Re: Help required for SMAP....
Thanks for the reply, I guessed that also, but i think there are some problems in this approach. If you look at JSP line from 3 to 13 you'll find this, 3. % 4. %@ page import=java.util.* % 5. %@ page import=java.text.* % 6. !DOCTYPE html PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN http://www.w3.org/TR/html4/loose.dtd; 7. html 8. head 9. meta http-equiv=Content-Type content=text/html; charset=ISO-8859-1 10. titleInsert title here/title 11. /head 12. body 13. % on JAVA file, 55. out.write(\r\n\r\n\n!DOCTYPE html PUBLIC \-//W3C//DTD HTML 4.01 Transitional//EN\ \http://www.w3.org/TR/html4/loose.dtd\;\nhtml\nhead\nmeta http-equiv=\Content-Type\ content=\text/html; charset=ISO-8859-1\\ntitleInsert title here/title\n/head\nbody\n); As you can see on the JAVA line the imports are not present which exist in JSP lines 4 and 5 You can find those imports in, JAVA file on the following lines. 6. import java.util.*; 7. import java.text.*; so the correct mapping should be 6,6:55,0 and 3,2:6,1 That's the issue, Is this a bug in TOMCAT SMAP feature ? I'm so confused btw is there a easier way to capture code line numbers other than using a .BAT file or creating a program for it
Re: httpd vs. Tomcat performance
Very entertaining reading! Thanks Chris and Mark for re-benchmarking, explaining, and giving your opinions on the results. I'm not entirely sure how I missed Chris' benchmark results email, almost exactly one year ago now. Chris: there are no units on your results numbers, and I'm not seeing any procedure you used, nor any configurations you used, so I'm not sure how to interpret the numbers. It would be great to get more information about how the benchmark was conducted, which HTTP client was used, and what server hardware was used. I tried to write my benchmark such that it is fully documented and repeatable all the way down to the configuration used on both the client and the server, etc. I also wanted to be completely clear and up front about the specific scenarios I was benchmarking -- there are many more that I wasn't -- so I wrote the explanations into the text as well. The results are, of course, only about the kinds of requests we're benchmarking, and also about the configuration(s) used. I did try to think up and benchmark the most likely use cases for serving typical webapp content, but anyone can say their webapp isn't like that. :) Plus, I tried to write my benchmark to both inspire others to conduct and publish more benchmarks, and also to show a detailed example of one that others could modify and re-use. I was hoping to see more published benchmarks by now, but each one I find is really entertaining. I'm happy to see that Chris' independent benchmark numbers help to show that it is indeed a myth that Tomcat needs HTTPD in front of it in order to get good performance serving static files. And, it's great to see benchmark results for file sizes that I wasn't able to benchmark. Mark: I like your text about some of the other reasons people want to use HTTPD -- it is spot on, and in fact there are so many modules out there for it, there are countless logical reasons to use it. Thanks for the additional analysis. It helps. -- Jason On Wed, Mar 24, 2010 at 5:50 PM, Mark Thomas ma...@apache.org wrote: On 25/03/2010 00:26, Hassan Schroeder wrote: Just to get this into the archives for the next time it comes up http://tomcatexpert.com/blog/2010/03/24/myth-or-truth-one-should-always-use-apache-httpd-front-apache-tomcat-improve-perform because I don't know if the author (a certain mthomas) will mention it here. :-) (via @springsource on Twitter) Chris deserves a lot of the credit. Without his figures, it is just opinion. I'll have to see if I can get the graph to display as well. It is nice to have the hard figures but the graph gives you a quicker handle on the data. Mark
Re: Sporadic errors during high load
We are also seeing the similar issue. We are also running a load test of 3000 concurent users and from 3000 ip address and aproximately 4 connection/ipaddress sec loading 5 pages which contains few portlets. The test runs for an hour but after 5 minutes we started seeing the failures in establising connection. In the TCP layer we are see the SYN packet from the client to server but we are noting seeing SYN-ACK back. The SYN-ACK is not happening for all the connection but the failure rate goes on by as the time goes on. the load test is similated using Spirent tool The same 300 concurrent connection with 1 ipaddress work very well using the grider tool.We didn't see any failures. First we tried with our portal web application. with default HTTPConnector we see failure as mentioned above. Next we tried apache webserver and mod_jk infront of portal web application we saw the same results. What i mean by portal web app is that Liferay 5.2.6 + Tomcat 6.0.24 Following is the configuration we have 1. With HTTP connector this the configuration Connector port=8081 maxHttpHeaderSize=8192 maxThreads=200 minSpareThreads=50 maxSpareThreads=100 enableLookups=false acceptCount=400 protocol=HTTP/1.1 acceptorThreadCount=8 connectionTimeout=2 redirectPort=8444 disableUploadTimeout=true URIEncoding=UTF-8 / There is no other change in default setting. 