Re: Tomcat error, with Scalix
Christopher Schultz wrote: Okay. Using RPM, you ought to be able to figure out version numbers and stuff, though. I'd bet that mod_jk has its own RPM package, but I couldn't tell you what it's called. Try listing all packages and search for jk or something. Another thing you can do is find the mod_jk.so binary and run this on it: $ strings /path/to/mod_jk.so | grep mod_jk/ OK, couldn't get the info using rpm so with strings I go the following. mod_jk/1.2.14 I'm not sure what my shared memory file is, but I've search through my httpd.conf and the only reference to shared memory file is the line. SSLSessionCache shmcb:/var/lib/apache2/ssl_scache Right. That's obviously not the error occurring in mod_jk. Let's keep looking. I've checked and this file does NOT exist, should I touch it with the correct ownership/permissions? Not yet. Does the directory exist, and just not the file? If so, maybe you should create the file. Ok, the directory does exist, but the file doesn't, I'm not using SSL, so I'm guessing that this won't affect it much. Include /etc/opt/scalix-tomcat/connector/jk/instance-*.conf Include /etc/opt/scalix-tomcat/connector/jk/app-mail.*.conf JkWorkerProperty worker.mail.type=ajp13 JkWorkerProperty worker.mail.host=mail.ahost.co.za JkWorkerProperty worker.mail.port=8009 JkWorkerProperty worker.mail.lbfactor=50 JkWorkerProperty worker.mail.cachesize=10 JkWorkerProperty worker.mail.cache_timeout=600 JkWorkerProperty worker.mail.socket_keepalive=1 JkWorkerProperty worker.mail.recycle_timeout=300 Include /etc/opt/scalix-tomcat/connector/jk/workers.conf JkWorkerProperty worker.list=mail Can you tell me if anything interesting lives in either of those two include files? It's possible the that shared memory configuration is in there. I've searched through all the files in that directory and can't find anything relating to shared memory, the only thing that slightly resembles it is cachesize=10 Thanks Christopher. Regards. Neil -- This email and all contents are subject to the following disclaimer: http://www.dcdata.co.za/emaildisclaimer.html - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat6 + NIO connectors + AJP/mod_proxy_ajp
Hello Everyone! I am currently using Tomcat 6 to serve all my dynamic requests ( mostly ajax ) and Apache frontend to serve static files. ( The existing connection from apache to tomcat is using mod_jk ). I have couple of questions 1) I read that NIO connectors are way better that normal HTTP connector. But since http frontend server ( apache/lighthttpd) uses ajp connectors to connect to tomcat, is there a NIO version for the ajp connector ( that runs on port 8009 ) also ? 2) Based on 1), which is a better way to achieve the connection from apache/lighthttpd to tomcat a) Using mod_jk ( not sure how to achieve this using lighthttpd ) OR b) Using mod_proxy_ajp ( Again not sure what the equivalent is in lighthttpd ) The constraint that I have right now is that I have only one server :( So it is not possible to make tomcat a standalone ( since I want apache/lighthttpd to serve the static files ). Thanks! Rakesh
RE: Start tomcat without Connector
Chris, I'm making a kind of framework for my company, it must be able to measure the time tomcat needs to compile the jsp's. this enables us to optimize more accurate. But, about starting tomcat etc. I am at a point that tomcat starts gracefully without connector, but the jsp's and Servlets don't have a wrapper. When I execute a request, like /index.jsp (which exists of course ;) ) then I get this error: SEVERE: Allocate exception for servlet null javax.servlet.ServletException: No servlet class has been specified for servlet null at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1016) this is not the complete stacktrace. Do you have an idea how I can solve this problem? Auke -Oorspronkelijk bericht- Van: Christopher Schultz [mailto:[EMAIL PROTECTED] Verzonden: maandag 22 oktober 2007 22:07 Aan: Tomcat Users List Onderwerp: Re: Start tomcat without Connector -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Auke, Auke Noppe wrote: Is it possible to start an instance of (embedded)tomcat without connector, and to invoke pages through the context.invoke(request, response) method? Do you mind describing a scenario where this is useful? The only thing I can think of is that JSPs might be easier to write than real Java, and you want to allow your programmers to write JSP instead of Java, but not use it in a web context. That sounds totally backward to me (but I've heard crazier schemes), so I'm wondering what the motivation is. My experience with Tomcat (non-embedded) is that if the connectors fail to start, Tomcat itself shuts down. My guess is that there's a check for useful connectors, and if there are none, Tomcat shuts down. I could be totally wrong. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHHQL59CaO5/Lv0PARAihfAJ9ScHeDf3Db4O08MUrktTjV0aq2iwCgq2nI qso401jWy/diffX0RA8OasA= =yYBc -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.15.6/1086 - Release Date: 22-10-2007 19:57 No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.15.6/1086 - Release Date: 22-10-2007 19:57 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Start tomcat without Connector
Thanks for your reply. Do you know what method really applies the mapping? And, is it possible to make my own implementation of the mapping digester(?)? Regards, Auke -Oorspronkelijk bericht- Van: news [mailto:[EMAIL PROTECTED] Namens Bill Barker Verzonden: dinsdag 23 oktober 2007 3:27 Aan: users@tomcat.apache.org Onderwerp: Re: Start tomcat without Connector It is possible, but not easy. The Connector is integrated pretty tightly with the Catalina code now. In particular, you can't just call the invoke method on the Context, since the mappings are done via the Connector. It will probably be easier to create a Connector using the MemoryProtocolHandler (in org.apache.coyote.memory). You're code can get a reference to it by calling getProtocolHandler() on the Connector, and then feed your request through the process method of MemoryProtocolHandler. Auke Noppe [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi there, Is it possible to start an instance of (embedded)tomcat without connector, and to invoke pages through the context.invoke(request, response) method? I have written a small application which starts embedded tomcat with a server, engine, host and context, but without connector. And the application invokes the invoke method of the context. But I don’t get a response back. public void startTomcat() throws LifecycleException { embedded = new Embedded(); engine = embedded.createEngine(); engine.setName(Catalina); host = embedded.createHost(localhost, getPath() + /webapps); engine.addChild(host); context = embedded.createContext(, C:/stage_auke/workspace/trunk/web); context.setPrivileged(false); host.addChild(context); String config = host.getConfigClass(); ((StandardContext)context).setDefaultWebXml(getPath()+/conf/web.xml); context.setAvailable(true); embedded.addEngine(engine); embedded.start(); } The other method calls context.invoke with a filled request and response. Anyone an idea? Regards, Auke No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.488 / Virus Database: 269.15.5/1084 - Release Date: 21-10-2007 15:09 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.15.6/1086 - Release Date: 22-10-2007 19:57 No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.15.6/1086 - Release Date: 22-10-2007 19:57 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Why DefaultServlet listing does not work
Hello. I have the following servlet definition: servlet servlet-nameListings/servlet-name servlet-classorg.apache.catalina.servlets.DefaultServlet/servlet-class init-param param-namedebug/param-name param-value0/param-value /init-param init-param param-namelistings/param-name param-valuetrue/param-value /init-param load-on-startup1/load-on-startup /servlet servlet-mapping servlet-nameListings/servlet-name url-pattern/listings/url-pattern /servlet-mapping It did say resource not available until I created a directory `listings' in the application directory. Then it become to show an empty directory listing. I then created various files in the directory, but the directory listing was still empty, even after page reload. What did I wrong? Best regards, Artur - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: All threads busy + OutOfMemoryError
