R: Access to j_security_check directly

2004-10-20 Thread Renato Romano
... or try http://securityfilter.sourceforge.net in my case it works fine.
You don't need those tricks, may put login box on your home page, or any
other page, no need to request a protected page before logging in ...

___
Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Via Al Molo Giano
16127 - GENOVA (ITALY)

e-mail: [EMAIL PROTECTED]
Phone: +39 10 2712603 Mob. +39 335 5864021
___

-Messaggio originale-
Da: Andoni [mailto:[EMAIL PROTECTED]
Inviato: mercoledì 20 ottobre 2004 12.29
A: Tomcat Users List
Oggetto: Re: Access to j_security_check directly


Hi,

This is an age-old problem, if you ever find a complete answer let me know.

As for 95% complete answers here goes:

1. Your biggest problem is bookmarks. You need to always load you login page
inside a frame. A single HTML page with a single frame can work fine, that
way they'll bookmark  xxx.com/jsp/index.html instead of
xxx.com/jsp/login.jsp. This will mean that they will still always call the
secure page even if they have book-marked the login screen.

2. The second problem is the back button. You need to use a JSP for your
login screen and use the session.isNew() method to check if the session is
being started by your login screen. If not then you should redirect to your
single-framed page.

3. You can also re-direct with a custom error page from the error you
receive to the single framed page.

4. Search the history of this list and find more suggestions. This question
has come up several times over the years and usually gets some responses. I
am using j_security_check in all my production apps. and with a combination
of measures in place it works fine.  I do suggest that you work out
*Exactly* what is going on before trying to proceed as false assumptions can
have your head spinning :-)


Hope that helps,
Andoni OConchubhair.


- Original Message -
From: Ben [EMAIL PROTECTED]
To: Tomcat [EMAIL PROTECTED]
Sent: Wednesday, October 20, 2004 1:58 AM
Subject: Access to j_security_check directly


 Hi

 How can I deal with users that access to j_security_check directly? I
 have used the error-code 400 and redirect the users to the index page
 but the system doesn't recognise the them as logged in users.

 Any help? Thanks.

 Cheers,
 Ben

 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



How to get Roles in a Principal with JNDIRealm

2004-06-30 Thread Renato Primavera
  Hello All,
I'm using JNDIRealm to authenticate users and it's working well.
In my java code, I need to retrieve roles associated with the
authenticated user.
Here is a sample of this code :
Subject s =
Subject.getSubject((AccessControlContext)System.getSecurityManager().getSecurityContext());
Principal p = (Principal)s.getPrincipals().toArray()[0];
The API only allows me to retrieve, on the Principal, the name (with the
getName accessor) of the user, not associated roles.
Nevertheless, when running the code in a debugger, the state of the
Principal object seems containing all needed informations (name,
password, realm, roles).
Is there a (standard) way to retrieve these additional information ?
Or should I develop my own LDAP Realm (JAAS module) and extend the
Principal interface to add role notions ?
Any help would be appreciated...
RP

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


JAAS and container managed security

2004-03-04 Thread Renato Romano
I used container managed security (I mean declaring security issues in
web.xml, and using security standard servlet API isUserInRole,
getUserPrincipal and so on) for several webapp, but I'm now facing the
following need that this approach seem not to satisfy:

I have to authenticate users based on both
1) A usual username, password mechanism;
2) A OTP (One Time Password) mechanism, something like a complex string
parameter on a URL (sent by e-mail), stored in the DB that uniquely
identifies the identity of the user.

Now, I'm doing some little tries with JAAS to achieve this, but I have
the following doubt:

If I understand well I cannot merge the two approaches, that is use
servlet declarative and programmatic security with JAAS. If I use JAAS
LoginModules, I will not have the isUserInRole and other API's
working... Is that right ??

Any help is very appreciated

Renato

Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Session Timeout and Direct Reference to login page

2004-03-02 Thread Renato Romano
I have two problems i'm facing with every web application using
declarative security model, that is:

1) Detect that the user session has expired, and forward him to an
appropriate login page; Usually we build webapp in which the home page
shows a login form; to handle this, I use to make a index.jsp page
which redirects the user to a protected page; this is handled by the
container which then shows my login page (as specified in web.xml) that
is my HOME page. With this approach however, I can't detect session
expirying, so if the session times out, the user is presented with the
HOME page (the login
page) without further notice or advice!! I tried to solve this with a
filter, but it seems the container (Tomcat 4.1.127 inside Jboss)
forwards to the login page without calling the filter.

2) If the user waits too long reading the home/login page, the sessions
times out, Tomcat looses the reference to the previously requested
protected page, and on login shows an Invalid Direct refernce to form
login page error. Again a filter seem not to be useful in this case,
since Tomcat commits the error without calling the filter!!

Any help or hint on this topic is very, very appreciated

Renato



Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_





-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Session Timeout and Direct Reference to login page

2004-03-01 Thread Renato Romano
I have two problems i'm facing with every web application using
declarative security model, that is:

1) Detect that the user session has expired, and forward him to an
appropriate login page;
Usually we build webapp in which the home page shows a login form; to
handle this, I use to make a index.jsp page which redirects the user
to a protected page; this is handled by the container which then shows
my login page (as specified in web.xml) that is my HOME page.
With this approach however, I can't detect session expirying, so if the
session times out, the user is presented with the HOME page (the login
page) without further notice or advice!! I tried to solve this with a
filter, but it seems the container (Tomcat 4.1.127 inside Jboss)
forwards to the login page without calling the filter.

2) If the user waits too long reading the home/login page, the sessions
times out, Tomcat looses the reference to the previously requested
protected page, and on login shows an Invalid Direct refernce to form
login page error. Again a filter seem not to be useful in this case,
since Tomcat commits the error without calling the filter!!

Any help or hint on this topic is very, very appreciated

Renato



Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Form Authentication/JAAS ??

2003-12-15 Thread Renato Romano
I would like some clarifications about handling authentication in a
webapp:

it seems to me the simplest way to authenticate users is using form base
auth, in conjunction with declarative security (declaring
resources/roles in web.xml); the main problem with this approach in my
opinion is handling several login pages, for example; moreover, in order
to allow authentication to be performed on the home page, you need to
force the client to make a request to a protected page (correct??!!),
which seems not so clean!! 
I read something about JAAS, but didn't understand, for example, once
logged in what should be done with the Subject object obtained after the
login process!!! Following requests are automatically recognized coming
from an authenticated user, as with normal form based auth ?? I'm a
little confused about all this stuff... The main goals I have are:

Allow login from the home page
Allow login from several pages (I can specify only one login page in
web.xml !)
Make all this in a clean way (for example not redirecting the user to a
reserved page for making tomcat present the login page !!)

Thanks everyone
Renato


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Authentication Pattern

2003-12-15 Thread Renato Romano
I would like some clarifications about handling authentication in a
webapp:

it seems to me the simplest way to authenticate users is using form base
auth, in conjunction with declarative security (declaring
resources/roles in web.xml); the main problem with this approach in my
opinion is handling several login pages, for example; moreover, in order
to allow authentication to be performed on the home page, you need to
force the client to make a request to a protected page (correct??!!),
which seems not so clean!! 
I read something about JAAS, but didn't understand, for example, once
logged in what should be done with the Subject object obtained after the
login process!!! Following requests are automatically recognized coming
from an authenticated user, as with normal form based auth ?? I'm a
little confused about all this stuff... The main goals I have are:

Allow login from the home page
Allow login from several pages (I can specify only one login page in
web.xml !) Make all this in a clean way (for example not redirecting the
user to a reserved page for making tomcat present the login page !!)

Thanks everyone
Renato


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



RE: Tomcat and IIS 6 - Please HELP

2003-09-01 Thread Renato Romano
I don't know if the following can be useful to someone having the same
problem, but I observed the following strange behavior in IIS 6:

1) when addressing with the client a filename with extension, say zzz,
like myfile.zzz, IIS answers with 404 (of course the file is where it is
requested; you can try also allowing directory browsing and then
clicking on the file);
2) even putting the extension zzz in the mime types list doesn't affect
this result;
3) the same for the extension dll

By
Renato


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_


-Original Message-
From: John Turner [mailto:[EMAIL PROTECTED] 
Sent: mercoledì 27 agosto 2003 17.32
To: Tomcat Users List
Subject: Re: Tomcat and IIS 6 - Please HELP



Many people have the same problem (archives!).

As far as I know, there is no redirector built and available for IIS 6. 
  You either have to build it yourself, or wait for someone else to 
build it.  Even if you build it, there's no guarantee the source that 
works with IIS 5 will work unmodified for IIS 6, so you will then need 
to wait for someone savvy enough in IIS 6 internals to make the 
appropriate changes and post the changes to CVS.

Economic incentives might speed this process up...I doubt anything else 
will.

John

Renato Romano wrote:

 I'm trying to configure IIS (6) to forward requests to Tomcat 
 (4.1.18): the configuration works fine with IIS 5, but with IIS 6, 
 though I don't get error messages, and the ISAPI filter shows the 
 green upward arrow, the browsere gets a 404 error.
 
 I'm pretty sure there is no config error, because I copied the 
 configuration from a working installation with IIS 5, so I think the 
 problem is the IIS version. I could not find any help on the net... 
 Does anyone had the same problem ?? Thanks
 
 Renato
 
 Renato Romano
 Sistemi e Telematica S.p.A.
 Calata Grazie - Vial Al Molo Giano
 16127 - GENOVA
 
 e-mail: [EMAIL PROTECTED]
 Tel.:   010 2712603
 _
 
 
 
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Tomcat and IIS 6 - Please HELP

2003-08-27 Thread Renato Romano
I'm trying to configure IIS (6) to forward requests to Tomcat (4.1.18):
the configuration works fine with IIS 5, but with IIS 6, though I don't
get error messages, and the ISAPI filter shows the green upward arrow,
the browsere gets a 404 error.

I'm pretty sure there is no config error, because I copied the
configuration from a working installation with IIS 5, so I think the
problem is the IIS version. I could not find any help on the net...
Does anyone had the same problem ??
Thanks

Renato

Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Tomcat 4.1.18 as NT Service JVM property

2003-07-01 Thread Renato Romano
I have to put a system property on the command line of the tomcat
starting script, but I would like to start it as a Service (on a windows
machine); i tried using CATALINA_OPTS defined as a system environment
variable, but it doesn't seem to work. Release 4.1.18 already installs
the service, but I don't know where to set the property (-Dvar=val) for
the JVM.
Any help appreciated
Renato


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Tomcat 5 limits the number of jars ???

2003-06-18 Thread Renato Romano
I noticed a problem when deploying my webapp under Tomcat 5, about the
number of jars in the lib dir of my webapp. Unfortunately I can't easily
reproduce the problem, but it seems that if the number of jar files
exceeds 10-15, Tomcat fails to compile JSP pages (!!!) and produces a
message regarding an unknown flag to the javac compiler c:\Program. It
seems to be a bit of the directory where it is installed (c:\Program
Files\Apache Software Foundation\Tomcat5)

Does anyone had the same problem ? Better write to tomcat-dev ??
Thanks

Renato


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Tomcat and JNDI - Basic Question

2003-06-10 Thread Renato Romano
In the tomcat documentation it is said that to configure a new JNDI
resource you should put a Resource entry in the Context portion of my
app, and a following ResourceParams, indicating the java class name of
the factory (the class that must implement ObjectFactory). This seems
quite correct: in order to build an object, I need a Factory!! But I
noticed it works fine even if the ResourceParams is not present ?? The
conclusion is: I'm surely missing something !! How can Tomcat know how
to build my object if I don't give the name of the factory class ???


Context path=/dg3s docBase=dg3s reloadable=true
Resource name=myJndiName type=com.blabla.MyType/
!-- The following is not useful ?
ResourceParams name=myJndiName
parameter
namefactory/name
valuecom.blabla.MyTypeFactory/value
/parameter
/ResourceParams
--
/Context

Any Help Appreciated!!
Renato


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Tomcat and JNDI - Basic Question

2003-06-06 Thread Renato Romano
In the tomcat documentation it is said that to configure a new JNDI
resource you shoul put a Resource entry in the Context portion of my
app, and a following ResourceParams, indicating the java class name of
the factory (the class that must implement ObjectFactory). This seems
quite correct: in order to build an object, I need a Factory!! But I
noticed it works fine even if the ResourceParams is not present ?? The
conclusion is: I'm surely missing something !! How can Tomcat know how
to build my object if I don't give the name of the factory class ???


Context path=/dg3s docBase=dg3s reloadable=true
Resource name=myJndiName type=com.blabla.MyType/
!-- The following is not useful ?
ResourceParams name=myJndiName
parameter
namefactory/name
valuecom.blabla.MyTypeFactory/value
/parameter
/ResourceParams
--
/Context

Any Help Appreciated!!
Renato


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Doing something on the server when user session expires

2003-01-21 Thread Renato Romano
Is it possible to activate a method call when a user session expires,
independently of the client browsing activity ? A mean, for example: a
user logs in, then stops his activity for 30 minutes. Supposed that user
sessione expires after 20 minutes, when he tries to access a page tomcat
automatically detect that his session expired and shows the user the
login page, but that happens only when he request a (protected) page,
that is at time 30; I want to do something exactly when user session
expires, that is at time 20. Is it possible ?? Thanks a lot

Renato


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_




--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




PROBLEM: Tomcat doesn't start if the context directory doesn't exist

2002-12-13 Thread Renato
Hi all,

I realize a that Tomcat 4.1.12 behaves differently than 4.0.64 in the way it deals 
with the context directory. If the 
directory doesn't exist Tomcat 4.1.12 doesn't start ( with 4.0.6 does ). This is the 
message:

java.lang.IllegalArgumentException: Document base /home/client/context does not exist 
or is not a readable 
directory
at 
org.apache.naming.resources.FileDirContext.setDocBase(FileDirContext.java:193)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:3398)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1188)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:738)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1188)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:347)
at org.apache.catalina.core.StandardService.start(StandardService.java:497)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:2189)
at org.apache.catalina.startup.Catalina.start(Catalina.java:510)
at org.apache.catalina.startup.Catalina.execute(Catalina.java:400)
at org.apache.catalina.startup.Catalina.process(Catalina.java:180)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:203)

This is bad if you are hosting multiple sites, since the user can deletes accidently ( 
or intentionaly... ) his/her 
directory and next time you need to restart Tomcat it will fail.

Thanks
Renato - Brazil.

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




Re: uPortal

2002-12-11 Thread Renato Salvatore moya L.
Carlos Alberto Peláez Ayala escribió::


Hello, something in the list is using uPortal ??
thank´s.



--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]



 

Yes We have uportal ver 2.0.3 http://www.uportal.cl

--

Renato Salvatore Moya L.
Ingeniero de Proyectos - Reuna
[EMAIL PROTECTED]
http://www.reuna.cl




--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




RE: URGENT : Multiple host in Tomcat

2002-12-10 Thread Renato Romano
If I understand well, you have to define DNS entry for each host, all
defined as the same IP address. When your browser uses http://host1 it
will be resolved as the unique IP you have on your server, but in the
http request the hostname will be written. This way Tomcat will direct
the request to the host1 virtual host as defined in server.xml, and
therefore to the right appBase.



Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_


-Original Message-
From: Andoni [mailto:[EMAIL PROTECTED]] 
Sent: martedì 10 dicembre 2002 14.16
To: Tomcat Users List
Subject: Re: URGENT : Multiple host in Tomcat


You want to use the same DNS name and just change the  port number to
bring up different web-sites?

http://www.mysite.com:1234  ==  context 1

http://www.mysite.com:4321 == context 2

etc.??

I think you cannot do that using only tomcat.  You can do nearly
anything with Apache though so you may have to go that way and just
rewrite the URL into the tomcat one calling the context path.

Andoni.


