Setting Character Encoding in server.xml
Hi, I am using Linux/Tomcat 5.5. I am running several Tomcat instances each with its own server.xml and wish to use different character encoding in each instance. Please how do I set the character encoding in server.xml Thanks Peter ** - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
SSL % tomcat 6.0
Hi, I have a small troubles with SSL certificates integration for tomcat 6.0. Of course I've read the FAQ and SSL tutorial but my situation is not described in that help sheets in details... I enabled SSL on tomcat and can log in onto default page with default certificate, but I have to make the following: 1) enable SSL on server (tomcat); 2) sign certificate by my company (not to pay for signing on CA for now); 3) generate certificate for every client and sent them by e-mail etc.. 4) on client connect to my server accept client certificate... I've made this: added into server.conf Connector port=8443 minSpareThreads=5 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true acceptCount=100 maxThreads=200 scheme=https secure=true SSLEnabled=true keystoreFile=/var/certificates/serverstore keystorePass=123321 keystoreType=JKS keyAlias=tomcat clientAuth=true sslProtocol=TLS truststoreFile=/var/certificates/clienttruststore truststorePass=123321 truststoreType=JKS/ and do the following (java): a) Process p = Runtime.getRuntime().exec(keytool -genkey -keyalg RSA -dname \ CN= + commoname + , OU= + orzunit + , O= + organization + , L= + loc + , S= + state + , C= + scontry + \ -alias + aliasname + -keypass + keypass + -keystore + keystore + -storetype PKCS12 -storepass + keystorepass + -validity + validity); b) Process p = Runtime.getRuntime().exec(keytool -export -alias + aliasname + -keyalg RSA -keystore + kystore + -storetype PKCS12 -storepass + kystorepass + -file + file); c) Process p = Runtime.getRuntime().exec(keytool -import -noprompt -alias + aliasname + -keyalg RSA -keystore + kystore + -storetype JKS -storepass + kystorepass + -file + file); But after adding client certificate, I have to restart tomcat... but it is impossible! If Someone knows how to generate and add certificates into keystore for tomcat and use them without restart it will be great to reply to me:) Thanks..
using SSL in tomcat
I need to use the existing Private Key Certifiate generated for a wildcard sub-domain like *.maindomain.com in Tomcat. May I know the steps to import the key certificate to the keystore so that tomcat can use it for secure mode operation. -- View this message in context: http://old.nabble.com/using-SSL-in-tomcat-tp27606934p27606934.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: using SSL in tomcat
On 16/02/2010 11:30, syskarthik wrote: I need to use the existing Private Key Certifiate generated for a wildcard sub-domain like *.maindomain.com in Tomcat. May I know the steps to import the key certificate to the keystore so that tomcat can use it for secure mode operation. Tomcat version? Java version? key format? certificate format? keystore type? Tomcat connector (BIO/NIO/APR)? http://catb.org/~esr/faqs/smart-questions.html - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL % tomcat 6.0
Andrey D wrote: I have a small troubles with SSL certificates integration for tomcat 6.0. Of course I've read the FAQ and SSL tutorial but my situation is not described in that help sheets in details... Well, maybe it does not address your problem directly. I found it's much easier to work with following configuration: apache httpd (+ SSL) - mod_proxy_ajp - tomcat AJP connector is aware of SSL being used by apache. -- Mikolaj Rydzewski m...@ceti.pl - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: performance problems with Tomcat 6 and JSF 1.2
Thanks Christopher. I created bug 48750: https://issues.apache.org/bugzilla/show_bug.cgi?id=48750 The source jsp and the compiled jsps are attached at this bug. There is also a link to the complete demo web app. A major difference between jetty and tomcat is the usage of a AnnotationHelper class for each tag. Michael -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Samstag, 13. Februar 2010 16:28 To: Tomcat Users List Subject: Re: performance problems with Tomcat 6 and JSF 1.2 -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Michael, On 2/12/2010 11:11 AM, Michael Heinen wrote: I noticed serious performance problems with JSF 1.2 and Tomcat which seems to be caused by Tomcat. One major performace problem is bug https://issues.apache.org/bugzilla/show_bug.cgi?id=48600 Setting metadata-complete=true in web.xml improved the speed significantly But there seems to be still another problem in Tomcat. I deployed the same apps to Jetty. Average results of 500 calls of a simple jsf page (jsp) with 1000 h:output tags: JSF 1.1: Tomcat 6.0.24: 26ms Jetty 7.0.1: 35ms JSF 1.2: Tomcat 6.0.24: 72ms Jetty 7.0.1: 41ms Any ideas regarding the bad performance of Tomcat with JSF 1.2? The simple page does not contain any EL expressions, just 1000 simple tags: h:outputText value=1 style=z-index:29202;/. You might want to check out the generated .java file to see if there is anything suspicious in there. Can you post both the sample JSP and the generated .java file? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkt2xPQACgkQ9CaO5/Lv0PDaOwCgtJ4QWltYOpOv1wjzFcd1/EM4 M98An1IzBmOI38A6MZYrk9wOUE++xfqM =mdSW -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL % tomcat 6.0
Sorry, but I can't use apache httpd separately... only tomcat.. :( someone said me: ok, I think the solution is this create a CA ... then, import the CA public key into key-store sign each client certificate with CA private key .. I believe this will mean that when Tomcat requests client certificate, it can be checked against the CA public key in keystore ... have a look at this .. what do you think about it? and if it helps... how to do it Thanks! On Tue, Feb 16, 2010 at 1:40 PM, Mikolaj Rydzewski m...@ceti.pl wrote: Andrey D wrote: I have a small troubles with SSL certificates integration for tomcat 6.0. Of course I've read the FAQ and SSL tutorial but my situation is not described in that help sheets in details... Well, maybe it does not address your problem directly. I found it's much easier to work with following configuration: apache httpd (+ SSL) - mod_proxy_ajp - tomcat AJP connector is aware of SSL being used by apache. -- Mikolaj Rydzewski m...@ceti.pl - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
logging
Hi, I have an application which uses apache commons logging for logging . When i deployed this appication to tomcat 6.0.20 , the appication level logs are not dispayed . I havent altered the default logging.properties in CATALINA_HOME/config. How to enable application level logging in tomcat 6 with the default set up [ie apache commons logging and JULI , not log4j ] the defaut logging.properties looks like this. handlers = 1catalina.org.apache.juli.FileHandler, 2localhost.org.apache.juli.FileHandler, 3manager.org.apache.juli.FileHandler, 4host-manager.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler .handlers = 1catalina.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler # Handler specific properties. # Describes specific configuration info for Handlers. 1catalina.org.apache.juli.FileHandler.level = FINE 1catalina.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 1catalina.org.apache.juli.FileHandler.prefix = catalina. 2localhost.org.apache.juli.FileHandler.level = FINE 2localhost.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 2localhost.org.apache.juli.FileHandler.prefix = localhost. 3manager.org.apache.juli.FileHandler.level = FINE 3manager.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 3manager.org.apache.juli.FileHandler.prefix = manager. 4host-manager.org.apache.juli.FileHandler.level = FINE 4host-manager.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 4host-manager.org.apache.juli.FileHandler.prefix = host-manager. java.util.logging.ConsoleHandler.level = FINE java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter # Facility specific properties. # Provides extra control for each logger. org.apache.catalina.core.ContainerBase.[Catalina].[localhost].level = INFO org.apache.catalina.core.ContainerBase.[Catalina].[localhost].handlers = 2localhost.org.apache.juli.FileHandler org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].level = INFO org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].handlers = 3manager.org.apache.juli.FileHandler org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].level = INFO org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].handlers = 4host-manager.org.apache.juli.FileHandler # For example, set the com.xyz.foo logger to only log SEVERE # messages: #org.apache.catalina.startup.ContextConfig.level = FINE #org.apache.catalina.startup.HostConfig.level = FINE #org.apache.catalina.session.ManagerBase.level = FINE #org.apache.catalina.core.AprLifecycleListener.level=FINE -- View this message in context: http://old.nabble.com/logging-tp27607859p27607859.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
logging
