarta.apache.org/commons/fileupload/ -Tim Justin Jaynes wrote: Well, As Yaov said this list was ok for JSP development, here I go. I am having a great time using Tomcat on SuSE 9.1 with SSL and all is working fine. I would like users of my web applications to be able to upload image files to directories that Tomcat is serving files out of. This must happen THROUGH the web application. Therefore I have two questions: 1. How would I get a file off a remote users hard drive (which they specify by typing the file name and location into a text box in a form) to move to my server and be renamed (using my own file naming convention)? 2. How do you open a Browse File dialog box in a web browser (I would guess this would be easily done using Java Script. may not be an appropriate question here, so only answer if you happen to have the answer on hand) If possible, pointing me to a location on the web where this is done and the script is readily apparent, would be a fine answer. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ___ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Allowing users of web app to upload files
No, in fact I didn't see it. Thank you. If I have any specific questions after reading it, I will ask. Thank you so much. Justin Jaynes --- QM [EMAIL PROTECTED] wrote: On Thu, Sep 23, 2004 at 12:14:18PM -0700, Justin Jaynes wrote: : So my question: How do I USE the fileupload Commons : package? I don't see any instructions with the : COMMONS packages. I take it, then, you didn't see this? http://jakarta.apache.org/commons/fileupload/using.html If you did read it, then what are your specific questions? -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Allowing users of web app to upload files
Well, As Yaov said this list was ok for JSP development, here I go. I am having a great time using Tomcat on SuSE 9.1 with SSL and all is working fine. I would like users of my web applications to be able to upload image files to directories that Tomcat is serving files out of. This must happen THROUGH the web application. Therefore I have two questions: 1. How would I get a file off a remote users hard drive (which they specify by typing the file name and location into a text box in a form) to move to my server and be renamed (using my own file naming convention)? 2. How do you open a Browse File dialog box in a web browser (I would guess this would be easily done using Java Script. may not be an appropriate question here, so only answer if you happen to have the answer on hand) If possible, pointing me to a location on the web where this is done and the script is readily apparent, would be a fine answer. __ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Know of a group for JSP development?
I realize this group is NOT for JSP development questions. Does anyone know of such a group? I have exhausted my books in looking for answers and would like to chat with other JSP developers. My appreciation for all this list has already done for me. Justin Jaynes ___ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Maintaining Sessions
Hello, I am running Tomcat 5.0.25 on SuSE Linux 9.1. I am running ONE Tomcat server with two services: 1. Standalone on port 80, with two hosts: A. A basic shopping site with a CartBean.java that I set scope=session when I call it from JSP's. B. Another not related host. 2. Standalone SECURE on port 443, with two hosts: C. The secure checkout site for host A (above) B. Another secure, but not related, host. My cart.jsp on host A uses checkout.jsp on host C to process the request. However, the session with CartBean objects does not carry over. How do I keep my session alive from host to host on the same server? And what if I decide to move the host C to another server on another machine? Then what? Or is this the wrong approach? Is there a way to have SOME secure jsp's on the same host as some non-secure jsp's? And do I HAVE to have a WEB-INF directory for both hosts, or could they somehow share a WEB-INF directory so I only have to maintain ONE set of classes? I tried using symbolic-link WEB-INF's to one big WEB-INF directory, but it did NOT work. Justin Jaynes __ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Maintaining Sessions
That makes sense. I did some reading since you replied and I realize now that I can have more than one connector per engine containing multiple hosts. That also explians the mysterious redirect port parameter that I couln't make heads nor tails of till now. But a few web.xml questions. There is a web.xml file in my catalinahome/conf directory. I have read that according to some specifications somewhere, I should also have a web.xml in every WEB-INF directory for each application. Does the main web.xml file apply to all applications, and the WEB-INF web.xml just add settings to the specific applications, or does it OVERRIDE the main web.xml (so I would need to include ALL the entries found in the main file in ALL of the application level web.xml files)? And what would an entry look like to force one specific file to re-direct to the secure port? I can only find very vague examples that secure entire applications. Thanks for the help thus far, Justin Jaynes --- Justin Ruthenbeck [EMAIL PROTECTED] wrote: Hi, Square peg, round hole. It seems like the only reason you've split these into multiple hosts is to differentiate between secure and non-secure communication -- that's a bad idea. From what you've said, the best approach is to put all of the JSPs for (A) and (C) in the same webapp, but set security-constraints for those resources (C) that require https. See: http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html What you're describing here is a deployment-time problem -- it shouldn't impact your code in a major way like distributed sessions would cause. justin At 02:56 PM 6/2/2004, you wrote: Hello, I am running Tomcat 5.0.25 on SuSE Linux 9.1. I am running ONE Tomcat server with two services: 1. Standalone on port 80, with two hosts: A. A basic shopping site with a CartBean.java that I set scope=session when I call it from JSP's. B. Another not related host. 2. Standalone SECURE on port 443, with two hosts: C. The secure checkout site for host A (above) B. Another secure, but not related, host. My cart.jsp on host A uses checkout.jsp on host C to process the request. However, the session with CartBean objects does not carry over. How do I keep my session alive from host to host on the same server? And what if I decide to move the host C to another server on another machine? Then what? Or is this the wrong approach? Is there a way to have SOME secure jsp's on the same host as some non-secure jsp's? And do I HAVE to have a WEB-INF directory for both hosts, or could they somehow share a WEB-INF directory so I only have to maintain ONE set of classes? I tried using symbolic-link WEB-INF's to one big WEB-INF directory, but it did NOT work. Justin Jaynes __ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Justin Ruthenbeck Software Engineer, NextEngine Inc. justinr - AT - nextengine DOT com Confidential. See: http://www.nextengine.com/confidentiality.php __ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JSVC to run tomcat?
