Re: COMET - Delays in output
Can you run the comet code-example chat success? I tried many times ,it don't work in tomcat6.0.13 I just try straight the url http://localhost:8080/examples/jsp/chat/login.jsp and also modify the server.xml ,change the protocol by org.apache.coyote.http11.Http11NioProtocol Are there other worksI did not do ? And I also debug it, it seems there is something wrong when execute the line response.sendRedirect(post.jsp); the page *login.jsp* just stop util the comet session time out,then the page rediect to *post.jsp* ** everybody help me ,thanks regards. john 2007/7/27, FelixG [EMAIL PROTECTED]: Hi, I'm trying to implement the comet code-example from the Tomcat documentation, using Tomcat 6.0.13, Http11NioProtocol is working and my servlet is implementing CometProcessor. I am trying to write into the response's PrintWriter with this code in event(): if (event.getEventType() == CometEvent.EventType.BEGIN) { PrintWriter writer = response.getWriter(); writer.println(!doctype html public \-//w3c//dtd html 4.0 transitional//en\); writer.println(headtitleChat Servlet/title/head + body bgcolor=\#FF\ + new Date()+ ); writer.flush(); } ... At this point I am experiencing a delay according to the value of the comet.timeout parameter before the data is actually arriving at the client (even though flush() should send it immediately). Could someone please point me to an explanation of this behavior? Regards, felix -- View this message in context: http://www.nabble.com/COMET---Delays-in-output-tf4158481.html#a11831204 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Permissions
Hello! I'm working with tomcat 5.5.9 on Windows XP. I'm experiencing a strange problem with paths and permissions. I start catalina.bat start -security and assume that the catalina would read permissions from the catalina.policy file in the conf directory. I grant permissions to the mysql-connector*.jar grant codeBase file:${catalina.home}/webapps/ROOT/mysql-connector-java-3.1.14-bin.jar { permission java.security.AllPermission; //permission java.net.SocketPermission 127.0.0.1:3306, connect,resolve; }; but still get the error message: MESSAGE: java.security.AccessControlException: access denied (java.net.SocketPermission 137.250.38.190:3306 connect,resolve) STACKTRACE: java.net.SocketException: java.security.AccessControlException: access denied (java.net.SocketPermission 137.250.38.190:3306 connect,resolve) at com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.java:156) at com.mysql.jdbc.MysqlIO.init(MysqlIO.java:284) at com.mysql.jdbc.Connection.createNewIO(Connection.java:2569) at com.mysql.jdbc.Connection.init(Connection.java:1485) at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266) at java.sql.DriverManager.getConnection(Unknown Source) at java.sql.DriverManager.getConnection(Unknown Source) at GUI.DBWrapper.init(DBWrapper.java:40) at GUI.CeisApplet.init(CeisApplet.java:47) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) at java.lang.reflect.Constructor.newInstance(Unknown Source) at java.lang.Class.newInstance0(Unknown Source) at java.lang.Class.newInstance(Unknown Source) at sun.applet.AppletPanel.createApplet(Unknown Source) at sun.plugin.AppletViewer.createApplet(Unknown Source) at sun.applet.AppletPanel.runLoader(Unknown Source) at sun.applet.AppletPanel.run(Unknown Source) at java.lang.Thread.run(Unknown Source) ** END NESTED EXCEPTION ** Last packet sent to the server was 0 ms ago. at com.mysql.jdbc.Connection.createNewIO(Connection.java:2643) at com.mysql.jdbc.Connection.init(Connection.java:1485) at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266) at java.sql.DriverManager.getConnection(Unknown Source) at java.sql.DriverManager.getConnection(Unknown Source) at GUI.DBWrapper.init(DBWrapper.java:40) at GUI.CeisApplet.init(CeisApplet.java:47) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) at java.lang.reflect.Constructor.newInstance(Unknown Source) at java.lang.Class.newInstance0(Unknown Source) at java.lang.Class.newInstance(Unknown Source) at sun.applet.AppletPanel.createApplet(Unknown Source) at sun.plugin.AppletViewer.createApplet(Unknown Source) at sun.applet.AppletPanel.runLoader(Unknown Source) at sun.applet.AppletPanel.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Although the paths should be correct, the permissions are not granted. What do I miss? Cheers Alexander -- Ist Ihr Browser Vista-kompatibel? Jetzt die neuesten Browser-Versionen downloaden: http://www.gmx.net/de/go/browser - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: COMET - Delays in output
After looking at the TCP packets I can say this: The use of flush() in COMET *does* push data-packets immediately to the client, but it seems that the client (in my case a browser) doesn't recognize/display them until the outputstream is closed due to an ERROR/TIMEOUT or until I call close() manually for the stream. felix Filip Hanik - Dev Lists wrote: flush should push out the data for you. If not, please open a bugzilla item and attach the test case http://issues.apache.org/bugzilla/enter_bug.cgi?product=Tomcat%206 Filip - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/COMET---Delays-in-output-tf4158481.html#a11941558 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Confusion about tomcat security bulletin
Dear All, Our company have an application use tomcat 5.0.27 and can't upgrade the version. I'm very concern about the security issue relate to this version. Now I have some confusion about tomcat security bulletin http://tomcat.apache.org/security-5.html http://tomcat.apache.org/security-5.html . For example: Fixed in Apache Tomcat 5.5.23, 5.0.HEAD important: Information disclosure CVE-2005-2090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 Requests with multiple content-length headers should be rejected as invalid. When multiple components (firewalls, caches, proxies and Tomcat) process a sequence of requests where one or more requests contain multiple content-length headers and several components do not reject the request and make different decisions as to which content-length leader to use an attacker can poision a web-cache, perform an XSS attack and obtain senstive information from requests other then their own. Tomcat now returns 400 for requests with multiple content-length headers. Affects: 5.0.0-5.0.30, 5.5.0-5.5.22 -- This issue does affect 5.0.27, but Fixed in Apache Tomcat 5.5.23, 5.0.HEAD . Does 5.0.HEAD include 5.0.27 itself? If so does it mean when I get new release 5.0.27 from tomcat website then the issue will be fixed? And if new issue has been report such as moderate: Cross-site scripting CVE-2007-1355 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355 , it also affects 5.0.27 and Fixed in 5.0.HEAD, does it mean I must get 5.0.27 from tomcat website agagin to fixed this issue? Look forward your answer and Thans a lot! Best regards, Cheng Jianhua
RE: Confusion about tomcat security bulletin
Rainer, OK, I see now. Thank you very much! Best regards, Cheng Jianhua -Original Message- From: Rainer Jung [mailto:[EMAIL PROTECTED] Sent: 2007年8月1日 16:35 To: Tomcat Users List Subject: Re: Confusion about tomcat security bulletin 5.0.HEAD is the most actual, non-released version of the 5.0 code branch. So this means, the problem will be fixed in any new 5.0 release. Currently there are no plans do do a new 5.0 release. So if security is a real concern for you, you should upgrade to at least 5.5 (which shouldn't be a big deal) or to 6.0. If you can't upgrade and you must fix the issue, you will need to build from the source (which is a little painful for TC 5.0). Regards, Rainer CHENG Jianhua wrote: Dear All, Our company have an application use tomcat 5.0.27 and can't upgrade the version. I'm very concern about the security issue relate to this version. Now I have some confusion about tomcat security bulletin http://tomcat.apache.org/security-5.html http://tomcat.apache.org/security-5.html . For example: -- -- Fixed in Apache Tomcat 5.5.23, 5.0.HEAD important: Information disclosure CVE-2005-2090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 Requests with multiple content-length headers should be rejected as invalid. When multiple components (firewalls, caches, proxies and Tomcat) process a sequence of requests where one or more requests contain multiple content-length headers and several components do not reject the request and make different decisions as to which content-length leader to use an attacker can poision a web-cache, perform an XSS attack and obtain senstive information from requests other then their own. Tomcat now returns 400 for requests with multiple content-length headers. Affects: 5.0.0-5.0.30, 5.5.0-5.5.22 -- -- -- -- -- This issue does affect 5.0.27, but Fixed in Apache Tomcat 5.5.23, 5.0.HEAD . Does 5.0.HEAD include 5.0.27 itself? If so does it mean when I get new release 5.0.27 from tomcat website then the issue will be fixed? And if new issue has been report such as moderate: Cross-site scripting CVE-2007-1355 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355 , it also affects 5.0.27 and Fixed in 5.0.HEAD, does it mean I must get 5.0.27 from tomcat website agagin to fixed this issue? Look forward your answer and Thans a lot! Best regards, Cheng Jianhua - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Confusion about tomcat security bulletin
5.0.HEAD is the most actual, non-released version of the 5.0 code branch. So this means, the problem will be fixed in any new 5.0 release. Currently there are no plans do do a new 5.0 release. So if security is a real concern for you, you should upgrade to at least 5.5 (which shouldn't be a big deal) or to 6.0. If you can't upgrade and you must fix the issue, you will need to build from the source (which is a little painful for TC 5.0). Regards, Rainer CHENG Jianhua wrote: Dear All, Our company have an application use tomcat 5.0.27 and can't upgrade the version. I'm very concern about the security issue relate to this version. Now I have some confusion about tomcat security bulletin http://tomcat.apache.org/security-5.html http://tomcat.apache.org/security-5.html . For example: Fixed in Apache Tomcat 5.5.23, 5.0.HEAD important: Information disclosure CVE-2005-2090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 Requests with multiple content-length headers should be rejected as invalid. When multiple components (firewalls, caches, proxies and Tomcat) process a sequence of requests where one or more requests contain multiple content-length headers and several components do not reject the request and make different decisions as to which content-length leader to use an attacker can poision a web-cache, perform an XSS attack and obtain senstive information from requests other then their own. Tomcat now returns 400 for requests with multiple content-length headers. Affects: 5.0.0-5.0.30, 5.5.0-5.5.22 -- This issue does affect 5.0.27, but Fixed in Apache Tomcat 5.5.23, 5.0.HEAD . Does 5.0.HEAD include 5.0.27 itself? If so does it mean when I get new release 5.0.27 from tomcat website then the issue will be fixed? And if new issue has been report such as moderate: Cross-site scripting CVE-2007-1355 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355 , it also affects 5.0.27 and Fixed in 5.0.HEAD, does it mean I must get 5.0.27 from tomcat website agagin to fixed this issue? Look forward your answer and Thans a lot! Best regards, Cheng Jianhua - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Permissions
Looks like the path to your jar file is wrong. grant codeBase file:${catalina.home}/webapps/ROOT/WEB-INF/lib/mysql-connector-java-3.1.14-bin.jar { permission java.security.AllPermission; } or to pull an example from the catalina.policy file distributed with tomcat: grant codeBase jar:file:${catalina.home}/webapps/ROOT/WEB-INF/lib/mysql-connector-java-3.1.14-bin.jar!/- { permission java.net.SocketPermission 137.250.38.190:3306, connect ; permission java.net.SocketPermission 127.0.0.1:3306, connect ; } In either case, you missed WEB-INF/lib in your path to the jar file. If you jar file is really in webapps/ROOT as described below, it won't even be loaded by tomcat. --David Alexander Osherenko wrote: Hello! I'm working with tomcat 5.5.9 on Windows XP. I'm experiencing a strange problem with paths and permissions. I start catalina.bat start -security and assume that the catalina would read permissions from the catalina.policy file in the conf directory. I grant permissions to the mysql-connector*.jar grant codeBase file:${catalina.home}/webapps/ROOT/mysql-connector-java-3.1.14-bin.jar { permission java.security.AllPermission; //permission java.net.SocketPermission 127.0.0.1:3306, connect,resolve; }; but still get the error message: MESSAGE: java.security.AccessControlException: access denied (java.net.SocketPermission 137.250.38.190:3306 connect,resolve) STACKTRACE: java.net.SocketException: java.security.AccessControlException: access denied (java.net.SocketPermission 137.250.38.190:3306 connect,resolve) at com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.java:156) at com.mysql.jdbc.MysqlIO.init(MysqlIO.java:284) at com.mysql.jdbc.Connection.createNewIO(Connection.java:2569) at com.mysql.jdbc.Connection.init(Connection.java:1485) at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266) at java.sql.DriverManager.getConnection(Unknown Source) at java.sql.DriverManager.getConnection(Unknown Source) at GUI.DBWrapper.init(DBWrapper.java:40) at GUI.CeisApplet.init(CeisApplet.java:47) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) at java.lang.reflect.Constructor.newInstance(Unknown Source) at java.lang.Class.newInstance0(Unknown Source) at java.lang.Class.newInstance(Unknown Source) at sun.applet.AppletPanel.createApplet(Unknown Source) at sun.plugin.AppletViewer.createApplet(Unknown Source) at sun.applet.AppletPanel.runLoader(Unknown Source) at sun.applet.AppletPanel.run(Unknown Source) at java.lang.Thread.run(Unknown Source) ** END NESTED EXCEPTION ** Last packet sent to the server was 0 ms ago. at com.mysql.jdbc.Connection.createNewIO(Connection.java:2643) at com.mysql.jdbc.Connection.init(Connection.java:1485) at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266) at java.sql.DriverManager.getConnection(Unknown Source) at java.sql.DriverManager.getConnection(Unknown Source) at GUI.DBWrapper.init(DBWrapper.java:40) at GUI.CeisApplet.init(CeisApplet.java:47) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) at java.lang.reflect.Constructor.newInstance(Unknown Source) at java.lang.Class.newInstance0(Unknown Source) at java.lang.Class.newInstance(Unknown Source) at sun.applet.AppletPanel.createApplet(Unknown Source) at sun.plugin.AppletViewer.createApplet(Unknown Source) at sun.applet.AppletPanel.runLoader(Unknown Source) at sun.applet.AppletPanel.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Although the paths should be correct, the permissions are not granted. What do I miss? Cheers Alexander - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Vista woes....