Hi, I have an application which uses apache commons logging for logging . When i deployed this appication to tomcat 6.0.20 , the appication level logs are not dispayed . I havent altered the default logging.properties in CATALINA_HOME/config. How to enable application level logging in tomcat 6 with the default set up [ie apache commons logging and JULI , not log4j ] the defaut logging.properties looks like this. handlers = 1catalina.org.apache.juli.FileHandler, 2localhost.org.apache.juli.FileHandler, 3manager.org.apache.juli.FileHandler, 4host-manager.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler .handlers = 1catalina.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler # Handler specific properties. # Describes specific configuration info for Handlers. 1catalina.org.apache.juli.FileHandler.level = FINE 1catalina.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 1catalina.org.apache.juli.FileHandler.prefix = catalina. 2localhost.org.apache.juli.FileHandler.level = FINE 2localhost.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 2localhost.org.apache.juli.FileHandler.prefix = localhost. 3manager.org.apache.juli.FileHandler.level = FINE 3manager.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 3manager.org.apache.juli.FileHandler.prefix = manager. 4host-manager.org.apache.juli.FileHandler.level = FINE 4host-manager.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 4host-manager.org.apache.juli.FileHandler.prefix = host-manager. java.util.logging.ConsoleHandler.level = FINE java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter # Facility specific properties. # Provides extra control for each logger. org.apache.catalina.core.ContainerBase.[Catalina].[localhost].level = INFO org.apache.catalina.core.ContainerBase.[Catalina].[localhost].handlers = 2localhost.org.apache.juli.FileHandler org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].level = INFO org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].handlers = 3manager.org.apache.juli.FileHandler org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].level = INFO org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].handlers = 4host-manager.org.apache.juli.FileHandler # For example, set the com.xyz.foo logger to only log SEVERE # messages: #org.apache.catalina.startup.ContextConfig.level = FINE #org.apache.catalina.startup.HostConfig.level = FINE #org.apache.catalina.session.ManagerBase.level = FINE #org.apache.catalina.core.AprLifecycleListener.level=FINE -- Regards, Sayin -- View this message in context: http://old.nabble.com/logging-tp27607876p27607876.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Setting Character Encoding in server.xml
From: Peter Sparkes [mailto:pe...@didm.co.uk] Subject: Setting Character Encoding in server.xml I am using Linux/Tomcat 5.5. I am running several Tomcat instances each with its own server.xml and wish to use different character encoding in each instance. Please how do I set the character encoding in server.xml Take a look at this: http://wiki.apache.org/tomcat/FAQ/CharacterEncoding - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
exclude specific IP address from HTTP auth
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I'm looking for the Tomcat 6 security configuration that would correspond to Apache httpd's Satisfy Any. In other words, use HTTP Digest authentication for a web app, but allow some specific IP address access without authentication. I already have the Digest Authenticator Valve working, and am looking at the RemoteAddrValve. But the documentation suggests that if I add that, it will add another restriction (Satisfy All in httpd-speak). Is there a solution for this within Tomcat? Cheers, Marcus -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkt6yVkACgkQXjXn6TzcAQlDbQCg2PK3usfMHvyUwzXtKADXF5Na Ms4An0woTNy5pPImu4sTAqQv9JUA9XAp =b7Si -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: exclude specific IP address from HTTP auth
From: news [mailto:n...@ger.gmane.org] On Behalf Of Marcus Better Subject: exclude specific IP address from HTTP auth I'm looking for the Tomcat 6 security configuration that would correspond to Apache httpd's Satisfy Any. Take a look at SecurityFilter to see if it will do what you want. http://securityfilter.sourceforge.net/ - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Is it possible to replace the HttpSession implementation in Tomcat?
Hi Jon, On Mon, 2010-02-15 at 11:55 -0600, Jon Brisbin wrote: I'm trying to figure out today how I can implement a Valve or something that can store a session to a backend DB and reload that session on another Tomcat instance similar to how the PersistentManager loads user's session after a restart. Would a Valve based on PersistentValve allow me to implement a cluster-like solution such that a user login causes a write to a central database and a load balanced request to another server would see that user without forcing another login? You might have a look at the http://code.google.com/p/memcached-session-manager/ which is a session failover solution storing sessions in memcached. When the project was created I only thought of applications using sticky sessions but it should also work with non-sticky sessions if sessions are stored in memcached synchronously (sessionBackupAsync needs to be set to false, see [1]). The memcached-session-manager basically is a session manager implemention, the most interesting part is the MemcachedBackupSessionManager ([2]) if you want to have a look at the code. Cheers, Martin [1] http://code.google.com/p/memcached-session-manager/wiki/SetupAndConfiguration [2] http://github.com/magro/memcached-session-manager/blob/master/core/src/main/java/de/javakaffee/web/msm/MemcachedBackupSessionManager.java Jon Brisbin Portal Webmaster NPC International, Inc. On Feb 15, 2010, at 11:05 AM, Simone Tripodi wrote: Hi all guys and very nice to meet the Tomcat community, I've a web-application that needs to be replicated in more than one Tomcat, and since it is HttpSession based, I need to enable the session replication. Even if I work with very good sysadmins that know how to do it, I'm curious and would like to know if I could replace the HttpSession implementation with a my own one, I'd like to integrate Hazelcast[1] for data synchronization. Thanks in advance, every suggestion will be very appreciated. Simo [1] http://www.hazelcast.com/ http://people.apache.org/~simonetripodi/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- signature.asc Description: This is a digitally signed message part
RE: [OT] Tomcat dies suddenly
Reminds me of a story from an old-timer friend of mine. This was back in the day of shuddertext-based terminals/shudder. The company he worked for had a military contract to install bunch of terminals in an office building at a local airbase. A few days after the workers moved in, his company got a call that something was wrong. About every few seconds, every terminal would get a string of random characters, each terminal getting a different string. After puzzling over the problem for a bit, he happened to look out the window and see the nearby radar dish sweep past the building at the same time the odd characters appeared. They checked a few random cables and found that the installers had used unshielded cables to save a few pennies. According to him, they spent the weekend wrapping the major cable bundles in foil as a stop-gap until they could come in and replace all the cables. -Original Message- From: George Sexton [mailto:geor...@mhsoftware.com] Sent: Sunday, February 14, 2010 10:58 AM To: 'Tomcat Users List' Subject: RE: [OT] Tomcat dies suddenly -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Saturday, February 13, 2010 3:28 PM To: Tomcat Users List Subject: Re: [OT] Tomcat dies suddenly Caldarale, Charles R wrote: Since we must have by now exhausted all the normal causes of such errors, maybe we should recommend a) a visual inspection of the systems, to see if there are any pinsize holes, or paint flaking off or so b) the installation of a surveilance camera, to check if the SegFaults are synchronous with any visible phenomenon (sparks, Cerenkow radiation, etc.) c) moving the systems to the basement ? There's a story in a book I once read where a computer system crashed every morning around the same time. No one could figure it out. Finally, the head of IS goes down to the computer room at the expected time. In walks a maintenance man who comes in, opens the cabinet for the computer, and plugs a floor polisher into a spare outlet in the cabinet. When the maintenance man activates the polisher, boom, the system crashed. When asked by his boss what the problem was, he told him it was a buffer problem. http://www.amazon.com/Devouring-Fungus-Jennings-Karla/dp/0393307328 I used to have a Novell server that would mysteriously reboot every few days. In my case, the server was on the same circuit as a laser printer, and both were plugged into a Haworth cubicle outlet. Periodically, load was too much and it would causes a server reboot. We brought in another circuit NOT on the inadequate cubicle wiring system, and the problem went away. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org *** NOTICE * This message is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by reply or by telephone (call us collect at 512-343-9100) and immediately delete this message and all its attachments.