- Original Message -
From: Laxmikanth M.S. [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Tuesday, December 10, 2002 1:05 PM
Subject: RE: URGENT : Multiple host in Tomcat


 ya all that u have mentioned is there
 so it means we should have DNS entry for all the virtualhost or can it

 be done with different port numbers as done in Apache

 Regards
 Laxmikanth M S
 Off*  : 91-80-6610330 extn 1256
 Res* : 91-80-5267150
 http://www.sonata-software.com

  Coming together is the beginning, staying together is progress and
working
  together is Success
 What lies behind us and what lies before us are tiny matters compared 
 to what lies within us  - Emerson


  -Original Message-
  From: Andoni [SMTP:[EMAIL PROTECTED]]
  Sent: Tuesday, December 10, 2002 6:34 PM
  To: Tomcat Users List
  Subject: Re: URGENT : Multiple host in Tomcat
 
  Have you created a DNS entry pointing at your IP address for each 
  name?
 
  Does your Server.xml file have a Host/Host container for each
virtual
  host you want to create?
 
  Look into these things and write again if need be.
 
  Andoni.
 
 
  - Original Message -
  From: Laxmikanth M.S. [EMAIL PROTECTED]
  To: Tomcat Users List [EMAIL PROTECTED]
  Sent: Tuesday, December 10, 2002 12:35 PM
  Subject: URGENT : Multiple host in Tomcat
 
 
   Hi all,
   I am creating multiple host (virtual Host) in tomcat 4.1.12 Server

   .
  Every
   host contains context as/.
   for eg. host 1 is testhost1
   and host2 is testhost2
   how to access the site.
   please let me know soon
   thanks in advance
   laxmiaknth
  
  
   **
   ***
   Disclaimer: The information in this e-mail and any attachments is
   confidential / privileged. It is intended solely for the addressee
or
   addressees. If you are not the addressee indicated in this
message,
you
  may
   not copy or deliver this message to anyone. In such case, you 
   should
  destroy
   this message and kindly notify the sender by reply email. Please
advise
   immediately if you or your employer does not consent to Internet 
   email
  for
   messages of this kind.
   **
   ***
  
   --
   To unsubscribe, e-mail:
  mailto:[EMAIL PROTECTED]
   For additional commands, e-mail:
  mailto:[EMAIL PROTECTED]
  
  
 
 
  --
  To unsubscribe, e-mail: 
  mailto:[EMAIL PROTECTED]
  For additional commands, e-mail: 
  mailto:[EMAIL PROTECTED]
 *
 Disclaimer: The information in this e-mail and any attachments is 
 confidential / privileged. It is intended solely for the addressee or 
 addressees. If you are not the addressee indicated in this message, 
 you
may
 not copy or deliver this message to anyone. In such case, you should
destroy
 this message and kindly notify the sender by reply email. Please 
 advise immediately if you or your employer does not consent to 
 Internet email for messages of this kind.
 *

 --
 To unsubscribe, e-mail:
mailto:[EMAIL PROTECTED]
 For additional commands, e-mail:
mailto:[EMAIL PROTECTED]




--
To unsubscribe, e-mail:
mailto:[EMAIL PROTECTED]
For additional commands, e-mail:
mailto:[EMAIL PROTECTED]




--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




Tomcat 4 and IIS please HELP

2002-12-06 Thread Renato Romano
Hi,
I'm trying to set up tomcat 4 with IIS. I already made this whith Tomcat
3, and following the doc how-to for tomcat 4 had the following problems:

Tomcat 4.0.1: integration for IIS works fine for unprotected resources,
but the browser hangs if I ask for a protected resource; speaking
directly with tomcat (i.e. using 8080 port) works fine!! Catalina logs a
nullpointerexception for each request i make:

2002-12-06 10:09:31 Ajp13Request[5]  Requested cookie session id is
C554055605855495697077791461B370
2002-12-06 10:09:31 Ajp13Request[5]  Adding cookie
JSESSIONID=C554055605855495697077791461B370
2002-12-06 10:09:31 Ajp13Request[5]  Adding cookie
JSESSIONID=E5B331E6D4C4F1C144C1E845170683A5
2002-12-06 10:09:31 Ajp13Processor[8009][4] invoking...
2002-12-06 10:09:31 Ajp13Processor[8009][4] process: invoke
java.lang.NullPointerException
at
org.apache.catalina.valves.ErrorDispatcherValve.status(ErrorDispatcherVa
lve.java:291)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherVa
lve.java:180)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:564)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
:170)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:564)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:462
)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:564)
at
org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:
348)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:564)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
72)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.
java:163)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:566)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
72)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.ajp.tomcat4.Ajp13Processor.process(Ajp13Processor.java:371)
at
org.apache.ajp.tomcat4.Ajp13Processor.run(Ajp13Processor.java:424)
at java.lang.Thread.run(Thread.java:484)

Then i tried downloading the latest tomcat 4 release, that is 4.1.12: in
this case, server.xml is configured to use a Coyote Connector for ajp
and not Ajp13Connector as in release 4.0.1
This time, when asking for a protected resource results in a 403 error
(Not Authorized) instead of the login page (I use FORM auth). Please
note that using tomcat directly (that is port 8080) WORKS FINE !!!

Than I switched to Ajp13Connector, whose entry is commented by default
in the 4.1.12 server.xml config file. Finally this works fine, except
for some errors due to Listener config. Anyway i'm quite sure this is
not the best way !!!

Any help will be very appreciated, also addressing to known issues about
this problem. Please don't addess me to Tomcat-IIS how'to because I
already used them. Thanks a lot.

Renato


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_


--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




Manager application - quick question

2002-11-18 Thread Renato
Hi all,

I'll deploy the manager application to my users. Probably the only funcionality I'll 
let them use is to stop and start 
their web applications.

Which is the safest method ?

- reload ?
- stop / start ?
- indifferent ?

Thanks 
Renato.


--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




accessClassInPackage.org.apache.catalina.realm permission

2002-10-29 Thread Renato
Hi all,

One of my users is asking for the following permission in his context

java.security.AccessControlException: access denied (java.lang.RuntimePermission 
accessClassInPackage.org.apache.catalina.realm) 

He is using the securityfilter.jar library

I'm using Tomcat 4.1.12 with SecurityManager. 

Is is safe to grant this permission ? 

Thanks
Renato


--
To unsubscribe, e-mail:   mailto:tomcat-user-unsubscribe;jakarta.apache.org
For additional commands, e-mail: mailto:tomcat-user-help;jakarta.apache.org




Re: Tomcat Scalability - Long

2002-10-25 Thread Renato
I'm using Tomcat 4.1.12 on a production site with more than 150 clients and it looks 
like to me is better that 4.0.x.

On 25 Oct 2002 11:42:14 -0200, Felipe Schnack [EMAIL PROTECTED] escreveu :

 De: Felipe Schnack [EMAIL PROTECTED]
 Data: 25 Oct 2002 11:42:14 -0200
 Para: Tomcat Users List [EMAIL PROTECTED]
 Assunto: Re: Tomcat Scalability - Long
 
   I would say Tomcat 4.1.x probably would be good for you mainly if you
 uses lots of Taglibs, if they actually will work on it.
   Btw, I'm still using 4.0.x... how everybody is doing with 4.1.x? I
 heard is too much buggy for production right now.
 
 On Fri, 2002-10-25 at 12:20, Glenn Nielsen wrote:
  I have the following in production:
  
  Tomcat 4.1, JDK 1.3.1, and MySQL on a Dual CPU Sun 250 app server and Apache
  using mod_jk 1.2 on a separate server. We are now getting 4 weeks continuous 
uptime.
  I stop and restart Tomcat once each month because the minimum memory the java heap
  uses over time increases.  This is on a site handling 30k Tomcat requests per day.
  With peak loads of 5k-6k Tomcat requests per hour.
  
  When scaling Tomcat there are many issues to address when tuning performance.
  
  I would suggest learning more about how the JVM does garbage collection and
  test different Java startup args related to jvm stack size, etc.  Try starting
  Tomcat with the java arg -verbose:gc, this will collect GC data which can
  help you when tuning the JVM memory usage.
  
  You might also want to profile your applicaiton using OptimizeIt or JProbe
  to see if it is the source of the problem.
  
  And of course the performance tuning should be done on test servers which
  are as close as possible to your production environment and with a load
  that simulates your site usage.
  
  Consider upgrading to Tomcat 4.1.  Especially if your site uses JSP.
  Jasper 2 which comes with Tocmat 4.1 significantly improves performance
  of JSP.
  
  One final note, I would not set reloadable=true on a production system.
  That adds alot of overhead.  The reloadable option is really there only
  to make development easier.
  
  Regards,
  
  Glenn
  
  Brandon Cruz wrote:
   Does anyone have any solid information about the scalability of Tomcat?  It
   seems very limiting to me, but that is hopefully due to improper
   configuration.  Here is our situation and what seems to be happening under a
   small amount of stress.
   
   ---About our Environment---
   
   PIII 1.0Ghz
   512 Meg Ram
   Linux RedHat 7.1
   MySQL Database
   Apache 1.3.x
   mod_jk - logging turned all the way down
   Tomcat 3.2.4 - contexts *are* reloadable right now
   SUN JDK 1.3.1_01
   
   ---About our Application---
   
   Our Application is a content management tool that reads and writes to the
   MySQL Database and reads and writes files.  All the pages within this
   application are served by Tomcat 3.2.4.  About 80-120 people per day log
   into this application and spend anywhere from 10 minutes to one hour working
   on the application.  At any given time there are between 15 and 50 active
   database connections.
   
   ---What we are seeing---
   
   Tomcat needs to be restarted every few days.  If we don't restart it, it
   seems tomcat eventually locks up and does not respond at all.  No errors or
   anything are reported, it just will not respond.  Apache continues to work
   during this time and all static HTML pages are accessible.
   
   CPU - The processor usage seems to slowly increase as time goes on.  After
   about one day, it seems one java process uses 30% of available CPU or more,
   depending on whether users are performing operations or not.  When nobody is
   doing anything, the processer still seems to be sitting around 30% until
   tomcat is restarted.  This seems to cap after three to five days and not
   increase too much more.
   
   RAM - This slowly increases and never stops increasing.  We do not have any
   special parameters set for the VM when it starts, but this does not seem to
   matter.  The RAM gets up to about 135 MB after four or five days, but would
   continue to grow if tomcat were not allowed.
   
   
   Can anyone explain this behavior, talk about the scalability of Tomcat, or
   provide any similar working solutions that perform better than this?  Is it
   normal, should we just throw more hardware at it?  Are there configuration
   parameters that can be used to increase performance, such as set
   reloadable=false in all contexts?  Would we get better performance if we
   upgraded to 4.x, or would that just be more work for little improvement?
   
   
   --
   To unsubscribe, e-mail:   mailto:tomcat-user-unsubscribe;jakarta.apache.org
   For additional commands, e-mail: mailto:tomcat-user-help;jakarta.apache.org
  
  
  
  
  --
  To unsubscribe, e-mail:   mailto:tomcat-user-unsubscribe;jakarta.apache.org
  For additional commands, e-mail: mailto:tomcat-user-help;jakarta.apache.org
  
 -- 
 
 Felipe Schnack
 Analista de Sistemas
 

Looping message in my log

2002-10-23 Thread Renato
Hi all,

I'm using Tomcat 4.0.6 and I found the following message that is looping and filling 
up my log:

)
at java.security.AccessController.doPrivileged(Native Method)
at 
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:347)
at org.apache.jasper.runtime.PageContextImpl.forward(PageContextImpl.java:414)
at 
org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:452)
at org.apache.jsp.index$jsp._jspService(index$jsp.java:2616)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:107)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at 
org.apache.jasper.servlet.JspServlet$JspServletWrapper.service(JspServlet.java:201)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:381)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at 
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:683)
at 
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:431)
at 
org.apache.catalina.core.ApplicationDispatcher.access$0(ApplicationDispatcher.java:359)
at 
org.apache.catalina.core.ApplicationDispatcher$PrivilegedForward.run(ApplicationDispatcher.java:130)
) 

Anybody know what could possible be ?

Thanks

--
To unsubscribe, e-mail:   mailto:tomcat-user-unsubscribe;jakarta.apache.org
For additional commands, e-mail: mailto:tomcat-user-help;jakarta.apache.org




Urgent!!Please Help!

2002-07-22 Thread Renato Romano

I find several occurrences of the following stackTrace in my
catalina_log_-MM-DD.txt log file; does someone know what causes it ?
Many Thanks

2002-07-22 12:09:18 HttpProcessor[80][14] process.invoke
java.lang.NullPointerException
at
org.apache.catalina.valves.ErrorDispatcherValve.status(ErrorDispatcherVa
lve.java:291)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherVa
lve.java:180)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:564)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
:170)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:564)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:462
)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:564)
at
org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:
368)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:564)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
72)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.
java:163)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:566)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
72)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor.j
ava:1011)
at
org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java:
1106)
at java.lang.Thread.run(Thread.java:484)



Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA - ITALY

e-mail: [EMAIL PROTECTED]
Tel.:   +39 10 2712603
_


--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




RE: Urgent!!Please Help!

2002-07-22 Thread Renato Romano

There is no 'root cause'. I saw this in many other places, but not
here...


-Original Message-
From: Cox, Charlie [mailto:[EMAIL PROTECTED]] 
Sent: lunedì 22 luglio 2002 13.30
To: 'Tomcat Users List'
Subject: RE: Urgent!!Please Help!


further down in the stack trace should be a 'root cause'. please post it
as this is the real error...

 -Original Message-
 From: Renato Romano [mailto:[EMAIL PROTECTED]]
 Sent: Monday, July 22, 2002 6:38 AM
 To: 'Tomcat Users List'
 Subject: Urgent!!Please Help!
 
 
 I find several occurrences of the following stackTrace in my 
 catalina_log_-MM-DD.txt log file; does someone know what causes it

 ? Many Thanks
 
 2002-07-22 12:09:18 HttpProcessor[80][14] process.invoke 
 java.lang.NullPointerException
 at 
 org.apache.catalina.valves.ErrorDispatcherValve.status(ErrorDi
 spatcherVa
 lve.java:291)
 at 
 org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDi
 spatcherVa
 lve.java:180)
 at 
 org.apache.catalina.core.StandardPipeline.invokeNext(StandardP
 ipeline.ja
 va:564)
 at 
 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReport
 Valve.java
 :170)
 at 
 org.apache.catalina.core.StandardPipeline.invokeNext(StandardP
 ipeline.ja
 va:564)
 at 
 org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValv
 e.java:462
 )
 at 
 org.apache.catalina.core.StandardPipeline.invokeNext(StandardP
 ipeline.ja
 va:564)
 at 
 org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSi
 gnOn.java:
 368)
 at 
 org.apache.catalina.core.StandardPipeline.invokeNext(StandardP
 ipeline.ja
 va:564)
 at 
 org.apache.catalina.core.StandardPipeline.invoke(StandardPipel
 ine.java:4
 72)
 at
 org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
 at 
 org.apache.catalina.core.StandardEngineValve.invoke(StandardEn
 gineValve.
 java:163)
 at 
 org.apache.catalina.core.StandardPipeline.invokeNext(StandardP
 ipeline.ja
 va:566)
 at 
 org.apache.catalina.core.StandardPipeline.invoke(StandardPipel
 ine.java:4
 72)
 at
 org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
 at 
 org.apache.catalina.connector.http.HttpProcessor.process(HttpP
 rocessor.j
 ava:1011)
 at 
 org.apache.catalina.connector.http.HttpProcessor.run(HttpProce
 ssor.java:
 1106)
 at java.lang.Thread.run(Thread.java:484)
 
 
 
 Renato Romano
 Sistemi e Telematica S.p.A.
 Calata Grazie - Vial Al Molo Giano
 16127 - GENOVA - ITALY
 
 e-mail: [EMAIL PROTECTED]
 Tel.:   +39 10 2712603
 _
 
 
 --
 To unsubscribe, e-mail:   
mailto:[EMAIL PROTECTED]
For additional commands, e-mail:
mailto:[EMAIL PROTECTED]

--
To unsubscribe, e-mail:
mailto:[EMAIL PROTECTED]
For additional commands, e-mail:
mailto:[EMAIL PROTECTED]



--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




RE: Urgent!!Please Help!