2. With apache webserver + mod_jk infront of tomcat. !-- Define an AJP 1.3 Connector on port 8009 -- Connector port=8010 protocol=AJP/1.3 redirectPort=8444 URIEncoding=UTF-8 backlog=100/ worker.prorperties file content worker.list=liferay worker.liferay.type=ajp13 worker.liferay.host=localhost worker.liferay.port=8010 Apriciate for your help. Cheers Suresh Subramanian Patrik Kudo wrote: Hi all! We run a fairly large web application which we're currently trying to do some load tests on but we're experiencing some sporadic errors which we can't find the cause of. We run a load test scenario using the Proxysniffer load testing tool on a machine connected to the same switch as the server under load. The load test simulates 3100 users looping over 27 pages of varying complexity. Each loop takes 2175 seconds on average and the average response time per page is 0.16 seconds. The test runs for about 5 hours and after a while, normaly around 1 hour but sometimes as soon as after a little more than 30 minutes and sometimes longer, there are occasional errors. The errors always come clustered with a bunch on each occurance. After each occurance everything runs fine for a lenght of time until the next occurance. Proxysniffer reports all errors as Network Connection aborted by Server but when we look at each error in detail we can see that they don't all occur at the same stage in the request cycle. Some occur on transmit http request, some on open network connection, some on wait for server response, but all within the same second. On one of the tests we had a total of more than 300 requests and had only 14 errors divided over 2 occations during the 5 hour test. The problem is 100% reproducable with the current setup and the setups we've tested but the errors occur with some randomness. The application logs show nothing unusual. The access logs show nothing unusual. We've included the session ids in the tomcat logs and the failing urls doesn't show up in the access log at all for the given session id (cookies are shown in the error report). During the test the machine is under some load, but I wouldn't call it heavy load. The application is quite database intensive so postgres works a lot harder than java/tomcat. At first we used apache 2.2 with mod_jk to in front of tomcat and the errors were more numerous at that time and we got a bunch of errors in the mod_jk.log stating apache could not connect to tomcat. To be able to pinpoint the problem we've now excluded apache httpd and run only tomcat with the NIO HTTP connector. We also tried the vanilla HTTP connector. We've tried to use both the default garbage collector with default settings and the flags -XX:+UseConcMarkSweepGC -XX:+UseParNewGC -XX:+CMSIncrementalMode. No significant difference in times and errors with both settings. We've been able to match some of the errors with full collections reported by the flags -verbose:gc -XX:+PrintGCDetails -XX:+PrintGCTimeStamps but some errors occur where there are no full GC occuring. I'm running out of ideas here... What am I missing? What am I doing wrong? What could I try? The full JVM flags are: # general options JAVA_OPTS=-server -Dbuild.compiler.emacs=true # Memory limits (we've tried both higher and lower values here) JAVA_OPTS=${JAVA_OPTS} -XX:MaxPermSize=192m -Xmx1800m -Xms1800m # GC logging JAVA_OPTS=${JAVA_OPTS} -verbose:gc -XX:+PrintGCDetails -XX:+PrintGCTimeStamps # GC engine (Tried with excluding this and
Windows Server 2008: Access web application - application server (Apache Tomcat)
Hi We have a web application running on Apache Tomcat (JSP / Axis2). This web application connects to an application server via SOAP. The application runs on Windows XP, Vista and Windows Server 2003. But we have problems on a Windows Sever 2008. The web application can't connect to the application server. There is an AxisFault, String index out of range We have no idea, what could be wrong. - Could it be a security option in Windows Server 2008? If yes what is to do? - TCP/IP options? Thanks for any hint. Best regards Hans - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: httpd vs. Tomcat performance
Hi , We have a online shop developed as a suite of JSR168 portlets. On some portlets we list products and images (so there are about 25 images per page + other images). One image has around 250k. Performance was greatly improved after we put apache httpd in front (images served by apache gzipped response for js, html, css). We did not note numbers, but the improvement could be seen with naked eye. Now, reading the article, I think we should have tried APR also :) But hei, there are other reasons too for using httpd, such as handful apache modules (e.g. mod rewrite or gzip compression) Note: tomcat 6.0.18, NOT configured with APR running on debian linux sun jdk6 Regards, Marian Simpetru On Thu, 2010-03-25 at 02:39 +0100, Rémy Maucherat wrote: On Thu, Mar 25, 2010 at 1:50 AM, Mark Thomas ma...@apache.org wrote: Chris deserves a lot of the credit. Without his figures, it is just opinion. That's the second benchmark that I see today that has odd numbers. Rémy - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Connecting to a Database