Re: logging
Sayin, did you have a look on the wiki: http://wiki.apache.org/tomcat/FAQ/Logging S. Hi, I have an application which uses apache commons logging for logging . When i deployed this appication to tomcat 6.0.20 , the appication level logs are not dispayed . I havent altered the default logging.properties in CATALINA_HOME/config. How to enable application level logging in tomcat 6 with the default set up [ie apache commons logging and JULI , not log4j ] the defaut logging.properties looks like this. handlers = 1catalina.org.apache.juli.FileHandler, 2localhost.org.apache.juli.FileHandler, 3manager.org.apache.juli.FileHandler, 4host-manager.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler .handlers = 1catalina.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler # Handler specific properties. # Describes specific configuration info for Handlers. 1catalina.org.apache.juli.FileHandler.level = FINE 1catalina.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 1catalina.org.apache.juli.FileHandler.prefix = catalina. 2localhost.org.apache.juli.FileHandler.level = FINE 2localhost.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 2localhost.org.apache.juli.FileHandler.prefix = localhost. 3manager.org.apache.juli.FileHandler.level = FINE 3manager.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 3manager.org.apache.juli.FileHandler.prefix = manager. 4host-manager.org.apache.juli.FileHandler.level = FINE 4host-manager.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 4host-manager.org.apache.juli.FileHandler.prefix = host-manager. java.util.logging.ConsoleHandler.level = FINE java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter # Facility specific properties. # Provides extra control for each logger. org.apache.catalina.core.ContainerBase.[Catalina].[localhost].level = INFO org.apache.catalina.core.ContainerBase.[Catalina].[localhost].handlers = 2localhost.org.apache.juli.FileHandler org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].level = INFO org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].handlers = 3manager.org.apache.juli.FileHandler org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].level = INFO org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].handlers = 4host-manager.org.apache.juli.FileHandler # For example, set the com.xyz.foo logger to only log SEVERE # messages: #org.apache.catalina.startup.ContextConfig.level = FINE #org.apache.catalina.startup.HostConfig.level = FINE #org.apache.catalina.session.ManagerBase.level = FINE #org.apache.catalina.core.AprLifecycleListener.level=FINE -- Regards, Sayin -- View this message in context: http://old.nabble.com/logging-tp27607876p27607876.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Tomcat dies suddenly
Heh, when I was in another building I was issued an ADDS Viewpoint terminal which would, every so often, begin typing all by itself and quite at random. Eventually we determined that my cubicle was directly underneath an arc welding station in the welding shop one floor up, and when welding classes were in session the EMI was picked up by my keyboard. (Written from one of my xterms.) -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Friends don't let friends publish revisable-form documents. pgpu1LttJE0ti.pgp Description: PGP signature
Re: Is it possible to replace the HttpSession implementation in Tomcat?
Hi Martin, very interesting, thanks for share it!!! I did, more or less, the same on a project for a customer, but it was strictly related to the application, your stuff looks much much better of mine and it is a reusable module. All the best, Simo http://people.apache.org/~simonetripodi/ On Tue, Feb 16, 2010 at 6:02 PM, Martin Grotzke martin.grot...@javakaffee.de wrote: Hi Jon, On Mon, 2010-02-15 at 11:55 -0600, Jon Brisbin wrote: I'm trying to figure out today how I can implement a Valve or something that can store a session to a backend DB and reload that session on another Tomcat instance similar to how the PersistentManager loads user's session after a restart. Would a Valve based on PersistentValve allow me to implement a cluster-like solution such that a user login causes a write to a central database and a load balanced request to another server would see that user without forcing another login? You might have a look at the http://code.google.com/p/memcached-session-manager/ which is a session failover solution storing sessions in memcached. When the project was created I only thought of applications using sticky sessions but it should also work with non-sticky sessions if sessions are stored in memcached synchronously (sessionBackupAsync needs to be set to false, see [1]). The memcached-session-manager basically is a session manager implemention, the most interesting part is the MemcachedBackupSessionManager ([2]) if you want to have a look at the code. Cheers, Martin [1] http://code.google.com/p/memcached-session-manager/wiki/SetupAndConfiguration [2] http://github.com/magro/memcached-session-manager/blob/master/core/src/main/java/de/javakaffee/web/msm/MemcachedBackupSessionManager.java Jon Brisbin Portal Webmaster NPC International, Inc. On Feb 15, 2010, at 11:05 AM, Simone Tripodi wrote: Hi all guys and very nice to meet the Tomcat community, I've a web-application that needs to be replicated in more than one Tomcat, and since it is HttpSession based, I need to enable the session replication. Even if I work with very good sysadmins that know how to do it, I'm curious and would like to know if I could replace the HttpSession implementation with a my own one, I'd like to integrate Hazelcast[1] for data synchronization. Thanks in advance, every suggestion will be very appreciated. Simo [1] http://www.hazelcast.com/ http://people.apache.org/~simonetripodi/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Tomcat dies suddenly
Ognjen Blagojevic wrote: I heard almost the same story in the last company I used to work. The only differences are: instead of floor polisher it was a vacuum cleaner, and there was no spare outlet... :) Now I am very curious, because I happen to have supplied the media archive management software used by a very large broadcasting organisation, where a similar story happened to the server running ditto software (this was a few years ago). Right after that incident, the organisation in question purchased a second server and a second copy of the software, and asked a partner of mine to design a failover solution. Of course we do not want to name anyone precisely, but it would be funny if this was the same incident. ? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: exclude specific IP address from HTTP auth
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Caldarale, Charles R wrote: I'm looking for the Tomcat 6 security configuration that would correspond to Apache httpd's Satisfy Any. Take a look at SecurityFilter to see if it will do what you want. Thanks, but it says it only supports form authentication, not HTTP Basic or Digest... Cheers, Marcus -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkt7BmoACgkQXjXn6TzcAQmNoACgkDDFmhFUIEk4mCimaYoGVNyy VbUAoI4vjTFQpTt7SMNPzt+U3DGGgNi0 =JZ4K -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: exclude specific IP address from HTTP auth
From: news [mailto:n...@ger.gmane.org] On Behalf Of Marcus Better Subject: RE: exclude specific IP address from HTTP auth but it says it only supports form authentication, not HTTP Basic or Digest... To quote Chris S: Note that the warning about BASIC authentication is waaay outdated: sf definitely does support BASIC auth. But not DIGEST, yet. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: exclude specific IP address from HTTP auth