Sometimes the environment is so mucked I start tomcat $CATALINA_HOME/bin/java -jar bootstrap.jar I agree with chuck that spurious jars in your CLASSPATH will obfuscate your objective I find its helpful to understand when your jars get loaded (more specifically by which CLASSPATH) http://tomcat.apache.org/tomcat-5.5-doc/printer/class-loader-howto.html FWIW Martin-- This email message and any files transmitted with it contain confidential information intended only for the person(s) to whom this email message is addressed. If you have received this email message in error, please notify the sender immediately by telephone or email and destroy the original message without making a copy. Thank you. - Original Message - From: Caldarale, Charles R [EMAIL PROTECTED] To: Tomcat Users List users@tomcat.apache.org Sent: Sunday, July 29, 2007 11:52 PM Subject: RE: Vista woes From: news [mailto:[EMAIL PROTECTED] On Behalf Of maya Subject: Vista woes for Tomcat I have set CLASSPATH thus: set CLASSPATH=.;apache-tomcat-5.5.23\common\lib\servlet-api.jar;ap ache-tomcat-5.5.23\common\lib\jsp-api.jar Get rid of the CLASSPATH - it need not and should not be set for running Tomcat. What you have above will certainly cause problems, since critical jars are now visible to multiple classloaders. If you have APR installed (bin\tcnative-1.dll), remove it for initial testing. Are you trying to run Tomcat as a service or via bin\startup.bat? (If you have no startup.bat, get the .zip download and install that instead of the .exe version.) Debug with the scripts first, before attempting to run Tomcat as a service. When run from the script, what do the command prompt windows show? What's in Tomcat's logs directory? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
OT Re: How to do this
Varuna- Your analysis that the poster is angry needs to be adjusted What Gregor is speaking of is that many of us on this list provide advice for free Those of us (who are not independently wealthy) have an immediate need to find a way to acquire compensation for working proposals Since free advice does not either pay bills or buy food then employing the algorithm Free first time...next time an Invoice seems like a more than fair compensation algorithm Martin-- This email message and any files transmitted with it contain confidential information intended only for the person(s) to whom this email message is addressed. If you have received this email message in error, please notify the sender immediately by telephone or email and destroy the original message without making a copy. Thank you. - Original Message - From: Varuna Seneviratna [EMAIL PROTECTED] To: Tomcat Users List users@tomcat.apache.org Sent: Monday, July 30, 2007 2:01 PM Subject: Re: How to do this Thank you very much Gregor for your anger wrapped help with all the RESPECT Varuna On 7/27/07, Gregor Schneider [EMAIL PROTECTED] wrote: ok, this information is for free, the next one you'll have to pay me for: they keys of software.distributions are check-sums over the program-archives (like zip, tgz etc.). those check-sums usually are calculated using a program like pgp (pretty good privacy) or the free version from the gnu-software-foundation (gpg - that was the link i posted recently). so what you have to do is to install gpg or pgp first. having installed one of those programs and once knowing your ways around there, you should be able to understand the usage of those keys (checksums) that are used in apache software-distributions and many more products. btw., you do not necessarily have to check those tomcat-archives - only, if you're paranoid or if you want to setup a production-server... what i really dislike is somebody like you giving the list 2 miserable words please help, then asking the list for a step-by-step-instruction. you should at least show some effort to sort out things yourself first! ppl in this list are busy earning their dollars / euros, and when they help you, they offer time and effort to do so. therefore, show at least some RESPECT and try to solve the problem yourself. If you're in a deadend, ppl here will be happy to help you. Therefore, may last tip for you: - If you just want to play around with Tomcat: download it, forget about the keys and be happy - If you're a stud and your prof asked you to verify the download, either go to the link I've posted above, read about public/private-key-principles, download gpg and try to understand the software. If you don't understand anything about public/private-keys, let your prof know. - if this is a requirement from a customer: simply tell your customer that you don't know nothing about the basics of informatics and let him know to better get someone else for the job Gregor -- what's puzzlin' you, is the nature of my game gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How to have some webapps use IIS security and some not?
Hi, This is a nasty problem but I hope someone out there has figured it out. We have been using tomcat 5.5.17, IIS 6, and JK2 happily for about a year now. Up to this point, we have not used IIS directory security to pass the NT username to tomcat. Some of our webapps have no security requirements, some have their own security mechanism, but now we have one that would benefit from pulling the NT username from IIS. I have gotten all that to work fine on localhost, getRequest().getRemoteUser() returns exactly what I want. The issue is that on the actual server, it's either all or nothing. In IIS the Jakarta virtual directory either has security or not. I can't specify it at the webapp level. So I thought maybe I could have two tomcat instances on the same machine, one Jakarta directory w/o security, and the other with it turned on. I was able to get both instances installed, but I can't get the second (secure) one connected to IIS. I spent a good bit of time with this yesterday and have gotten pretty close. I actually hex edited the second isapi_redirector2.dll to change the registry key to point to Isapi Rediretor\2.1 instead of Isapi Redirector\2.0. That allowed me to have two instances pointing to c:\tomcat and c:\tomcat-sec ... I could have just rebuilt the thing from source but am too busy/lazy to sit through the visual studio install yet again ... that seriously takes like 45 minutes J So I got to that point where everything should work right? Well sort of, the second filter at the bottom of the order in IIS works. The first one just hangs. If I switch the order, the other one works fine and the one that was working breaks. I ran across this which looks like a similar problem with jk1 http://issues.apache.org/bugzilla/show_bug.cgi?id=34584 Just wondering if anyone out there can give me some ideas. Maybe two tomcat instances is not the way to go and there is a better solution. I just need to figure out how to have some webapps be able to pull the NT name and some not. Thanks for any help John
Re: Recovery from OutOfMemoryError?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chuck, Caldarale, Charles R wrote: From: Christopher Schultz [mailto:[EMAIL PROTECTED] Subject: Re: Recovery from OutOfMemoryError? (Sorry for not responding sooner. Went out to dinner and to see the Spider Pig movie :-) Nice. ;) Actually, my past experience has been that it's the GC thread that OOMEs, not a worker thread. Assuming we're talking about a current HotSpot-based JVM, the threads doing GCs cannot get OOMEs, since they are dedicated to doing just GC operations, and never do any object allocations themselves. On older JVMs (and some from other vendors), the thread that initially encounters an allocation failure also does the GC; if the GC fails to recover enough memory, it can generate an OOME for itself. Like I said, it's been a lng time since I've had to worry about OOMEs that didn't result from honestly having too small of a heap to handle the program's needs. It was probably a 1.3 JVM or something like that. It has always been my understanding that a JVM that suffers an OOME is all but done for. The JVM itself doesn't care about any exceptions thrown at the application. There are certainly a ton of applications that handle such error conditions very badly, and hang themselves up by doing such things as trying to display messages rather than nulling out now useless references. Some of the stress-testing of our JVM involves running apps designed to provoke OOMEs; these readily recover and keep on truckin'. Right. Which JVM are you working on, though? One of the mainstream ones? Or something designed to be super high-availability (not that the mainstream ones aren't...)? The OP would seem to corroborate this claim, since it sounds like his whole app server becomes unresponsive once he gets an OOME (hence the early morning phone calls). The supposed timing of the phone calls leaves me somewhat skeptical; what are they running where the peak load occurs at 3 AM? I had thought of that, and it didn't make a whole lot of sense to me. The only conclusion that I could draw was that some user (or several users) caused the OOME and permanently disabled the server. At 03:00 (or so) other users, perhaps in a different timezone, started trying to use the server and found it unresponsive. Then again, maybe he runs an adult website that gets most of its traffic at 3 in the morning. If not, whoever he works for needs to get a more geographically diverse tech support team ;) If your assertion (OOMEs can be ignored, since only one allocation fails and the rest of the VM is fine) were true, then the OP would not be getting any calls in the middle of the night: the user would simply re-try the request and (hopefully) get a result the second time. That's not what I said at all. Sorry. I was trying to recap a nuanced position in a single sentence. Each logical module should be designed to handle such situations, typically by discarding what has been done up to the point of failure, and then returning an error to its caller. What is likely to have happened instead in the OP's case is that the app encountering the OOME had no provision at all for error recovery, and simply quit, leaving many now useless objects around with live references to them. It may have even made matters worse by trying to generate an error message of some sort. I'm guessing he's running a webapp, and that one of the request worker threads got an OOME. Most webapp requests are idempotent (or should be), and those that aren't are generally wrapped around database or other transactions. Assuming I'm right (which is frequently dangerous), one failed request should not affect the rest of the application. Any locally-instantiated objects should be ripe for collection, including any of the big ones that probably caused the OOME in the first place. The server should keep going, right? For some reason, it doesn't. Maybe he's busting his PermGen, but that's unlikely since he says it only happens under peak load. So, what is the likely cause of the tech support call? The server must have gone down, right? If it wasn't the servlet, and it wasn't Tomcat, and it wasn't the JVM, what brought caused the outage? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGsI4i9CaO5/Lv0PARAiFZAJoCEmn46zAr01MbSYygabxyHMR7uACgjMoG BruXyXOAzRPhJYY7M/0R0qQ= =ejah -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Recovery from OutOfMemoryError?