On 24/03/2010 15:56, Caldarale, Charles R wrote: From: Pid [mailto:p...@pidster.com] Subject: Re: Connecting to a Database If you define the datasource as a global resource, you can define the Realm in server.xml (before or inside the Host), but then you need a resource link in the context.xml to make the global resource available to the app. Are you sure about that? TheResourceLink is necessary when the app is accessing the data source, but in this case, it's not the app, it's Tomcat, doing the authentication lookups. I don't think theResourceLink is necessary, but the rest is definitely needed. Yes, I meant that if the OP needed the data source in the application for some other purpose that a resource link would be required. Probably could have been phrased better. p - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: need help
On 24/03/2010 22:00, Peter Crowther wrote: It depends entirely on your application. 500 users each asking for one static HTML page every 10 minutes? Sure, no problem. 500 concurrent users requesting 1 page every 10 seconds that takes 8 seconds to generate? Ah, now you're going to have to do some tuning. Have you profiled your application? Do you know what load you expect? .. and you didn't even mention hardware. p - Peter On 24 March 2010 17:38, Muralidhar Yaragallayaragallamur...@gmail.comwrote: Hi, I have to run tomcat against 500 concurrent users. I am using tomcat6, Java1.6 and tomcat running on windows2003 OS. Do I have to do any additional configuration for this in tomcat or no configuration required? Kindly help me. Do I have to specify any maximum threads allowed or kind of things? Pls help me guys. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: httpd vs. Tomcat performance
On 25/03/2010 01:39, Rémy Maucherat wrote: On Thu, Mar 25, 2010 at 1:50 AM, Mark Thomas ma...@apache.org wrote: Chris deserves a lot of the credit. Without his figures, it is just opinion. That's the second benchmark that I see today that has odd numbers. What did you think was odd? Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Project: Develop a tool that can provision a Tuscany SCA enabled web application based on the extension requirements of the composite (implementation/binding/databinding/policy types) for Google
On 25/03/2010 03:14, Nouhoun KANE wrote: i want you to give me more details about this idea bacause i want to do something with Tuscany SCA in Java and i think this an opportunity for me to do it. So i want more details about this idea and i will submit you my project and we will discuss about it before the subcription for the GSoC begin. I thank you very much in advance for the time you will take to read this. I'm waiting for your reply. Thank you very much. Read what? The mailing list strips attachments. One option is to add a page to the wiki and link to it from here: http://wiki.apache.org/tomcat/SummerOfCode2010 Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Project : SPDY connector for Tomcat
On 25/03/2010 03:27, Nouhoun KANE wrote: I would like to work on this project. I propose a JAVA API that we can use to let Tomcat support SPDY. I'm waiting for your critics about this proposal. What proposal? Writing an API? The project is to provide an SPDY implementation for the existing connector API. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
UndeclaredThrowableException as a result of false ClassLoading
Hello, Apache Tomcat/5.5.26 jdk1.5.0_11 / jdk1.5.0_19 Windows XP / SunOS 5.10 Short description of the use case: - User fills form with some wrong information - tomcat sends (RMI call) to another server - server throws ValidationException back to tomcat - tomcat _sometimes_ wraps the ValidationException with UndeclaredThrowableException Installation: Tomcat hosts several web applications (war), each of the wars include a jar with the ValidationException class in the WEB-INF/lib directory. The deployed jars are indentical. The jar cannot be put to shared or common because of some internal reasons. Analysis: In the case where the ValidationException is wrapped by the UndeclaredThrowableException, the WebappClassLoader instance of the current thread and the instance of the WebappClassLoader of the caught (and wrapped) ValidationException are different. As a result the ValidationException that is caught is not the same as the one that is expected and thus violates the interface = UndeclaredThrowableException. In the following code the instanceof ValidationException returns false: [...] key = saveSomething(); } catch (ValidationException e) { [...] } catch( UndeclaredThrowableException e1 ) { Throwable t = e1.getUndeclaredThrowable(); if(t instanceof