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Marcus, On 2/16/2010 3:56 PM, Marcus Better wrote: Caldarale, Charles R wrote: I'm looking for the Tomcat 6 security configuration that would correspond to Apache httpd's Satisfy Any. Take a look at SecurityFilter to see if it will do what you want. Thanks, but it says it only supports form authentication, not HTTP Basic or Digest... sf definitely supports BASIC... the documentation is sorely out of date, unfortunately. I'll have to check if DIGEST is supported... I think it is. In any case, sf is quite hackable. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkt7CtgACgkQ9CaO5/Lv0PDXUwCghaQVt15Jz/iaAIwPtMejF29y MQ8AoJdo/fJGJ7mpsm/m9pPfYM3E4fs8 =unPW -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: exclude specific IP address from HTTP auth
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Marcus, On 2/16/2010 3:56 PM, Marcus Better wrote: Caldarale, Charles R wrote: I'm looking for the Tomcat 6 security configuration that would correspond to Apache httpd's Satisfy Any. Take a look at SecurityFilter to see if it will do what you want. Thanks, but it says it only supports form authentication, not HTTP Basic or Digest... No, DIGEST authentication does not appear to be supported by sf. Patches are always welcome :) - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkt7C+gACgkQ9CaO5/Lv0PBa6ACfdBPoQevFMH/ToyL+Rm5wb8Hs lvEAn1CLHi/Qp4pL5AhhEYS5TTQtfKbP =kxcp -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: exclude specific IP address from HTTP auth
Marcus Better wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Caldarale, Charles R wrote: I'm looking for the Tomcat 6 security configuration that would correspond to Apache httpd's Satisfy Any. Take a look at SecurityFilter to see if it will do what you want. Thanks, but it says it only supports form authentication, not HTTP Basic or Digest... You still may want to dig a bit deeper, because in this case I believe it is the doc which is outdated. I think I remember someone saying that it does support Basic authentication (though not Digest). Another idea : you could also have a look here : http://www.tuckey.org/urlrewrite/ It may be possible, depending on the caller IP, to redirect the request to another copy of your webapp which would/would not force authentication in the way you want. Click on manual, and search in that page for remote-addr. And still otherwise, this may be one of these cases where using an Apache httpd front-end to Tomcat is justified. I am doing just that on several websites I run : Apache httpd does the user authentication (using a variety of schemes, including the one you are mentioning(*)), and passes the authenticated user-id to Tomcat via the Apache-Tomcat connector. See the tomcatAuthentication attribute of the Connector element in Tomcat. (*) Typically, an application is available on a server on the Internet. You want to allow in, without authentication, a group of users whenever they connect from within their corporate network, which has one or several well-defined IP addresses. But when these people connect from outside their corporate network, you want them to login. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL % tomcat 6.0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andrey, On 2/16/2010 7:46 AM, Andrey D wrote: Sorry, but I can't use apache httpd separately... only tomcat.. :( someone said me: ok, I think the solution is this create a CA ... then, import the CA public key into key-store sign each client certificate with CA private key .. I believe this will mean that when Tomcat requests client certificate, it can be checked against the CA public key in keystore ... have a look at this .. what do you think about it? This sounds reasonable: basically, instead of creating many trusted certificates, you create a single trusted certificate, then use that to sign the client certificates. Tomcat trusts the signing certificate and therefore, implicitly, all the client certificates signed with that top-level one. and if it helps... how to do it Heh... it gets to be a bit of a pain in the neck. For starters, read the thread titled mod_jk Client SSL Certificates from the archives back in October. Specifically, this message: http://tomcat.markmail.org/message/kzxsamuiu6bldjmv?q=%22mod_jk+%26+Client+SSL+Certificates%22+list:org.apache.tomcat.users You can ignore most of the Apache httpd-related stuff, but I did end up creating the key stores in OpenSSL format, so you'll have to read-through the certificate creation process in order to get a top-level certificate that you can actually use with my code. Or, you could follow the client certificate instructions on Tomcat's website (I found the lack of documentation for using Client SSL certificates a little frustrating, but I ended up doing most of my work with OpenSSL, etc., and not Tomcat so I don't really have any better instructions than what's already on the Tomcat site). Good luck, - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkt7DpEACgkQ9CaO5/Lv0PAKWgCffenUPfvSfPeL8EuPIGxx2FiX 1/wAoI4wNFQ5RhBzJKmbOEiNQ2m2yIzb =5Rrp -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Configure tomcat in my development environment, and save session across restart
Hi I use tomcat 5.5.28 for my development in eclipse, when ever i change any class it restarts my tomcat and i loose my session, so i have to go through login process to get the session. Is it possible to save this session across restarts, it would be great and save me a lot of time in development I was reading about manager in tomcat, but did not figure out how to do it, is there any document or example of configuring this manager, http://tomcat.apache.org/tomcat-5.5-doc/config/manager.html http://tomcat.apache.org/tomcat-5.5-doc/config/manager.htmlI have configure tomcat so i can start and stop from eclipse -- Ashish www.ayurwellness.com www.mysoftwareneeds.com
Re: performance problems with Tomcat 6 and JSF 1.2
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Micheal, On 2/16/2010 7:45 AM, Michael Heinen wrote: I created bug 48750: https://issues.apache.org/bugzilla/show_bug.cgi?id=48750 The source jsp and the compiled jsps are attached at this bug. You might also want to show what JSF 1.1 gets you, there. I'm' not very familiar with the JSF stuff: is JSF provided by Tomcat or is that something you have to add yourself? If it's external, and that's the only difference, maybe you'll have to stick to 1.1 until a more optimized version of the JSF library is available. A note about Remy: you simply cannot change his mind. If you can get another Tomcat committer interested in your problem, you may have better luck. Mark Thomas is a frequent contributor to this list and, if he's got time and you're willing to help, he's quite likely to help investigate and maybe work on a solution. If you can help nail down the difference between the behavior of JSF 1.1 vs. 1.2, that will help a lot. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkt7EHQACgkQ9CaO5/Lv0PBrGACghnr/MW4matR5JdIVdTsRnJPp +7oAnRsfI8tE8GibOxjJbjDVJhz5BUkK =2LXT -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat dies suddenly
So what now ? I leave this list for 3 days to go earn my keep, and when I come back this silly crash issue is /still/ not resolved ? Carl, still on my trip about the SegFaults caused by some native non-kosher executable module.. You mentioned earlier that you are using SSL on all requests. Again, my deep knowledge of the matter is pitifully deficient, but just in case you would be using OpenSSL components, are you sure that the ones you are using are totally ok ? That probably /is/ a commonality between these 2 servers, isn't it ? Appeal to the experts : considering the lenghtily expounded symptoms, would it be possible that one obscure corner of the SSL code or data is being used only occasionally, and that such occasional usage could cause the symptoms here observed ? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Configure tomcat in my development environment, and save session across restart