On 01/08/2007, at 3:44 PM, Christopher Schultz wrote: I'm guessing he's running a webapp, and that one of the request worker threads got an OOME. Most webapp requests are idempotent (or should be), and those that aren't are generally wrapped around database or other transactions. Assuming I'm right (which is frequently dangerous), one failed request should not affect the rest of the application. Any locally-instantiated objects should be ripe for collection, including any of the big ones that probably caused the OOME in the first place. The server should keep going, right? It sounds as if the original poster doesn't really have much to say about how the thing is programmed, and is trying to find a solution to his problem, which is being called at 3am. Swatch keeping its eyes on catalina.out and then calling killall -9 java, ./bin/startup.sh should solve this. As for the rest of the memory issues - Catching OOM doesn't help you really, as Tomcat does not catch OOM - it throws it all the way up to the top, at which stage the JVM dies. IE: Your thread uses all the memory - tomcat now receives a new request, tries to allocate memory for a new object - poof. Even though your code deals nicely with the OOM situation, tomcat doesn't. Cheers Andrew PS: I can't wait for the day where Java gets pointers and the sizeof operator... smile - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Recovery from OutOfMemoryError?
From: Christopher Schultz [mailto:[EMAIL PROTECTED] Subject: Re: Recovery from OutOfMemoryError? I generally think of this as failure return as simply allowing the exception to propagate. That can work, but since OOMEs don't require throws declarations on methods, it's usually better for the lump of code that took the original hit to wrapper the OOME in something unique to the function. This also helps in getting the programmers who write code that calls the lump in question to think about the issue. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Permissions
Good Morning Alexander in $CATALINA_HOME/conf/catalina.policy your environment is currently pointing to 127.0.0.1:8080 You will need to change this to 137.250.38.190:8080 I would suggest that you implement local (127.0.0.1) first then re-implement on other servers e.g. 137.250.38.190 HTH/ Martin Gainty __ Disclaimer and confidentiality note Everything in this e-mail and any attachments relates to the official business of Sender. This transmission is of a confidential nature and Sender does not endorse distribution to any party other than intended recipient. Sender does not necessarily endorse content contained within this transmission. Hello! I'm working with tomcat 5.5.9 on Windows XP. I'm experiencing a strange problem with paths and permissions. I start catalina.bat start -security and assume that the catalina would read permissions from the catalina.policy file in the conf directory. I grant permissions to the mysql-connector*.jar grant codeBase file:${catalina.home}/webapps/ROOT/mysql-connector-java-3.1.14-bin.jar { permission java.security.AllPermission; //permission java.net.SocketPermission 127.0.0.1:3306, connect,resolve; }; but still get the error message: MESSAGE: java.security.AccessControlException: access denied (java.net.SocketPermission 137.250.38.190:3306 connect,resolve) STACKTRACE: java.net.SocketException: java.security.AccessControlException: access denied (java.net.SocketPermission 137.250.38.190:3306 connect,resolve) at com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.java:156) at com.mysql.jdbc.MysqlIO.init(MysqlIO.java:284) at com.mysql.jdbc.Connection.createNewIO(Connection.java:2569) at com.mysql.jdbc.Connection.init(Connection.java:1485) at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266) at java.sql.DriverManager.getConnection(Unknown Source) at java.sql.DriverManager.getConnection(Unknown Source) at GUI.DBWrapper.init(DBWrapper.java:40) at GUI.CeisApplet.init(CeisApplet.java:47) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) at java.lang.reflect.Constructor.newInstance(Unknown Source) at java.lang.Class.newInstance0(Unknown Source) at java.lang.Class.newInstance(Unknown Source) at sun.applet.AppletPanel.createApplet(Unknown Source) at sun.plugin.AppletViewer.createApplet(Unknown Source) at sun.applet.AppletPanel.runLoader(Unknown Source) at sun.applet.AppletPanel.run(Unknown Source) at java.lang.Thread.run(Unknown Source) ** END NESTED EXCEPTION ** Last packet sent to the server was 0 ms ago. at com.mysql.jdbc.Connection.createNewIO(Connection.java:2643) at com.mysql.jdbc.Connection.init(Connection.java:1485) at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266) at java.sql.DriverManager.getConnection(Unknown Source) at java.sql.DriverManager.getConnection(Unknown Source) at GUI.DBWrapper.init(DBWrapper.java:40) at GUI.CeisApplet.init(CeisApplet.java:47) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) at java.lang.reflect.Constructor.newInstance(Unknown Source) at java.lang.Class.newInstance0(Unknown Source) at java.lang.Class.newInstance(Unknown Source) at sun.applet.AppletPanel.createApplet(Unknown Source) at sun.plugin.AppletViewer.createApplet(Unknown Source) at sun.applet.AppletPanel.runLoader(Unknown Source) at sun.applet.AppletPanel.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Although the paths should be correct, the permissions are not granted. What do I miss? Cheers Alexander -- Ist Ihr Browser Vista-kompatibel? Jetzt die neuesten Browser-Versionen downloaden: http://www.gmx.net/de/go/browser - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ http://imagine-windowslive.com/hotmail/?locale=en-usocid=TXT_TAGHM_migration_HM_mini_2G_0507 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat with/without Tomcat native library
Hi Bill and all, not sure what is the right way for comparison between using and not using APR. I tried Apache ab tool like this: ab -c 4 -n 1 http://localhost:8080/favicon.ico And I don't see any difference. Actually it might be little bit slower with APR. The file size is 21630, so it should use sendfile then (well actually our APR doesn't use sendfile at the moment as far as I know). And the other issue is stability with APR. When I configure Tomcat to use SSL via APR it works for simple requests. But using huge amount of requests with ab it will fail (and tomcat is no longer responding to any request): bash-3.00# /usr/apache2/bin/ab -c 4 -n 1 https://localhost:443/favicon.ico This is ApacheBench, Version 2.0.40-dev $Revision: 1.146 $ apache-2.0 Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/ Copyright 2006 The Apache Software Foundation, http://www.apache.org/ Benchmarking localhost (be patient) SSL handshake failed (5). Test aborted after 10 failures apr_socket_connect(): Connection refused (146) Total of 1 requests completed -- Any comment to this? Petr Bill Barker wrote: Petr Sumbera [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi Guys, Does anybody have experience or even better some numbers comparing performance of Tomcat running with and without Tomcat native library (libtcnative-1)? I don't see any comparable difference so far (using TC 5.5.23, Native Library 1.1.10, Solaris/i386). On Solaris there wasn't a big difference last time I profiled it. On Solaris, it doesn't cost much to have a large number of threads blocking on input, so you don't get a lot from the APR Poller. Also, the Solaris JVM is pretty optimized for the OS. From testing with the AJP Connectors, you might have noticible improvements with TC 6 and the NIO Connector on Solaris, but I haven't profiled it myself. It's with Linux boxes (I haven't seen reports for other *nixs) with older kernels that you see the most improvement when using the APR Connector. Cheers, Petr - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Recovery from OutOfMemoryError?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chuck, Caldarale, Charles R wrote: From: Christopher Schultz [mailto:[EMAIL PROTECTED] Subject: Re: Recovery from OutOfMemoryError? Are you suggesting that all methods should be written as a loops around attempts to do real work, catching OOME and re-trying until the work gets done? Sort of, but not at the method level - something on a larger scale. Think recoverable database operations, where nothing is permanently stored until a commit happens. And perpetual retry isn't needed - just a failure return to the caller. I generally think of this as failure return as simply allowing the exception to propagate. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGsIuK9CaO5/Lv0PARAgchAJwNisfWQClMub7qmUj8/smKxbonVwCfQDrb bwYmaWlh5u+7gClpLMq41KI= =iOsg -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: how to setting up SSL for a specific page
From: is_maximum [mailto:[EMAIL PROTECTED] Subject: RE: how to setting up SSL for a specific page I need only login page to be secured not all the pages after that This is a harder problem, since switching back to HTTP after authenticating via HTTPS opens a security hole. However, you may be able to use this with good effect: http://securityfilter.sourceforge.net/ For background, take a look at these threads: http://marc.info/?l=tomcat-userm=118313590123430w=2 http://marc.info/?l=tomcat-userm=117515290507605w=2 http://marc.info/?l=tomcat-userm=117010975112868w=2 - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Log4j errors on Tomcat6 startup
Thanks Juha, But if we remove log4j from WEB-INF\lib we can't separate the messages from the different webapps, we just end up with one log file. Also we don't get any further errors reported. The Tomcat 6 docs talks about setting up common logging and then goes on to say: Your web applications should certainly use their own log4j configuration. This is valid with the above configuration. You would place a similar log4j.properties file in your web application's WEB-INF/classes folder, and log4j1.2.8.jar into WEB-INF/lib. Then specify your package level logging. This is a basic setup of log4j which does *not* require Commons-Logging So we aren't doing anything unusual. Debugging the log4j we can see it loading all jars and all properties files. We have also noticed that although we get messages in the correct log files they only seem to be from context listener classes and nothing else. Any other way to get separate log files for each webapp? Mark -Original Message- From: Juha Laiho [mailto:[EMAIL PROTECTED] Sent: 16 July 2007 07:36 To: Tomcat Users List Subject: Re: Log4j errors on Tomcat6 startup Mark Faircloth wrote: We are in the process of migrating from 5.5 to 6 under Win32/64 and need to alter the locations of some of our jars files because of the changes to the directory structure and the class loading. Under 5.5 we have commons-logging.jar and log4j.jar in WEB-INF\lib and that works fine. For 6 we have put commons-logging and log4j.jar into \lib otherwise it fails on loading any context listeners. We also have a copy of log4j.jar still in WEB-INF\lib for webapp specific logging pretty much as the documentation states. This all runs okay and we get the output we would expect but on start-up we get errors in the stdout log such as: log4j:ERROR A org.apache.log4j.DailyRollingFileAppender object is not assignable to a org.apache.log4j.Appender variable. ... [error detail describing that classes were loaded by separate loaders] log4j:ERROR Could not instantiate appender named MAIN. Understandably considering we are class loading in two places. My question is, are these error messages really benign and can we get rid of them somehow or are we doing something wrong and need to investigate further? You have a problem here; at least some parts of Log4j are in inoprative state (and you could get more error messages of the same kind later on). You should fix this by fixing the classloading issue (which pretty much means throwing the jar files out of WEB-INF\lib), unless you can revert the classloading structure back to what it was in TC 5.5 - which seems unlikely. -- ..Juha - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Connaught wins RoSPA Gold Award for fifth year running Considerate Contractor Gold Award in 2006 Partnering Contractor of the Year Award in 2005 Please visit our website to see a full list of Connaught's Registered Companies www.connaught.plc.uk/Investors/Registered-Companies Disclaimer: The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete this message. Connaught plc, Head Office 01392 444546 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Vista woes....