2002-07-22 Thread Renato Romano

Here they are. I tried to find some mispelling, but I did not find them
!!
Thanks a lot.
Renato


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_


-Original Message-
From: Shapira, Yoav [mailto:[EMAIL PROTECTED]] 
Sent: lunedì 22 luglio 2002 14.41
To: Tomcat Users List
Subject: RE: Urgent!!Please Help!


Howdy,
An NPE doesn't necessarily have a root cause.  

I would guess that you have a misconfigured error handling tag in your
server.xml or web.xml.  Can you post them please?

Yoav Shapira
Millennium ChemInformatics


-Original Message-
From: Renato Romano [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 22, 2002 6:38 AM
To: 'Tomcat Users List'
Subject: Urgent!!Please Help!

I find several occurrences of the following stackTrace in my 
catalina_log_-MM-DD.txt log file; does someone know what causes it
?
Many Thanks

2002-07-22 12:09:18 HttpProcessor[80][14] process.invoke 
java.lang.NullPointerException
at 
org.apache.catalina.valves.ErrorDispatcherValve.status(ErrorDispatcherV
a
lve.java:291)
at 
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherV
a
lve.java:180)
at 
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.j
a
va:564)
at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.jav
a
:170)
at 
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.j
a
va:564)
at 
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:46
2
)
at 
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.j
a
va:564)
at 
org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java
:
368)
at 
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.j
a
va:564)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:
4
72)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at 
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve
.
java:163)
at 
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.j
a
va:566)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:
4
72)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at 
org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor.
j
ava:1011)
at 
org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java
:
1106)
at java.lang.Thread.run(Thread.java:484)



Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA - ITALY

e-mail: [EMAIL PROTECTED]
Tel.:   +39 10 2712603
_


--
To unsubscribe, e-mail:   mailto:tomcat-user-
[EMAIL PROTECTED]
For additional commands, e-mail: mailto:tomcat-user- 
[EMAIL PROTECTED]


--
To unsubscribe, e-mail:
mailto:[EMAIL PROTECTED]
For additional commands, e-mail:
mailto:[EMAIL PROTECTED]



!-- Example Server Configuration File --
!-- Note that component elements are nested corresponding to their
 parent-child relationships with each other --

!-- A Server is a singleton element that represents the entire JVM,
 which may contain one or more Service instances.  The Server
 listens for a shutdown command on the indicated port.

 Note:  A Server is not itself a Container, so you may not
 define subcomponents such as Valves or Loggers at this level.
 --

Server port=8005 shutdown=SHUTDOWN debug=0


  !-- A Service is a collection of one or more Connectors that share
   a single Container (and therefore the web applications visible
   within that Container).  Normally, that Container is an Engine,
   but this is not required.

   Note:  A Service is not itself a Container, so you may not
   define subcomponents such as Valves or Loggers at this level.
   --

  !-- Define the Tomcat Stand-Alone Service --
  Service name=Tomcat-Standalone

!-- A Connector represents an endpoint by which requests are received
 and responses are returned.  Each Connector passes requests on to the
 associated Container (normally an Engine) for processing.

 By default, a non-SSL HTTP/1.1 Connector is established on port 8080.
 You can also enable an SSL HTTP/1.1 Connector on port 8443 by
 following the instructions below and uncommenting the second Connector
 entry.  SSL support requires the following steps (see the SSL Config
 HOWTO in the Tomcat 4.0 documentation bundle for more detailed
 instructions):
 * Download and install JSSE 1.0.2 or later, and put the JAR files
   into $JAVA_HOME/jre/lib/ext.
 * Execute:
 %JAVA_HOME%\bin\keytool

RE: Urgent!!Please Help!

2002-07-22 Thread Renato Romano

Ok. I made some tries and found the following:

1) my error-page clause in web.xml works fine for 404 error-code (Page
not found), but not for the 403 (Access denied). When, after successfull
authentication, I try to access a denied page, on the browser I get a
500 (Internal Server error) and in the catalina_log the NPE with the
stackTrace I initially posted. This is independant on the spec version
(2_2 or 2_3) and the use of html or jsp pages. 

2) I can't figure out how can this happen. There is no real difference
between the 403 and 404 pages, nor their spec in web.xml !! I noticed
this already some time ago, but couldn't get out of it and left all as
it was; now I realized that when I got the 500 error on the browser, I
also get this error on the log...

3) When not using the error-page clause for the 403 error, I get the
Tomcat 403 error page (the one with blu highlighted words...) as
expected. Same for 404


Any help is very appreciated ...
Renato


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_


-Original Message-
From: Shapira, Yoav [mailto:[EMAIL PROTECTED]] 
Sent: lunedì 22 luglio 2002 15.09
To: Tomcat Users List
Subject: RE: Urgent!!Please Help!


Hi,
1. Why is your web.xml written to the 2.2 spec (and the 2.2 DTD)?
Tomcat 4.x expects the 2.3 DTD.  

2. Please try to write very simple static err403.html and err404.html
error pages, and direct the server to use those instead of the JSPs you
currently have configured to the error pages.  

My guess is the NPE comes from either the err403.jsp/err404.jsp pages or
tomcat doing something for 2.3-spec error-page elements that isn't
done for 2.2-spec ones.

Let us know what happens ;)

Yoav Shapira
Millennium ChemInformatics


-Original Message-
From: Renato Romano [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 22, 2002 9:05 AM
To: 'Tomcat Users List'
Subject: RE: Urgent!!Please Help!

Here they are. I tried to find some mispelling, but I did not find them

!! Thanks a lot.
Renato


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_


-Original Message-
From: Shapira, Yoav [mailto:[EMAIL PROTECTED]]
Sent: lunedì 22 luglio 2002 14.41
To: Tomcat Users List
Subject: RE: Urgent!!Please Help!


Howdy,
An NPE doesn't necessarily have a root cause.

I would guess that you have a misconfigured error handling tag in your 
server.xml or web.xml.  Can you post them please?

Yoav Shapira
Millennium ChemInformatics


-Original Message-
From: Renato Romano [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 22, 2002 6:38 AM
To: 'Tomcat Users List'
Subject: Urgent!!Please Help!

I find several occurrences of the following stackTrace in my 
catalina_log_-MM-DD.txt log file; does someone know what causes it
?
Many Thanks

2002-07-22 12:09:18 HttpProcessor[80][14] process.invoke 
java.lang.NullPointerException
at 
org.apache.catalina.valves.ErrorDispatcherValve.status(ErrorDispatcher
V
a
lve.java:291)
at 
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcher
V
a
lve.java:180)
at 
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
j
a
va:564)
at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.ja
v
a
:170)
at 
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
j
a
va:564)
at 
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:4
6
2
)
at 
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
j
a
va:564)
at 
org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.jav
a
:
368)
at 
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
j
a
va:564)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java
:
4
72)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at 
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValv
e
.
java:163)
at 
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
j
a
va:566)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java
:
4
72)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at 
org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor
.
j
ava:1011)
at 
org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.jav
a
:
1106)
at java.lang.Thread.run(Thread.java:484)



Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA - ITALY

e-mail: [EMAIL PROTECTED]
Tel.:   +39 10 2712603

RE: Urgent!!Please Help!

2002-07-22 Thread Renato Romano

No !!


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_


-Original Message-
From: Shapira, Yoav [mailto:[EMAIL PROTECTED]] 
Sent: lunedì 22 luglio 2002 16.47
To: Tomcat Users List
Subject: RE: Urgent!!Please Help!


Hi,

3) When not using the error-page clause for the 403 error, I get the 
Tomcat 403 error page (the one with blu highlighted words...) as 
expected. Same for 404

And do you get the NPE in the catalina log?

Yoav Shapira
Millennium ChemInformatics

--
To unsubscribe, e-mail:
mailto:[EMAIL PROTECTED]
For additional commands, e-mail:
mailto:[EMAIL PROTECTED]



--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




RE: problem..plz help me out

2002-06-10 Thread Renato Romano

I can't find the run-as element which you mention in your web.xml file
... If you want to restrict access to a resource just use the security
constraint element... Look in the servlet doc...


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_


-Original Message-
From: puneet sachar [mailto:[EMAIL PROTECTED]] 
Sent: sabato 8 giugno 2002 21.22
To: Xinji Gu
Subject: problem..plz help me out


Hi friends, this is my 4th mail regarding my single
complain..

I have install the tomcat 4.0.3 and its doing fine as
far .html files are concern but no .class and .jsp
files are running on it

I have asked 9-10 times abt same question again and
again and I got nothing from u guys there

Plz help me.I really stuck ..

With this mail I'm sending my server.xml file and
web.xml file which is in my virtualhost/WEB-INF/

I know it is very tough for u to go in these files and
see for errors but plz..i'm in need badly and afater
spending so much time here I some time feel like
crying . and I'm in such a place and in such a part of India..where I
can't get ant local computer guy with whom I can discuss ..plz do me a
little favour

Here are my problems
1)  no .class and .jsp working only html is working 
2)  I have done all changes which were to made in
server.xml.)I have send the file also plz check it and
tell me any mistake if u find)
3)  I'm getting 404 error ..no servlet found
4)  And I'm able to excess the .class file vis
http://localhost:80/examples/servlet/abc.class
 But not by making my own virtual host aand not even
the default root directory


what i have is my own context named sachar 
and when i go .http://puneet:80/sachar/servlet/HelloworldServlet

error -- 404

See friends ..if u can help me I'll be very grateful
to u

Puneet 


__
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com


--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




RE: port 80 !!??

2002-04-30 Thread Renato Romano

That's because on Unix-like systems well-known port numbers, like www
(port 80), or ftp, telnet etc, are system-reserved to the root user. No
other user can open server sockets on ports less than 1024. You should
run it as root, or have another user having system administrator
prvileges.
Renato


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_


-Original Message-
From: Tevfik Aytekin [mailto:[EMAIL PROTECTED]] 
Sent: martedì 30 aprile 2002 14.32
To: Tomcat Users List
Subject: port 80 !!??


Hi,
I suppose this question should have been answered, but I could not find
a satisfactory answer in the archives. Isn't it possible to run tomcat
as standalone on port 80 with a user other then root. Apache server
manages to do this. But as far as I can see tomcat can not. I wonder
why? Can someone answer? This ability of tomcat would have been great
since we did not need neither apache nor mod_jk, etc. Also since apache
and mod_jk are written in C it troubles many people to get them run on
different platforms. So I do not understand why tomcat do not have the
ability run on port 80 with a user other than root.

Thanks in advance.
TA.


--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]



--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




RE: SingleSignOn Or Security Constraint ?

2002-04-19 Thread Renato Romano

That's right. But what I actually mean is: what are the differences
between 1) defining two protected areas in ONE web-app, using TWO
security constraint, and 2) defining TWO web-app, using single-sign-on
(which actually is not defined in web.xml, but in the server config file
server.xml)  with each ONE security constraint ?
I think the point is that using single-sign-on implies sharing of the
Realm class used to authenticate the users, and thus, at least in my
environment, using the same database of users and roles, so it seems to
me that there is no great difference...

Renato

Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_


-Original Message-
From: Dan K. [mailto:[EMAIL PROTECTED]] 
Sent: giovedì 18 aprile 2002 18.33
To: Tomcat Users List; [EMAIL PROTECTED]
Subject: Re: SingleSignOn Or Security Constraint ?



Hi,

Correct me if I'm not thinking straight but doesn't the Single Sign-on
and Security Constraint in the web.xml file do different things?  The
single sign-on allows the user to remained logged in while traversing
different webapps and the Security Constraint determines who has access
to the webapp.

Regards,
Dan

On Thu, 18 Apr 2002, Renato Romano wrote:

 I just configured Single Sign on on my Tomcat4 server, and was just 
 wondering what's the best way to chose, when I have to add a new 
 service to my site, if just adding  a security constraint, in my main 
 Context, or configuring and using single signon, for achieving the 
 same result!

 It seems to me that using singlesignon has the following advantages:
 1) I create a service as a standalone application, that can then be 
 deployed elsewhere;
 2) I don't have to restart Tomcat in order to deploy/restart the new 
 service, or making it temporary unavailable, thanks to the manager 
 application;
 3) I can continue sharing java classes, by putting them in the 
 common dir;
 4) In my situation, obviously, a centralized database of users and 
 roles is ok; different context on tomcat, in my environment, should 
 only appear as different services or roles, just similar to 
 defining new security constraints.

 I have not investigated too much on this topic, so the question is: is

 there something I don't see that can cause problems using single 
 signon in this way ? Has someone already had such a doubt and how 
 he/she solved it ?

 Thanks
 Renato

 
 Renato Romano
 Sistemi e Telematica S.p.A.
 Calata Grazie - Vial Al Molo Giano
 16127 - GENOVA

 e-mail: [EMAIL PROTECTED]
 Tel.:   010 2712603
 _


 --
 To unsubscribe:   mailto:[EMAIL PROTECTED]
 For additional commands: mailto:[EMAIL PROTECTED]
 Troubles with the list: mailto:[EMAIL PROTECTED]



--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]



--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




SingleSignOn Or Security Constraint ?

2002-04-18 Thread Renato Romano

I just configured Single Sign on on my Tomcat4 server, and was just
wondering what's the best way to chose, when I have to add a new service
to my site, if just adding  a security constraint, in my main Context,
or configuring and using single signon, for achieving the same result!

It seems to me that using singlesignon has the following advantages:
1) I create a service as a standalone application, that can then be
deployed elsewhere;
2) I don't have to restart Tomcat in order to deploy/restart the new
service, or making it temporary unavailable, thanks to the manager
application;
3) I can continue sharing java classes, by putting them in the common
dir;
4) In my situation, obviously, a centralized database of users and roles
is ok; different context on tomcat, in my environment, should only
appear as different services or roles, just similar to defining new
security constraints.

I have not investigated too much on this topic, so the question is: is
there something I don't see that can cause problems using single signon
in this way ? Has someone already had such a doubt and how he/she solved
it ?

Thanks
Renato


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_


--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




SSL Client Certificates

2002-03-27 Thread Renato Romano

I need to setup client Auth by using SSL and certificates; I correctly
set up Tomcat (4) for ssl, using the standard docs, but what i need to
do now, is:
1) request the client to send a Certificate (clientAuth=true in the
Factory Element)
2) Use the information in the certificate to authenticate the user !! (I
do not want anyone to gain access to the site, even if he has a
certificate !!)
3) Test all these, by creating (maybe?) a self signed certificate on my
PC, and let Tomcat Accept that certificate!
Any Help ??
Thanks A lot ...
Renato

Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_



--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Tomcat Security

2002-03-25 Thread Renato Romano

I have to integrate two web applications: the first is written using
JSP, but the second is using Microsoft ASP pages. That's ok to have
Tomcat running under IIS, I already used this technique succesfully, but
what about using Servlet Security Schema, for ASP pages ?? Briefly I
would have of course IIS run ASP pages, but security checked by Tomcat
!! I suppose this ain't very easy, because i shoul let Tomcat serve ALL
resources, recognize ASP pages, and send them back to IIS, in some way
...
Any help ?
Thanks...
Renato


Renato Romano
Sistemi e Telematica S.p.A.
Calata Grazie - Vial Al Molo Giano
16127 - GENOVA

e-mail: [EMAIL PROTECTED]
Tel.:   010 2712603
_




--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Servlet invoker is currently unavailable....

2002-03-12 Thread Renato

Hi all,

This is probably a basic question... after my servlet invoker is marked as 
unavailable how can turn it on again ? What is the manager command to 'fix' 
this ?

Thanks in advance.
Renato

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Please advice: Deploy the manager application

2002-03-12 Thread Renato

Hi all,

I want to deploy the manager application to stop and start different 
contexts on a multiple Virtual Host environment. 

I don't want my clients to have direct access to it, just the administrator 
( I'm thinking to build a wrapper around it, so it will be transparent for 
the users to restart their context ). 