ValidationException) { [...] } else { log.info( Not a ValidationException: , t ); log.info( thrown Exception class: + t.getClass() + : + getUniqueID( t ) ); log.info( expected Exception class: + ValidationException.class + : + getUniqueID( new ValidationException() ) ); throw e1; } } Hint: getUniqueID also prints the ClassLoader information. In this case both ValidationExceptions are loaded by different WebappClassLoader instances. Question: It seems that during unmarshalling of the ValidationException it is not predictable which ValidationException (identified by its ClassLoader) is constructed. It seems that the WebApp may get a ValidationException that doesn't fit to its own ClassLoader but to a ClassLoader of another WebApp. Is this a bug of the tomcat? I mean shouldn't the WebApp get the ValidationException from the same ClassLoader that belongs to the WebApp that invoked the RMI call? Regards Fares
Re: Newbie: Tomcat Can't Find My App
Thanks Charles, Your's was the advice that worked. I've been trying to get an app written by others to work. Their web.xml file was hopelessly out of date. BTW, I tried enabling the invoker and even that wouldn't run because it was priviledged. Reuven Koblick On Tue, Mar 23, 2010 at 12:55 PM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Reuven Koblick [mailto:groovyro...@gmail.com] Subject: Newbie: Tomcat Can't Find My App When trying to execute the first servlet */sp00/servlet/LandingPageFront, That looks like a usage of the old and never-to-be-used-again invoker servlet: http://wiki.apache.org/tomcat/FAQ/Miscellaneous#Q2 http://wiki.apache.org/tomcat/FAQ/Miscellaneous#Q3 Don't even think about enabling it. You should be using proper servlet mapping in the WEB-INF/web.xml file. HTTP Status 404 - /sp00/servlet/LandingPageFront Context path=/application Logger className=org.apache.catalina.logger.FileLogger prefix=6.0_WebApp. suffix=.log timestamp=true/ /Context The path attribute is not allowed here, and the Logger element hasn't been used in many years. You need to read current Tomcat doc, not whatever you've been using. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: apache-tomcat-6.0.26 (log4j:WARN No appenders)
In which directory should I configure the log4j.properties file ? Date: Wed, 24 Mar 2010 13:53:29 + From: p...@pidster.com To: users@tomcat.apache.org Subject: Re: apache-tomcat-6.0.26 (log4j:WARN No appenders) On 24/03/2010 12:44, Manoj Kumar wrote: Hi, I executed a sample on apache-tomcat-6.0.26 as follows : [man...@localhost axis-1_4]$ java -cp $AXISCLASSPATH samples.stock.GetQuote -lhttp://localhost:8080/axis/servlet/AxisServlet -uuser1 -wpass1 XXX log4j:WARN No appenders could be found for logger (org.apache.axis.i18n.ProjectResourceBundle). log4j:WARN Please initialize the log4j system properly. XXX: 55.25 I got correct result but how can I solve log4j:WARN ? This would be a log4j question. Your application appears to include the jar, but you've not bothered to configure it. p - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org _ What does Budget 2010 mean for you? Catch all the latest news, updates and analysis on MSN Budget Special http://news.in.msn.com/moneyspecial/budget2010
RE: apache-tomcat-6.0.26 (log4j:WARN No appenders)
From: Manoj Kumar [mailto:utiba_ma...@hotmail.com] Subject: RE: apache-tomcat-6.0.26 (log4j:WARN No appenders) In which directory should I configure the log4j.properties file ? http://wiki.apache.org/tomcat/FAQ/Logging#Q5 - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: httpd vs. Tomcat performance
On 25/03/2010 07:01, Jason Brittain wrote: Very entertaining reading! Thanks Chris and Mark for re-benchmarking, explaining, and giving your opinions on the results. I'm not entirely sure how I missed Chris' benchmark results email, almost exactly one year ago now. Chris: there are no units on your results numbers, and I'm not seeing any procedure you used, nor any configurations you used, so I'm not sure how to interpret the numbers. It would be great to get more information about how the benchmark was conducted, which HTTP client was used, and what server hardware was used. Chris's original thread had most, if not all, of that info. I did have a reference to that in the blog post but it looks like it got garbled somewhere in the publishing process. I'll get that fixed. In the meantime, MarkMail should be able to find it. I tried to write my benchmark such that it is fully documented and repeatable all the way down to the configuration used on both the client and the server, etc. I also wanted to be completely clear and up front about the specific scenarios I was benchmarking -- there are many more that I wasn't -- so I wrote the explanations into the text as well. The results are, of course, only about the kinds of requests we're benchmarking, and also about the configuration(s) used. I did try to think up and benchmark the most likely use cases for serving typical webapp content, but anyone can say their webapp isn't like that. :) Indeed. Benchmarks are useful guides to general trends but nothing is going beat benchmarking your own web application with realistic usage patterns. Plus, I tried to write my benchmark to both inspire others to conduct and publish more benchmarks, and also to show a detailed example of one that others could modify and re-use. I was hoping to see more published benchmarks by now, but each one I find is really entertaining. I think the time it takes to do a really good benchmark is a significant barrier. I wanted to do a new benchmark for the blog post but just didn't have the time. It is on the todo list but things like Tomcat 7 and bug fixes keep getting in the way :) Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