Date sent: Wed, 01 Aug 2007 08:46:48 -0400 From: Martin Gainty [EMAIL PROTECTED] Subject:Re: Vista woes To: Tomcat Users List users@tomcat.apache.org Send reply to: Tomcat Users List users@tomcat.apache.org Send reply to: Martin Gainty [EMAIL PROTECTED] Sometimes the environment is so mucked I start tomcat $CATALINA_HOME/bin/java -jar bootstrap.jar Why would $CATALINA_HOME/bin/ have java in it? Did you mean JAVA_HOME ? I agree with chuck that spurious jars in your CLASSPATH will obfuscate your objective I find its helpful to understand when your jars get loaded (more specifically by which CLASSPATH) http://tomcat.apache.org/tomcat-5.5-doc/printer/class-loader-howto.htm l FWIW Martin-- This email message and any files transmitted with it contain confidential information intended only for the person(s) to whom this email message is addressed. If you have received this email message in error, please notify the sender immediately by telephone or email and destroy the original message without making a copy. Thank you. - Original Message - From: Caldarale, Charles R [EMAIL PROTECTED] To: Tomcat Users List users@tomcat.apache.org Sent: Sunday, July 29, 2007 11:52 PM Subject: RE: Vista woes From: news [mailto:[EMAIL PROTECTED] On Behalf Of maya Subject: Vista woes for Tomcat I have set CLASSPATH thus: set CLASSPATH=.;apache-tomcat-5.5.23\common\lib\servlet-api.jar;ap ache-tomcat-5.5.23\common\lib\jsp-api.jar Get rid of the CLASSPATH - it need not and should not be set for running Tomcat. What you have above will certainly cause problems, since critical jars are now visible to multiple classloaders. If you have APR installed (bin\tcnative-1.dll), remove it for initial testing. Are you trying to run Tomcat as a service or via bin\startup.bat? (If you have no startup.bat, get the .zip download and install that instead of the .exe version.) Debug with the scripts first, before attempting to run Tomcat as a service. When run from the script, what do the command prompt windows show? What's in Tomcat's logs directory? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Recovery from OutOfMemoryError?
From: Christopher Schultz [mailto:[EMAIL PROTECTED] Subject: Re: Recovery from OutOfMemoryError? (Sorry for not responding sooner. Went out to dinner and to see the Spider Pig movie :-) Nice. ;) The pig completely disappeared half way through the movie, but there are rumors it will show up at the beginning of next season. Was the pig's vanishing related to the guilt trip Santa's Little Helper admitted to at the end? Inquiring minds want to know... Which JVM are you working on, though? One of the mainstream ones? The one we ship for our mainframes is based on Sun's current one, but uses our own allocator, GC, and JIT, among other things. The replaced GC mechanism does not change the visible semantics of such operations, just the internal workings. Or something designed to be super high-availability (not that the mainstream ones aren't...)? I don't think it's any more or less reliable than other HotSpot-based JVMs. The only conclusion that I could draw was that some user (or several users) caused the OOME and permanently disabled the server. One possibility is that there's really an ongoing memory leak in his webapps, and enough junk accumulates to eat up most of the heap after a while. Then a large, unsatisfiable request is made, there's no recovery logic built into the app, and the failure leaves some application structures in an inconsistent state. The server should keep going, right? It should indeed. The fact that it doesn't says he may be doing something odd at the time of the failure. Maybe he's busting his PermGen, but that's unlikely since he says it only happens under peak load. Due to the use of reflection within Tomcat, there are many anonymous classes created during normal operation. These are discardable immediately after processing of each request, but I suppose if enough requests are going on concurrently and the size of the PermGen was marginal to begin with, it could be the source of the problem. Really need a lot more details to answer this. So, what is the likely cause of the tech support call? Simply leaving up a lock could hang the application. (Referring to the java.util.concurrent kind here, not synchronized blocks or methods.) Leaving out a simple finally clause to release resources in failure cases can easily result in a dead webapp. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat with/without Tomcat native library
Petr Sumbera wrote: Hi Bill and all, not sure what is the right way for comparison between using and not using APR. I tried Apache ab tool like this: ab -c 4 -n 1 http://localhost:8080/favicon.ico And I don't see any difference. Actually it might be little bit slower with APR. The file size is 21630, so it should use sendfile then (well actually our APR doesn't use sendfile at the moment as far as I know). The purpose of APR is to change the model from thread-per-connection to thread-per-request. This means it will behave much faster when you have 1000 concurrent clients using Keep-Alive (HTTP 1.1). In that case you'll be able to serve them all with lower number of maxThreads. So, try to use the 'normal' test tool instead a brute force one like 'ab' that will reflect the real load to your boxes. I mean, the ab (Apache Bench) is a DoS tool, right ;) Regards, Mladen. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat 5.5 configuration
Thanks. When I use the Tomcat Manager to deploy the war files, it puts them under webapps, not under ROOT. Can I change this? Caldarale, Charles R [EMAIL PROTECTED] 7/31/2007 10:20 PM From: Susan Richards [mailto:[EMAIL PROTECTED] Subject: Tomcat 5.5 configuration In Tomcat 5.0.28, I had this in my server.xml: Host name=test-infonline.matc.edu appBase=/www/apps/tomcat/webapps Context path= docBase=./ /Host The above - having docBase equal to appBase - was never intended to work; that it ever did anything useful at all was an accident. In current versions of Tomcat, do not put Context elements in server.xml, and do not use the path or docBase attributes, except in special circumstances. I really want to have 3 domain names on one server and be able to type in all three urls and go to the correct web application. If you mean that the three domain names each have a separate default webapp, then you should set up three Host elements in server.xml, one for each desired domain name. Within each Host define a unique value for its appBase directory. Under each appBase directory, install the appropriate webapp as ROOT.war or in the ROOT directory (case sensitive naming). No filter required. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: RE: Permissions
Hello Martin and David, thank you for your suggestions. My problem is more complicated. I've implemented a java applet that is stored in the ROOT directory. The html-file to show the applet is applet archive=applet.jar,mysql-connector-java-3.1.14.jar code=Applet ... /applet This applet looks and works almost perfect except that it calls the MySQL bridge (mysql-connector...) that is also stored in the ROOT directory. Hence, I have two different jar files one in the ROOT directory and one in WEB-INF/lib/. How can I facilitate correct loading if I can't bind the jar-file in the archive tag as WEB-INF/lib/applet.jar? Cheers Alexander Original-Nachricht Datum: Wed, 01 Aug 2007 09:43:24 -0400 Von: Martin Gainty [EMAIL PROTECTED] An: users@tomcat.apache.org Betreff: RE: Permissions Good Morning Alexander in $CATALINA_HOME/conf/catalina.policy your environment is currently pointing to 127.0.0.1:8080 You will need to change this to 137.250.38.190:8080 I would suggest that you implement local (127.0.0.1) first then re-implement on other servers e.g. 137.250.38.190 HTH/ Martin Gainty __ Disclaimer and confidentiality note Everything in this e-mail and any attachments relates to the official business of Sender. This transmission is of a confidential nature and Sender does not endorse distribution to any party other than intended recipient. Sender does not necessarily endorse content contained within this transmission. Hello! I'm working with tomcat 5.5.9 on Windows XP. I'm experiencing a strange problem with paths and permissions. I start catalina.bat start -security and assume that the catalina would read permissions from the catalina.policy file in the conf directory. I grant permissions to the mysql-connector*.jar grant codeBase file:${catalina.home}/webapps/ROOT/mysql-connector-java-3.1.14-bin.jar { permission java.security.AllPermission; //permission java.net.SocketPermission 127.0.0.1:3306, connect,resolve; }; but still get the error message: MESSAGE: java.security.AccessControlException: access denied (java.net.SocketPermission 137.250.38.190:3306 connect,resolve) STACKTRACE: java.net.SocketException: java.security.AccessControlException: access denied (java.net.SocketPermission 137.250.38.190:3306 connect,resolve) at com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.java:156) at com.mysql.jdbc.MysqlIO.init(MysqlIO.java:284) at com.mysql.jdbc.Connection.createNewIO(Connection.java:2569) at com.mysql.jdbc.Connection.init(Connection.java:1485) at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266) at java.sql.DriverManager.getConnection(Unknown Source) at java.sql.DriverManager.getConnection(Unknown Source) at GUI.DBWrapper.init(DBWrapper.java:40) at GUI.CeisApplet.init(CeisApplet.java:47) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) at java.lang.reflect.Constructor.newInstance(Unknown Source) at java.lang.Class.newInstance0(Unknown Source) at java.lang.Class.newInstance(Unknown Source) at sun.applet.AppletPanel.createApplet(Unknown Source) at sun.plugin.AppletViewer.createApplet(Unknown Source) at sun.applet.AppletPanel.runLoader(Unknown Source) at sun.applet.AppletPanel.run(Unknown Source) at java.lang.Thread.run(Unknown Source) ** END NESTED EXCEPTION ** Last packet sent to the server was 0 ms ago. at com.mysql.jdbc.Connection.createNewIO(Connection.java:2643) at com.mysql.jdbc.Connection.init(Connection.java:1485) at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266) at java.sql.DriverManager.getConnection(Unknown Source) at java.sql.DriverManager.getConnection(Unknown Source) at GUI.DBWrapper.init(DBWrapper.java:40) at GUI.CeisApplet.init(CeisApplet.java:47) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) at java.lang.reflect.Constructor.newInstance(Unknown Source) at java.lang.Class.newInstance0(Unknown Source) at java.lang.Class.newInstance(Unknown Source) at sun.applet.AppletPanel.createApplet(Unknown Source) at sun.plugin.AppletViewer.createApplet(Unknown Source) at sun.applet.AppletPanel.runLoader(Unknown Source) at sun.applet.AppletPanel.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Although the paths should be correct, the permissions are not granted. What
Re: Permissions