I did some preliminar tests and I have some questions:

- Would I have to define the manager application for each Host ? 
- Would I have to mark all contexts as privileged=true ?
- Is their a way to list all the applications, or is it limited on a per-
virtual host basis ?

Any other recommendation to make the 'manager' available to users ?

Thanks !!

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Tool for validating web.xml ?

2002-02-22 Thread Renato

Hi all,

I have a bunch of users using Tomcat 3.3 and Catalina. I found that the 
biggest problem I have is that usually they mess up with their web.xml so 
their context stops working. Is there a tool to validate web.xml outside 
Tomcat ( so I can do some offline validation... that would be very 
nice... ) ??

Thanks
Renato - Brazil.

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Re: Tool for validating web.xml ?

2002-02-22 Thread Renato

Thank you !

Can I it use on a comand-line style without a GUI ?


On Fri, 22 Feb 2002 16:36:02 -0500, Mark [EMAIL PROTECTED] escreveu :

 I've used CookTop which is free. It seems to work quite well and has lots
 of features.
 
 http://www.xmlcooktop.com/
  
 
 At 06:18 PM 2/22/2002, you wrote:
 Hi all,
 
 I have a bunch of users using Tomcat 3.3 and Catalina. I found that the 
 biggest problem I have is that usually they mess up with their web.xml 
so 
 their context stops working. Is there a tool to validate web.xml outside 
 Tomcat ( so I can do some offline validation... that would be very 
 nice... ) ??
 
 Thanks
 Renato - Brazil.
 
 --
 To unsubscribe:   mailto:[EMAIL PROTECTED]
 For additional commands: mailto:[EMAIL PROTECTED]
 Troubles with the list: mailto:[EMAIL PROTECTED]
 
 
 
 --
 To unsubscribe:   mailto:[EMAIL PROTECTED]
 For additional commands: mailto:[EMAIL PROTECTED]
 Troubles with the list: mailto:[EMAIL PROTECTED]
 
 
 
 

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Tomcat 3.3 and Xerces

2002-02-21 Thread Renato

Hi all,

I substituted crimson.jar and jaxp.jar for xerces.jar in Tomcat 3.3. Is 
there some issue I should aware of ? 

Thanks
Renato - Brazil.

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




RE: Tomcat 3.3 and Xerces

2002-02-21 Thread Renato

Exactly. I left xerces.jar and xalan.jar in container, got rid of 
crimson.jar and jaxp.jar ( in apps ). This was necessary because of struts. 
It was the only way I found to make it work.

Thanks !

On Thu, 21 Feb 2002 13:27:15 -0500, Larry Isaacs [EMAIL PROTECTED] 
escreveu :

 I assume you mean in lib/container.  I am not aware
 that there would be any problems.  It does mean
 that xerces.jar will become the default XML parser
 for all your webapps (via the LoaderInterceptor11).
 
 Cheers,
 Larry
 
  -Original Message-
  From: Renato [mailto:[EMAIL PROTECTED]]
  Sent: Thursday, February 21, 2002 10:11 AM
  To: [EMAIL PROTECTED]
  Subject: Tomcat 3.3 and Xerces
  
  
  Hi all,
  
  I substituted crimson.jar and jaxp.jar for xerces.jar in 
  Tomcat 3.3. Is 
  there some issue I should aware of ? 
  
  Thanks
  Renato - Brazil.
  
  --
  To unsubscribe:   mailto:[EMAIL PROTECTED]
  For additional commands: mailto:[EMAIL PROTECTED]
  Troubles with the list: mailto:[EMAIL PROTECTED]
  
 
 --
 To unsubscribe:   mailto:[EMAIL PROTECTED]
 For additional commands: mailto:[EMAIL PROTECTED]
 Troubles with the list: mailto:[EMAIL PROTECTED]
 
 
 
 

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




R: Running tomcat port 80

2002-02-18 Thread Renato Romano

You have to run Tomcat as root, because port 80 is reserved on UNIX systems
for use by the superuser;
Probably root can't find the commands because you have to adjust the
environment... just check $PATH, $CATALINA_HOME and $JAVA_HOME of the user
you previosly used to run TOMCAT, and set them approriately for the root
user ...

-Messaggio originale-
Da: Andrew Rodwell [mailto:[EMAIL PROTECTED]]
Inviato: lunedì 18 febbraio 2002 11.14
A: Tomcat Users List
Oggetto: Running tomcat port 80


Hi ,

We are trying to get TOMCAT 4.0 to run on the default web port - and can do
it ok on windows.

However when we try the same changes on SuSE Linux 7.3 it will not run.

Somebody suggested that we start it under root - when we try this the
commands are not found.

You might have guessed we are noew to Linux - any ideas?

Regards

Andrew

To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]



--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




JSP-FILE

2002-02-18 Thread Renato Romano

Hi,
can anyone tell me hwy should i define a servlet in my web.xml file which
has a jsp-file tag instead of a servlet-class tag ?
Defining servlet MyServlet to have a jsp-file (say testServletPage.jsp)
means I'll have to make a request like
http://myhost,mydom/myapp/servlet/MyServlet?par1=val1... is that right ??
Thanks to all.

Renato


--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




R: Another Question About Tomcat Auth

2002-02-15 Thread Renato Romano

OK!!I just made a little step: i tried to put the classes in the common dir,
but Tomcat can't start, giving me a ClassNotFoundException on JDBCRealm. In
fact my Realm implementation is an extension of JDBCRealm, and the Common
ClassLoader can't find it, because it is a parent of the Catalina
ClassLoader. One solution i think would be to put also catalina.jar (where
JDBCRealm is) in the common/lib dir, but it doesn't seems to be a great idea
:-(((
Suggestions ?
Thanks again

Renato

-Messaggio originale-
Da: Craig R. McClanahan [mailto:[EMAIL PROTECTED]]
Inviato: giovedi 14 febbraio 2002 18.24
A: Tomcat Users List; [EMAIL PROTECTED]
Oggetto: Re: Another Question About Tomcat Auth




On Thu, 14 Feb 2002, Renato Romano wrote:

 Date: Thu, 14 Feb 2002 16:50:52 +0100
 From: Renato Romano [EMAIL PROTECTED]
 Reply-To: Tomcat Users List [EMAIL PROTECTED],
  [EMAIL PROTECTED]
 To: Tomcat Users List [EMAIL PROTECTED]
 Subject: Another Question About Tomcat Auth

 I succeffully defined my own Realm Implementation, but for have it working
i
 had to put the classes into the $CATALINA_HOME/server/classes dir. Since I
 also use those classes in my webapp, I also had to put them in
 webapps/myapp/WEB-INF/classes !! Of course I tried to put the classes in
the
 common/classes dir, but it doesn't works. Any idea ?
 Thanks again


If you need classes to be visible to *both* Tomcat and your webapp, put
them in $CATALINA_HOME/common/classes (or in JAR files in
$CATALINA_HOME/common/lib).  For more information on how class loading
works in Tomcat 4, see the appropriate docs:

  http://localhost:8080/tomcat-docs/class-loader-howto.html

or online at:

  http://jakarta.apache.org/tomcat/tomcat-4.0-doc/class-loader-howto.html

 Renato


Craig



--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Tomcat Auth

2002-02-14 Thread Renato Romano

Is it possible to use different Authentication Realms for different
applications running on Tomcat4.0 ? Or at least use different DataBase,
tables etc... ?And if yes how ?
Thanks everyone.

Renato


--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Again Tomcat Auth

2002-02-14 Thread Renato Romano

Is it possible to use different Authentication Realms for different
applications running on Tomcat4.0 ? Or at least use different DataBase,
tables etc... ?And if yes how ?
Thanks everyone.

Maybe it is possible in older versions of Tomcat ?

Renato


--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




R: Tomcat Auth

2002-02-14 Thread Renato Romano

Ok I got it, that's also in the doc... Do you know if it is also possible
with Tomcat 3.2.x ?
There the Realm is defined by a RequestInterceptor element ...
Thanks

Renato

-Messaggio originale-
Da: Unsöld, Hans-Michael [mailto:[EMAIL PROTECTED]]
Inviato: giovedì 14 febbraio 2002 16.04
A: 'Tomcat Users List'
Oggetto: AW: Tomcat Auth


Hi,
I think it's possible: You should place a Context element (in server.xml)
corresponding to the app. Within that element you place a Realm element.
It will
override the Realm element below Engine (or Host).

Michael.

-Ursprüngliche Nachricht-
Von: Renato Romano [mailto:[EMAIL PROTECTED]]
Gesendet: Donnerstag, 14. Februar 2002 16:00
An: Tomcat Users List
Betreff: Tomcat Auth


Is it possible to use different Authentication Realms for different
applications running on Tomcat4.0 ? Or at least use different DataBase,
tables etc... ?And if yes how ?
Thanks everyone.

Renato


--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]



--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Another Question About Tomcat Auth

2002-02-14 Thread Renato Romano

I succeffully defined my own Realm Implementation, but for have it working i
had to put the classes into the $CATALINA_HOME/server/classes dir. Since I
also use those classes in my webapp, I also had to put them in
webapps/myapp/WEB-INF/classes !! Of course I tried to put the classes in the
common/classes dir, but it doesn't works. Any idea ?
Thanks again

Renato


--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Tomcat 3.3 and logging per host

2002-02-07 Thread Renato

Hi all,

Does anybody know if Tomcat 3.3 has the Logger configuration in 
Catalina ? I want to do logging per Host/Context. I tested with Catalina 
and it worked fine, but with Tomcat 3.3 I tried with LogSetter and it 
didn't work. 

Any hints ?

Thanks
Renato.

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




R: Custom Realm Implementation

2002-02-04 Thread Renato Romano

OK !! In RealmBase the hasRole method looks for a Principal of class
GenericPrincipal; by overriding this method everithing works fine !!
Thanks a lot

Renato

-Messaggio originale-
Da: Craig R. McClanahan [mailto:[EMAIL PROTECTED]]
Inviato: venerdi 1 febbraio 2002 23.31
A: Tomcat Users List; [EMAIL PROTECTED]
Oggetto: Re: Custom Realm Implementation




On Fri, 1 Feb 2002, Renato Romano wrote:

 Date: Fri, 1 Feb 2002 18:02:16 +0100
 From: Renato Romano [EMAIL PROTECTED]
 Reply-To: Tomcat Users List [EMAIL PROTECTED],
  [EMAIL PROTECTED]
 To: Tomcat Users List [EMAIL PROTECTED]
 Subject: Custom Realm Implementation

 I'm trying to write my own Realm but have some problems...
 MyRealm extends JDBCRealm, overrides the authenticate method(Connection,
 String, String)
 and returns a CustomPrincipal which is My own implementation of Principal;

 When I try to log in, a get a User userName successfully authenticated
 message on the log, but the browser shows me a 403 error (You are not
 allowed ...)


Tomcat calls the hasRole() method of your Realm implementation in order to
check for the roles required to satisfy security constraints.  You'll want
to override this method as well, because the default method (in
AuthenticatorBase) assumes you are using one of the standard Realm
implementations that uses GenericPrincipal objects.

 Any idea ?
 Any document showing the process in details ?
 Thanks

Just the source code, at the moment :-(.


 Renato


Craig


--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]



--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Java Petstore + Tomcat 3.3 web.xml problem

2002-02-02 Thread Renato

Hi all,

I'm trying to deploy the Java Pet store 1.1.2 with Tomcat 3.3 and JBoss. I 
actually trying to run Tomcat apart from JBoss and putting just the client 
side EJBs on my WEB-INF directory.

I'm using the web.xml provided by the application ( they say to run Tomcat 
integrated with JBoss, so I don't know if it's suppose to work the way I'm 
doing )



  env-entry
env-entry-nameejb/catalog/CatalogDAOClass/env-entry-name
env-entry-typejava.lang.String/env-entry-type
env-entry-
valuecom.sun.j2ee.blueprints.shoppingcart.catalog.dao.CatalogDAOImpl/env-
entry-value
  /env-entry
  env-entry
env-entry-nameejb/profilemgr/ProfileMgrDAOClass/env-entry-name
env-entry-typejava.lang.String/env-entry-type
env-entry-
valuecom.sun.j2ee.blueprints.personalization.profilemgr.dao.ProfileMgrDAOIm
pl/env-entry-value
  /env-entry
  env-entry
env-entry-nameserver/ServerType/env-entry-name
env-entry-valueJBoss 2.4 BETA/env-entry-value
env-entry-typejava.lang.String/env-entry-type
  /env-entry

  ejb-ref
ejb-ref-nameejb/catalog/Catalog/ejb-ref-name
ejb-ref-typeSession/ejb-ref-type

homecom.sun.j2ee.blueprints.shoppingcart.catalog.ejb.CatalogHome/home

remotecom.sun.j2ee.blueprints.shoppingcart.catalog.ejb.Catalog/remote
  /ejb-ref



And I have the error during Tomcat initialization ( note that I didn't do 
anything yet... )

2002-02-02 18:26:37 - Ctx() : Validating web.xml
2002-02-02 18:26:37 - Ctx() : web.xml: Error org.xml.sax.SAXParseException: 
Element web-app does not allow servlet here.
2002-02-02 18:26:38 - Ctx() : Line 20 /web-app/
2002-02-02 18:26:38 - Ctx() : web.xml: Error org.xml.sax.SAXParseException: 
Element env-entry allows no further input; env-entry-value is not 
allowed.
2002-02-02 18:26:38 - Ctx() : Line 49 /web-app/env-entry/
2002-02-02 18:26:38 - Ctx() : Add env-entry ejb/catalog/CatalogDAOClass  
java.lang.String 
com.sun.j2ee.blueprints.shoppingcart.catalog.dao.CatalogDAOImpl null
2002-02-02 18:26:38 - Ctx() : web.xml: Error org.xml.sax.SAXParseException: 
Element env-entry allows no further input; env-entry-value is not 
allowed.
2002-02-02 18:26:38 - Ctx() : Line 54 /web-app/env-entry/
2002-02-02 18:26:38 - Ctx() : Add env-entry 
ejb/profilemgr/ProfileMgrDAOClass  java.lang.String 
com.sun.j2ee.blueprints.personalization.profilemgr.dao.ProfileMgrDAOImpl 
null
2002-02-02 18:26:38 - Ctx() : Add env-entry server/ServerType  
java.lang.String JBoss 2.4 BETA null

What can this be ? An old version of a parser ? Do these tags are allowed 
on the web.xml ? 

Thanks
Renato

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Custom Realm Implementation

2002-02-01 Thread Renato Romano

I'm trying to write my own Realm but have some problems...
MyRealm extends JDBCRealm, overrides the authenticate method(Connection,
String, String)
and returns a CustomPrincipal which is My own implementation of Principal;

When I try to log in, a get a User userName successfully authenticated
message on the log, but the browser shows me a 403 error (You are not
allowed ...)