JNDI config
For a servlet to employ JNDI to access a JDBC database, Tomcat must be configured? JNDI won't work on a vanilla configuration of Tomcat? 1. Install Your JDBC Driver Use of the JDBC Data Sources JNDI Resource Factory requires that you make an appropriate JDBC driver available to both Tomcat internal classes and to your web application. This is most easily accomplished by installing the driver's JAR file(s) into the $CATALINA_HOME/lib directory, which makes the driver available both to the resource factory and to your application. http://tomcat.apache.org/tomcat-6.0-doc/jndi-resources-howto.html Thanks, Thufir - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Problem with different protocols and ports
Hi all, I got a peculiar problem on a apache tomcat 5.5 server: Several clients, which could use the wrong port for their protocol. On the server there is a http port on 8080, and a https port on 8443 as default. Unfortunately, on the clients there are possibilities to combine the protocol freely with a port, so It could be that they try to connect with https to 8080 (which results in a timeout on the client, triggering a error message), Or with http to 8443, which gets a rather unpleasant surprise, they get a page, without an error message, with some cryptic characters: [1][1] I would like to get a error message back ... can anyone help me? Andreas Hagenlocher-Wemßen
RE: Connecting to a Database
Chris, I meant to reply to this yesterday. I can digest a password and use that digested password in the tomcat-users.xml I added an md5 attribute to the user database realm in server.xml and storing the digested password in tomcat-users.xml is working. Is it not supposed to? Based on that I assumed I could digest other passwords as well. Leo -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Wednesday, March 24, 2010 12:47 PM To: Tomcat Users List Subject: Re: Connecting to a Database -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Leo, On 3/24/2010 1:28 PM, Leo Donahue - PLANDEVX wrote: I know you can specify digest for a Realm, but I don't see where I can do that for a Resource. Note that the digest is for hashing passwords during /user/ authentication, not connecting to the database. Do I need to leave the password of javadude in the Resource in clear text, or can it be a digested version of javadude in clear text in the Resource element? You cannot hash the db password. If you could, how would Tomcat decrypt it to make the connection? The SQL table of user passwords will be in digest, but I wasn't sure if I could use a digested password as part of the configuration for the account that connects to the authstore database. Nope. Search the archives for that question being asked repeatedly, or just think about the implications of hashing a password that you want to use later. Then, think about the implications of /two-way/ encryption for a password and I think you'll see that you're just moving the problem somewhere else. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuqbDYACgkQ9CaO5/Lv0PBhHwCgqFQcdHypen2gtOfbtqjhd0IR CNUAoLT3Joi1rTnqvWC0wQ82Hls1zoK9 =uX5k -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Problem with different protocols and ports
This is a feature of the protocol; there's nothing you can do about idiot users who type strange things into their browsers' address bars. What you *can* do is run your services on the standard ports - 80 and 443 - so that your users don't have to type in port numbers. Is there any reason you're not using the standard ports for this application? - Peter On 25 March 2010 14:47, Hagenlocher-Wemssen, Andreas andreas.hagenlocher-wems...@siemens.com wrote: Hi all, I got a peculiar problem on a apache tomcat 5.5 server: Several clients, which could use the wrong port for their protocol. On the server there is a http port on 8080, and a https port on 8443 as default. Unfortunately, on the clients there are possibilities to combine the protocol freely with a port, so It could be that they try to connect with https to 8080 (which results in a timeout on the client, triggering a error message), Or with http to 8443, which gets a rather unpleasant surprise, they get a page, without an error message, with some cryptic characters: [1][1] I would like to get a error message back ... can anyone help me? Andreas Hagenlocher-Wemßen