On 16/02/2010 21:35, Ashish Kulkarni wrote: Hi I use tomcat 5.5.28 for my development in eclipse, when ever i change any class it restarts my tomcat and i loose my session, so i have to go through login process to get the session. Is it possible to save this session across restarts, it would be great and save me a lot of time in development Tomcat does this by default. I was reading about manager in tomcat, but did not figure out how to do it, is there any document or example of configuring this manager, http://tomcat.apache.org/tomcat-5.5-doc/config/manager.html That is the documentation. I have configure tomcat so i can start and stop from eclipse You need to figure out where Eclipse has disabled session persistence and change it back. That would be a question for the Eclipse forums. Things like this and never being quite sure which configuration files Eclipse is using is why I always use an external Tomcat instance rather than one provided by Eclipse. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Configure tomcat in my development environment, and save session across restart
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ashish, On 2/16/2010 4:35 PM, Ashish Kulkarni wrote: I use tomcat 5.5.28 for my development in eclipse, when ever i change any class it restarts my tomcat and i loose my session, so i have to go through login process to get the session. Is it possible to save this session across restarts, it would be great and save me a lot of time in development The problem isn't that your session isn't being persisted across restarts: it's that your session contents are incompatible after the restart. What happens is this: 1. Your webapp creates an object of a class, say, MyBean v1, and stuffs it into the session. 2. You modify MyBean.java, recompile, and redeploy 3. Tomcat detects the updated class, saves the sessions to the disk, re-deploys your webapp, and re-loads the sessions from the disk 4. During re-loading, the object from MyBean v1 tries to load into an environment where only MyBean v2 is available, and an exception occurs, so the session is not recovered Possible solutions are to (a) set the serialVersionId of your class or (b) write your own serialization methods (see Java serialization howtos for that) The other possibility is that you've got non-serializable objects in the session, which will prevent your session from persisting in the first place. Session is persistence is enabled by default, and should work. It's very possible that your webapp is interfering with the process. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkt7EaMACgkQ9CaO5/Lv0PALtQCgkfJuYvzGSFK35H1mpG8du0ph dlMAoIWeRf32GgPOFteRgEQMm6WhzUoi =5ciA -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat dies suddenly
On 16/02/2010 21:41, André Warnier wrote: Appeal to the experts : considering the lenghtily expounded symptoms, would it be possible that one obscure corner of the SSL code or data is being used only occasionally, and that such occasional usage could cause the symptoms here observed ? Or the Garbage collector, or some method that is implemented natively, or ... I'm reasonably sure it is a JVM bug at this stage. Looking forward to hearing what results are obtained with different JVMs. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: performance problems with Tomcat 6 and JSF 1.2
On 16/02/2010 21:39, Christopher Schultz wrote: Mark Thomas is a frequent contributor to this list and, if he's got time and you're willing to help, he's quite likely to help investigate and maybe work on a solution. It is on my radar but I haven't had time to look at it yet. There is at least one duplicate of 48600. Between the various bugs I think there is a test case but it would be good to make sure. The ideal would be: - test case that demonstrates the problem (as simple as possible, with source, a single JSP is ideal) - a clean patch in diff -u format against trunk that includes documentation as appropriate Essentially, the easier it is for a committer to understand the problem, repeat the issue, understand the patch, apply the patch and test the patch, the quicker fixes find their way into the codebase. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat dies suddenly
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 André, On 2/16/2010 4:41 PM, André Warnier wrote: So what now ? I leave this list for 3 days to go earn my keep, and when I come back this silly crash issue is /still/ not resolved ? Well, we've been waiting for you to bring your expertise to bear on this issue, André :) still on my trip about the SegFaults caused by some native non-kosher executable module.. I'd be surprised if this was the problem: Carl is installing Sun's JRE, which should have everything it needs. He says he's not playing around with any native code, so I wouldn't expect anything to be incompatible. I'm not saying it's impossible... just that I'd be surprised if it's the case. I'd think you'd get something other than a SIGSEGV anyway... attempting to load an incompatible library ought to get you some other error... though I'm not sure which. You could probably try to force that to happen with something like this (in Java, of course): System.loadLibrary(my-bad-arch.so); ...and see what happens. I don't have a library of the wrong architecture laying around right now. I tried to load some random file, and I got an UnsatisfiedLinkError, but that's at the Java level. I have no idea what would happen if the native X11 graphics library was being loaded by the JVM and wasn't compatible... Appeal to the experts : considering the lenghtily expounded symptoms, would it be possible that one obscure corner of the SSL code or data is being used only occasionally, and that such occasional usage could cause the symptoms here observed ? It's possible. If SSL is in use, consider downgrading to the pure Java connectors (i.e. no APR... enjoy re-configuring Tomcat to use the different-style SSL configuration) to see if that clears things up. strace would indicate that this was the problem if you had multiple runs: the openssl libraries would always be in the mix of the stack trace. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkt7FDsACgkQ9CaO5/Lv0PC1cgCfRf9qHNkMJEs54I/CCAxuzBc8 zroAnRLGS53mv6V/T1sxur1vEekbd3Ym =XaqE -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: JSP Page hangs... clues? (SOLVED)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jordan, On 2/15/2010 6:24 PM, Jordan Michaels wrote: The client got in touch with us today stating that the entire site was now unresponsive. We reviewed the log files and miraculously this time there WAS an error message (lots of them). The error was as follows: --- SEVERE: Error allocating socket processor java.lang.OutOfMemoryError: unable to create new native thread That'll do it. So, looking at my setenv.sh values, it turns out that Xss256m is extremely massive. Hah, yeah. I didn't notice that on first reading. I reduced the value to 512k, and things are now working beautifully. I would leave the stack size to the default, unless you see a need to increase it. You might also want to review your nominal thread count in the JVM: it's possible that you are getting close to the limit of threads for a process in your environment. I can only guess at why there were no logs when this happened previously (maybe no memory left to spawn a new logging thread? no idea...), but the page that was hanging now runs very quickly even when I hammer my refresh button on it. =D Try ApacheBench... it's a much better hammer. Good luck, - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkt7FYYACgkQ9CaO5/Lv0PB8dQCcDNkl0DCH05Jic0IhnpTUHzKv prIAnRN1eBhNiWYvqUgsDnfXbK8Ckevq =3v5F -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: File does not exist error - public_html/addArticle.do