A an applet. That certainly changes the question a LOT. Applet execution being on the client system won't be influenced by the server's security manager. My advice stands when attempting to run a security manager on the server and making connections from the servlet code to the db. I'm no expert on applets and security managers so I'm not sure how to configure the security manager on the client or even if there is a way. --David Alexander Osherenko wrote: Hello Martin and David, thank you for your suggestions. My problem is more complicated. I've implemented a java applet that is stored in the ROOT directory. The html-file to show the applet is applet archive=applet.jar,mysql-connector-java-3.1.14.jar code=Applet ... /applet This applet looks and works almost perfect except that it calls the MySQL bridge (mysql-connector...) that is also stored in the ROOT directory. Hence, I have two different jar files one in the ROOT directory and one in WEB-INF/lib/. How can I facilitate correct loading if I can't bind the jar-file in the archive tag as WEB-INF/lib/applet.jar? Cheers Alexander Original-Nachricht Datum: Wed, 01 Aug 2007 09:43:24 -0400 Von: Martin Gainty [EMAIL PROTECTED] An: users@tomcat.apache.org Betreff: RE: Permissions Good Morning Alexander in $CATALINA_HOME/conf/catalina.policy your environment is currently pointing to 127.0.0.1:8080 You will need to change this to 137.250.38.190:8080 I would suggest that you implement local (127.0.0.1) first then re-implement on other servers e.g. 137.250.38.190 HTH/ Martin Gainty __ Disclaimer and confidentiality note Everything in this e-mail and any attachments relates to the official business of Sender. This transmission is of a confidential nature and Sender does not endorse distribution to any party other than intended recipient. Sender does not necessarily endorse content contained within this transmission. Hello! I'm working with tomcat 5.5.9 on Windows XP. I'm experiencing a strange problem with paths and permissions. I start catalina.bat start -security and assume that the catalina would read permissions from the catalina.policy file in the conf directory. I grant permissions to the mysql-connector*.jar grant codeBase file:${catalina.home}/webapps/ROOT/mysql-connector-java-3.1.14-bin.jar { permission java.security.AllPermission; //permission java.net.SocketPermission 127.0.0.1:3306, connect,resolve; }; but still get the error message: MESSAGE: java.security.AccessControlException: access denied (java.net.SocketPermission 137.250.38.190:3306 connect,resolve) STACKTRACE: java.net.SocketException: java.security.AccessControlException: access denied (java.net.SocketPermission 137.250.38.190:3306 connect,resolve) at com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.java:156) at com.mysql.jdbc.MysqlIO.init(MysqlIO.java:284) at com.mysql.jdbc.Connection.createNewIO(Connection.java:2569) at com.mysql.jdbc.Connection.init(Connection.java:1485) at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266) at java.sql.DriverManager.getConnection(Unknown Source) at java.sql.DriverManager.getConnection(Unknown Source) at GUI.DBWrapper.init(DBWrapper.java:40) at GUI.CeisApplet.init(CeisApplet.java:47) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) at java.lang.reflect.Constructor.newInstance(Unknown Source) at java.lang.Class.newInstance0(Unknown Source) at java.lang.Class.newInstance(Unknown Source) at sun.applet.AppletPanel.createApplet(Unknown Source) at sun.plugin.AppletViewer.createApplet(Unknown Source) at sun.applet.AppletPanel.runLoader(Unknown Source) at sun.applet.AppletPanel.run(Unknown Source) at java.lang.Thread.run(Unknown Source) ** END NESTED EXCEPTION ** Last packet sent to the server was 0 ms ago. at com.mysql.jdbc.Connection.createNewIO(Connection.java:2643) at com.mysql.jdbc.Connection.init(Connection.java:1485) at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266) at java.sql.DriverManager.getConnection(Unknown Source) at java.sql.DriverManager.getConnection(Unknown Source) at GUI.DBWrapper.init(DBWrapper.java:40) at GUI.CeisApplet.init(CeisApplet.java:47) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) at java.lang.reflect.Constructor.newInstance(Unknown Source) at java.lang.Class.newInstance0(Unknown Source) at java.lang.Class.newInstance(Unknown Source) at
Re: Tomcat cluster serving ~50 lines of the page when a request hits a stopped webapp for the first time
Hi Ben, I think I understand the problem now, and it is a jk bug. For stable operation you should really use the disable/stop feature. Nevertheless I'm starting thinking about how to fix this in a good way. The bug has to do with the new fail on status feature you use. It is not very old, so we didn't experience the bug before. Stay tuned ... Regards, Rainer ben short wrote: Is length 1090 correct?`So does the full body have that length? Yes firefox reports that the page is 1k in size, via the web developer's tool bar. I have seen it happen in IE 6 and 7 also. Would it be possible for me to email you directly the output of wireshark for both one bad and one good attempt? I really appreciate you helping me out on this one. Regards Ben Short On 7/31/07, Rainer Jung [EMAIL PROTECTED] wrote: ben short wrote: Ok I have used wireshark and see that the request is sent to the apache httpd. The next first packet i get back contains the following... HTTP/1.1 200 OK Date: Tue, 31 Jul 2007 14:57:25 GMT Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.7a mod_jk/1.2.23 Content-Length: 1090 ***NOTE every line but this has a \r\n shown in the middle frame of wireshark *** All Headers are supposed to end with \r\n, but I would find it very strange, if this does not do it (I can not really think of a reson for that, but who knows...) Cache-Control: no-cache Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Language: en-GB Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html;charset=UTF-8 Is length 1090 correct?`So does the full body have that length? !--Rail Timestamp: -- !--Generated by Journeycheck 4.0-RC5 on host jc-pres2.nexusalpha.com -- !DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd; html lang=english .head ..meta http-equiv=Content-Type content=text/html;charset=UTF-8/ ..meta http-equiv=expires content=0/ ..meta http-equiv=cache-control content=no-cache/ ..meta http-equiv=pragma content=nocache/ ..meta http-equiv=Content-Language content=en-us/ ..meta content=Nexus Alpha:Andrew Langmead, Ben Short, Lawrence Chan name=author/ ..meta content=journey check,rail,journey,nexus alpha,plan,disruption,transport,trains name=keywords/ ..meta content=Allows you to check your journey with a particular rail company name=description/ ..!--META HTTP-EQUIV=RefreshCONTENT=10; URL=http://www.jcheck.com/firstcapitalconnect/;-- .. ..link href=/resources/common/web/css/common.css rel=stylesheet type=text/css/ ..!--script type=text/javascript src=/resources/common/web/javascript Which is whats being shown in the browser, if i view the source. Next I see more packets that say 'Continuation or non-HTTP traffic' in the Info column of wireshark. When I look at the byte output I can see that its the rest of the page. If i use wireshark to view the same request with the webapp started I dont see the initial HTTP/1.1 200 OK packet, so i assume that each packet contains the correct headers for chunking to work correctly. But the first line is mandatory for HTTP responses! So in the good case, something is slipping the observation. We could ignore that, but if we don't see something in the good case, we must question the observation in the bad case too. So it seams that im getting a dodgy content length in the first packet if the request goes to the stoppped webapp first. Or infact the whole chunking thing is not working correctly. If there is a Cntent-Length header, there is no chunking involved. Chunking gives a way of telling the length of small chunks of the answer. For dynamic content it's often difficult to tell the full length in advance, but a Content-Length header has to come before the body. So chunking is used to prevent the need of buffering the full body before sending it out. The reposnse you showed us above does not use chunking, but instead the content-length header, which is OK and stable for content with easy to determine length. Which browser is it? If you can reproduce the problem with firefox, there are very good plugins, that can show you details of communication and content from inside the browser. A good example is FireBug, which I can recommend. Even if you usually use MSIE, it might be important to cross check with Firefox in order to find out if the problem is browser specific. Regards, Rainer On 7/31/07, Rainer Jung [EMAIL PROTECTED] wrote: You could dig deeper into two different directions: - protocol: is the content-length in the response headers correct? Or does it use chunked transfer, and is this OK? - sniff the network in front of the apache: do the packets actually get send back to the browser? Regards, Rainer ben short wrote: I'm not getting anywhere with this :( I have set the logging to trace for mod_jk and I can see all the response packets. I have also turned on our applications response logging and can see that the running webapp writes
BasicDataSourceFactory.class where? (Tomcat 5.5, RHEL)
Hello, for an application I am testing, I have my first contact with Tomcat, version 5.5.23 on RHEL 4 update 5, as installed from the package tomcat5-5.5.23-0jpp_4rh.3. What shall I say? It does not work yet. :-/ The main problem seems to be that Tomcat complains on startup about a missing class org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory: WARNING: Failed to register in JMX: javax.naming.NamingException: Could not create resource factory instance [Root exception is java.lang.ClassNotFoundException: org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory] This class is specified as the factory attribute in the Resource specification of the application context in Tomcat's server.xml. I can believe that Java/Tomcat cannot find this class, as I cannot find it either -- not in the jar files in /usr/share/tomcat5/common/lib and not anywhere else. Still the name suggests that it should be something that somehow belongs to Tomcat. I do have the package jakarta-commons-dbcp-1.2.1-3jpp_1rh installed, which sounds like a promising suspect, but it brings me only org.apache.commons.dbcp.BasicDataSourceFactory.class and not the one above. I'd switch to that just for a try, only it does not work the same way -- java.lang.ClassNotFoundException: org.apache.commons.dbcp.BasicDataSourceFactory.class -- although that class is in ../tomcat5/common/lib/[commons-dbcp].jar . Now I'm puzzled. Which BasicDataSourceFactory can/should I use? Why does Java/Tomcat not find the class in [commons-dbcp].jar? What can I do? I'd appreciate any help, as I am at a loss now; if this is an FAQ, a pointer to the related information, too, of course. Best regards, Juergen. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat cluster serving ~50 lines of the page when a request hits a stopped webapp for the first time
Sure for stable operation, but what if the machine reboots, tomcat starts up and your webapp doesn't for some reason. This situation could occur then. Many thanks for your help with this one. Regards Ben On 8/1/07, Rainer Jung [EMAIL PROTECTED] wrote: Hi Ben, I think I understand the problem now, and it is a jk bug. For stable operation you should really use the disable/stop feature. Nevertheless I'm starting thinking about how to fix this in a good way. The bug has to do with the new fail on status feature you use. It is not very old, so we didn't experience the bug before. Stay tuned ... Regards, Rainer ben short wrote: Is length 1090 correct?`So does the full body have that length? Yes firefox reports that the page is 1k in size, via the web developer's tool bar. I have seen it happen in IE 6 and 7 also. Would it be possible for me to email you directly the output of wireshark for both one bad and one good attempt? I really appreciate you helping me out on this one. Regards Ben Short On 7/31/07, Rainer Jung [EMAIL PROTECTED] wrote: ben short wrote: Ok I have used wireshark and see that the request is sent to the apache httpd. The next first packet i get back contains the following... HTTP/1.1 200 OK Date: Tue, 31 Jul 2007 14:57:25 GMT Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.7a mod_jk/1.2.23 Content-Length: 1090 ***NOTE every line but this has a \r\n shown in the middle frame of wireshark *** All Headers are supposed to end with \r\n, but I would find it very strange, if this does not do it (I can not really think of a reson for that, but who knows...) Cache-Control: no-cache Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Language: en-GB Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html;charset=UTF-8 Is length 1090 correct?`So does the full body have that length? !--Rail Timestamp: -- !--Generated by Journeycheck 4.0-RC5 on host jc-pres2.nexusalpha.com -- !DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd; html lang=english .head ..meta http-equiv=Content-Type content=text/html;charset=UTF-8/ ..meta http-equiv=expires content=0/ ..meta http-equiv=cache-control content=no-cache/ ..meta http-equiv=pragma content=nocache/ ..meta http-equiv=Content-Language content=en-us/ ..meta content=Nexus Alpha:Andrew Langmead, Ben Short, Lawrence Chan name=author/ ..meta content=journey check,rail,journey,nexus alpha,plan,disruption,transport,trains name=keywords/ ..meta content=Allows you to check your journey with a particular rail company name=description/ ..!--META HTTP-EQUIV=RefreshCONTENT=10; URL=http://www.jcheck.com/firstcapitalconnect/;-- .. ..link href=/resources/common/web/css/common.css rel=stylesheet type=text/css/ ..!--script type=text/javascript src=/resources/common/web/javascript Which is whats being shown in the browser, if i view the source. Next I see more packets that say 'Continuation or non-HTTP traffic' in the Info column of wireshark. When I look at the byte output I can see that its the rest of the page. If i use wireshark to view the same request with the webapp started I dont see the initial HTTP/1.1 200 OK packet, so i assume that each packet contains the correct headers for chunking to work correctly. But the first line is mandatory for HTTP responses! So in the good case, something is slipping the observation. We could ignore that, but if we don't see something in the good case, we must question the observation in the bad case too. So it seams that im getting a dodgy content length in the first packet if the request goes to the stoppped webapp first. Or infact the whole chunking thing is not working correctly. If there is a Cntent-Length header, there is no chunking involved. Chunking gives a way of telling the length of small chunks of the answer. For dynamic content it's often difficult to tell the full length in advance, but a Content-Length header has to come before the body. So chunking is used to prevent the need of buffering the full body before sending it out. The reposnse you showed us above does not use chunking, but instead the content-length header, which is OK and stable for content with easy to determine length. Which browser is it? If you can reproduce the problem with firefox, there are very good plugins, that can show you details of communication and content from inside the browser. A good example is FireBug, which I can recommend. Even if you usually use MSIE, it might be important to cross check with Firefox in order to find out if the problem is browser specific. Regards, Rainer On 7/31/07, Rainer Jung [EMAIL PROTECTED] wrote: You could dig deeper into two different directions: - protocol: is the