Any idea ?
Any document showing the process in details ?
Thanks

Renato


--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Strange Tomcat 3.3 error

2002-01-30 Thread Renato

Hi all,

Sometimes, when I start my Tomcat 3.3 + Apache ( nightly build 0 I have the 
following error:

.
/web.xml - java.net.NoRouteToHostException: Connection timed out
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:329)
at java.net.PlainSocketImpl.connectToAddress
(PlainSocketImpl.java:141)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:128)
at java.net.Socket.init(Socket.java:285)
at java.net.Socket.init(Socket.java:112)
at sun.net.NetworkClient.doConnect(NetworkClient.java:56)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:347)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:534)
at sun.net.www.http.HttpClient.init(HttpClient.java:282)
at sun.net.www.http.HttpClient.init(HttpClient.java:292)
at sun.net.www.http.HttpClient.New(HttpClient.java:304)
at sun.net.www.protocol.http.HttpURLConnection.connect
(HttpURLConnection.java:393)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream
(HttpURLConnection.java:487)
at java.net.HttpURLConnection.getResponseCode
(HttpURLConnection.java:221)
at org.apache.crimson.parser.Resolver.createInputSource
(Resolver.java:287)
at org.apache.crimson.parser.ExternalEntity.getInputSource
(ExternalEntity.java:92)
at org.apache.crimson.parser.Parser2.pushReader(Parser2.java:3133)
at org.apache.crimson.parser.Parser2.externalParameterEntity
(Parser2.java(Compiled Code))
at org.apache.crimson.parser.Parser2.maybeDoctypeDecl
(Parser2.java:1167)
at org.apache.crimson.parser.Parser2.parseInternal(Parser2.java:489)
at org.apache.crimson.parser.Parser2.parse(Parser2.java:305)
at org.apache.crimson.parser.XMLReaderImpl.parse
(XMLReaderImpl.java:442)
at org.xml.sax.helpers.XMLReaderAdapter.parse
(XMLReaderAdapter.java:223)
at org.apache.tomcat.util.xml.XmlMapper.readXml(Unknown Source)
   at org.apache.tomcat.facade.WebXmlReader.processWebXmlFile(Unknown 
Source)
at org.apache.tomcat.facade.WebXmlReader.contextInit(Unknown Source)
at org.apache.tomcat.core.Context.init(Unknown Source)
at org.apache.tomcat.core.ContextManager.init(Unknown Source)
at org.apache.tomcat.startup.EmbededTomcat.initContextManager
(Unknown Source)
at org.apache.tomcat.startup.EmbededTomcat.execute1(Unknown Source)
at org.apache.tomcat.startup.EmbededTomcat$1.run(Unknown Source)
at org.apache.tomcat.util.compat.Jdk12Support$PrivilegedProxy.run
(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.tomcat.util.compat.Jdk12Support.doPrivileged(Unknown 
Source)
at org.apache.tomcat.startup.EmbededTomcat.execute(Unknown Source)
at java.lang.reflect.Method.invoke(Native Method)
at org.apache.tomcat.util.IntrospectionUtils.execute(Unknown Source)
at org.apache.tomcat.startup.Main.execute(Unknown Source)
at org.apache.tomcat.startup.Main.main(Unknown Source)

It works fine, but it take ages to start. What can this be ?

Thanks
Renato - Brazil

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Help with Alias in Tomcat 4.0.2

2002-01-28 Thread Renato

Hi all,

I'm setting Tomcat 4.0.2 with multiple hosts. The tag Alias  doesn't 
seem to work as it should ( it works in Tomcat 3.3 ). The syntax I'm using 
is:
 Host name=site1.com
 Alias name=www.site1.com /
 Alias name=wap.site1.com /
 Context path= docBase=/home/site1/public_html/ 
debug=0 crossContext=false reloadable=true /
 /Host

Is it correct for Tomcat 4.0 ? Or should I create a Host entry for each 
domain ?

Thanks
Renato 

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Re: Fwd: Re: Tomcat 4.0.2-b2 + JSSE + Security Manager

2002-01-24 Thread Renato

Hi Glenn, 

Thanks for the advice. My last try was to leave security manager with just 
these lines:

grant {
permission java.security.AllPermission;
};

( which I premuse is the same as running without a security manager ) and 
it didn't work. 

I opened a bug report because I don't think I'm able to do something 
further.

Thanks for the help !
Renato - Brazil



On Wed, 23 Jan 2002 20:17:49 -0600, Glenn Nielsen 
[EMAIL PROTECTED] escreveu :

 Oh, one more thing you can try.  Configure the following permission
 in your catalina.policy.
 
 
   permission 
java.security.SecurityPermission getProperty.cert.provider.x509v1;
 
 Regards,
 
 Glenn
 
 Renato wrote:
  
  This is the last message I got, besides the usual already reported.
  
  default context init failed: java.security.PrivilegedActionException
  java.security.NoSuchAlgorithmException: Algorithm SunX509 not 
available
  
  Looking at the docs, it looks like it couldn't find the JSSE libraries. 
I
  even forced the jsse.jar, jcert.jar and jnet.jar on the global classpath
  when starting Catalina but I still can't use Security Manager and JSSE 
at
  the same time.
  
  Anything else I could do ?
  
  On Tue, 22 Jan 2002 13:58:17 -0600, Glenn Nielsen
  [EMAIL PROTECTED] escreveu :
  
   Try starting tomcat 4 with -security and the following properties 
defined:
  
   -Djava.security.debug=access,failure -Djava.net.debug=ssl
  
   That should generate alot of debug data to help you track down the 
source
   of the problem.
  
   Regards,
  
   Glenn
  
   Renato wrote:
  
Hi all,
   
I'm installing Tomcat 4.0.2B2. Everything is fine except for the
  following:
   
- I try to run a servlet that uses JSSE. If I start Catalina without
  the '-
security' it works fine, if I start with the '-security' it 
generates
  the
error:
   
java.net.SocketException: SSL implementation not available
(...)
   
The JSSE libraries are on ${java.home}/jre/lib/ext and this path has
permission to all.
   
I also tried on Tomcat 3.3 and the servlet works with or without the
security manager.
   
Any hint ?
   
Thanks
Renato - Brazil
   
--
To unsubscribe, e-mail:   mailto:tomcat-dev-
  [EMAIL PROTECTED]
For additional commands, e-mail: mailto:tomcat-dev-
  [EMAIL PROTECTED]
   
  
  
  
   --
   --
   Glenn Nielsen [EMAIL PROTECTED] | /* Spelin donut madder|
   MOREnet System Programming   |  * if iz ina coment.  |
   Missouri Research and Education Network  |  */   |
   --
  
  
   --
   To unsubscribe, e-mail:   mailto:tomcat-dev-
  [EMAIL PROTECTED]
   For additional commands, e-mail: mailto:tomcat-dev-
  [EMAIL PROTECTED]
  
  
  
  
  
  --
  To unsubscribe, e-mail:   mailto:tomcat-dev-
[EMAIL PROTECTED]
  For additional commands, e-mail: mailto:tomcat-dev-
[EMAIL PROTECTED]
 
 -- 
 --
 Glenn Nielsen [EMAIL PROTECTED] | /* Spelin donut madder|
 MOREnet System Programming   |  * if iz ina coment.  |
 Missouri Research and Education Network  |  */   |
 --
 
 --
 To unsubscribe, e-mail:   mailto:tomcat-dev-
[EMAIL PROTECTED]
 For additional commands, e-mail: mailto:tomcat-dev-
[EMAIL PROTECTED]
 
 
 
 

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Tomcat 4.0.2-b2 + JSSE + Security Manager

2002-01-22 Thread Renato

Hi all,

I'm installing Tomcat 4.0.2B2. Everything is fine except for the following:

- I try to run a servlet that uses JSSE. If I start Catalina without the '-
security' it works fine, if I start with the '-security' it generates the 
error: 

java.net.SocketException: SSL implementation not available
(...)

The JSSE libraries are on ${java.home}/jre/lib/ext and this path has 
permission to all.

I also tried on Tomcat 3.3 and the servlet works with or without the 
security manager.

Any hint ?

Thanks
Renato - Brazil

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Interceptor in Tomcat 4.0 ???

2002-01-22 Thread Renato

Hi all,

I have an Interceptor I wrote for Tomcat 3.3 and I want to migrate to 
Catalina. I think the concept know is a Valve, right ? Is there a guideline 
how to migrate an interceptor ?

Thanks
Renato - Brazil.

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Tomcat 4-b2 problem

2002-01-21 Thread Renato

Hi all,

I'm having the following problem trying to configure Tomcat 4b2 + ajp13 + 
apache + jdk 1.3 on linux:

java.lang.ExceptionInInitializerError: java.util.MissingResourceException: 
Can't find bundle for base name org.ap
ache.tomcat.util.buf.res.LocalStrings, locale en_US
at java.util.ResourceBundle.throwMissingResourceException
(ResourceBundle.java:695)
at java.util.ResourceBundle.getBundleImpl(ResourceBundle.java:667)
at java.util.ResourceBundle.getBundle(ResourceBundle.java:547)
at org.apache.tomcat.util.res.StringManager.init
(StringManager.java:115)
at org.apache.tomcat.util.res.StringManager.getManager
(StringManager.java:289)
at org.apache.tomcat.util.buf.DateTool.clinit(DateTool.java:133)
at org.apache.tomcat.util.http.ServerCookie.clinit
(ServerCookie.java:233)
at org.apache.tomcat.util.http.Cookies.addCookie(Cookies.java:181)
at org.apache.tomcat.util.http.Cookies.processCookieHeader
(Cookies.java:300)
at org.apache.tomcat.util.http.Cookies.processCookies
(Cookies.java:211)
at org.apache.tomcat.util.http.Cookies.getCookieCount
(Cookies.java:161)
at org.apache.ajp.tomcat4.Ajp13Request.addCookies
(Ajp13Request.java:183)
at org.apache.ajp.tomcat4.Ajp13Request.setAjpRequest
(Ajp13Request.java:145)
at org.apache.ajp.tomcat4.Ajp13Processor.process
(Ajp13Processor.java:398)
at org.apache.ajp.tomcat4.Ajp13Processor.run

I commented out all the webapps lines and just left an application I know 
it works on Tomcat 3.3

Any hint ?

Thanks
Renato - Brazil.



--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Re: Can I have all virtual hosts share one context on tomcat 3.2.4?

2002-01-15 Thread Renato

With Tomcat 3.3 you can use the tag Alias name=... under Host ..  and 
before Context...

I think Tomcat 3.2.x doesn't support this.

Renato - Brazil.

On Tue, 15 Jan 2002 12:10:48 -0600, Brandon Cruz [EMAIL PROTECTED] 
escreveu :

 Is it possible with tomcat 3.2.4 to have all virtual hosts share one
 context.  I want them to all share one web application.  Is this possible?
 
 Brandon
 
 
 --
 To unsubscribe:   mailto:[EMAIL PROTECTED]
 For additional commands: mailto:[EMAIL PROTECTED]
 Troubles with the list: mailto:[EMAIL PROTECTED]
 
 
 
 

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Question about Logging and Virtual Host

2002-01-11 Thread Renato

Hi all,

I have an environment with multiple contexts and users. I'm running Tomcat 
3.3-dev. 

Currently all log information from the servlets, exceptions, etc, is 
centralized in one log file. If it possible to create a log file per 
context ? ( maybe the logsetter under the Host tag ?

Thanks
Renato - Brazil.

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Re: Problems with tomcat 3.2.4 and AJP13

2002-01-09 Thread Renato

I was having some stability problems with Tomcat 3.2.x and I recently 
upgraded to Tomcat 3.3-dev ( lastest nigthly build - I take care of re-
upgrading every week ) and now apache+ajp13+tomcat is working like a 
charm !!

On Wed, 9 Jan 2002 11:57:56 -0600, Brandon Cruz [EMAIL PROTECTED] 
escreveu :

 Has anyone found out why jsp pages will return a 500 error for the first
 five or six times they are viewed after restarting tomcat 3.2.4 connected 
to
 apache via ajp13 on linux?  Is there a fix such as a different connector I
 can use or something?
 
 Brandon
 
 
 --
 To unsubscribe:   mailto:[EMAIL PROTECTED]
 For additional commands: mailto:[EMAIL PROTECTED]
 Troubles with the list: mailto:[EMAIL PROTECTED]
 
 
 
 

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Re: TC 3.3.3 with Apache stack space error

2002-01-07 Thread Renato

Try to put something like -Xms400m -Xmx500m on TOMCAT_OPTS of tomcat.sh in 
the $TOMCAT_HOME/bin directory.


On 07 Jan 2002 12:08:44 -0600, Ray Pitmon [EMAIL PROTECTED] escreveu :

 
 
 Hi,
 
 I have many machines running older versions of tomcat(3.2.x), but now I
 am setting up a new one, with 3.3.1, and I get this error whenever I try
 to hit a JSP:
 
 2002-01-07 12:41:21 - Ctx() : compile error: req=R(  + /index.jsp +
 null) - org.apache.jasper.JasperException: Unable to compile The
 compiler has run out of stack space.  Consider using the
 -J-ossnumber command line option to increase the memory allocated
 for the Java stack.
 
 
 I am using the following:
 tomcat-mod-3.3-1 rpm
 tomcat-3.3-3 rpm
 apache 1.3.20-16 rpm
 IBM 1.3.0 JDK
 
 all on redhat 7.2.  It gives the same error whether thru apache or
 directly to tomcat's webserver.
 
 
 thx for any ideas anyone has...
 
 -Ray
 
 
 
 --
 To unsubscribe:   mailto:[EMAIL PROTECTED]
 For additional commands: mailto:[EMAIL PROTECTED]
 Troubles with the list: mailto:[EMAIL PROTECTED]
 
 
 
 

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Re: TC 3.3.3 with Apache stack space error

2002-01-07 Thread Renato

Good question. You might want to try to ask this on the tomcat-dev list. 

On 07 Jan 2002 13:07:17 -0600, Ray Pitmon [EMAIL PROTECTED] escreveu :

 Ok, that works.  I tried all sorts of different values less than that,
 but -Xms needed to be 400 to get it to work.
 
 That doesn't make alot of sense to me.  
 My tomcat is using 32 megs of RAM now.
 
 Why in the world would I have to specify that it use 400-500 megs?
 
 Is this a bug?
 
 thx,
 
 -Ray
 
 
 
 
 On Mon, 2002-01-07 at 10:27, Renato wrote:
  Try to put something like -Xms400m -Xmx500m on TOMCAT_OPTS of tomcat.sh 
in 
  the $TOMCAT_HOME/bin directory.
  
  
  On 07 Jan 2002 12:08:44 -0600, Ray Pitmon [EMAIL PROTECTED] 
escreveu :
  
   
   
   Hi,
   
   I have many machines running older versions of tomcat(3.2.x), but now 
I
   am setting up a new one, with 3.3.1, and I get this error whenever I 
try
   to hit a JSP:
   
   2002-01-07 12:41:21 - Ctx() : compile error: req=R(  + /index.jsp +
   null) - org.apache.jasper.JasperException: Unable to compile The
   compiler has run out of stack space.  Consider using the
   -J-ossnumber command line option to increase the memory allocated
   for the Java stack.
   
   
   I am using the following:
   tomcat-mod-3.3-1 rpm
   tomcat-3.3-3 rpm
   apache 1.3.20-16 rpm
   IBM 1.3.0 JDK
   
   all on redhat 7.2.  It gives the same error whether thru apache or
   directly to tomcat's webserver.
   
   
   thx for any ideas anyone has...
   
   -Ray
   
   
   
   --
   To unsubscribe:   mailto:[EMAIL PROTECTED]
   For additional commands: mailto:[EMAIL PROTECTED]
   Troubles with the list: mailto:[EMAIL PROTECTED]
   
   
   
   
  
  --
  To unsubscribe:   mailto:[EMAIL PROTECTED]
  For additional commands: mailto:[EMAIL PROTECTED]
  Troubles with the list: mailto:[EMAIL PROTECTED]
  
 
 
 
 --
 To unsubscribe:   mailto:[EMAIL PROTECTED]
 For additional commands: mailto:[EMAIL PROTECTED]
 Troubles with the list: mailto:[EMAIL PROTECTED]
 
 
 
 

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Re: linux + tomcat 3 memory leaks ?

2001-12-24 Thread Renato

Humm... Did you try the lastest nightly build ? I just happen to have the 
exact same configuration ( except the kernel ) and everything is running 
perfectly, much much better than in Tomcat 3.2.4 by the way. ( I strongly 
recommend the upgrade to everybody !! )

On Sat, 22 Dec 2001 12:52:24 +0100, Dom [EMAIL PROTECTED] escreveu :

 I've installed Tomcat 3.3 in my linux box
 After a fresh boot, tomcat launched and NO web application running, I can
 see that the tomcat user memory is growing regulary by watching Top.
 
 Why ?
 