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Steve, On 2/14/2010 12:54 PM, Steve Campisano wrote: So this does work It will not work however when I attempt to run it with http://www.mysite.com/TestStruts1/newArticle.jsp. I agree with Chuck: the botched configuration of Tomcat is causing you a bunch of problems. Note that things started working once you put a subdirectory into public_html (because the Host appBase was set to that directory, and autoDeploy=true by default), but they weren't working quite right. It looks like these guys intend for you to have a single Context that resides in a single directory, which is reasonable, honestly. Instead, they've created a monster where you can trick their Tomcat instance into deploying many webapps while the ROOT webapp fights for control of the whole thing. Is this a hosting company that manages multiple clients, or your own in-house IT staff (who have been moved off-shore)? If the former, they have a significant problem in their understanding of how to manage multiple customer webapps. If the latter, well, they still have a significant misunderstanding, but we have a better chance of getting them to change their configuration. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkt7F/AACgkQ9CaO5/Lv0PCt7ACfR2L8OnRiKiNywW6sHnKf/+Ox gq8AnievpfAeamBOKG8OuBBX1YfNFbyd =mKCZ -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat 6 on solaris losing cookies
Hi Konstantin, Thanks for your reply. Yes, the getHeaders(cookie) returns what seems to be a valid set of cookies, thus we're not losing them in any of the proxies we might have set up. (Currently, we're only in development mode for tomcat 6 and we're not going through any proxies, just directly to the server.) We get this problem in all sorts of browsers (FF, Safari, IE). The thing that really bugs me is the inconsistency. It's almost as if there were a race condition going on, but the request is basically single threaded, isn't it? My only fear is some parser used in the tomcat code is being used in a non-thread safe manner, but then *everybody* would be having this problem, neh? I'm finding out about the connectors, but we may not be using any as : Jan 28, 2010 6:52:56 PM org.apache.catalina.core.AprLifecycleListener init INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /dist/sfsite/obj Hopefully, this is just in our development environments! Thanks, -George On Feb 12, 2010, at 2:32 PM, Konstantin Kolinko wrote: 2010/2/13 George Baxter gbax...@shutterfly.com: Hello, We're running into an issue with tomcat 6.0.18 running on solaris. Occasionally a request will come through that has cookies in the header, but the request.getCookies() returns no cookies. How do you observe that? You mean that it is present in HttpServletRequest.getHeaders(Cookie) ? This causes the user to lose session since even the JSESSIONID cookie is not recognized, and of course all our custom cookies are lost. It seems to happen randomly, across our web site, and varies in frequency from every 2-3 requests to over 200 requests before it happens again. There's no change to the cookie values (or very little) between requests. In addition, this only seems to be a problem on solaris. Running on MacOSx or Linux and we don't see the issue. Also, we don't have the problem in Tomcat 5.5. Any other details on your configuration? What connectors are you using? HTTP/AJP? Nio/Bio/Apr? (usually some org.apache.coyote.* class is mentioned in the startup log in a Starting Coyote .. message) Do you have Apache HTTPD in front of Tomcat? Do you have HTTP proxies around? Are failing requests coming from some specific client? Are they coming from some specific browser? Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat 6 on solaris losing cookies
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 George, On 2/16/2010 5:14 PM, George Baxter wrote: Yes, the getHeaders(cookie) returns what seems to be a valid set of cookies, thus we're not losing them in any of the proxies we might have set up. Good to know. But this means that Tomcat is ignoring them, then, right? How many Cookie headers do you get? I believe Tomcat looks for any Cookies with the name JSESSIONID and then loops through each of them until it finds a valid session id for the webapp servicing the request. So, if there's a valid cookie in there for the JSESSIONID, Tomcat should use it. We get this problem in all sorts of browsers (FF, Safari, IE). We had a problem like this, but we were deploying two webapps within the same URL space which resulted in two JSESSIONID cookies being sent by the browser. We had a third webapp, which didn't use sessions directly, but used the JSESSIONID passed-in from the browser to to a loop-back call to one of the other webapps with a ;jsessionid= in the URL in order to masquerade as the remote user. Since the 3rd webapp couldn't verify which of the two JSESSIONID cookies to use, it had to guess and it often guessed incorrectly. The solution was to separate the two primary webapps into separate URL spaces. Perhaps you have something weird like this going on? The thing that really bugs me is the inconsistency. It's almost as if there were a race condition going on, but the request is basically single threaded, isn't it? My only fear is some parser used in the tomcat code is being used in a non-thread safe manner, but then *everybody* would be having this problem, neh? Most likely: there are many Tomcat users out there who use cookie-based session tracking without any of these problems. You are likely to be unique in this regard :( I'm finding out about the connectors, but we may not be using any as : Jan 28, 2010 6:52:56 PM org.apache.catalina.core.AprLifecycleListener init INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /dist/sfsite/obj This just means (note the INFO log level) that APR is not being used, but was requested by the presence of the AprLifecycleListener in server.xml. If you aren't /trying/ to use APR, you can ignore this INFO message: Tomcat will default to the pure-Java Connectors if APR is not available. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkt7HAsACgkQ9CaO5/Lv0PDLQACfYbDz3nbdGN9r0/hQMcpocVlO frcAoIaWRPhWe560mlKcDZdwbiNKStz+ =7x53 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat 6 on solaris losing cookies
2010/2/17 George Baxter gbax...@shutterfly.com: Hi Konstantin, Thanks for your reply. Yes, the getHeaders(cookie) returns what seems to be a valid set of cookies, thus we're not losing them in any of the proxies we might have set up. (Currently, we're only in development mode for tomcat 6 and we're not going through any proxies, just directly to the server.) We get this problem in all sorts of browsers (FF, Safari, IE). The thing that really bugs me is the inconsistency. It's almost as if there were a race condition going on, but the request is basically single threaded, isn't it? My only fear is some parser used in the tomcat code is being used in a non-thread safe manner, but then *everybody* would be having this problem, neh? I'm finding out about the connectors, but we may not be using any as : Jan 28, 2010 6:52:56 PM org.apache.catalina.core.AprLifecycleListener init INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /dist/sfsite/obj Hopefully, this is just in our development environments! Thanks, -George On Feb 12, 2010, at 2:32 PM, Konstantin Kolinko wrote: 2010/2/13 George Baxter gbax...@shutterfly.com: Hello, We're running into an issue with tomcat 6.0.18 running on solaris. Occasionally a request will come through that has cookies in the header, but the request.getCookies() returns no cookies. How do you observe that? You mean that it is present in HttpServletRequest.getHeaders(Cookie) ? This causes the user to lose session since even the JSESSIONID cookie is not recognized, and of course all our custom cookies are lost. It seems to happen randomly, across our web site, and varies in frequency from every 2-3 requests to over 200 requests before it happens again. There's no change to the cookie values (or very little) between requests. In addition, this only seems to be a problem on solaris. Running on MacOSx or Linux and we don't see the issue. Also, we don't have the problem in Tomcat 5.5. Any other details on your configuration? What connectors are you using? HTTP/AJP? Nio/Bio/Apr? (usually some org.apache.coyote.