Re: Tomcat 5.5 configuration
On 8/1/07, Susan Richards [EMAIL PROTECTED] wrote: Thanks. When I use the Tomcat Manager to deploy the war files, it puts them under webapps, not under ROOT. Can I change this? ? No, that's where they're supposed to go. Why would you want to change that? -- Hassan Schroeder [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: BasicDataSourceFactory.class where? (Tomcat 5.5, RHEL)
... or at least post your question on a Redhat or jPackage list. We're not known for being all warm and fuzzy toward the tomcat rpm install packages. They've done things to tomcat in the process of packaging I know I wouldn't recommend. --David Caldarale, Charles R wrote: From: Juergen Nickelsen [mailto:[EMAIL PROTECTED] Subject: BasicDataSourceFactory.class where? (Tomcat 5.5, RHEL) for an application I am testing, I have my first contact with Tomcat, version 5.5.23 on RHEL 4 update 5, as installed from the package tomcat5-5.5.23-0jpp_4rh.3. I'd strongly recommend to throw that away and use a real Tomcat download from the Apache website. The 3rd-party repackaged versions of Tomcat are notorious for being dysfunctional. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 5.5 configuration
Chuck said this: Under each appBase directory, install the appropriate webapp as ROOT.war or in the ROOT directory (case sensitive naming). I changed my server.xml to this: Host name=test-infonline.matc.edu appBase=/www/apps/tomcat/webapps/test-infonline /Host When I open the URL http://test-infoline.matc.edu, I still go right to the manager. What am I doing wrong? Hassan Schroeder [EMAIL PROTECTED] 8/1/2007 10:33 AM On 8/1/07, Susan Richards [EMAIL PROTECTED] wrote: Thanks. When I use the Tomcat Manager to deploy the war files, it puts them under webapps, not under ROOT. Can I change this? ? No, that's where they're supposed to go. Why would you want to change that? -- Hassan Schroeder [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Using manager to deploy with path=/123/456/789
Hi, I want to use the manager to deploy an app with the context path like /123/456/789 If I use the manager path=/123/456/789 war=file:789.war it doesn't work. At the client end (ant) I'm seeing: FAIL - Failed to deploy application at context path /123/456/789 In the logs on server, there is no error recorder, last line is: INFO: Manager: Uploading WAR file to /CATALINA_BASE/webapps/123/456/789.war The war file is now there on the server. (although this much only works so long as I created the dirs in advance) If I try a more simple context path, e.g. path=/789 war=file:789.war, the deploy goes just fine. Is it not possible to deploy apps with paths like /123/456/789 using the manager, or am I perhaps doing something wrong? Cheers, D. Please access the attached hyperlink for an important electronic communications disclaimer: http://www.lse.ac.uk/collections/secretariat/legal/disclaimer.htm - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: BasicDataSourceFactory.class where? (Tomcat 5.5, RHEL)
From: Juergen Nickelsen [mailto:[EMAIL PROTECTED] Subject: BasicDataSourceFactory.class where? (Tomcat 5.5, RHEL) for an application I am testing, I have my first contact with Tomcat, version 5.5.23 on RHEL 4 update 5, as installed from the package tomcat5-5.5.23-0jpp_4rh.3. I'd strongly recommend to throw that away and use a real Tomcat download from the Apache website. The 3rd-party repackaged versions of Tomcat are notorious for being dysfunctional. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat cluster serving ~50 lines of the page when a request hits a stopped webapp for the first time
hi Ben, could you try the following patch for 1.2.24: http://people.apache.org/~rjung/mod_jk-dev/patches/fail-on-status.patch I guess you can build the module yourself (it's easy: configure --with-apxs=PATHTOAPXS; make; make install). Now simply download the source of 1.2.24 and use the patch command to add the above file as a patch. Then build and retest. If you really can't build it yourself let me know. The patch is not well tested, don't go straight to production with it :) Regards, Rainer ben short wrote: Sure for stable operation, but what if the machine reboots, tomcat starts up and your webapp doesn't for some reason. This situation could occur then. Many thanks for your help with this one. Regards Ben On 8/1/07, Rainer Jung [EMAIL PROTECTED] wrote: Hi Ben, I think I understand the problem now, and it is a jk bug. For stable operation you should really use the disable/stop feature. Nevertheless I'm starting thinking about how to fix this in a good way. The bug has to do with the new fail on status feature you use. It is not very old, so we didn't experience the bug before. Stay tuned ... Regards, Rainer - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat 5.5 configuration
From: Susan Richards [mailto:[EMAIL PROTECTED] Subject: Re: Tomcat 5.5 configuration Under each appBase directory, install the appropriate webapp as ROOT.war or in the ROOT directory I guess that wasn't clear enough. An expanded webapp (one not packaged in a .war file) that you want as the default webapp must be installed AS the ROOT directory under the corresponding Host's appBase directory. At no time may webapps be nested. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Using manager to deploy with path=/123/456/789
From: Derek Alexander [mailto:[EMAIL PROTECTED] Subject: Using manager to deploy with path=/123/456/789 I want to use the manager to deploy an app with the context path like /123/456/789 Can't say I know how to do it with the manager app, although it may be possible. What you need to end up with is a file named 123#456#789.xml under conf/Catalina/[host] that contains a Context element with a docBase attribute pointing the the .war file. Said .war file should be located outside of any Host element's appBase directory, or it will be deployed twice, once under the desired name and again under the name of the .war file. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Recovery from OutOfMemoryError?
Would you (or anyone) care to provide a link to where I can learn more about swatch? Everything I've turned up so far points to a wanna-be replacement for UTC called internet time promoted by a watchmaker. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Typically when a software vendor says that a product is intuitive he means the exact opposite. pgpWyQYLJ0sxf.pgp Description: PGP signature
Varuna Seneviratna wants to chat
--- Varuna Seneviratna wants to stay in better touch using some of Google's coolest new products. If you already have Gmail or Google Talk, visit: http://mail.google.com/mail/b-276484242e-604e6f3a67-d4f60a21e46d0f1d You'll need to click this link to be able to chat with Varuna Seneviratna. To get Gmail - a free email account from Google with over 2,800 megabytes of storage - and chat with Varuna Seneviratna, visit: http://mail.google.com/mail/a-276484242e-604e6f3a67-8a75e060ec Gmail offers: - Instant messaging right inside Gmail - Powerful spam protection - Built-in search for finding your messages and a helpful way of organizing emails into conversations - No pop-up ads or untargeted banners - just text ads and related information that are relevant to the content of your messages All this, and its yours for free. But wait, there's more! By opening a Gmail account, you also get access to Google Talk, Google's instant messaging service: http://www.google.com/talk/ Google Talk offers: - Web-based chat that you can use anywhere, without a download - A contact list that's synchronized with your Gmail account - Free, high quality PC-to-PC voice calls when you download the Google Talk client Gmail and Google Talk are still in beta. We're working hard to add new features and make improvements, so we might also ask for your comments and suggestions periodically. We appreciate your help in making our products even better! Thanks, The Google Team To learn more about Gmail and Google Talk, visit: http://mail.google.com/mail/help/about.html http://www.google.com/talk/about.html (If clicking the URLs in this message does not work, copy and paste them into the address bar of your browser). - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
com.evermind.server.rmi package in Tomcat?
Hello, I have a very curious situation and I have been scratching my head. To investigate occassional application hangs on Tomcat 5.5 running on Solaris 10, I take Tomcat process thread dumps periodically and see many threads stuck for a long time like as follows. I looked left and right into all Tomcat jars and application war files to see if I can find the package com.evermind.server.rmi, but without any success. I have been scratching my head as to where this is coming from. Thread [EMAIL PROTECTED]: (state = IN_NATIVE) - java.net.SocketInputStream.socketRead0(java.io.FileDescriptor, byte[], int, int, int) @bci=0 (Compiled frame; information may be imprecise) - java.net.SocketInputStream.read(byte[], int, int) @bci=84, line=129 (Compiled frame) - java.io.BufferedInputStream.fill() @bci=175, line=218 (Compiled frame) - java.io.BufferedInputStream.read() @bci=12, line=235 (Compiled frame) - java.io.ObjectInputStream$PeekInputStream.peek() @bci=19, line=2196 (Compiled frame) - java.io.ObjectInputStream$BlockDataInputStream.refill() @bci=72, line=2443 (Compiled frame) - java.io.ObjectInputStream$BlockDataInputStream.read() @bci=19, line=2515 (Compiled frame) - java.io.ObjectInputStream$BlockDataInputStream.readByte() @bci=1, line=2664 (Compiled frame) - com.evermind.server.rmi.RMIConnection.run(java.lang.Thread) @bci=115, line=399 (Compiled frame) - com.evermind.server.rmi.RMIConnection.run() @bci=56, line=349 (Interpreted frame) - com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run() @bci=24, line=186 (Interpreted frame) - java.lang.Thread.run() @bci=11, line=595 (Interpreted frame) _ http://imagine-windowslive.com/hotmail/?locale=en-usocid=TXT_TAGHM_migration_HM_mini_pcmag_0507 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Recovery from OutOfMemoryError?
On 01/08/2007, at 6:50 PM, Mark H. Wood wrote: Would you (or anyone) care to provide a link to where I can learn more about swatch? Everything I've turned up so far points to a wanna-be replacement for UTC called internet time promoted by a watchmaker. http://swatch.sourceforge.net/ http://sourceforge.net/project/showfiles.php?group_id=68627 Cheers Andrew - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: com.evermind.server.rmi package in Tomcat?
On 8/1/07, Neeraj Vora [EMAIL PROTECTED] wrote: I have a very curious situation and I have been scratching my head. To investigate occassional application hangs on Tomcat 5.5 running on Solaris 10, I take Tomcat process thread dumps periodically and see many threads stuck for a long time like as follows. I looked left and right into all Tomcat jars and application war files to see if I can find the package com.evermind.server.rmi That's an Oracle class -- the name rang a bell, and I just found it in an old OC4J install package (in iiop_gen_bin.jar). HTH! -- Hassan Schroeder [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Log4j errors on Tomcat6 startup
Hi Mark, your application doesn't need the log4j*.jar since they are provided by Tomcat 6 (unlike Tomcat 5.x). However, your application should have it's own log4j-configuration aka log4j.xml. This file is usually found in ${CATALINA_HOME}/webapps/${your_application}/WEB-INF/classes In this web-app-specific log4j-confugration you can declare / specify your own log4j-appenders (output). HTH Gregor -- what's puzzlin' you, is the nature of my game gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: com.evermind.server.rmi package in Tomcat?