Hi, have a look at this blog: https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/wlg/6433 Perhaps you find the described tool (SAP Memory Analyzer) useful for inspecting your memory dump. regards Dirk Original-Nachricht Datum: Tue, 23 Oct 2007 10:43:39 +0200 Von: Peter Bauer [EMAIL PROTECTED] An: Tomcat Users List users@tomcat.apache.org Betreff: All threads busy + OutOfMemoryError Hi all, i thought i had solved the All threads busy problem by implementing a dedicated servlet class for forwarding requests but maybe i was wrong or there is another problem. During a loadtest last night i got the following lines in the catalina.out: 23-Oct-2007 02:24:36 org.apache.tomcat.util.threads.ThreadPool logFull SEVERE: All threads (75) are currently busy, waiting. Increase maxThreads (75) or check the servlet status java.lang.OutOfMemoryError: Java heap space Dumping heap to /var/log/dmc/java_pid29947.hprof ... Heap dump file created [272845160 bytes in 6.892 secs] 23-Oct-2007 02:29:22 org.apache.tomcat.util.threads.ThreadPool$ControlRunnable run SEVERE: Caught exception (java.lang.OutOfMemoryError: Java heap space) executing [EMAIL PROTECTED], terminating thread java.lang.OutOfMemoryError: Java heap space As you can see a dumpfile of the heap has been created. Additionally the exceptions can be found in the attached localhost_log file. I already opened the dumpfile in Yourkit 7.0 but i have no clue how such a dump normally looks like and how to search a memory leak. Maybe someone could give me a hint how to track down the potential Memory Leak. I attached the files, please take a look at them. The compresses heapdump file has about 5MB so i cannot send it to the mailing list, but can send it directly if somebody needs it. thx, Peter -- Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Unit Testing DataSourceRealm
Hi, We have to add functionality to the provided realms. We started with a JDBCRealm, extended it and added our custom functionality. Now I've changed from a JDBCRealm (as the super class) to a DataSourceRealm as the super class. The problem is - how can I unit test a DataSourceRealm outside of the tomcat container? With the extended jdbc realm it was simple to inject the jdbc driver class name etc in the setUp, but with the DataSourceRealm, I cannot create an InitialContext without either using the tomcat container itself (a bit of overkill for a unit test), or using suns fscontext, but that doesn't even seem to be available (certainly not via any m2 repos) So any ideas? Kev - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Why DefaultServlet listing does not work
You want listsings=true in web.xml contained in $CATALINA_HOME/conf/web.xml -Tim Artur Rataj wrote: Hello. I have the following servlet definition: servlet servlet-nameListings/servlet-name servlet-classorg.apache.catalina.servlets.DefaultServlet/servlet-class init-param param-namedebug/param-name param-value0/param-value /init-param init-param param-namelistings/param-name param-valuetrue/param-value /init-param load-on-startup1/load-on-startup /servlet servlet-mapping servlet-nameListings/servlet-name url-pattern/listings/url-pattern /servlet-mapping It did say resource not available until I created a directory `listings' in the application directory. Then it become to show an empty directory listing. I then created various files in the directory, but the directory listing was still empty, even after page reload. What did I wrong? - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: how to submit
I'd suggest reading these first.. http://tomcat.apache.org/faq/bugs.html http://tomcat.apache.org/bugreport.html http://tomcat.apache.org/faq/ -Tim Carlo Politi wrote: Good day, I would like to know if it's possible submit an add on to Apache Tomcat, which are the steps or whom contact. Thanks - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
setting up two tomcat instance on a single machine
Hello, Please help me to set up two tomcat on single machine. i mean tomcat 51 and tomcat 52. i have created two directories of tomcat 51 and 52. now in server.xml of both the tomcat i have done some changes on server port and on JK2 Connector side. is it enough..please help me know more about the cluster part in server.xml part of tomcat. -- Sunil
Re[2]: how to submit
Thanks Tim but i have not to submit a bug, just only a new kind of authenticator. I don't know if it's possible to submit to ASF, I have tried to read the steps for incubation but it seems too hard... In data martedì 23 ottobre 2007, alle ore 13.12, hai scritto: TF I'd suggest reading these first.. TF http://tomcat.apache.org/faq/bugs.html TF http://tomcat.apache.org/bugreport.html TF http://tomcat.apache.org/faq/ TF -Tim TF Carlo Politi wrote: Good day, I would like to know if it's possible submit an add on to Apache Tomcat, which are the steps or whom contact. Thanks -- Carlo Politi eMail: [EMAIL PROTECTED] WebPage: http://politi.carlo.googlepages.com
Re: Why DefaultServlet listing does not work
Is not the listings option in apps' web.xml enough? I wanted the app to decide if it allows listings of its servlet. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re[2]: how to submit
In data martedì 23 ottobre 2007, alle ore 14.38, hai scritto: TF It would be a bugzilla request marked as an ENHANCEMENT TF -Tim mmm, i will try this -- Carlo Politi eMail: [EMAIL PROTECTED] WebPage: http://politi.carlo.googlepages.com
RE: setting up two tomcat instance on a single machine
Hi, Do you want to implement clustering or just load balancing? Is 5.1 and 5.2 the versions of Tomcat? If so, why are you using different versions to set up clustering? -Original Message- From: sunil chandran [mailto:[EMAIL PROTECTED] Sent: terça-feira, 23 de Outubro de 2007 12:23 To: Tomcat Users List Subject: setting up two tomcat instance on a single machine Hello, Please help me to set up two tomcat on single machine. i mean tomcat 51 and tomcat 52. i have created two directories of tomcat 51 and 52. now in server.xml of both the tomcat i have done some changes on server port and on JK2 Connector side. is it enough..please help me know more about the cluster part in server.xml part of tomcat. -- Sunil - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat error, with Scalix
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Neil, Neil Wilson wrote: Christopher Schultz wrote: Okay. Using RPM, you ought to be able to figure out version numbers and stuff, though. I'd bet that mod_jk has its own RPM package, but I couldn't tell you what it's called. Try listing all packages and search for jk or something. Another thing you can do is find the mod_jk.so binary and run this on it: $ strings /path/to/mod_jk.so | grep mod_jk/ OK, couldn't get the info using rpm so with strings I go the following. mod_jk/1.2.14 You probably ought to upgrade. 1.2.14 is pretty old: the current version is 1.2.25. You can look at the changelog at http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html to see if anything important changed for you (and might break a delicate configuration). You can find out which package included mod_jk.so by using rpm to search for it. I don't have any systems handy that have RPM on them anymore, so you'll have to poke around the man page to find out how you can say which package owns this file?. You might have to upgrade Tomcat (d'oh!) in order to get the upgraded mod_jk. You could always compile it yourself if necessary. I've checked and this file does NOT exist, should I touch it with the correct ownership/permissions? Not yet. Does the directory exist, and just not the file? If so, maybe you should create the file. Ok, the directory does exist, but the file doesn't, I'm not using SSL, so I'm guessing that this won't affect it much. Well, the error you're getting is from mod_jk and doesn't have anything to do with SSL. mod_jk uses shared memory (I think) for it's status worker. It's not really necessary to get it working (mine was giving me the same startup error, but with no other adverse effects). I've searched through all the files in that directory and can't find anything relating to shared memory, the only thing that slightly resembles it is cachesize=10 No, that's a worker-specific setting (which has been deprecated in newer versions of the library, btw). Unless you are using threaded Apache (worker, not pre-fork), this setting is useless (see the docs). The docs suggest that setting this higher than 1 on Apache 1.3 or Apache 2.x prefork is a bad idea. It's possible that this could be affecting you. You might want to remove this setting for now. JkWorkerProperty worker.mail.lbfactor=50 Are you using a load-balanced configuration? If not, remove this directive. JkWorkerProperty worker.mail.cache_timeout=600 Like cacheize, this directive has been deprecated (with a replacement) in newer versions of the library. JkWorkerProperty worker.mail.recycle_timeout=300 Like cacheize, this directive has been deprecated (with a replacement) in newer versions of the library. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHHfyA9CaO5/Lv0PARAnXxAJ9+gzxkRbDOfNl3yGgThyIpF8ik/ACcCCRW LMJz17a/w2fe/M7cZ293C5Q= =sRsp -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: setting up two tomcat instance on a single machine