 Mandake Linux 7.2 with 2.4.16 kernel (not 2.2.16)
 Apache 1.3.19
 Tomcat 3.3
 IBMJava2-13
 
 Dom
 
 
 
 --
 To unsubscribe:   mailto:[EMAIL PROTECTED]
 For additional commands: mailto:[EMAIL PROTECTED]
 Troubles with the list: mailto:[EMAIL PROTECTED]
 
 
 
 

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Re: JSSE 1.0.2

2001-12-24 Thread Renato

You probably also need to start Tomcat with extra startup options:

TOMCAT_OPTS=-
Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol 



On Mon, 24 Dec 2001 06:35:32 -0800, Pae Choi [EMAIL PROTECTED] 
escreveu :

 Have you tried any of three samples that come with JSSE? If not,
 try run those samples to see if your JSSE is well configured and
 ready to use. This will be your starting point to trace your problem.
 
 Once you have verified it, it will help you as well as other folks to
 have better understing of your problem by narrowing down.
 
 
 Pae
 
 
 
  Thanks. I've already added that line to the security file but it was in
  jre\lib\security. I don't beleive that I am running the security 
manager,
 but I
  am still getting that same message
  (java.lang.reflect.InvocationTargetException:
 java.lang.NoClassDefFoundError:
  javax/net/ServerSocketFactory) in the log.
 
  Any other suggestions?
 
  Many thanks, Duncan.
 
  Renato wrote:
 
   You need to include the security provider in your java.security file:
  
   security.provider.3=com.sun.net.ssl.internal.ssl.Provider
  
   Also, are you running tomcat with a security manager ? if so, make 
sure
 you
   have jre\lib\ext with permissions.
  
   Renato - Brazil
  
   On Fri, 21 Dec 2001 17:16:49 +, Duncan Smith
 [EMAIL PROTECTED]
   escreveu :
  
Hello.
I've just downloaded JSSE 1.0.2 and put the three .jar files in
jre\lib\ext directory.
   
I've uncommented the example SSl connector in server.xml, but when I
restart, I get this error in the stdout.log:
   
Exception during startup processing
java.lang.reflect.InvocationTargetException:
java.lang.NoClassDefFoundError: javax/net/ServerSocketFactory
   
Can anybody help?
   
Many thanks in advance, Duncan.
   
   
--
To unsubscribe:   mailto:tomcat-user-
[EMAIL PROTECTED]
For additional commands: mailto:tomcat-user-
[EMAIL PROTECTED]
Troubles with the list: mailto:tomcat-user-
[EMAIL PROTECTED]
   
   
   
   
  
   --
   To unsubscribe:   mailto:[EMAIL PROTECTED]
   For additional commands: mailto:[EMAIL PROTECTED]
   Troubles with the list: mailto:[EMAIL PROTECTED]
 
 
  --
  To unsubscribe:   mailto:[EMAIL PROTECTED]
  For additional commands: mailto:[EMAIL PROTECTED]
  Troubles with the list: mailto:[EMAIL PROTECTED]
 
 
 
 --
 To unsubscribe:   mailto:[EMAIL PROTECTED]
 For additional commands: mailto:[EMAIL PROTECTED]
 Troubles with the list: mailto:[EMAIL PROTECTED]
 
 
 
 

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Re: JSSE 1.0.2

2001-12-21 Thread Renato

You need to include the security provider in your java.security file:

security.provider.3=com.sun.net.ssl.internal.ssl.Provider

Also, are you running tomcat with a security manager ? if so, make sure you 
have jre\lib\ext with permissions.

Renato - Brazil

On Fri, 21 Dec 2001 17:16:49 +, Duncan Smith [EMAIL PROTECTED] 
escreveu :

 Hello.
 I've just downloaded JSSE 1.0.2 and put the three .jar files in
 jre\lib\ext directory.
 
 I've uncommented the example SSl connector in server.xml, but when I
 restart, I get this error in the stdout.log:
 
 Exception during startup processing
 java.lang.reflect.InvocationTargetException:
 java.lang.NoClassDefFoundError: javax/net/ServerSocketFactory
 
 Can anybody help?
 
 Many thanks in advance, Duncan.
 
 
 --
 To unsubscribe:   mailto:[EMAIL PROTECTED]
 For additional commands: mailto:[EMAIL PROTECTED]
 Troubles with the list: mailto:[EMAIL PROTECTED]
 
 
 
 

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Re: Tomcat 3.3 deployment - last minute problem

2001-12-18 Thread Renato

Hi all,

I'm investigating this problem and may found something. The html that is 
pushed to my browser is definitely pure Unicode ( UTF8 ), so somehow the 
HTML bytes are not been properly translated to chars. Where can I look in 
the code to make some tests ?

Thanks
Renato.

 Reply-to: Tomcat Developers List 
 From: Renato 
 Date: Fri Dec 14 15:19:28 2001
 To: Tomcat Developers List ,
 Tomcat Developers List ,
 , 
 Subject: Re: Tomcat 3.3 deployment - last minute problem
 
 Hi,
 
 This is what I'm using:
 
 
 
 I saw the servlet generated in the work directory and it actually write 
the 
 response.setContentType(text/html;charset=ISO-8859-1) 
 
 ( default type in server.xml is set to ISO-8859-1 too )
 
 How can I know the charset of Linux ? ( I'll STW of course.. :)) )
 
 Thanks for the promptness !
 
 On Fri, 14 Dec 2001 08:48:31 -0800 (PST), escreveu :
 
  On Fri, 14 Dec 2001, Renato wrote:
  
   *** HTML pages with latin characters don't display correctly on Linux 
 ***
  
   ( JSP file with: )
   Ex: 
 áéíóú
 
  
   It's maybe a problem with the locale variables on my Linux, which I 
 don't
   quite understand ( tried LC_ALL, LANG, LC_CTYPE and it didn't work ) 
or
   Tomcat itself.
  
  Do you set the charset in the page
  setContentType(text/html;charset=8859-??) or the jsp equivalent ?
  
  What charset do you use to write the page ? ( i.e. UTF or 8859-?? ) ?
  
  There are few variables:
  - Java default charset ( which is typically the same as the OS charset).
  This is what jasper uses to read the page from disk. The page is 
converted
  to UTF by the reader. ( you can override the charset used on each page,
  don't remember the directive )
  
  - output charset. This is specified in setContentType() or 
setCharEncoding
  on the response, and is used to convert from UTF to the target charset.
  
  
  Costin
  


--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Re: Tomcat 3.3 deployment - last minute problem

2001-12-14 Thread Renato

Hi,

This is what I'm using:

%@ page contentType=text/html; charset=ISO-8859-1 %

I saw the servlet generated in the work directory and it actually write the 
response.setContentType(text/html;charset=ISO-8859-1) 

( default type in server.xml is set to ISO-8859-1 too )

How can I know the charset of Linux ? ( I'll STW of course.. :)) )

Thanks for the promptness !

On Fri, 14 Dec 2001 08:48:31 -0800 (PST), [EMAIL PROTECTED] escreveu :

 On Fri, 14 Dec 2001, Renato wrote:
 
  *** HTML pages with latin characters don't display correctly on Linux 
***
 
  ( JSP file with: )
  Ex:   páéíóú/p
 
  It's maybe a problem with the locale variables on my Linux, which I 
don't
  quite understand ( tried LC_ALL, LANG, LC_CTYPE and it didn't work ) or
  Tomcat itself.
 
 Do you set the charset in the page
 setContentType(text/html;charset=8859-??) or the jsp equivalent ?
 
 What charset do you use to write the page ? ( i.e. UTF or 8859-?? ) ?
 
 There are few variables:
 - Java default charset ( which is typically the same as the OS charset).
 This is what jasper uses to read the page from disk. The page is converted
 to UTF by the reader. ( you can override the charset used on each page,
 don't remember the directive  )
 
 - output charset. This is specified in setContentType() or setCharEncoding
 on the response, and is used to convert from UTF to the target charset.
 
 
 Costin
 
 
 --
 To unsubscribe, e-mail:   mailto:tomcat-dev-
[EMAIL PROTECTED]
 For additional commands, e-mail: mailto:tomcat-dev-
[EMAIL PROTECTED]
 
 
 
 

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Tomcat 3.3 deployment - last minute problem

2001-12-14 Thread Renato

Hi all,

I have one last problem that prevents me from upgrading a big user base 
from Tomcat 3.2.4 to Tomcat 3.3 ( which will be the last nightly build ).

*** HTML pages with latin characters don't display correctly on Linux ***

( JSP file with: )
Ex:   páéíóú/p

I'm not quite sure if it's a bug or no. Here are some different scenarios 
and what happens:

- in Tomcat 3.2.4 it works ( someone told me 3.2.x charset is broken 
anyway )
- in Tomcat 3.3 installed on Window it works.
- in Tomcat 3.3 installed on Linux ( Red Hat 7.2, tested with IBM, Sun, 
JRockit JVM ) it doesn't work.

It's maybe a problem with the locale variables on my Linux, which I don't 
quite understand ( tried LC_ALL, LANG, LC_CTYPE and it didn't work ) or 
Tomcat itself. 

Any hints ? 

Thanks
Renato - Brazil

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Re: Strange problem with mod_jk (desperate for help)

2001-12-12 Thread Renato

If you are using a different version, you should definitely try to 
recompile, specially if glibc version is diferent.


 
   I have installed mod_jk to connect Apache to Tomcat.  This was a
 module obtained from jakarta's web site.  Apache and Tomcat will both 
start
 up with no problem, but I am getting a 404 error when trying to access a
 *.jsp page.
 
   1)I have this exact same configuration with Tomcat 3.2.1, all I am
 trying to do is put Tomcat 3.2.4 into the same environment on a new 
machine
 (newer version of Linux also).  
 
   2)My mod_jk.log is telling me that it finds a match for a worker,
 here is the output when I try to access the page...
   [jk_uri_worker_map.c (344)]: Into
 jk_uri_worker_map_t::map_uri_to_worker
   [jk_uri_worker_map.c (406)]: jk_uri_worker_map_t::map_uri_to_worker,
 Found a match ajp12
   [jk_worker.c (123)]: Into wc_get_worker_for_name ajp12
   [jk_worker.c (127)]: wc_get_worker_for_name, done  found a worker
 
   3)My apache error_log is telling me something about a segmentation
 fault, which my properly working environment spits out sometimes (doesn't
 ever cause any problems that I know of).  Here is the output...
   [Wed Dec 12 23:56:02 2001] [notice] child pid 7385 exit signal
 Segmentation fault (11)
 
   4)Apache appears to be loading the mod_jk correctly on startup based
 on the information provided in the apache error_log provided below...
   [Wed Dec 12 23:07:47 2001] [notice] Apache/1.3.19 (Unix) mod_jk
 mod_perl/1.24_01 mod_throttle/2.11 PHP/4.0.6 FrontPage/4.0.4.3 
mod_ssl/2.8.3
 OpenSSL/0.9.6b configured -- resuming normal operations
 
   5)To me, this appears to be a problem with specifying a wrong path
 for a context or something in server.xml, but I have checked that over and
 over and it all is correct, but here is the path to my vhost in case I am
 missing something.
   Host name=www.cheapshotz.com
Context path=
   
 docBase=/usr/local/psa/home/vhosts/cheapshotz.com/httpdocs
crossContext=false
debug=0
reloadable=true
/Context
 /Host
 
 
 
   I know this is long, but if anyone can point me in the right
 direction, I would REALLY appreciate it!  I have been working on this
 configuration for 2 days now, am so close to completion, but have come to 
a
 dead end.  Should I try to compile mod_jk on my machine?  Every attempt at
 that has resulted in apache not starting up.
 
 
   Brandon
 
 
 

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Tomcat 3.3 and JSP/HTML pages with accents

2001-12-11 Thread Renato

Hi all,

I'm trying to upgrade from Tomcat 3.2 to Tomcat 3.3 and I have some jsp 
pages that have caracteres with accents. With tomcat 3.3 it 
outputs 'garbage' to the browser.

Example: 

...

tdI have accents - áéíóú âêîôû/td

...


What am I missing ?

Thanks.





--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Tomcat 3.3 question

2001-12-10 Thread Renato

I'm trying to upgrade from Tomcat 3.2 to Tomcat 3.3 and I have some jsp 
pages that have some caracteres with accents. With tomcat 3.3 it 
output 'garbage' to the browser.

What am I missing ?

Thanks.

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Connection reset by peer

2001-12-10 Thread Renato

Hi all,

I was looking through tomcat's log ( tomcat 3.2.4 + mod_jk under Red Hat 
7.2 + Sun JVM 1.3.1_01 ) and I saw a lot of messages like this:

java.net.SocketException: Connection reset by peer: Connection reset by peer
at java.net.SocketInputStream.socketRead(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:86)
at org.apache.tomcat.service.connector.TcpConnector.receiveFully
(TcpConnector.java:150)
at org.apache.tomcat.service.connector.TcpConnector.receive
(TcpConnector.java:121)
at 
org.apache.tomcat.service.connector.Ajp13ConnectionHandler.processConnection
(Ajp13ConnectionHandler.ja
va:146)
at org.apache.tomcat.service.TcpWorkerThread.runIt
(PoolTcpEndpoint.java:416)
at org.apache.tomcat.util.ThreadPool$ControlRunnable.run
(ThreadPool.java:501)
at java.lang.Thread.run(Thread.java:484)

After a while Tomcat starts failing to respond till it hangs completely.

I've seen Sun's JVM release and already set up the 'work around' parameters 
for Linux.

Any other hint ?

Thanks
Renato.

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Re: Connection reset by peer

2001-12-10 Thread Renato

It looks that this error however is happening at the connector pool level. 
I see other 'connection reset by peer' errors but they have different 
stacks. This one looks more critical. It might also a bug in the JVM.


 Hello,
 
 I had the same problem with tomcat in windows environment. Its just that
 when ever your connection between Tomcat and its client (mostly a web
 browser) breaks (may be due to pressing stop button in the browser or due 
to
 any other reason) it throws exception. And the exception stack trace was
 printed on the console. So nothing to worry about this.
 
 I am not too sure, but I guess your tomcat didn't hang due to this reason.
 There must be some other problem with your environment as well.
 
 Regards,
 Ali.
 - Original Message -
 From: Renato [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Cc: [EMAIL PROTECTED]
 Sent: Monday, December 10, 2001 5:26 PM
 Subject: Connection reset by peer
 
 
  Hi all,
 
  I was looking through tomcat's log ( tomcat 3.2.4 + mod_jk under Red Hat
  7.2 + Sun JVM 1.3.1_01 ) and I saw a lot of messages like this:
 
  java.net.SocketException: Connection reset by peer: Connection reset by
 peer
  at java.net.SocketInputStream.socketRead(Native Method)
  at java.net.SocketInputStream.read(SocketInputStream.java:86)
  at org.apache.tomcat.service.connector.TcpConnector.receiveFully
  (TcpConnector.java:150)
  at org.apache.tomcat.service.connector.TcpConnector.receive
  (TcpConnector.java:121)
  at
 
 
org.apache.tomcat.service.connector.Ajp13ConnectionHandler.processConnection
  (Ajp13ConnectionHandler.ja
  va:146)
  at org.apache.tomcat.service.TcpWorkerThread.runIt
  (PoolTcpEndpoint.java:416)
  at org.apache.tomcat.util.ThreadPool$ControlRunnable.run
  (ThreadPool.java:501)
  at java.lang.Thread.run(Thread.java:484)
 
  After a while Tomcat starts failing to respond till it hangs completely.
 
  I've seen Sun's JVM release and already set up the 'work around'
 parameters
  for Linux.
 
  Any other hint ?
 
  Thanks
  Renato.
 
  --
  To unsubscribe, e-mail:
 mailto:[EMAIL PROTECTED]
  For additional commands, e-mail:
 mailto:[EMAIL PROTECTED]
 
 
 --
 To unsubscribe, e-mail:   mailto:tomcat-dev-
[EMAIL PROTECTED]
 For additional commands, e-mail: mailto:tomcat-dev-
[EMAIL PROTECTED]
 
 
 
 

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Documentation for VM crash under Linux

2001-12-06 Thread Renato

Hi all,

I saw people telling about documentation of VM crashes under Linux and that 
there are some workarounds on the release notes. It doesn't seem to be 
there. Could anyone point me out where I could find this docs ?