Maybe loaded by a custom class loader over the net, e.g. from a backend (probably like an Oracle AS backend)? Neeraj Vora wrote: Hello, I have a very curious situation and I have been scratching my head. To investigate occassional application hangs on Tomcat 5.5 running on Solaris 10, I take Tomcat process thread dumps periodically and see many threads stuck for a long time like as follows. I looked left and right into all Tomcat jars and application war files to see if I can find the package com.evermind.server.rmi, but without any success. I have been scratching my head as to where this is coming from. Thread [EMAIL PROTECTED]: (state = IN_NATIVE) - java.net.SocketInputStream.socketRead0(java.io.FileDescriptor, byte[], int, int, int) @bci=0 (Compiled frame; information may be imprecise) - java.net.SocketInputStream.read(byte[], int, int) @bci=84, line=129 (Compiled frame) - java.io.BufferedInputStream.fill() @bci=175, line=218 (Compiled frame) - java.io.BufferedInputStream.read() @bci=12, line=235 (Compiled frame) - java.io.ObjectInputStream$PeekInputStream.peek() @bci=19, line=2196 (Compiled frame) - java.io.ObjectInputStream$BlockDataInputStream.refill() @bci=72, line=2443 (Compiled frame) - java.io.ObjectInputStream$BlockDataInputStream.read() @bci=19, line=2515 (Compiled frame) - java.io.ObjectInputStream$BlockDataInputStream.readByte() @bci=1, line=2664 (Compiled frame) - com.evermind.server.rmi.RMIConnection.run(java.lang.Thread) @bci=115, line=399 (Compiled frame) - com.evermind.server.rmi.RMIConnection.run() @bci=56, line=349 (Interpreted frame) - com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run() @bci=24, line=186 (Interpreted frame) - java.lang.Thread.run() @bci=11, line=595 (Interpreted frame) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: com.evermind.server.rmi package in Tomcat?
Right, true it's from Orion App Server that Oracle later acquired to make it their own app server. I'm not sure how this class is coming into being in my Apache Tomcat instance. From: Hassan Schroeder [EMAIL PROTECTED] Reply-To: Tomcat Users List users@tomcat.apache.org To: Tomcat Users List users@tomcat.apache.org Subject: Re: com.evermind.server.rmi package in Tomcat? Date: Wed, 1 Aug 2007 11:20:48 -0700 On 8/1/07, Neeraj Vora [EMAIL PROTECTED] wrote: I have a very curious situation and I have been scratching my head. To investigate occassional application hangs on Tomcat 5.5 running on Solaris 10, I take Tomcat process thread dumps periodically and see many threads stuck for a long time like as follows. I looked left and right into all Tomcat jars and application war files to see if I can find the package com.evermind.server.rmi That's an Oracle class -- the name rang a bell, and I just found it in an old OC4J install package (in iiop_gen_bin.jar). HTH! -- Hassan Schroeder [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ http://imagine-windowslive.com/hotmail/?locale=en-usocid=TXT_TAGHM_migration_HM_mini_pcmag_0507 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Forwarding based on URI's in Tomcat
I am trying to get tomcat to forward requests as follows www.mysite.com/foo to direct to the foo action www.mysite.com/bar to direct to bar action ie. bar.do Does anyone have any pointers on this? Sorry for the newbie question. Looking for a deal? Find great prices on flights and hotels with Yahoo! FareChase. http://farechase.yahoo.com/ - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How do I use tomcat5w.exe with a service name other than Tomcat5?
I have multiple instances of Tomcat installed as services with different service names. The tomcat5w.exe utility seems to work only with the default service name Tomcat5. I can't find any documentation on this utility. How do I pass another service name into the utility? Thanks, Ron -- View this message in context: http://www.nabble.com/How-do-I-use-tomcat5w.exe-with-a-service-name-other-than-Tomcat5--tf4201616.html#a11950506 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: com.evermind.server.rmi package in Tomcat?
No there are no custom class loaders, nor are there any Oracle AS backend. From: Rainer Jung [EMAIL PROTECTED] Reply-To: Tomcat Users List users@tomcat.apache.org To: Tomcat Users List users@tomcat.apache.org Subject: Re: com.evermind.server.rmi package in Tomcat? Date: Wed, 01 Aug 2007 20:15:34 +0200 Maybe loaded by a custom class loader over the net, e.g. from a backend (probably like an Oracle AS backend)? Neeraj Vora wrote: Hello, I have a very curious situation and I have been scratching my head. To investigate occassional application hangs on Tomcat 5.5 running on Solaris 10, I take Tomcat process thread dumps periodically and see many threads stuck for a long time like as follows. I looked left and right into all Tomcat jars and application war files to see if I can find the package com.evermind.server.rmi, but without any success. I have been scratching my head as to where this is coming from. Thread [EMAIL PROTECTED]: (state = IN_NATIVE) - java.net.SocketInputStream.socketRead0(java.io.FileDescriptor, byte[], int, int, int) @bci=0 (Compiled frame; information may be imprecise) - java.net.SocketInputStream.read(byte[], int, int) @bci=84, line=129 (Compiled frame) - java.io.BufferedInputStream.fill() @bci=175, line=218 (Compiled frame) - java.io.BufferedInputStream.read() @bci=12, line=235 (Compiled frame) - java.io.ObjectInputStream$PeekInputStream.peek() @bci=19, line=2196 (Compiled frame) - java.io.ObjectInputStream$BlockDataInputStream.refill() @bci=72, line=2443 (Compiled frame) - java.io.ObjectInputStream$BlockDataInputStream.read() @bci=19, line=2515 (Compiled frame) - java.io.ObjectInputStream$BlockDataInputStream.readByte() @bci=1, line=2664 (Compiled frame) - com.evermind.server.rmi.RMIConnection.run(java.lang.Thread) @bci=115, line=399 (Compiled frame) - com.evermind.server.rmi.RMIConnection.run() @bci=56, line=349 (Interpreted frame) - com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run() @bci=24, line=186 (Interpreted frame) - java.lang.Thread.run() @bci=11, line=595 (Interpreted frame) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ http://imagine-windowslive.com/hotmail/?locale=en-usocid=TXT_TAGHM_migration_HM_mini_pcmag_0507 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Forwarding based on URI's in Tomcat
Are those 2 different webapps ? If yes, you have to be aware of session data, diff webapps do not share by default the session data. But basically to do a client redirect you do this Response.sendRedirect(otherURl) this will change the url in the client browser To do a server redirect you can do either jsp:forward page=otherURL Or inside a servlet (or jsp) request.getContext().getRequestDispatcher(otherURL).forward(request,re sponse); regards -Original Message- From: Mon Cab [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 01, 2007 2:34 PM To: Tomcat Usergroup Subject: Forwarding based on URI's in Tomcat I am trying to get tomcat to forward requests as follows www.mysite.com/foo to direct to the foo action www.mysite.com/bar to direct to bar action ie. bar.do Does anyone have any pointers on this? Sorry for the newbie question. Looking for a deal? Find great prices on flights and hotels with Yahoo! FareChase. http://farechase.yahoo.com/ - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This message (including any attachments) contains confidential and/or proprietary information intended only for the addressee. Any unauthorized disclosure, copying, distribution or reliance on the contents of this information is strictly prohibited and may constitute a violation of law. If you are not the intended recipient, please notify the sender immediately by responding to this e-mail, and delete the message from your system. If you have any questions about this e-mail please notify the sender immediately. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: secured authentication / connection
On 8/1/07, Pierre Goupil [EMAIL PROTECTED] wrote: The real question is a bit more weird. If I try connect to my server on port 8443, but with just http protocol (no encryption) snip/ Then you're doing something utterly meaningless, and the file you see is just the encrypted response from Tomcat. The simple answer is don't do that :-) HTH, -- Hassan Schroeder [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: secured authentication / connection
Hello, OK, I've done it : the SSL authentication of my tomcat server works pretty fine. I'm currently using port 8443, though. But this is not my question. The real question is a bit more weird. If I try connect to my server on port 8443, but with just http protocol (no encryption), Tomcat responds by sending a file ! It is a .bin file which name is : - either the context name of my request (for instance, if I ask http://myserver.com/qwerty the file is called qwerty.bin) - either a random (?) name if I ask the context name of my webapp. Do you have an idea why how to get rid of this, anyone ? Cheers, Pierre 2007/7/31, Pierre Goupil [EMAIL PROTECTED]: Ooops... Yes, definitely... But I still need the port 80 for my purely static (unencrypted) content. The connections to my webapp will be encrypted from end-to-end using its context name, but all the content accessible within the default context will be static. Pierre 2007/7/31, David Smith [EMAIL PROTECTED]: Port 80 is for unencrypted traffic. The default port for SSL (https protocol) is 443. --David Pierre Goupil wrote: I have some static HTML content. But I will handle it with Tomcat too, in order to ease things regarding my present need. So I will stick to Tomcat for SSL management and won't use Apache *Httpd* ;-) any more... Easy. As easy as my need in fact. Actually, my only sensitive need is to have SSL connections from end-to-end, as this is an application for a persons goods security firm. I don't want to take any risk with this kind of data. I'm going to investigate the use of port 80 with tomcat, now ! Thanx again ! Pierre 2007/7/31, Caldarale, Charles R [EMAIL PROTECTED]: From: Pierre Goupil [mailto:[EMAIL PROTECTED] Subject: Re: secured authentication / connection But I still need Apache in front of it, in order to be able to use the port 80 this sort of things. Tomcat can quite happily use port 80; what else do you need httpd for? (We'll assume you mean httpd when you refer to Apache, since both Tomcat and httpd are Apache products.) - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Si le sang ne coule pas assez chaud dans tes veines, je le répandrais sur le sable pour qu'il bouille au soleil. (Maraxus de Kelde) -- Si le sang ne coule pas assez chaud dans tes veines, je le répandrais sur le sable pour qu'il bouille au soleil. (Maraxus de Kelde)
RE: Forwarding based on URI's in Tomcat
I would rather do this by configuring Tomcat, than doing it programatically if posible. --- Asensio, Rodrigo [EMAIL PROTECTED] wrote: Are those 2 different webapps ? If yes, you have to be aware of session data, diff webapps do not share by default the session data. But basically to do a client redirect you do this Response.sendRedirect(otherURl) this will change the url in the client browser To do a server redirect you can do either jsp:forward page=otherURL Or inside a servlet (or jsp) request.getContext().getRequestDispatcher(otherURL).forward(request,re sponse); regards -Original Message- From: Mon Cab [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 01, 2007 2:34 PM To: Tomcat Usergroup Subject: Forwarding based on URI's in Tomcat I am trying to get tomcat to forward requests as follows www.mysite.com/foo to direct to the foo action www.mysite.com/bar to direct to bar action ie. bar.do Does anyone have any pointers on this? Sorry for the newbie question. Looking for a deal? Find great prices on flights and hotels with Yahoo! FareChase. http://farechase.yahoo.com/ - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This message (including any attachments) contains confidential and/or proprietary information intended only for the addressee. Any unauthorized disclosure, copying, distribution or reliance on the contents of this information is strictly prohibited and may constitute a violation of law. If you are not the intended recipient, please notify the sender immediately by responding to this e-mail, and delete the message from your system. If you have any questions about this e-mail please notify the sender immediately. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Take the Internet to Go: Yahoo!Go puts the Internet in your pocket: mail, news, photos more. http://mobile.yahoo.com/go?refer=1GNXIC - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Forwarding based on URI's in Tomcat