i have version 5.1 of tomcat . i wanted clustering ... can u tell me clustering of tomcat without creating more than one tomcat directory. i have seen somewhere that there exists two server.xml files for each instance in one single directory of tomcat 5. how can i implement it here . also tell me what to do when it comes to load balancing . i have set up one tomcat5 and its working fine. i want to know how can i create two instance . my ultimate aim is load balancing . but it will be fine if i know both the methods individually. please help me forward. On 10/23/07, Nuno Manuel Martins [EMAIL PROTECTED] wrote: Hi, Do you want to implement clustering or just load balancing? Is 5.1 and 5.2 the versions of Tomcat? If so, why are you using different versions to set up clustering? -Original Message- From: sunil chandran [mailto:[EMAIL PROTECTED] Sent: terça-feira, 23 de Outubro de 2007 12:23 To: Tomcat Users List Subject: setting up two tomcat instance on a single machine Hello, Please help me to set up two tomcat on single machine. i mean tomcat 51 and tomcat 52. i have created two directories of tomcat 51 and 52. now in server.xml of both the tomcat i have done some changes on server port and on JK2 Connector side. is it enough..please help me know more about the cluster part in server.xml part of tomcat. -- Sunil - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Sunil
RE: setting up two tomcat instance on a single machine
From: sunil chandran [mailto:[EMAIL PROTECTED] Subject: Re: setting up two tomcat instance on a single machine i have version 5.1 of tomcat . There's no such version; what do you really have? Also note that mod_jk2 has been deprecated for over two years, so you shouldn't be attempting to use that at all. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Start tomcat without Connector
Hi, I have the app working. But I want to set some attributes on the session (like a user). Does anyone knows how I can get to the HttpSession? I tried to create a org.apache.catalina.connector.Request via connector.createRequest() and invoke the request.getSession() method, but I always receive null from the request. The manager of the context is empty I found out. Should it not be instantiated/set during startup? I there another way to get a reference of a HttpSession? Regards, Auke -Oorspronkelijk bericht- Van: news [mailto:[EMAIL PROTECTED] Namens Bill Barker Verzonden: dinsdag 23 oktober 2007 3:27 Aan: users@tomcat.apache.org Onderwerp: Re: Start tomcat without Connector It is possible, but not easy. The Connector is integrated pretty tightly with the Catalina code now. In particular, you can't just call the invoke method on the Context, since the mappings are done via the Connector. It will probably be easier to create a Connector using the MemoryProtocolHandler (in org.apache.coyote.memory). You're code can get a reference to it by calling getProtocolHandler() on the Connector, and then feed your request through the process method of MemoryProtocolHandler. Auke Noppe [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi there, Is it possible to start an instance of (embedded)tomcat without connector, and to invoke pages through the context.invoke(request, response) method? I have written a small application which starts embedded tomcat with a server, engine, host and context, but without connector. And the application invokes the invoke method of the context. But I don’t get a response back. public void startTomcat() throws LifecycleException { embedded = new Embedded(); engine = embedded.createEngine(); engine.setName(Catalina); host = embedded.createHost(localhost, getPath() + /webapps); engine.addChild(host); context = embedded.createContext(, C:/stage_auke/workspace/trunk/web); context.setPrivileged(false); host.addChild(context); String config = host.getConfigClass(); ((StandardContext)context).setDefaultWebXml(getPath()+/conf/web.xml); context.setAvailable(true); embedded.addEngine(engine); embedded.start(); } The other method calls context.invoke with a filled request and response. Anyone an idea? Regards, Auke No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.488 / Virus Database: 269.15.5/1084 - Release Date: 21-10-2007 15:09 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.15.6/1086 - Release Date: 22-10-2007 19:57 No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.15.6/1086 - Release Date: 22-10-2007 19:57 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Rebooting server under program control
David kerber wrote: What would I need to do to give me the ability to reboot a windows 2003 server machine under the control of my TC 5.5 app (JRE 1.5)? Is there a java system call I can use, or do I need to call an external routine/script to accomplish this? I would be surprised if there was a standard Java function that shuts down a machine. On Win XP there's shutdown.exe which you could call via Runtime#exec. My bet would be that shutdown.exe comes with Win 2003 too. Regards mks - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Rebooting server under program control
Markus Schönhaber wrote: David kerber wrote: What would I need to do to give me the ability to reboot a windows 2003 server machine under the control of my TC 5.5 app (JRE 1.5)? Is there a java system call I can use, or do I need to call an external routine/script to accomplish this? I would be surprised if there was a standard Java function that shuts down a machine. That was my suspicion when googling turned up absolutely nothing. On Win XP there's shutdown.exe which you could call via Runtime#exec. My bet would be that shutdown.exe comes with Win 2003 too. Thanks for the suggestion! Regards mks D - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [ANN] Apache Tomcat 5.0.x no longer supported
The Apache Tomcat team wishes to announce that Tomcat 5.0.x will no longer be supported. Users are encouraged to upgrade to the latest stable 6.x release or, if that is not practical, the latest stable 5.5.x for continued support. I found it. I was supprised that tomcat 5.0 documents suddenly disappeared, but this is the reason. As long as I understand, there was no alert about it beforehand. A lot of tomcat 5.0 users will be at a loss because they are not ready for this announcement. I hope at least the documents will be on the site for the time being. And is it possible to obtain the sources and binaries from now on? Best Regards, Kazu Nambo -- View this message in context: http://www.nabble.com/-ANN--Apache-Tomcat-5.0.x-no-longer-supported-tf4674554.html#a13366347 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: application-managed security model and isUserInRole getRemoteUser