Thanks
Renato.

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Documentation for VM crash under Linux

2001-12-06 Thread Renato

Hi all,

I saw people telling about documentation of VM crashes under Linux and that 
there are some workarounds on the release notes. It doesn't seem to be 
there. Could anyone point me out where I could find this docs ?

Thanks
Renato.

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Re: Documentation for VM crash under Linux

2001-12-06 Thread Renato

Thanks !!


What about IBM's ? Any issues we shold be aware of ?


 On Thu, 2001-12-06 at 04:55, Renato wrote:
  
  I saw people telling about documentation of VM crashes under Linux and 
that 
  there are some workarounds on the release notes. It doesn't seem to be 
  there. Could anyone point me out where I could find this docs ?
 
 The release notes are available from the J2SE download page.  For J2SE
 1.3.1_01, it's at http://java.sun.com/j2se/1.3/relnotes.html.  The
 Vertual Machine section mentions several problems with various
 versions of Linux.
 
 -- 
 Weiqi Gao
 [EMAIL PROTECTED]
 
 
 --
 To unsubscribe:   mailto:[EMAIL PROTECTED]
 For additional commands: mailto:[EMAIL PROTECTED]
 Troubles with the list: mailto:[EMAIL PROTECTED]
 
 
 
 

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Directory listing vulnerability in Tomcat 3.2

2001-12-03 Thread Renato

Hi all,

Recently I saw in the vuln-dev list a directory
listing vulnerability in Tomcat 3.2.3. It's simple,
just call the URL:

http://yousite/%3f.jsp

Is it fixed in Tomcat 3.2.4 ?

Thanks



--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Re: Directory listing vulnerability in Tomcat 3.2

2001-12-03 Thread Renato

I just downloaded and installed Tomcat 3.2.4 and the problem in on this 
version too.

I think that if you a 404 error page defined, this problem doesn't happen.

Anyway, I think it's a vulnerability.

On Mon Dec  3 11:16:34 2001, Renato [EMAIL PROTECTED] 
escreveu :

 Hi all,
 
 Recently I saw in the vuln-dev list a directory
 listing vulnerability in Tomcat 3.2.3. It's simple,
 just call the URL:
 
 http://yousite/%3f.jsp
 
 Is it fixed in Tomcat 3.2.4 ?
 
 Thanks
 
 
 
 --
 To unsubscribe:   mailto:[EMAIL PROTECTED]
 For additional commands: mailto:[EMAIL PROTECTED]
 Troubles with the list: mailto:[EMAIL PROTECTED]
 
 
 
 

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




R: Catalina Authentication PLS Help !!

2001-11-22 Thread Renato Romano

I found something, but the proposed solution is Instruct users not to
access the login page !!!
Of course that's not good for me... consider, for example, that my login
page could be my HOME page !!
I know there is no portable solution, but one for Tomcat (4) would be ok, if
any...
Thanks
Renato

-Messaggio originale-
Da: Barry White [mailto:[EMAIL PROTECTED]]
Inviato: mercoledì 21 novembre 2001 19.26
A: Tomcat Users List; [EMAIL PROTECTED]
Oggetto: Re: Catalina Authentication PLS Help !!


I remember some discussion about this subject.  Have you searched the
achives?

- Original Message -
From: Renato Romano [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Wednesday, November 21, 2001 12:11 PM
Subject: Catalina Authentication PLS Help !!


 Hi,
 I succesfully configured my webapp for login authentication, but I get
 a Page not Found Error, when a user access DIRECTLY the login page,
 (and not a protected area!!) and correctly gives his username and
 password. Probably Tomcat simply doesn't know WHERE to forward the
 user, because he didn't request a protected page!!
 When using Tomcat 3.2 I solved this by looking at the
 tomcat.auth.originalLocation parameter in the session object, and
 then defining a default value for this attribute when it was not
 set.
 How to do this with Tomcat 4 ??
 Thanks.
 Renato


 --
 To unsubscribe:   mailto:[EMAIL PROTECTED]
 For additional commands: mailto:[EMAIL PROTECTED]
 Troubles with the list: mailto:[EMAIL PROTECTED]





--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




How To Send Users To A Default Page After Form based Login ?

2001-11-21 Thread Renato Romano

Hi all,
I succesfully configured my webapp for login authentication, but I get
a Page not Found Error, when a user access DIRECTLY the login page,
(and not a protected area!!) and correctly gives his username and
password. Probably Tomcat simply doesn't know WHERE to forward the
user, because he didn't request a protected page!!
When using Tomcat 3.2 I solved this by looking at the
tomcat.auth.originalLocation parameter in the session object, and
then defining a default value for this attribute when it was not
set.
How to do this with Tomcat 4 ?? 
Thanks.
Renato


--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




URGENT !!! Please HELP !!!

2001-11-21 Thread Renato Romano

Hi,
I succesfully configured my webapp for login authentication, but I get
a Page not Found Error, when a user access DIRECTLY the login page,
(and not a protected area!!) and correctly gives his username and
password. Probably Tomcat simply doesn't know WHERE to forward the
user, because he didn't request a protected page!!
When using Tomcat 3.2 I solved this by looking at the
tomcat.auth.originalLocation parameter in the session object, and
then defining a default value for this attribute when it was not
set.
How to do this with Tomcat 4 ?? 
Thanks.
Renato


--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




R: form authentication with IIS - j_security_check - error 405 - tomcat 3.2.3

2001-11-21 Thread Renato Romano

I had the same problem with version 3.2.1, but i suppose the workaround is
the same.
Supposed you did all that's said in the tomcat-iis-howto (see docs), you
have to adjust the conf/uriworkermap.properties file, that's where
isapi_redirect.dll gets informations from ...
Following is mine ...
Renato

#
# Simple worker configuration file
#
#/*=ajp12
/j_security_check=ajp12
/servlet/*=ajp12
/*.jsp=ajp12
/whatever_reserved_area/*=ajp12

-Messaggio originale-
Da: Samuel Rochas [mailto:[EMAIL PROTECTED]]
Inviato: mercoledi 21 novembre 2001 16.31
A: Tomcat Users List
Oggetto: form authentication with IIS - j_security_check - error 405 -
tomcat 3.2.3


Hello,

I have troubles using the form authentication for an application running
on the IIS (4.0) with tomcat 3.2.3.

The security example is running fine, that is because it is running
directly with tomcat and not through IIS first. The authentication
mechanism for my application running with the IIS brings an error 405
with the URL:
http://localhost/j_security_check

It seems the IIS does not recognize that it should pass the request to
the isapi_redirect.dll an tries to handle it itself, which brings the
error.

A workaround would be to set as URL for the login page something like:
form-login-pagehttp://localhost:8080/login.jsp/form-login-page
This would enforce the direct use of tomcat. I think it is quite tricky
an would prefer something cleaner here. Any hint?

Sincerly
Samuel Rochas
--
SWIPe Software Engineering  Project Management GmbH

Solutions with Individual Profile

Web: http://www.swipe.de

--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]



--
To unsubscribe:   mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]




Crosscontext tag and security

2001-10-03 Thread Renato Weiner

Hi all,

What are the security concerns of letting
'crossContext=true' in a virtual hosting environment ?


I'm using tomcat 3.2.3.

Thanks
Renato.



__
Do You Yahoo!?
Listen to your Yahoo! Mail messages from any phone.
http://phone.yahoo.com



Caching Login Info in Tomcat 3.2.x

2001-10-02 Thread Renato Romano

Hi,
I would like Tomcat avoiding to access the DB for EVERY ACCESS to a reserved
page. I think the best way to do this (apart from upgrading to Tomcat 4.0
!!) is to store the login info, or maybe just a flag I'm authenticated, in
the session object. Does anyone already made something similar ? Should I
only redefine methods in my Realm object ? Is there some security issue I'm
not taking care of ??
Thanks

Renato




R: Caching Login Info in Tomcat 3.2.x

2001-10-02 Thread Renato Romano

And what about just storing an I'm authenticated flag in the session,
associated with the username (which is already there...) ? This way I have
no problems about password changes... Therefore, i think password is already
stored clearly in the session object as the attribute j_password, isn't it
?

-Messaggio originale-
Da: Randy Layman [mailto:[EMAIL PROTECTED]]
Inviato: martedì 2 ottobre 2001 14.34
A: [EMAIL PROTECTED]
Oggetto: RE: Caching Login Info in Tomcat 3.2.x




 -Original Message-
 From: André de Jesus [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, October 02, 2001 9:03 AM
 To: [EMAIL PROTECTED]
 Subject: Re: Caching Login Info in Tomcat 3.2.x



 If you are using container-managed authentication (the system
 that comes
 with Tomcat, that is configured for each Realm in the file
 server.xml),
 then the user roles and passwords are already automatically
 cached for
 each session (the isUserInrole() function and other similar
 functions do
 not trigger database accesses every time).

Actually that is not correct.  The JdbcRealm class that is provided
with Tomcat does do a database connection for each request.  It never stores
authentication information.

The provided class could be modified to provide the caching
requested, but you would have to recode the Realm (which isn't a big deal).
There is only a security risk if you store passwords unencrypted in memory
and someone has enough access to your system to perform a memory dump (and
then the intelligence of look at the dump and find the Map, List, or array
of authentication credentials).  The biggest problem to watch out for is
removing cached information - it a user changes their password and then
exits the application (either explicitly or implicitly) then you need to
make sure that their cached information is removed before they come back and
try to use their new password.


 If, on the other hand, you are authenticating the users with you own
 authentication system, then you could cache the authentication
 information in a session object (this is exactly what Tomcat does by
 default). Then, all private pages would check if the session object
 exists and if the user has been authenticated before displaying the
 private information.

 The only publicly visible key to this object is the session
 id, so all
 security problems could come from this session key being known to
 intermediate parties. Depending from the security level
 required by your
 application, you could consider setting lower expiration
 times for the
 session (or even explicitly expiring the session once some user
 operations have been successfully completed, with
 setMaxInactiveInterval()), or protecting the http
 communication with SSL.


 Andre de Jesus




 Renato Romano wrote:

 Hi,
 I would like Tomcat avoiding to access the DB for EVERY
 ACCESS to a reserved
 page. I think the best way to do this (apart from upgrading
 to Tomcat 4.0
 !!) is to store the login info, or maybe just a flag I'm
 authenticated, in
 the session object. Does anyone already made something
 similar ? Should I
 only redefine methods in my Realm object ? Is there some
 security issue I'm
 not taking care of ??
 Thanks
 
 Renato
 

 --
 André de Jesus [EMAIL PROTECTED]
 TEKTIX - Consultoria em Sistemas de Informação, L.da
 http://www.tektix.com







Two questions

2001-09-13 Thread Renato


Hi all,

I'm using Tomcat-3.2.3 on Linux, JVM 1.3.1 Sun, AJP13 protocol.

Two quick questions. 

1. I was doing some tests with several contexts/domains. All of them has 
the option 'crossContext=false'. I included about 800 context and when I 
start Tomcat I have about 800 java linux-threads running ! I know this is 
probably a FAQ, but I could find an explanation for this behaviour.

2. I have a very simple servlet that I use to monitor Tomcat ( I execute it 
once every minute and look for errors... and of course I plan to automate 
it :)) ), which is integrated with Apache. I realized sometimes I have 
the 'Internal Server error' from Apache. It's like I keep clicking on the 
refresh button on the browser and in 1 out of 10 clicks I get the error. 
What's happening ? Anybody has seen this behaviour ?

Thanks
Renato.




JAXP 1.1 and Tomcat 3.2.3

2001-08-30 Thread Renato Weiner

Hi all,
 
I'm trying to build Tomcat 3.2.3 with JAXP 1.1 and I
have this error:
 
Buildfile: build.xml
 
BUILD FAILED

javax.xml.parsers.FactoryConfigurationError:
java.lang.ClassNotFoundException:
org.apache.crimson.jaxp.SAXParserFactoryImpl
 at
javax.xml.parsers.SAXParserFactory.newInstance(SAXParserFactory.java:120)
 at
org.apache.tools.ant.ProjectHelper.getParserFactory
(ProjectHelper.java:706)
 at
org.apache.tools.ant.ProjectHelper.parse(ProjectHelper.java:105)
 at

org.apache.tools.ant.ProjectHelper.configureProject(ProjectHelper.java:85)
 at
org.apache.tools.ant.Main.runBuild(Main.java:403)
 at
org.apache.tools.ant.Main.main(Main.java:149)
 
Total time: 0 seconds
java.lang.ClassNotFoundException:
org.apache.crimson.jaxp.SAXParserFactoryImpl
 
Is Tomcat 3.2.3 compatible with JAXP 1.1 ??

Thanks
Renato - Brazil.


__
Do You Yahoo!?
Get email alerts  NEW webcam video instant messaging with Yahoo! Messenger
http://im.yahoo.com



can't start tomcat 4

2001-08-20 Thread Renato Testa

Hello List,

i'm completetly new to tomcat and to this list.
I've installed  the jakarta-tomcat-4.0-b7-src on a Mandrake 8.0 Linux.
I proceeded with the BUILDING.txt-file and could run the ant dist cmd
successfull in the tomcat.home
I've then trying to start tomcat as described, but it fails. I have the
message Exception in thread main java.lang.NoClassDefFoundError:
org/apache/catalina/startup/Bootstrap in the catalina.out file.

not very close to java, what's not found?

Thnx for hints
Renato Testa
-- 
[EMAIL PROTECTED]
ITGarage GmbH Freilagerstrasse 19 CH-8047 Zuerich
www.itgarage.net-



Re: can't start tomcat 4

2001-08-20 Thread Renato Testa

On Mon, Aug 20, 2001 at 07:13:46AM -0400, Rob S. toeggelte:
  I've then trying to start tomcat as described, but it fails. I have the
  message Exception in thread main java.lang.NoClassDefFoundError:
  org/apache/catalina/startup/Bootstrap in the catalina.out file.
 
  not very close to java, what's not found?
 
 Since it's Java, you don't *have* to build it, would have saved yourself a
 lot of time and trouble if you just want to run it, just download the binary
 distro ;)
 
 bootstrap.jar should be in the $CATALINA_HOME/bin directory.
 
 I'm not familiar enough with the TC4 build process to try and troubleshoot
 it =/
 
 - r
 

i just downloaded the binary distro. Works.

Thanx
Renato
-- 
[EMAIL PROTECTED]
ITGarage GmbH Freilagerstrasse 19 CH-8047 Zuerich
www.itgarage.net-



Re: Killing endless loop servlet - howto ? killing JVM or unload class ?

2001-07-12 Thread Renato Weiner
Hi,
Actually I'm testing some time-out features of Tomcat. Users eventually ended up doing endless loops ( like, forgetting to move to nextline in a databaserecord set...). So, what I'm trying to see if there is a patch that could kill the 'offending' threads after a defined time interval.
Thanks
Renato.


 Dmitri Colebatch [EMAIL PROTECTED] wrote: 
Does it intentionally loop forever? If so, creating a new thread and having that do the work (hence returning tomcat's thread to the server) should do the trick.cheersdimOn Sat, 30 Jun 2001 07:28, you wrote: Hi all, I'm rolling out a successful Tomcat instalation in a shared environment ( it's a great software ! ). But I have a concern. I created a servlet that loops forever ( a very stupid one, by the way ). When I executed it, it allocates a Tomcat thread and it just runs forever. If I try to kill it after it consumed, let's say, 30 seconds of processing, it ended up killing the whole JVM. First, I don't know if it's killing a thread is the right approach. Should I do that, without shutdown Tomcat ? Is there a way to set a 'time-out' for a Servlet ? What I can do in this situation ? Is there an Interceptor that can unload this class somehow ? Thanks in advance Renato - Brazil P.S. I'm running Linux, kernel 2.4.3, Tomcat 3.2.2 - Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/Content-Type: text/html; charset="us-ascii"; name="Attachment: 1"Content-Transfer-Encoding: 7bitContent-Description: Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35 
a year!http://personal.mail.yahoo.com/

Re: Killing endless loop servlet - howto ? killing JVM or unload class ?