I tried the following servlet-mapping servlet-nameaction/servlet-name url-pattern*.do/url-pattern /servlet-mapping servlet-mapping servlet-nameaction/servlet-name url-pattern/sexy*/url-pattern /servlet-mapping but got a 404 message: The requested resource (/mymodule/sexy) is not available. I also tried: servlet-mapping servlet-nameaction/servlet-name url-pattern/mymodule/sexy*/url-pattern /servlet-mapping but I got the same error. --- David Delbecq [EMAIL PROTECTED] wrote: In your web.xml, you can map /foo and /bar to struts servlet. However, i think i remember the struts servlet does not like to be mapped at several location. (/foo, /bar and *.do) You could also write your own servlet, that your map to /foo and /bar and which take th request url and does an internal forward to the same name with an additionnal .do You could also map / to your struts servlet (instead of *.do) and have static content served using a servlet mapped to /static. But you will have problem with pure JSPs as you will need to manually map them. Mon Cab a écrit : I am trying to get tomcat to forward requests as follows www.mysite.com/foo to direct to the foo action www.mysite.com/bar to direct to bar action ie. bar.do Does anyone have any pointers on this? Sorry for the newbie question. Looking for a deal? Find great prices on flights and hotels with Yahoo! FareChase. http://farechase.yahoo.com/ - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Building a website is a piece of cake. Yahoo! Small Business gives you all the tools to get online. http://smallbusiness.yahoo.com/webhosting - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: secured authentication / connection
OK... Thanks again to all of you for your time attention ! Pierre 2007/8/1, Hassan Schroeder [EMAIL PROTECTED]: On 8/1/07, Pierre Goupil [EMAIL PROTECTED] wrote: The real question is a bit more weird. If I try connect to my server on port 8443, but with just http protocol (no encryption) snip/ Then you're doing something utterly meaningless, and the file you see is just the encrypted response from Tomcat. The simple answer is don't do that :-) HTH, -- Hassan Schroeder [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Si le sang ne coule pas assez chaud dans tes veines, je le répandrais sur le sable pour qu'il bouille au soleil. (Maraxus de Kelde)
Re: COMET - Delays in output
FelixG wrote: After looking at the TCP packets I can say this: The use of flush() in COMET *does* push data-packets immediately to the client, but it seems that the client (in my case a browser) doesn't recognize/display them until the outputstream is closed due to an ERROR/TIMEOUT or until I call close() manually for the stream. yes, the browser doesn't really know what to do with the request until the response is complete Filip felix Filip Hanik - Dev Lists wrote: flush should push out the data for you. If not, please open a bugzilla item and attach the test case http://issues.apache.org/bugzilla/enter_bug.cgi?product=Tomcat%206 Filip - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Forwarding based on URI's in Tomcat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mon, Mon Cab wrote: url-pattern/sexy*/url-pattern I believe that the pattern /sexy* does not match when the * matches nothing. I think that * acts like + in a regular expression. You might want: servlet-nameaction/servlet-name url-pattern/mymodule/sexy*/url-pattern url-pattern/mymodule/sexy/url-pattern That is, map both /sexy* and /sexy to the servlet. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGsP019CaO5/Lv0PARAmwEAJ9HU8lAnNcIR7RqbeQLvfTdE/4kIACdHp54 lpCG2nsMLk2h3TITEGMNZmE= =xiSJ -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
MAven-tomcat-plugin
Hi, Can you start two web applications using the same tomcat plugin. My tomcat-maven-plugin works for starting ONE web application. But when I specify two apps, it ignores the application which is not being built in the current directory but whose path I have given as follows in the plugin groupIdorg.codehaus.mojo/groupId artifactIdtomcat-maven-plugin/artifactId version1.0-SNAPSHOT/version configuration warFilec:/apache-tomcat-6.0.10/webapps/cas.war/warFile warFile./target/SAWebapp.war/warFile servertomcat/server updatetrue/update /configuration Thanks for your help! N -- View this message in context: http://www.nabble.com/MAven-tomcat-plugin-tf4203048.html#a11954885 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat cluster serving ~50 lines of the page when a request hits a stopped webapp for the first time
I'll give it ago first thing tomorrow, well after a cup of tea :) On 8/1/07, Rainer Jung [EMAIL PROTECTED] wrote: hi Ben, could you try the following patch for 1.2.24: http://people.apache.org/~rjung/mod_jk-dev/patches/fail-on-status.patch I guess you can build the module yourself (it's easy: configure --with-apxs=PATHTOAPXS; make; make install). Now simply download the source of 1.2.24 and use the patch command to add the above file as a patch. Then build and retest. If you really can't build it yourself let me know. The patch is not well tested, don't go straight to production with it :) Regards, Rainer ben short wrote: Sure for stable operation, but what if the machine reboots, tomcat starts up and your webapp doesn't for some reason. This situation could occur then. Many thanks for your help with this one. Regards Ben On 8/1/07, Rainer Jung [EMAIL PROTECTED] wrote: Hi Ben, I think I understand the problem now, and it is a jk bug. For stable operation you should really use the disable/stop feature. Nevertheless I'm starting thinking about how to fix this in a good way. The bug has to do with the new fail on status feature you use. It is not very old, so we didn't experience the bug before. Stay tuned ... Regards, Rainer - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Forwarding based on URI's in Tomcat
I tried servlet-nameaction/servlet-name url-pattern/mymodule/sexy*/url-pattern url-pattern/mymodule/sexy/url-pattern url-pattern/sexy*/url-pattern url-pattern/sexy/url-pattern and none of it seems to work. --- Christopher Schultz [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mon, Mon Cab wrote: url-pattern/sexy*/url-pattern I believe that the pattern /sexy* does not match when the * matches nothing. I think that * acts like + in a regular expression. You might want: servlet-nameaction/servlet-name url-pattern/mymodule/sexy*/url-pattern url-pattern/mymodule/sexy/url-pattern That is, map both /sexy* and /sexy to the servlet. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGsP019CaO5/Lv0PARAmwEAJ9HU8lAnNcIR7RqbeQLvfTdE/4kIACdHp54 lpCG2nsMLk2h3TITEGMNZmE= =xiSJ -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Be a better Globetrotter. Get better travel answers from someone who knows. Yahoo! Answers - Check it out. http://answers.yahoo.com/dir/?link=listsid=396545469 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Forwarding based on URI's in Tomcat
On 8/1/07, Mon Cab [EMAIL PROTECTED] wrote: and none of it seems to work. Honestly, this sounds like a job for UrlRewriteFilter -- http://tuckey.org/urlrewrite/ Worth a look, anyway :-) -- Hassan Schroeder [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How do I use tomcat5w.exe with a service name other than Tomcat5?
rmiller [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I have multiple instances of Tomcat installed as services with different service names. The tomcat5w.exe utility seems to work only with the default service name Tomcat5. I can't find any documentation on this utility. How do I pass another service name into the utility? Such as it is, the documentation is at http://commons.apache.org/daemon/procrun.html under the 'prunmgr' section. The short version is that you can either copy the file to 'servicenameW.exe' and invoke with no arguments, or invoke it as 'tomcat5w //ES//servicename'. Thanks, Ron -- View this message in context: http://www.nabble.com/How-do-I-use-tomcat5w.exe-with-a-service-name-other-than-Tomcat5--tf4201616.html#a11950506 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
no authentication with mod_jk-1.2.24
Hello, I just upgraded from mod_jk-1.2.19 to 1.2.24 using the available Solaris binary. I didn't change any of the configuration files in the process. But now I can't access the Tomcat Manager via the connector since my browser no longer prompts me for username/password information and so I get an error code of 401. (Log: No body with status=401 for worker=ajp13) I get prompted just fine if I go directly to Tomcat. Also, other servlets work fine via the connector. Thanks. -Leif Neve - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Forwarding based on URI's in Tomcat
Christopher Schultz [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mon, Mon Cab wrote: url-pattern/sexy*/url-pattern I believe that the pattern /sexy* does not match when the * matches nothing. I think that * acts like + in a regular expression. You might want: servlet-nameaction/servlet-name url-pattern/mymodule/sexy*/url-pattern url-pattern/mymodule/sexy/url-pattern That is, map both /sexy* and /sexy to the servlet. Nope, /sexy* is an exact-match pattern to a URL that is literally /myapp/sexy*. The servlet-spec doesn't implement arbitrary regex patterns, only the ones specified. In this case you need to have the url-pattern to be /sexy/* to get a prefix match. And, yes, this will match to a URL of /myapp/sexy (with an empty pathInfo). - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGsP019CaO5/Lv0PARAmwEAJ9HU8lAnNcIR7RqbeQLvfTdE/4kIACdHp54 lpCG2nsMLk2h3TITEGMNZmE= =xiSJ -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat with/without Tomcat native library
Mladen Turk [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Petr Sumbera wrote: Hi Bill and all, not sure what is the right way for comparison between using and not using APR. I tried Apache ab tool like this: ab -c 4 -n 1 http://localhost:8080/favicon.ico And I don't see any difference. Actually it might be little bit slower with APR. The file size is 21630, so it should use sendfile then (well actually our APR doesn't use sendfile at the moment as far as I know). The purpose of APR is to change the model from thread-per-connection to thread-per-request. This means it will behave much faster when you have 1000 concurrent clients using Keep-Alive (HTTP 1.1). I agree with Mladen here. Your test is artificial, so under most systems the non-APR connector will win (since you only have 4 clients connecting to TC). And since you haven't specified '-k' to ab, you are really testing connection speed, which isn't realistic. On Solaris, having a 1000 threads blocking on input isn't that big of a deal, so I'm not sure about the much faster claim, but I haven't profiled Tomcat lately :). In that case you'll be able to serve them all with lower number of maxThreads. So, try to use the 'normal' test tool instead a brute force one like 'ab' that will reflect the real load to your boxes. I mean, the ab (Apache Bench) is a DoS tool, right ;) When I was profiling, I used JMeter and 500 clients with about a one minute ramp-up time (I don't care about how it handles an accept flood), and about a 5-10 second delay between requests (I don't have the script I used anymore, so I don't remember the exact value). Also, if you use JMeter, use the HttpClient Sampler or configure the java.net Sampler to use a bigger than default pool, since by default the java.net Sampler doesn't scale up to this level (skewing the results). Also interesting would be to use a longer connectionTimeout on the Connector / and longer delays between requests. But for a good comparision, make sure that the maxThreads attribute on the Connector / is large enough to handle the lode. Regards, Mladen. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
CVE-2007-3384: XSS in Tomcat cookies example
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CVE-2007-3384: XSS in Tomcat cookies example Severity: Low (Cross-site scripting) Vendor: The Apache Software Foundation Versions Affected: 3.3 to 3.3.2 Description: When reporting error messages, Tomcat does not filter user supplied data before display. This enables an XSS attack. Mitigation: Remove examples web application. Apply patch available from http://tomcat.apache.org/download-33.cgi Credit: This issue was discovered by Tomasz Kuczynski, Poznan Supercomputing and Networking Center, who worked with the CERT/CC to report the vulnerability. Example: http://localhost:8080/examples/servlet/CookieExample populate Name or Value field with: scriptalert('XSS reflected');/script and submit. References: http://tomcat.apache.org/security.html -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGsU0Vb7IeiTPGAkMRAoiwAJ4iETiZnDPLKM0v69YZ/FaIhGS8GwCgt+ux FB0O3FigwHs+A8pP98+gRiA= =VePF -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]