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Stephen, Stephen More wrote: On 10/12/07, Christopher Schultz wrote: Yes, this is how to do it. If you don't want to do it yourself, you can use securityfilter (http://securityfilter.sourceforge.net), which has already been written. Thanks, securityfilter is a great example. Sure. Actually, this thread motivated me to start talking to the author, and I'm now a maintainer for the project. Hopefully, I'll be able to re-vamp the documentation, re-factor some code and start adding features. (!) ?? - stick with container-based security and find a way to make cookies for Remember Me work. I think you're out of luck, here, too. I think I found a way to make it work, but it is too difficult. I looked into securityfilter 2.0, and it looks like the remember me capability actually /is/ in there, in contrast to the documentation. It's possible that it doesn't work properly, or that it is not fully tested. You can create your own org.apache.catalina.authenticator to look at cookies, but it requires making changes to catalina.jar. I prefer to stick with war files so I will go with application based security. I agree. securityfilter is designed to provide the app-based security for you... it's supposed to live in your webapp, not in the container. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHHiRW9CaO5/Lv0PARAqSiAJ0QUjk47q7YTptk7dtUUBfLJ8LAywCgkNhc 3VPT5uptLbbLeOOwC+7q4f8= =x4KD -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: setting up two tomcat instance on a single machine
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sunil, sunil chandran wrote: Actually my version is Jakarata-tomcat-5.0.28 i am using mod_jk2 ..i know its deprecated but my production environment still has it..so i need to go forward with it. Upgrading from mod_jk2 to mod_jk is really the way to go. Testing shouldn't take too long: mod_jk is fairly easy to configure. There are many cases where mod_jk2 simply does not work. You really need to upgrade. anyway after hearing lot of warning from you friends in this forum , i have requested it to the top division team. Fortunately, it doesn't change anything about your application. It's just glue. You can also run mod_jk and mod_jk2 at the same time if it's absolutely necessary (for another project, for instance, that refuses to upgrade). but please help me forward with it now.. Nobody will help you with mod_jk2. That's what it means to be unsupported. Note that support for Tomcat 5.0 was just dropped, too. Sounds like a bad day for you :( - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHHiYM9CaO5/Lv0PARAsWrAJ9SgDWyLWjuXjVUqorm3Ap/5jVW1gCgqU8D 0ZhLgLJg4S1RZgl1SqgeknA= =ts0m -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Rebooting server under program control
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David, David kerber wrote: On Win XP there's shutdown.exe which you could call via Runtime#exec. My bet would be that shutdown.exe comes with Win 2003 too. Thanks for the suggestion! Don't forget that a machine can always stay up when it's been requested to go down. You might want to have some external program that orchestrates this process: it tells your app to attempt to reboot the server, then it watches. If the server goes down and comes back up on a reasonable schedule (you decide), it's a success. Otherwise, flip the power on your power device (you /do/ have a controllable power device, don't you?!), wait a few seconds and flip the power back on. You should always have a cold-restart capability in the event that the hot-restart fails. Otherwise, you end up with machines that are stuck in shutdown mode, but are never shutting down. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHHibR9CaO5/Lv0PARAl9rAKCgh/0nCM6rBCLNsuTbuLpC29yaLACfeK9A fsDfJhSwpE/pT9JoVm7xHWs= =UyTK -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 5.5.20 and client certs, not working (browser is not sending the cert to the server)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Werner, Is it possible that the problem is with your cert? Your tomcat cert: Owner: CN=192.168.1.34, OU=MYOU, O=MYORG, L=MYCITY, ST=MYSTATE, C=MY Issuer: CN=192.168.1.34, OU=MYOU, O=MYORG, L=MYCITY, ST=MYSTATE, C=MY Your error in FF: FF: Could not establish an encrypted connection because your certificate was rejected by localhost. Error code : -12271. 192.168.1.34 != localhost. Maybe the browsers are being picky. Did you get a cert warning in step 3 because the domain name didn't match the server cert? If so, it's possible that the client certs aren't being sent because of the domain mismatch. (Apologies if my questions make no sense whatsoever... I know nothing about client certs... I thought they had to be signed by the server's key but what do I know?) - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHHigw9CaO5/Lv0PARAiTWAKCh0Aoa0G/3sbPGtXqof/h5DsEHoQCePvgi xyRoxA2jisZF3n7ShdmDeXE= =eVJ8 -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Rebooting server under program control
Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David, David kerber wrote: On Win XP there's shutdown.exe which you could call via Runtime#exec. My bet would be that shutdown.exe comes with Win 2003 too. Thanks for the suggestion! Don't forget that a machine can always stay up when it's been requested Yes, I've been bitten by that before. to go down. You might want to have some external program that orchestrates this process: it tells your app to attempt to reboot the server, then it watches. If the server goes down and comes back up on a reasonable schedule (you decide), it's a success. Otherwise, flip the power on your power device (you /do/ have a controllable power device, That's why we buy the more-expensive UPS's... don't you?!), wait a few seconds and flip the power back on. You should always have a cold-restart capability in the event that the hot-restart fails. Otherwise, you end up with machines that are stuck in shutdown mode, but are never shutting down. - -chris - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
sun-web.xml file in Tomcat
Hi, I need to make my applications function in both Tomcat and Glassfish. In Tomcat the context root is simply the path in the context declaration in server.xml. In Glassfish, the default is the application name. In order to get Glassfish to assign the correct context root I have included a file called sun-web.xml in WEB-INF along with the standard web.xml. My question is: will this file which Tomcat doesn't know anything about cause any problems with Tomcat or will Tomcat simply ignore it? Thanks, Rob - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: sun-web.xml file in Tomcat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rob, Rob Tanner wrote: I need to make my applications function in both Tomcat and Glassfish. In Tomcat the context root is simply the path in the context declaration in server.xml. In Glassfish, the default is the application name. In order to get Glassfish to assign the correct context root I have included a file called sun-web.xml in WEB-INF along with the standard web.xml. My question is: will this file which Tomcat doesn't know anything about cause any problems with Tomcat or will Tomcat simply ignore it? Tomcat should ignore this file. I'm guessing that the Glassfish and Tomcat devs both know about each others' app-server-specific config files, and try not to step on each others' toes. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHHkSi9CaO5/Lv0PARAhhcAKCAlL60hdMi4qbZ/hQxdOE3JPk3vwCfR+q7 5uoDWxgHrzKV3bDZ40j9szk= =gC/3 -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Fwd: How can I ensure that client access servlets via HTTPS?
I would appreciate if you answer the question bellow thanks -- Forwarded message -- From: alla winter [EMAIL PROTECTED] Date: Oct 22, 2007 2:48 PM Subject: How can I ensure that client access servlets via HTTPS? To: users@tomcat.apache.org I would appreciate if you give me a suggestion how to enforce clients to access servlet through SSL for TOMCAT 5.2.25 and JDK 1.5.0_12. ( The TOMCAT is set up for SSL with APR 1.9 and I can access it via HTTPS) I was thinking that I can accomplish that with the following: security-constraint web-resource-collection web-resource-nameview dept data/web-resource-name url-pattern/cobra_source/servlet/servlet/com.cobrasource.servlets.InitiatorServlet/url-pattern http-methodGET/http-method http-methodPOST/http-method /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint However, it doesn't make any difference and I can access this servlet via HTTP . Could that be that I do not have user role? But I have a different method for authentication that is conducted outside of TOMCAT. Am I missing something or there is something else that I can do ? Thanks for your help
RES: How can I ensure that client access servlets via HTTPS?