2001-07-12 Thread Renato Weiner
 Can we register the running thread in the service() method of theServletWrapperobject and then call a thread.interrupt()inthe servlet.destroy method ? So we could stop the thread whereunloading the context. Should this do the work ?
 Roland Carlsson [EMAIL PROTECTED] wrote: 
- Original Message - From: "Endre Stølsvik" <[EMAIL PROTECTED]>To: <[EMAIL PROTECTED]>Sent: Thursday, July 12, 2001 10:50 AMSubject: Re: Killing endless loop servlet - howto ? killing JVM or unload class ? On Thu, 12 Jul 2001, Dmitri Colebatch wrote:  | On Thu, 12 Jul 2001 16:28, you wrote: |  I thought the problem with threads was that you actually _cannot_ kill |  them, even "in Java". I find this stupid, and hope I'm wrong! But |  apparently you can only "ask" the thread to interrupt and check for status |  by using the thread.interrupt(), and isInterrupted() inside the thread. | The purpose of this is to force a two-phase termination, and give the thread | a chance to clean up... its up to the thread programmer to be aware of any | requests for interruption. When you say you can only "ask", you are correct. | I dont see why this prohibits my earlier suggestion though...  How would you stop this thread?  while(true);   --  Mvh, Endre Hi!public booelan running;public void run(){while(running){}}Another thread can then stop the thread by altering running to false. Then the thread will have the possibility to clean after itself.You must ofcourse register the tread somewhere so you can find it but that is another question. Perhpas something to implement at serverlevel so a admin can look for running threads and kill them off...RegardsRoland CarlssonDo You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35 
a year!http://personal.mail.yahoo.com/

Killing endless loop servlet - howto ? killing JVM or unload class ?

2001-07-11 Thread Renato Weiner
Hi all,
I'm rolling out a successful Tomcat instalation in a shared environment ( it's a great software ! ). But I have a concern. 
I created a servlet that loops forever ( a very stupid one, by the way). When I executed it, itallocates a Tomcat thread and it just runs forever. If I try to kill it after it consumed, let's say, 30 seconds of processing, it ended up killing the whole JVM. 
First, I don't know if it's killing a thread is the right approach. Should I do that, withoutshutdown Tomcat? Is there a way to set a 'time-out' for a Servlet ? What I can do in this situation ? Is there an Interceptor that can unload this class somehow ?
Thanks in advance 
Renato - Brazil
P.S. I'm running Linux, kernel 2.4.3, Tomcat 3.2.2Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35 
a year!http://personal.mail.yahoo.com/

Re: Problem running 3.2

2001-07-11 Thread Renato Weiner
 This is not the ideal, but try this:
ln -s /usr/lib/libstdc++-3-libc6.2-2-2.10.0.so /usr/lib/libstdc++-libc6.1-1.so.2
It worked for me.
Renato.
 William Dunning [EMAIL PROTECTED] wrote: 
I've installed Jakarta Tomcat 3.2.2 and the Sun JDK 1.3.1 on an Intel box running Debian Linux (latest version). When I try to run ./bin/Startup.sh it reports that it can't find jdk1.3.1/bin/i386/native_threads/java libstdc++-libc6.1-1.so.2What gives? Apparently it can't find a library it's looking for in the file 'java'. The file exists.Help? Anyone?-- William DunningEnvision, Inc.30600 Telegraph Road, Suite 1160Bingham Farms, MI 48025800-841-4044 voice888-301-4044 FAX[EMAIL PROTECTED]http://www.envision-inc.comDo You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35 
a year!http://personal.mail.yahoo.com/

Tomcat admin resources

2001-07-10 Thread Renato Weiner
Hi all,
I'm looking for some admin resources for Tomcat 3.2.2 in a multi-hosted environment. Are there administration samples, besides the admin.war package that comes with the tar.gz ? 
Is it possible to list the servlets that are currently loaded per context, see how much memory they are taking and do admin stuff like that ?
Thanks in advance
Renato.Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35 
a year!http://personal.mail.yahoo.com/

Tomcat 3.2.2 and Error page 404

2001-07-04 Thread Renato Weiner
Hi all,
I know this has been discussed, but I can't find an ultimate answer on this topic. I'm running Tomcat 3.2.2, I have latest the StaticInterceptor.java from CVS. If I configure my web.xml with a dynamic 404 error ( let's sat 404.jsp) that doesn't exist, I got an endless loop:
2001-07-04 02:10:17 - Ctx( : ): 404 R( + /servlet/xxx + null) JSP file not found2001-07-04 02:10:17 - Ctx( : ): Get real path /404.jsp /home/client1/404.jsp /home/client1
2001-07-04 02:10:17 - Ctx( : ): Get real path /404.jsp /home/client1/404.jsp /home/client1
2001-07-04 02:10:17 - Ctx( : ): Get real path /404.jsp /home/client1/404.jsp /home/client1
Do anybody has a solution for this ?
Thanks 
Renato.Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35 
a year!http://personal.mail.yahoo.com/

Killing endless loop servlet - howto ? killing JVM or unload class ?

2001-07-02 Thread Renato Weiner
Hi all, 
I'm rolling out a successful Tomcat instalation in a shared environment ( it's a great software ! ). But I have a concern. 
I created a servlet that loops forever ( a very stupid one, by the way). When I executed it, itallocates a Tomcat thread and it just runs forever. If I try to kill it after it consumed, let's say, 30 seconds of processing, it ended up killing the whole JVM. 
First, I don't know if it's killing a thread is the right approach. Should I do that, withoutshutdown Tomcat? Is there a way to set a 'time-out' for a Servlet ? What I can doin this situation ? Is there an Interceptor that can unload this class somehow ? 
Thanks in advance 
Renato - Brazil 
P.S. I'm running Linux, kernel 2.4.3, Tomcat 3.2.2Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35 
a year!http://personal.mail.yahoo.com/

RE: Killing endless loop servlet - howto ? killing JVM or unload class ?

2001-07-02 Thread Renato Weiner
OK, no one's answered this yet, so,... First, I don't know if it's killing a thread is the right approach. Should I do that, without shutdown Tomcat ?  So, why are you creating an infinite loop? I mean, if you didn't, you wouldn't have to kill it.
The problem is my environment. Since this is a webhosting, I cannot control what my users do. I'm 100% sure that they will create code that will run forever. I need to find a way to avoid this. If you're generally asking how one can kill threads in Java, you could use java.lang.Thread.stop() (but read the deprecation warning). But as a rule, not creating infinite loops is a much better strategy. Is there a way to set a 'time-out' for a Servlet ? Not the way you mean. You can set a timeout for a session (by modifying your web.xml); but AFAIK, the only way to set a timeout for a request would be on your browser.What about a patch for PoolTcpConnector ? Anyone ?
Thanks !-Original Message-From: Renato Weiner [mailto:[EMAIL PROTECTED]]Sent: Monday, July 02, 2001 6:03 AMTo: [EMAIL PROTECTED]Subject: Killing endless loop servlet - howto ? killing JVM or unload class?Hi all, I'm rolling out a successful Tomcat instalation in a shared environment (it's a great software ! ). But I have a concern. I created a servlet that loops forever ( a very stupid one, by the way ).When I executed it, it allocates a Tomcat thread and it just runs forever.If I try to kill it after it consumed, let's say, 30 seconds of processing,it ended up killing the whole JVM. First, I don't know if it's killing a thread is the right approach. Should Ido that, without shutdown Tomcat ? Is there a way to set a 'time-out' for aServlet ? What I can doin this situation ? Is there an Interceptor that canunload this class somehow ? Thanks in advance Renato - Brazil P.S. I'm running Linux, kernel 2.4.3, Tomcat 3.2.2Do You Yahoo!?Get personalized email addresses from Yahoo! Mail - only $35 a year!http://personal.mail.yahoo.com/Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35 
a year!http://personal.mail.yahoo.com/

RE: Apache can't load mod_jk

2001-06-07 Thread Renato Salazar

Hi Filip,
I have a problem and nobody could help me so far...it 
seems to me you could.
I've configured Apache-Tomcat to use mod_jk and ajp13 
over RedHat7.0 (Apache1.3.19), but they seem to work 
separately, because when I try to 
access /localhost/examples, I get a 103 message
(Forbidden, you don't have permission to 
access /localhost/examples...bla,bla), the same as when 
I don't use Tomcat...but Tomcat works fine because I can 
access to /localhost/examples:8080 and Apache works fine 
too and success loading mod_jk.so.
Do you have any idea??, anything would be helpful.
Thanks in advance. 

Renato

 does this file exist?
 
 /usr/lib/apache/1.3/mod_jk.so
 
 Filip
 
 ~
 Namaste - I bow to the divine in you
 ~
 Filip Hanik
 Software Architect
 [EMAIL PROTECTED]
 www.filip.net 
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]]On Behalf Of 
Steve Doerr
 Sent: Thursday, June 07, 2001 3:06 PM
 To: [EMAIL PROTECTED]
 Subject: Apache can't load mod_jk
 
 
 Hello.
 
 I can't get Apache to start when I uncomment the 
mod_jk load line.
 
 I have the module in the proper directory, but Apache 
(1.3.19) will not
 start if I try to load this module.
 
 Here's what I've tried in httpd.conf:
 
 #LoadModule jk_module /usr/lib/apache/1.3/mod_jk.so
 
 IfModule mod_jk.c
 #The following line is for apacheconfig - DO NOT 
REMOVE!
 JkWorkersFile /etc/apache/mod_jk/workers.properties
 Include /etc/apache/mod_jk/tomcat-auto
 /IfModule
 
 Does anyone have any ideas about what might be wrong, 
or what I might
 check?
 
 Thanks,
 Steve
 
 
 
 
 
 
 

--



RE: Apache can't load mod_jk

2001-06-07 Thread Renato Salazar

No, both Apache and Tomcat are running under root 
user...and with regard to mod_jk.conf-auto, I started 
Tomcat and then made a copy of mod_jk.conf-auto, 
modified my defaults (for ajp13) and path for mod_jk.so, 
renamed it as mod_jk.conf and then included it in 
httpd.conf.
It seems that Apache can load mod_jk.so now(I had a 
problem with mod_jk.so before, had to re-build it 
because Apache couldn't load it) but can´t realize when 
a request belongs to Tomcat...

 are they (tomcat and apache) running under different 
OS users? also did you
 follow the config doc and use mod_jk.conf-auto?
 
 Filip
 
 ~
 Namaste - I bow to the divine in you
 ~
 Filip Hanik
 Software Architect
 [EMAIL PROTECTED]
 www.filip.net
 
 -Original Message-
 From: Renato Salazar [mailto:[EMAIL PROTECTED]]
 Sent: Thursday, June 07, 2001 5:05 PM
 To: [EMAIL PROTECTED]
 Subject: RE: Apache can't load mod_jk
 
 
 Hi Filip,
 I have a problem and nobody could help me so far...it
 seems to me you could.
 I've configured Apache-Tomcat to use mod_jk and ajp13
 over RedHat7.0 (Apache1.3.19), but they seem to work
 separately, because when I try to
 access /localhost/examples, I get a 103 message
 (Forbidden, you don't have permission to
 access /localhost/examples...bla,bla), the same as 
when
 I don't use Tomcat...but Tomcat works fine because I 
can
 access to /localhost/examples:8080 and Apache works 
fine
 too and success loading mod_jk.so.
 Do you have any idea??, anything would be helpful.
 Thanks in advance.
 
 Renato
 
  does this file exist?
 
  /usr/lib/apache/1.3/mod_jk.so
 
  Filip
 
  ~
  Namaste - I bow to the divine in you
  ~
  Filip Hanik
  Software Architect
  [EMAIL PROTECTED]
  www.filip.net
 
  -Original Message-
  From: [EMAIL PROTECTED]
  [mailto:[EMAIL PROTECTED]]On Behalf Of
 Steve Doerr
  Sent: Thursday, June 07, 2001 3:06 PM
  To: [EMAIL PROTECTED]
  Subject: Apache can't load mod_jk
  
  
  Hello.
  
  I can't get Apache to start when I uncomment the
 mod_jk load line.
  
  I have the module in the proper directory, but 
Apache
 (1.3.19) will not
  start if I try to load this module.
  
  Here's what I've tried in httpd.conf:
  
  #LoadModule jk_module /usr/lib/apache/1.3/mod_jk.so
  
  IfModule mod_jk.c
  #The following line is for apacheconfig - DO NOT
 REMOVE!
  JkWorkersFile /etc/apache/mod_jk/workers.properties
  Include /etc/apache/mod_jk/tomcat-auto
  /IfModule
  
  Does anyone have any ideas about what might be 
wrong,
 or what I might
  check?
  
  Thanks,
  Steve
  
  
  
  
 
 
 
 
 --
 
 
 
 
 

--



Re: Apache - Tomcat Examples not working

2001-05-31 Thread Renato Salazar

Hello Steve,

I've tried the way you recommend and it doesn't work 
(but apache and tomcat work fine separately)...besides 
as far as i'm concerned Tomcat-Apache is suppoused to 
work only modifying mod_jk.conf (mod_jk.conf-auto) and 
httpd.conf files.
I have the same problem than Phillip but I got 403 
(Forbidden. You don't have permission to 
access /examples directory), the same as I don't use 
Tomcat, either Apache can't connect Tomcat or Apache 
don't realize what requests belong to Tomcat (it 
definitely has to do with mod_jk.so connector).
Also, I'd like to know if I have to change any line 
(wherever) after enabling ajp13 if I want it to be my 
default.
Thanks in advance.

Renato

ps: I don't have SSL enabled, could it be the problem??

 Phillip,
 
 Tomcat uses port 8080 as a default; 8080 is not,
 however the default http port.
 So http://localhost/examples/servlet/HelloWorldExample
 is actually equivalent to 
 
http://localhost:8000/examples/servlet/HelloWorldExample
 (8000 is the default port for http used by most
 browsers).  Tomcat's listening on 8080, so it doesn't
 respond.
 
 you need to edit the server.xml file to change the
 port number that Tomcat listens on.  See the faq at 
 http://jakarta.apache.org:8080/jyve-
faq/Turbine/screen/DisplayQuestionAnswer/action/SetAll/pr
oject_id/2/faq_id/12/topic_id/42/question_id/389
 for details on how to do it.
 
 --steve
 
 
 --- [EMAIL PROTECTED] wrote:
  I'm running Tomcat 3.2.1  Apache on Linux and I'm
  having a problem w/ the examples.
  They work if I use
 
 
http://localhost:8080/examples/servlet/HelloWorldExample
  however if I use
  http://localhost/examples/servlet/HelloWorldExample
  I get a 404 (the same w/ the sample JSP pages as
  well).
  
  Since I am attempting to have Apache serve Static
  content and Tomcat serve JSP's I have already
  installed mod_jk and am using the stock
  mod_jk.conf-auto include in my httpd.conf file..
  
  Is there something I'm missing?
  
  Thanks in advance.
  -Phillip
 
 
 
 __
 Do You Yahoo!?
 Get personalized email addresses from Yahoo! Mail - 
only $35 
 a year!  http://personal.mail.yahoo.com/
 
 
 
 
 
 

--



Virtual Hosting and security

2001-05-24 Thread Renato Weiner
Hi all, 
I know this is a quite common subject but I didn't find any ultimate answer. In a shared hosting environment, how can I prevent clientX to read files from clientY ? 
- java.policy doesn't cover this. If I use grant codeBase 'file:/...' or 'http://', it doesn't work. 
- can I override SecurityManager ? If so, how can I know which JSP/Servlets is trying to read a file ? ( inside the methgd checkRead I now the file... If I know the absolute path I can compare the location of the reader and the file being read ) 
Did anybody make a secure shared-hosting environment  
I do not want to use a private JVM for each client, because it's too expensive. 
Thanks in advance 
Renato - Brazil. Do You Yahoo!?
Yahoo! Auctions $2 Million Sweepstakes  -  Got something to sell?

  1   2   >