I rechecked my configuration file, and I was using to JSVC script for tomcat 4 which loads a different class than the tomcat 5 script. I corrected the class and it works flawlessly. There are always TWO JSVC processes running. Is that normal? And can somebody please explain exactly what is happening with JSVC and tomcat. How do I know the process is actually running with the underprivelaged user account? If JSVC runs tomcat as a Daemon, does it shut off when no services are requested from it and start up again when a service is requested? Will this slow down my system? How does JSVC work and does it affect performance? Justin --- Bob White [EMAIL PROTECTED] wrote: My guess is that jsvc is failing. Is there an error in your output file or error file? (ie. ../logs/catalina.out ../logs/catalina.err). As for why it was failing, I found it was so unreliable on my system that I eventually ditched it (but then I don't need port 80). All in all, it's easier to run Apache http server and bridge to Tomcat than to try to get Tomcat running using jsvc, imo. ..Bob. --- Eric Noel [EMAIL PROTECTED] wrote: On 5/28/2004 12:02 PM, Justin Jaynes wrote: I am very impressed with the responsiveness of this list. I appreciate all the help everyone has given me in learning about JSVC for running tomcat as an underpriviledged user on ports 80 and 443. However, I am still running into a problem. I created a tomcat user and group and all tomcat files and web application files are owned by tomcat. I compiled the jsvc and set my scripts to run jsvc with the proper options (I believe), and when I run the script, I get nothing but my prompt back. I run ps -ax and jsvc is NOT a running process. What am I doing wrong? I run the command from my /tomcat/bin: jsvc -Djava.endorsed.dirs=../common/endorsed -cp ./bin/bootstrap.jar -outfile ../logs/catalina.out -errfile ../logs/catalina.err org.apache.catalina.startup.Bootstrap nothing I run the command with the user option, (as in the scripts) again. nothing. No errors, no process. Any help would be greatly apreciated. Justin __ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] try checking the tomcat5.sh script in the jsvc.tar.gz to see the parameters passed. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] = --Bob White-- home:727-490-7363, cell:727-463-6061 New (popup free!) photos of Polina: http://polina.70kg.com/ Everything that irritates us about others can lead us to an understanding of ourselves. - Carl Jung - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Verifying signatures
I recently downloaded TOMCAT 5 and I read that I am responsible to verify the integrity of the download from the mirror using some key or signature. How do I do that? I am running SuSE linux 9.1. Please be specific. What key's or signatures or checksums do I download? Where do I place them? What commands do I type? I hope this is not a stupid question. __ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
standalone production?
Is it considered safe to run tomcat as a stand-alone production server on ports 80 and 443? This requires tomcat to run as root (or so I have read) and it is therefore not recommended. Using apache forks child processes that run as nobody. But I don' want to use apache. Again, is it safe to run tomcat as a stand-alone production server on port 80 and 443 as root? Or is there some way to deny root permissions and still use these ports? __ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: standalone production?
I am intending to run in a fully internet exposed environment and I only have ONE physical machine to use for deployment. It will be directly connected to the internet at co-location service provider. So ... In a conversation from yesterday, it appears another user had a similar question. How to run on port 80, securly. Is it possible to run tomcat with a non-priviliged user? What is this JSVC approach they referred to, and what is the solution that was given? Where can I go to read more? OK, I've been running tomcat behind apache for ages, and now I want to go with Yoav's oft-stated advice to just use tomcat (5.0.24) alone. And I want it on port 80. So, I try to use the jsvc approach, telling it to go to the nonprivileged tomcat user by (from the tomcat site): ./bin/jsvc -Djava.endorsed.dirs=./common/endorsed -cp ./bin/bootstrap.jar \ -outfile ./logs/catalina.out -errfile ./logs/catalina.err \ org.apache.catalina.startup.Bootstrap -user tomcat However, that chokes as follows, as it apparently can't use port 80 as I'm wanting it to. I'm sure this must be trivial, but all help would be appreciated! __ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JSVC to run tomcat?
I am very impressed with the responsiveness of this list. I appreciate all the help everyone has given me in learning about JSVC for running tomcat as an underpriviledged user on ports 80 and 443. However, I am still running into a problem. I created a tomcat user and group and all tomcat files and web application files are owned by tomcat. I compiled the jsvc and set my scripts to run jsvc with the proper options (I believe), and when I run the script, I get nothing but my prompt back. I run ps -ax and jsvc is NOT a running process. What am I doing wrong? I run the command from my /tomcat/bin: jsvc -Djava.endorsed.dirs=../common/endorsed -cp ./bin/bootstrap.jar -outfile ../logs/catalina.out -errfile ../logs/catalina.err org.apache.catalina.startup.Bootstrap nothing I run the command with the user option, (as in the scripts) again. nothing. No errors, no process. Any help would be greatly apreciated. Justin __ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