I think you could configure your server so that the 80 port is not available, only the 443 one. Programaticaly, you can invoke the request.isSecure() method to check whether your request uses https. -Mensagem original- De: alla winter [mailto:[EMAIL PROTECTED] Enviada em: terça-feira, 23 de outubro de 2007 17:02 Para: users@tomcat.apache.org Assunto: Fwd: How can I ensure that client access servlets via HTTPS? I would appreciate if you answer the question bellow thanks -- Forwarded message -- From: alla winter [EMAIL PROTECTED] Date: Oct 22, 2007 2:48 PM Subject: How can I ensure that client access servlets via HTTPS? To: users@tomcat.apache.org I would appreciate if you give me a suggestion how to enforce clients to access servlet through SSL for TOMCAT 5.2.25 and JDK 1.5.0_12. ( The TOMCAT is set up for SSL with APR 1.9 and I can access it via HTTPS) I was thinking that I can accomplish that with the following: security-constraint web-resource-collection web-resource-nameview dept data/web-resource-name url-pattern/cobra_source/servlet/servlet/com.cobrasource.servlets.InitiatorServlet/url-pattern http-methodGET/http-method http-methodPOST/http-method /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint However, it doesn't make any difference and I can access this servlet via HTTP . Could that be that I do not have user role? But I have a different method for authentication that is conducted outside of TOMCAT. Am I missing something or there is something else that I can do ? Thanks for your help - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: RES: How can I ensure that client access servlets via HTTPS?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Marcus, Milanez, Marcus wrote: I think you could configure your server so that the 80 port is not available, only the 443 one. Programaticaly, you can invoke the request.isSecure() method to check whether your request uses https. Or, better yet, you can use transport-guarantee in your web.xml file: no need to change your code to check for SSL and no need to bet on port 443 always being HTTPS. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHHkod9CaO5/Lv0PARAjy7AJ49bKnjJMhn1HRDNYaKkycMdESMbgCgwML9 yp4LD9VBs50ij5zd57ZKF4s= =b3Qt -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: sun-web.xml file in Tomcat
Thanks!! Christopher Schultz said the following on 10/23/2007 11:59 AM: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rob, Rob Tanner wrote: I need to make my applications function in both Tomcat and Glassfish. In Tomcat the context root is simply the path in the context declaration in server.xml. In Glassfish, the default is the application name. In order to get Glassfish to assign the correct context root I have included a file called sun-web.xml in WEB-INF along with the standard web.xml. My question is: will this file which Tomcat doesn't know anything about cause any problems with Tomcat or will Tomcat simply ignore it? Tomcat should ignore this file. I'm guessing that the Glassfish and Tomcat devs both know about each others' app-server-specific config files, and try not to step on each others' toes. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHHkSi9CaO5/Lv0PARAhhcAKCAlL60hdMi4qbZ/hQxdOE3JPk3vwCfR+q7 5uoDWxgHrzKV3bDZ40j9szk= =gC/3 -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat mixes sessions?
Hello everyone, I've got a really serious issue with session handling in my web application. Some of my users complain that after they login into the app, they actually see someone else's data! Personally, I have never managed to replicate this, and most of the users seem to be perfectly happy. So this is rare, but really bad as this is a financial application... I have really run out of things to check as this happens on two separate versions of the application, the newer, current one coded from scratch and running on Tomcat 5.5, the older was on top of 5.0.27. The new one is also behind Apache through mod_jk, old one was standalone. The application itself is nothing fancy. The login controller hits the database, puts a user key in session with some user-specific data, and after that, a front filter checks for the existence of the key for login-restricted URLs. After that, it's just a matter of getting the username from the session-stored object for subsequent queries. There is no mutable static data anywhere in RAM in the app, all concurrency is handled by the database, and even the session value object contains only the user's info row from the database... so (just for completeness -- it's a Spring controller) essentially on login we do LoginData data = (LoginData) command; // This is a completely trivial one Person p = service.login(data.getUsername(), data.getPassword()); if (p != null) { req.getSession().setAttribute(user, p); req.getSession().setAttribute(prev_session_time, p.getLastlogin()); return new ModelAndView(new RedirectView(/members/ajankohtaista.jsp, true)); } else return showForm(req,res,exp); The only common feature of the error reports is that the offending machines seem to be located on workplace networks or somesuch. Not a single report from a home user yet. Could it be possible that there are two users behind some common proxy that is screwing things up? It's driving me crazy really that session handling is supposedly a simple matter, but apparently it just magically can go horribly wrong... if this was some blatant code bug, one would think it would really jump at you in an obvious way, and there isn't even that much code to screw up :-( TIA for any ideas, Eero Nevalainen ([EMAIL PROTECTED]) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Include of Visual C++ runtime library into tomcat installation on Windows plattform..
The problem is that the DLL is not installed by/for Tomcat, therefore the software does not work. The DLL needs to be installed where Tomcat can find it. It's probably on the disk somewhere just doesn't work. -- Len On 10/22/07, Caldarale, Charles R [EMAIL PROTECTED] wrote: From: Sören Krokfors [mailto:[EMAIL PROTECTED] Subject: FW: Include of Visual C++ runtime library into tomcat installation on Windows plattform.. I have noticed that Tomcat installation does not include the msvcr71.dll Note that the above .dll is included in the current Sun JDK and JRE Windows downloads, so it would seem somewhat redundant for Tomcat to provide one as well. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
tomcat 5.0.25 migration to tomcat 6.0.14
Hello, I apologize if this is the incorrect list to be writing to. Regardless, here is my problem; I have volunteerd to migrate my company from tomcat 5.0.25 to tomcat 6.0.14. All of our webapps, (around 15) are all working perfectly under tomcat 5. I read all that I could find on tomcat 6 before starting this project, and things made sense to me. The biggest discression that I found between t5 and t6 is how contexts are dealt with. Essentially what I have done, is copied the entire contents of the $CATALINA_HOME/webapps directory from a working app server to this upgraded t6 dev server. I copied the t5 server.xml from the working app to the dev, and created the context structure as dictated in the documentation. I removed the contexts from the main server.xml. I kept all of my Host entries in the server.xml, and created $CATALINA_HOME/conf/engine/host/context.xml.default files. After messing with the syntax of the context.xml files and the server.xml file, I finally got the tomcat server to start without any exceptions, and it seems as though its waiting for connections on port 80 -- see below: Oct 23, 2007 5:48:03 PM org.apache.coyote.http11.Http11Protocol init INFO: Initializing Coyote HTTP/1.1 on http-80 Oct 23, 2007 5:48:03 PM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 399 ms Oct 23, 2007 5:48:03 PM org.apache.catalina.core.StandardService start INFO: Starting service Tomcat-Standalone Oct 23, 2007 5:48:03 PM org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/6.0.14 Oct 23, 2007 5:48:05 PM org.apache.coyote.http11.Http11Protocol start INFO: Starting Coyote HTTP/1.1 on http-80 Oct 23, 2007 5:48:05 PM org.apache.catalina.startup.Catalina start INFO: Server startup in 1494 ms From what I can tell the server is waiting for a connection. No exceptions have been thrown to log. When I try to connect to the server however, all I get is a blank page. Running fiddler, I see that I'm getting a HTTP/1.1 400 No Host matches server name xxx.xxx.com The host I'm trying to reach is entered into my local hosts file, and is present on the servers hosts file. DNS resolution of the FQDN i'm trying to go to shouldn't be an issue. I have kept the global context.xml with the defaults that came with the system as I don't want to establish any context values system wide. My context files look like this: Context Insert context paths and resource links here. /Context Can anyone tell me where to look to find out why my t6 server refuses to serve up pages that work under t5? Im out of logged exceptions to troubleshoot. thanks! -dustin