* class is mentioned in the startup log in a Starting Coyote .. message) Do you have Apache HTTPD in front of Tomcat? Do you have HTTP proxies around? Are failing requests coming from some specific client? Are they coming from some specific browser? Best regards, Konstantin Kolinko 1. What is the default character encoding for your environment? 2. Cookies are parsed in org.apache.tomcat.util.http.Cookies.processCookies() You may 1) Look in your logs for a WARN message with the text Cookies: Parsing cookie as String. Expected bytes. 2) You can consider enabling FINE logging for the above mentioned class. Add this to the logging.properties: org.apache.tomcat.util.http.Cookies.level=FINE It will log what headers it parsed. Though it might be hard to match what is logged to your specific request, so it might be useless. 3) When an issue is encountered, log the headers. Then post them here or try to parse them yourselves, copying the code from Cookies.processCookieHeader() for the Tomcat version that you are using. 3. Have you considered trying it with a more recent Tomcat version? Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Tomcat dies suddenly
An ex-colleague of mine tells the story (which may well be apocryphal, but is good fun) of being called to an industrial estate in South Wales to debug a problem where floppy disks in the office would mysteriously wipe themselves - pretty much every floppy in the office, at the same time. It happened very occasionally, but with no hard disks and the company's financial accounts stored on floppies, this caused considerable problems. They'd been through the usual did-you-stick-it-to-the-filing-cabinet-with-a-fridge-magnet questions, and everyone in the office swore they were taking all reasonable precautions. Eventually she solved the problem when she saw the crane from the scrapyard next door swing a big load of scrap past the office window, all dangling from the large electromagnet at the end of the line... all she could do was recommend they moved offices or stuck a mu-metal cage round the room. - Peter On 16 February 2010 18:57, Mark H. Wood mw...@iupui.edu wrote: Heh, when I was in another building I was issued an ADDS Viewpoint terminal which would, every so often, begin typing all by itself and quite at random. Eventually we determined that my cubicle was directly underneath an arc welding station in the welding shop one floor up, and when welding classes were in session the EMI was picked up by my keyboard. (Written from one of my xterms.) -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Friends don't let friends publish revisable-form documents.
Re: tomcat 6 on solaris losing cookies
Hi Konstantin, 1. We're still an Latin-1 shop, primarily... .. skip to 3. We've tried 6.0.24 as well, same result. We were using 6.0.18 because I've been using in (on my Mac in development, other users using Linux in development) for the past 8 months with no real issues. I'll get to work on the logging, see what turns up. Thanks, -g. On Feb 16, 2010, at 2:47 PM, Konstantin Kolinko wrote: 2010/2/17 George Baxter gbax...@shutterfly.com: Hi Konstantin, Thanks for your reply. Yes, the getHeaders(cookie) returns what seems to be a valid set of cookies, thus we're not losing them in any of the proxies we might have set up. (Currently, we're only in development mode for tomcat 6 and we're not going through any proxies, just directly to the server.) We get this problem in all sorts of browsers (FF, Safari, IE). The thing that really bugs me is the inconsistency. It's almost as if there were a race condition going on, but the request is basically single threaded, isn't it? My only fear is some parser used in the tomcat code is being used in a non-thread safe manner, but then *everybody* would be having this problem, neh? I'm finding out about the connectors, but we may not be using any as : Jan 28, 2010 6:52:56 PM org.apache.catalina.core.AprLifecycleListener init INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /dist/sfsite/obj Hopefully, this is just in our development environments! Thanks, -George On Feb 12, 2010, at 2:32 PM, Konstantin Kolinko wrote: 2010/2/13 George Baxter gbax...@shutterfly.com: Hello, We're running into an issue with tomcat 6.0.18 running on solaris. Occasionally a request will come through that has cookies in the header, but the request.getCookies() returns no cookies. How do you observe that? You mean that it is present in HttpServletRequest.getHeaders(Cookie) ? This causes the user to lose session since even the JSESSIONID cookie is not recognized, and of course all our custom cookies are lost. It seems to happen randomly, across our web site, and varies in frequency from every 2-3 requests to over 200 requests before it happens again. There's no change to the cookie values (or very little) between requests. In addition, this only seems to be a problem on solaris. Running on MacOSx or Linux and we don't see the issue. Also, we don't have the problem in Tomcat 5.5. Any other details on your configuration? What connectors are you using? HTTP/AJP? Nio/Bio/Apr? (usually some org.apache.coyote.* class is mentioned in the startup log in a Starting Coyote .. message) Do you have Apache HTTPD in front of Tomcat? Do you have HTTP proxies around? Are failing requests coming from some specific client? Are they coming from some specific browser? Best regards, Konstantin Kolinko 1. What is the default character encoding for your environment? 2. Cookies are parsed in org.apache.tomcat.util.http.Cookies.processCookies() You may 1) Look in your logs for a WARN message with the text Cookies: Parsing cookie as String. Expected bytes. 2) You can consider enabling FINE logging for the above mentioned class. Add this to the logging.properties: org.apache.tomcat.util.http.Cookies.level=FINE It will log what headers it parsed. Though it might be hard to match what is logged to your specific request, so it might be useless. 3) When an issue is encountered, log the headers. Then post them here or try to parse them yourselves, copying the code from Cookies.processCookieHeader() for the Tomcat version that you are using. 3. Have you considered trying it with a more recent Tomcat version? Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat 6 on solaris losing cookies
We took a quick look at the cookie parsing code and unfortunately, logging is dependent not on log4j configuration, but instead on a static final int 'dbg' variable defined in the Cookies.java. I'll try copy/paste code into my own class to see how it fairs on the header value. -g. On Feb 16, 2010, at 2:47 PM, Konstantin Kolinko wrote: 2010/2/17 George Baxter gbax...@shutterfly.com: Hi Konstantin, Thanks for your reply. Yes, the getHeaders(cookie) returns what seems to be a valid set of cookies, thus we're not losing them in any of the proxies we might have set up. (Currently, we're only in development mode for tomcat 6 and we're not going through any proxies, just directly to the server.) We get this problem in all sorts of browsers (FF, Safari, IE). The thing that really bugs me is the inconsistency. It's almost as if there were a race condition going on, but the request is basically single threaded, isn't it? My only fear is some parser used in the tomcat code is being used in a non-thread safe manner, but then *everybody* would be having this problem, neh? I'm finding out about the connectors, but we may not be using any as : Jan 28, 2010 6:52:56 PM org.apache.catalina.core.AprLifecycleListener init INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /dist/sfsite/obj Hopefully, this is just in our development environments! Thanks, -George On Feb 12, 2010, at 2:32 PM, Konstantin Kolinko wrote: 2010/2/13 George Baxter gbax...