a simple question about Directory structure in Tomcat
Hi all, I'd like to access a servlet, which resides in the following directory: webapps/myApp/WebContent/WEB-INF/classes/myServlet In my web browser I'm typing: http://localhost/myApp/WebContent/servlet //result - the requested resource is not available (I have done the servlet-mapping in web.xml to /servlet) Note that if I move the WebContent directory directly into webapps it works! I can't figure out why if it's one directory deeper it cannot find the servlet. I'll be grateful if you could tell me how to handle this problem... Thanks, P. -- View this message in context: http://www.nabble.com/a-simple-question-about-Directory-structure-in-Tomcat-tf4680899.html#a13375489 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat Process Not Exiting
Hi all, I need some help tracking down why the tomcat process (the actual server) never exits when executing shutdown.sh. I'm pretty sure it's something my webapp is doing but I'm not sure how to get the debugging information to track it down. If I execute startup.sh, wait for startup to finish and then run shutdown.sh - everything exits normally. If I send a request to my webapp though, shutdown.sh runs normally and the Tomcat logs show all the usual shutdown logs but the process never exits. The logs I get both when it works and when it doesn't are: Oct 24, 2007 8:52:00 AM org.apache.coyote.http11.Http11Protocol pause INFO: Pausing Coyote HTTP/1.1 on http-8080 Oct 24, 2007 8:52:01 AM org.apache.catalina.core.StandardService stop INFO: Stopping service Catalina Oct 24, 2007 8:52:02 AM org.apache.coyote.http11.Http11Protocol destroy INFO: Stopping Coyote HTTP/1.1 on http-8080 My main suspect was a non-daemon thread lurking around or a deadlock, but using kill -QUIT I can verify that all the threads are daemon and none of them deadlocked *before* I execute shutdown.sh and afterwards kill -QUIT doesn't have any effect. Any tips on how to work out what's going wrong? Thanks, Adrian Sutton http://www.symphonious.net - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tomcat 5.0.25 migration to tomcat 6.0.14
Dustin Fortin wrote: I apologize if this is the incorrect list to be writing to. No need to apologize, you found the correct place for your question. [...] upgraded t6 dev server. I copied the t5 server.xml from the working app to the dev, I wouldn't do that. [...] Oct 23, 2007 5:48:03 PM org.apache.coyote.http11.Http11Protocol init INFO: Initializing Coyote HTTP/1.1 on http-80 Oct 23, 2007 5:48:03 PM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 399 ms Oct 23, 2007 5:48:03 PM org.apache.catalina.core.StandardService start INFO: Starting service Tomcat-Standalone Oct 23, 2007 5:48:03 PM org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/6.0.14 Oct 23, 2007 5:48:05 PM org.apache.coyote.http11.Http11Protocol start INFO: Starting Coyote HTTP/1.1 on http-80 Oct 23, 2007 5:48:05 PM org.apache.catalina.startup.Catalina start INFO: Server startup in 1494 ms From what I can tell the server is waiting for a connection. No exceptions have been thrown to log. When I try to connect to the server however, all I get is a blank page. Running fiddler, I see that I'm getting a HTTP/1.1 400 No Host matches server name xxx.xxx.com Check whether the value of the defaultHost attribute of Engine corresponds to the name attribute of one of your Hosts. If this is not the case, you may get the result you've seen. What makes me somewhat unsure is you should also see a warning logged at startup. But in the snippet above there is none. Regards mks - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: a simple question about Directory structure in Tomcat
This is by design. WEB-INF is a special directory that must be a direct subdirectory of the webapp's top level. In other words, webapps/myApp/WEB-INF is good. WEB-INF in any other location within your webapp is bad. All this is described in the servlet spec and not tomcat specific. --David pesho318i wrote: Hi all, I'd like to access a servlet, which resides in the following directory: webapps/myApp/WebContent/WEB-INF/classes/myServlet In my web browser I'm typing: http://localhost/myApp/WebContent/servlet //result - the requested resource is not available (I have done the servlet-mapping in web.xml to /servlet) Note that if I move the WebContent directory directly into webapps it works! I can't figure out why if it's one directory deeper it cannot find the servlet. I'll be grateful if you could tell me how to handle this problem... Thanks, P. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat mixes sessions?
Just to be sure. I hope that others have more fruitful thoughts. 1) Do you invalidate the session when the users log out ? 2) I do not like the following fragment: req.getSession().setAttribute(user, p); req.getSession().setAttribute(prev_session_time, p.getLastlogin()); It might be better to write HttpSession session = req.getSession(); synchronized(session) { session.setAttribute(user, p); session.setAttribute(prev_session_time, p.getLastlogin()); } There can be several requests being processed concurrently that belong to the same session. May be you have similar synchronization issues somewhere in your application? 3) Beware of ThreadLocal variables. They may persist information across subsequent requests, even across different web applications, if not cleared properly. 4) Different users may have different habits / application usage patterns. E.g. office and home users may be different, or even there are some outstanding ones, thus it might be not a network problem. May be you can read httpd transfer logs or Tomcat AccessLogValve logs for those ones that are complaining? E.g. resubmitting, or opening several windows of the same browser, or whatever. 2007/10/24, Eero Nevalainen [EMAIL PROTECTED]: Hello everyone, I've got a really serious issue with session handling in my web application. Some of my users complain that after they login into the app, they actually see someone else's data! Personally, I have never managed to replicate this, and most of the users seem to be perfectly happy. So this is rare, but really bad as this is a financial application... I have really run out of things to check as this happens on two separate versions of the application, the newer, current one coded from scratch and running on Tomcat 5.5, the older was on top of 5.0.27. The new one is also behind Apache through mod_jk, old one was standalone. The application itself is nothing fancy. The login controller hits the database, puts a user key in session with some user-specific data, and after that, a front filter checks for the existence of the key for login-restricted URLs. After that, it's just a matter of getting the username from the session-stored object for subsequent queries. There is no mutable static data anywhere in RAM in the app, all concurrency is handled by the database, and even the session value object contains only the user's info row from the database... so (just for completeness -- it's a Spring controller) essentially on login we do LoginData data = (LoginData) command; // This is a completely trivial one Person p = service.login(data.getUsername(), data.getPassword()); if (p != null) { req.getSession().setAttribute(user, p); req.getSession().setAttribute(prev_session_time, p.getLastlogin()); return new ModelAndView(new RedirectView(/members/ajankohtaista.jsp, true)); } else return showForm(req,res,exp); The only common feature of the error reports is that the offending machines seem to be located on workplace networks or somesuch. Not a single report from a home user yet. Could it be possible that there are two users behind some common proxy that is screwing things up? It's driving me crazy really that session handling is supposedly a simple matter, but apparently it just magically can go horribly wrong... if this was some blatant code bug, one would think it would really jump at you in an obvious way, and there isn't even that much code to screw up :-( TIA for any ideas, Eero Nevalainen ([EMAIL PROTECTED]) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat6 + NIO connectors + AJP/mod_proxy_ajp
Rakesh Rajan [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello Everyone! I am currently using Tomcat 6 to serve all my dynamic requests ( mostly ajax ) and Apache frontend to serve static files. ( The existing connection from apache to tomcat is using mod_jk ). I have couple of questions 1) I read that NIO connectors are way better that normal HTTP connector. But since http frontend server ( apache/lighthttpd) uses ajp connectors to connect to tomcat, is there a NIO version for the ajp connector ( that runs on port 8009 ) also ? There is an experimental NIO/AJP connector, but it is currently broken: http://issues.apache.org/bugzilla/show_bug.cgi?id=43621 However, you can use the APR/AJP connector to accomplish the same thing. 2) Based on 1), which is a better way to achieve the connection from apache/lighthttpd to tomcat a) Using mod_jk ( not sure how to achieve this using lighthttpd ) OR b) Using mod_proxy_ajp ( Again not sure what the equivalent is in lighthttpd ) If you check the archives, you will see that this is mostly a matter of taste unless you need a feature of one that isn't in the other (e.g. some of the LB settings for mod_jk, or playing nice with e.g. mod_deflate for mod_proxy_ajp). mod_proxy_ajp is easier to configure for simple configurations, and mod_jk is usually simplier for very complex configurations. The constraint that I have right now is that I have only one server :( So it is not possible to make tomcat a standalone ( since I want apache/lighthttpd to serve the static files ). Thanks! Rakesh - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 5.5.20 and client certs, not working (browser is not sending the cert to the server)
By default, IE will store a self-signed cert as a CA cert, not as a user cert (which is why I don't like using self-signed certs for testing client-auth). Probably the quickest way to see what is wrong is to set -Djavax.net.debug=all (at least if you have a Sun JVM) in your JAVA_OPTS, and try again. You could also try using different files for the keystore and truststore. Werner Schalk [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, I am trying to implement mutual authentication in Tomcat 5.5.20 for many days now and it's giving me a real headache. I hope somebody is able to shed some light on this. Here is a digest version of what I did so far, would somebody please comment on the correctness (?) of my steps or provide me with an alternative way? The steps I have made are outlined at http://www.vorburger.ch/blog1/2006/08/setting-up-two-way-mutual-ssl-with.html. 1) Creation of the server cert: $JAVA_HOME/bin/keytool -genkey -v -alias tomcat -keyalg RSA -validity 3650 -keystore /tmp/tomcat.keystore -dname CN=192.168.1.34, OU=MYOU, O=MYORG, L=MYCITY, ST=MYSTATE, C=MY -storepass hello123 -keypass hello123 2) Activation of SSL connector in server.xml: Connector port=8443 maxHttpHeaderSize=8192 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true keystoreFile=/tmp/tomcat.keystore keystorePass=hello123 trustStoreFile=/tmp/tomcat.keystore trustStorePass=hello123 acceptCount=100 scheme=https secure=true clientAuth=false sslProtocol=TLS / 3) Restartet Tomcat, short connectivity test, SSL works fine. 4) Creation of client certificate: $JAVA_HOME/bin/keytool -genkey -v -alias wschalkKey -keyalg RSA -storetype PKCS12 -keystore /tmp/wschalk.p12 -dname CN=Werner Schalk, OU=IT, O=MyCompany, L=Munich, ST=Bavaria, C=DE -storepass hello123 -keypass hello123 5) Import of .p12 file and (later .cert file for FF) in both IE 6 and FF, no problem 6) Export from client certificate from client keystore and import into main tomcat keystore $JAVA_HOME/bin/keytool -export -alias wschalkKey -keystore /tmp/wschalk.p12 -storetype PKCS12 -storepass hello123 -rfc -file /tmp/wschalk.cert $JAVA_HOME/bin/keytool -import -v -file /tmp/wschalk.cert -keystore /tmp/tomcat.keystore -storepass hello123 Owner: CN=Werner Schalk, OU=IT, O=MyCompany, L=Munich, ST=Bavaria, C=DE Issuer: CN=Werner Schalk, OU=IT, O=MyCompany, L=Munich, ST=Bavaria, C=DE Serial number: 471dfc4b Valid from: Tue Oct 23 13:51:07 GMT 2007 until: Mon Jan 21 13:51:07 GMT 2008 Certificate fingerprints: MD5: 4D:E0:13:E7:FC:D9:09:C7:A7:DD:04:47:32:58:6A:CD SHA1: F3:1F:FF:7E:13:A8:A8:6B:EB:1A:72:14:8D:8C:B6:C4:EC:62:51:E9 Trust this certificate? [no]: yes Certificate was added to keystore [Storing /tmp/tomcat.keystore] 7) Listing of the content of the keystore: tomcat:~# $JAVA_HOME/bin/keytool -v -list -keystore /tmp/tomcat.keystore Enter keystore password: hello123 Keystore type: jks Keystore provider: SUN Your keystore contains 2 entries Alias name: tomcat Creation date: 18-Oct-2007 Entry type: keyEntry Certificate chain length: 1 Certificate[1]: Owner: CN=192.168.1.34, OU=MYOU, O=MYORG, L=MYCITY, ST=MYSTATE, C=MY Issuer: CN=192.168.1.34, OU=MYOU, O=MYORG, L=MYCITY, ST=MYSTATE, C=MY Serial number: 4716aedd Valid from: Thu Oct 18 00:54:53 GMT 2007 until: Sun Oct 15 00:54:53 GMT 2017 Certificate fingerprints: MD5: 1C:65:FE:49:B2:40:66:96:47:13:46:42:10:83:2A:DE SHA1: 6E:4A:E8:5F:25:C9:EE:6E:8B:22:50:AE:17:46:66:DE:39:29:29:CD *** *** Alias name: mykey Creation date: 18-Oct-2007 Entry type: trustedCertEntry Owner: CN=Werner Schalk, OU=IT, O=MyCompany, L=Munich, ST=Bavaria, C=DE Issuer: CN=Werner Schalk, OU=IT, O=MyCompany, L=Munich, ST=Bavaria, C=DE Serial number: 471dfc4b Valid from: Tue Oct 23 13:51:07 GMT 2007 until: Mon Jan 21 13:51:07 GMT 2008 Certificate fingerprints: MD5: 4D:E0:13:E7:FC:D9:09:C7:A7:DD:04:47:32:58:6A:CD SHA1: F3:1F:FF:7E:13:A8:A8:6B:EB:1A:72:14:8D:8C:B6:C4:EC:62:51:E9 *** *** 8) Activation of mutual authentication in server.xml Connector port=8443 maxHttpHeaderSize=8192 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true keystoreFile=/tmp/tomcat.keystore keystorePass=hello123 trustStoreFile=/tmp/tomcat.keystore trustStorePass=hello123 acceptCount=100 scheme=https secure=true clientAuth=true sslProtocol=TLS / 9) Finally, start of Tomcat (no error messages): # /usr/local/tomcat/bin/startup.sh tail -f
Re: Tomcat 5.5.20 and client certs, not working (browser is not sending the cert to the server)