@shutterfly.com: Hello, We're running into an issue with tomcat 6.0.18 running on solaris. Occasionally a request will come through that has cookies in the header, but the request.getCookies() returns no cookies. How do you observe that? You mean that it is present in HttpServletRequest.getHeaders(Cookie) ? This causes the user to lose session since even the JSESSIONID cookie is not recognized, and of course all our custom cookies are lost. It seems to happen randomly, across our web site, and varies in frequency from every 2-3 requests to over 200 requests before it happens again. There's no change to the cookie values (or very little) between requests. In addition, this only seems to be a problem on solaris. Running on MacOSx or Linux and we don't see the issue. Also, we don't have the problem in Tomcat 5.5. Any other details on your configuration? What connectors are you using? HTTP/AJP? Nio/Bio/Apr? (usually some org.apache.coyote.* class is mentioned in the startup log in a Starting Coyote .. message) Do you have Apache HTTPD in front of Tomcat? Do you have HTTP proxies around? Are failing requests coming from some specific client? Are they coming from some specific browser? Best regards, Konstantin Kolinko 1. What is the default character encoding for your environment? 2. Cookies are parsed in org.apache.tomcat.util.http.Cookies.processCookies() You may 1) Look in your logs for a WARN message with the text Cookies: Parsing cookie as String. Expected bytes. 2) You can consider enabling FINE logging for the above mentioned class. Add this to the logging.properties: org.apache.tomcat.util.http.Cookies.level=FINE It will log what headers it parsed. Though it might be hard to match what is logged to your specific request, so it might be useless. 3) When an issue is encountered, log the headers. Then post them here or try to parse them yourselves, copying the code from Cookies.processCookieHeader() for the Tomcat version that you are using. 3. Have you considered trying it with a more recent Tomcat version? Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Tomcat dies suddenly
On Tue, Feb 16, 2010 at 3:17 PM, Peter Crowther peter.crowt...@melandra.com wrote: snip/ Oh, now we're on magnet stories? :-) Back in the day, I was working as an IBM CE in downtown SF. One of our branch specialists and I were in an elevator headed out to a customer's office with a piece of telecom test equipment that had a very powerful magnet on its back to attach to the system cabinet. Chatting away, we only realized as we left the elevator that the guy standing next to us was holding a removable disk pack in a plastic cake-cover -- right next to the test box. Always wondered how that turned out for him when that pack got mounted... -- Hassan Schroeder hassan.schroe...@gmail.com twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat 6 on solaris losing cookies
Well.. we parsed the header that failed, and it parsed just fine. Note that we're parsing via the 'old deprecated' parse by string entity. I guess I'll try parsing by bytes next. -g. On Feb 16, 2010, at 2:47 PM, Konstantin Kolinko wrote: 2010/2/17 George Baxter gbax...@shutterfly.com: Hi Konstantin, Thanks for your reply. Yes, the getHeaders(cookie) returns what seems to be a valid set of cookies, thus we're not losing them in any of the proxies we might have set up. (Currently, we're only in development mode for tomcat 6 and we're not going through any proxies, just directly to the server.) We get this problem in all sorts of browsers (FF, Safari, IE). The thing that really bugs me is the inconsistency. It's almost as if there were a race condition going on, but the request is basically single threaded, isn't it? My only fear is some parser used in the tomcat code is being used in a non-thread safe manner, but then *everybody* would be having this problem, neh? I'm finding out about the connectors, but we may not be using any as : Jan 28, 2010 6:52:56 PM org.apache.catalina.core.AprLifecycleListener init INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /dist/sfsite/obj Hopefully, this is just in our development environments! Thanks, -George On Feb 12, 2010, at 2:32 PM, Konstantin Kolinko wrote: 2010/2/13 George Baxter gbax...@shutterfly.com: Hello, We're running into an issue with tomcat 6.0.18 running on solaris. Occasionally a request will come through that has cookies in the header, but the request.getCookies() returns no cookies. How do you observe that? You mean that it is present in HttpServletRequest.getHeaders(Cookie) ? This causes the user to lose session since even the JSESSIONID cookie is not recognized, and of course all our custom cookies are lost. It seems to happen randomly, across our web site, and varies in frequency from every 2-3 requests to over 200 requests before it happens again. There's no change to the cookie values (or very little) between requests. In addition, this only seems to be a problem on solaris. Running on MacOSx or Linux and we don't see the issue. Also, we don't have the problem in Tomcat 5.5. Any other details on your configuration? What connectors are you using? HTTP/AJP? Nio/Bio/Apr? (usually some org.apache.coyote.* class is mentioned in the startup log in a Starting Coyote .. message) Do you have Apache HTTPD in front of Tomcat? Do you have HTTP proxies around? Are failing requests coming from some specific client? Are they coming from some specific browser? Best regards, Konstantin Kolinko 1. What is the default character encoding for your environment? 2. Cookies are parsed in org.apache.tomcat.util.http.Cookies.processCookies() You may 1) Look in your logs for a WARN message with the text Cookies: Parsing cookie as String. Expected bytes. 2) You can consider enabling FINE logging for the above mentioned class. Add this to the logging.properties: org.apache.tomcat.util.http.Cookies.level=FINE It will log what headers it parsed. Though it might be hard to match what is logged to your specific request, so it might be useless. 3) When an issue is encountered, log the headers. Then post them here or try to parse them yourselves, copying the code from Cookies.processCookieHeader() for the Tomcat version that you are using. 3. Have you considered trying it with a more recent Tomcat version? Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: logging
Dear Reno, Thanks for the quick response . but i couldnt find any solution to put application level log using appache commons logging - JULI combination. Reno , the issue is that my appication is a hibernate application [ a java project in eclipse ]. O/R mapping is done using Hibernate Tools . While doing the mapping it adds log object using LogFactory.getLog(xxx.class) in the apache commons logging library to all mapped classes. I use this application as a jar file in another web appication [a dynamic web project in eclipse] to be deployed to tomcat 6 . So i need to generate the application level log from both the web appication and the hibernate application using tomcat 6 default logging implementation . The reason i dont want to change to custom log4j is that everytime i do the hibernate mapping . i need to change in logging part from apache commons logging to log4j . This is not a recommeded way Hope i made things clear . Please tell me what necessary configurations i need to do to make my application level logs to be extracted to a file . -- Regards, Niyas -- View this message in context: http://old.nabble.com/logging-tp27607876p27619990.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Setting Character Encoding in server.xml
Thanks Chuck, problem fixed Peter From: Peter Sparkes [mailto:pe...@didm.co.uk] Subject: Setting Character Encoding in server.xml I am using Linux/Tomcat 5.5. I am running several Tomcat instances each with its own server.xml and wish to use different character encoding in each instance. Please how do I set the character encoding in server.xml Take a look at this: http://wiki.apache.org/tomcat/FAQ/CharacterEncoding - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org