If you wanna browser is sending the cert to the server, you may try to set clientAuth=true in server.xml. - Original Message - From: Bill Barker To: users@tomcat.apache.org Sent: Wednesday, October 24, 2007 9:04 AM Subject: Re: Tomcat 5.5.20 and client certs, not working (browser is not sending the cert to the server) By default, IE will store a self-signed cert as a CA cert, not as a user cert (which is why I don't like using self-signed certs for testing client-auth). Probably the quickest way to see what is wrong is to set -Djavax.net.debug=all (at least if you have a Sun JVM) in your JAVA_OPTS, and try again. You could also try using different files for the keystore and truststore. Werner Schalk [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, I am trying to implement mutual authentication in Tomcat 5.5.20 for many days now and it's giving me a real headache. I hope somebody is able to shed some light on this. Here is a digest version of what I did so far, would somebody please comment on the correctness (?) of my steps or provide me with an alternative way? The steps I have made are outlined at http://www.vorburger.ch/blog1/2006/08/setting-up-two-way-mutual-ssl-with.html. 1) Creation of the server cert: $JAVA_HOME/bin/keytool -genkey -v -alias tomcat -keyalg RSA -validity 3650 -keystore /tmp/tomcat.keystore -dname CN=192.168.1.34, OU=MYOU, O=MYORG, L=MYCITY, ST=MYSTATE, C=MY -storepass hello123 -keypass hello123 2) Activation of SSL connector in server.xml: Connector port=8443 maxHttpHeaderSize=8192 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true keystoreFile=/tmp/tomcat.keystore keystorePass=hello123 trustStoreFile=/tmp/tomcat.keystore trustStorePass=hello123 acceptCount=100 scheme=https secure=true clientAuth=false sslProtocol=TLS / 3) Restartet Tomcat, short connectivity test, SSL works fine. 4) Creation of client certificate: $JAVA_HOME/bin/keytool -genkey -v -alias wschalkKey -keyalg RSA -storetype PKCS12 -keystore /tmp/wschalk.p12 -dname CN=Werner Schalk, OU=IT, O=MyCompany, L=Munich, ST=Bavaria, C=DE -storepass hello123 -keypass hello123 5) Import of .p12 file and (later .cert file for FF) in both IE 6 and FF, no problem 6) Export from client certificate from client keystore and import into main tomcat keystore $JAVA_HOME/bin/keytool -export -alias wschalkKey -keystore /tmp/wschalk.p12 -storetype PKCS12 -storepass hello123 -rfc -file /tmp/wschalk.cert $JAVA_HOME/bin/keytool -import -v -file /tmp/wschalk.cert -keystore /tmp/tomcat.keystore -storepass hello123 Owner: CN=Werner Schalk, OU=IT, O=MyCompany, L=Munich, ST=Bavaria, C=DE Issuer: CN=Werner Schalk, OU=IT, O=MyCompany, L=Munich, ST=Bavaria, C=DE Serial number: 471dfc4b Valid from: Tue Oct 23 13:51:07 GMT 2007 until: Mon Jan 21 13:51:07 GMT 2008 Certificate fingerprints: MD5: 4D:E0:13:E7:FC:D9:09:C7:A7:DD:04:47:32:58:6A:CD SHA1: F3:1F:FF:7E:13:A8:A8:6B:EB:1A:72:14:8D:8C:B6:C4:EC:62:51:E9 Trust this certificate? [no]: yes Certificate was added to keystore [Storing /tmp/tomcat.keystore] 7) Listing of the content of the keystore: tomcat:~# $JAVA_HOME/bin/keytool -v -list -keystore /tmp/tomcat.keystore Enter keystore password: hello123 Keystore type: jks Keystore provider: SUN Your keystore contains 2 entries Alias name: tomcat Creation date: 18-Oct-2007 Entry type: keyEntry Certificate chain length: 1 Certificate[1]: Owner: CN=192.168.1.34, OU=MYOU, O=MYORG, L=MYCITY, ST=MYSTATE, C=MY Issuer: CN=192.168.1.34, OU=MYOU, O=MYORG, L=MYCITY, ST=MYSTATE, C=MY Serial number: 4716aedd Valid from: Thu Oct 18 00:54:53 GMT 2007 until: Sun Oct 15 00:54:53 GMT 2017 Certificate fingerprints: MD5: 1C:65:FE:49:B2:40:66:96:47:13:46:42:10:83:2A:DE SHA1: 6E:4A:E8:5F:25:C9:EE:6E:8B:22:50:AE:17:46:66:DE:39:29:29:CD *** *** Alias name: mykey Creation date: 18-Oct-2007 Entry type: trustedCertEntry Owner: CN=Werner Schalk, OU=IT, O=MyCompany, L=Munich, ST=Bavaria, C=DE Issuer: CN=Werner Schalk, OU=IT, O=MyCompany, L=Munich, ST=Bavaria, C=DE Serial number: 471dfc4b Valid from: Tue Oct 23 13:51:07 GMT 2007 until: Mon Jan 21 13:51:07 GMT 2008 Certificate fingerprints: MD5: 4D:E0:13:E7:FC:D9:09:C7:A7:DD:04:47:32:58:6A:CD SHA1: F3:1F:FF:7E:13:A8:A8:6B:EB:1A:72:14:8D:8C:B6:C4:EC:62:51:E9 *** *** 8) Activation of mutual
Re: Start tomcat without Connector
Nope, this won't work. The Request needs to be mapped before TC knows how to find the Session. After the Context is started, it should have a Manager (if you haven't explicitly configured one). I'm guessing that you are doing some sort of Mock unit testing, and you want the Session configured before you run your test. In that case, you want something like (after you call start): Manager manager = context.getManager(); Session session = manager.createSession(MySessionId); manager.add(session); HttpSession hsession = session.getSession(); hsession.setAttribute(foo, bar); Auke Noppe [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi, I have the app working. But I want to set some attributes on the session (like a user). Does anyone knows how I can get to the HttpSession? I tried to create a org.apache.catalina.connector.Request via connector.createRequest() and invoke the request.getSession() method, but I always receive null from the request. The manager of the context is empty I found out. Should it not be instantiated/set during startup? I there another way to get a reference of a HttpSession? Regards, Auke -Oorspronkelijk bericht- Van: news [mailto:[EMAIL PROTECTED] Namens Bill Barker Verzonden: dinsdag 23 oktober 2007 3:27 Aan: users@tomcat.apache.org Onderwerp: Re: Start tomcat without Connector It is possible, but not easy. The Connector is integrated pretty tightly with the Catalina code now. In particular, you can't just call the invoke method on the Context, since the mappings are done via the Connector. It will probably be easier to create a Connector using the MemoryProtocolHandler (in org.apache.coyote.memory). You're code can get a reference to it by calling getProtocolHandler() on the Connector, and then feed your request through the process method of MemoryProtocolHandler. Auke Noppe [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi there, Is it possible to start an instance of (embedded)tomcat without connector, and to invoke pages through the context.invoke(request, response) method? I have written a small application which starts embedded tomcat with a server, engine, host and context, but without connector. And the application invokes the invoke method of the context. But I dont get a response back. public void startTomcat() throws LifecycleException { embedded = new Embedded(); engine = embedded.createEngine(); engine.setName(Catalina); host = embedded.createHost(localhost, getPath() + /webapps); engine.addChild(host); context = embedded.createContext(, C:/stage_auke/workspace/trunk/web); context.setPrivileged(false); host.addChild(context); String config = host.getConfigClass(); ((StandardContext)context).setDefaultWebXml(getPath()+/conf/web.xml); context.setAvailable(true); embedded.addEngine(engine); embedded.start(); } The other method calls context.invoke with a filled request and response. Anyone an idea? Regards, Auke No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.488 / Virus Database: 269.15.5/1084 - Release Date: 21-10-2007 15:09 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.15.6/1086 - Release Date: 22-10-2007 19:57 No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.15.6/1086 - Release Date: 22-10-2007 19:57 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: removing :xxxx port requirement in URL [update]
I was beginning to be happy with the results of my work and was enjoying the ability to have apache serve the .jsp files from any of it's virtualhost document roots and not the Tomcat docroot and only having one Tomcat virtualhost defined allowed me to design an admin interface on the defined Tomcat port. I was thinking it was time to start planning out a release package when I decided to try using Tomcat 5 instead of Tomcat 4 (which is vendor supplied) and I'm disappointed to find out that the changes in the class files have combined the docroot, work and scratch dir variable initialization so changing docroot dynamically on the fly doesn't work cause it then complains about no WEB-INF and no work dir and exits with a 500 error msg. I thought to be safe I'd try Tomcat 6 (forced me to use JSDK 1.5) and it exhibits the same issue. It looks like my current solution only works with Tomcat 4.1 (I didn't try anything older). I'm wondering how to resolve this, I doubt they'd make changes in the source to allow the ability to modify the docroot without affecting other directory designations because I need it for my module. Maybe using Tomcat was a poor choice based on the current available config state or maybe there is another method in the newer Tomcat's to achieve the docroot change without disrupting the others or maybe I should consider dropping it as a possible method of implementation? -- Dale PGP.sig Description: This is a digitally signed message part