RE: UndeclaredThrowableException as a result of false ClassLoading
From: Mikasch, Fares (EXT-IBM - DE/Berlin) [mailto:fares.mikasch@nsn.com] Subject: UndeclaredThrowableException as a result of false ClassLoading Short description of the use case: - User fills form with some wrong information - tomcat sends (RMI call) to another server Let's get the terminology right: it's your webapp doing this, not Tomcat. Tomcat has no knowledge of or involvement with outbound connections that your webapp attempts. - tomcat _sometimes_ wraps the ValidationException with UndeclaredThrowableException No, Tomcat doesn't. There is no usage of UndeclaredThrowableException within Tomcat. In the case where the ValidationException is wrapped by the UndeclaredThrowableException, the WebappClassLoader instance of the current thread and the instance of the WebappClassLoader of the caught (and wrapped) ValidationException are different. Are you sure they are instances of *Tomcat's* WebappClassLoader? Note that Axis uses its own classloading mechanism, and you may well be stumbling into a problem with that. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: JNDI config
From: Thufir [mailto:hawat.thu...@gmail.com] Subject: JNDI config For a servlet to employ JNDI to access a JDBC database, Tomcat must be configured? Yes. JNDI won't work on a vanilla configuration of Tomcat? How could it? JNDI is simply a registry of names and references. If you don't register something in JNDI, there's nothing to look up. Tomcat implements usage of JNDI, but you've got to put something in it to get anything out. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
Re: configuration to serve 500 users
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Muralidhar, Welcome to the list. In the future, please use a more descriptive subject line: most list members are writing because they need help, so need help is completely useless. On 3/24/2010 1:38 PM, Muralidhar Yaragalla wrote: Hi, I have to run tomcat against 500 concurrent users. When you say 500 concurrent users, do you mean that you need to support 500 users logged-on at once, or you need to be able to handle 500 simultaneous requests? Do I have to specify any maximum threads allowed or kind of things? You might want to do that. The default maximum number of worker threads for all connectors is 250. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkurgx4ACgkQ9CaO5/Lv0PC19QCggrxD0Meootl81p+o8LY6aJ2F PDMAnRQ3t0foY/TNxRtAFM2zODH2iZ6B =cpjJ -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Problem with different protocols and ports
Unfortunately, it has to be open in case they use the ports on other apps. One of the selling points. Ok, then I just have to live with it. Thanks Andreas -Original Message- From: peter.crowth...@googlemail.com [mailto:peter.crowth...@googlemail.com] On Behalf Of Peter Crowther Sent: Donnerstag, 25. März 2010 16:02 To: Tomcat Users List Subject: Re: Problem with different protocols and ports This is a feature of the protocol; there's nothing you can do about idiot users who type strange things into their browsers' address bars. What you *can* do is run your services on the standard ports - 80 and 443 - so that your users don't have to type in port numbers. Is there any reason you're not using the standard ports for this application? - Peter - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
How to find files that were changed/added to correct a Tomcat vulnerability
Dear Tomcat users, I am trying to characterize the way vulnerabilities are corrected and I have used the vulnerability reports of the Apache Tomcat in my research work. Currently I am facing difficulties to find out how some of the reported vulnerabilities were corrected, especially when there is no revision ID associated to a vulnerability report. Some of the e-mail I found at jakarta.tomcat.devel mailing list have guided me (for instance, http://article.gmane.org/gmane.comp.jakarta.tomcat.devel/79600/match=2007+5333), but even so I am not finding the files that were changed to correct certain vulnerabilities (examples: CVE-2008-0002, CVE-2007-3382, CVE-2007-1355). Could anyone please give me some advice on how to find these files (if they are available)? I am aware that in some cases instead of changing files developers provide a security recommendation. I am using diff tools to compare the fixed and affected version to find out the files that were changed for correct a vulnerability, but I am wondering whether there is a easier method to do this. Many Thanks! N. Mendes
tomcat PUT not working
Hi, I have REST based web services some of which use the PUT method. The PUT method can contain a request body. The web service works fine with Websphere and is out in the field. We are in the process of migrating to tomcat and I noticed that my web service which uses PUT is not able to get the request body anymore. I use HttpServletRequest's getInputStream and it always returns null. I did look at the forum topic http://markmail.org/message/dxgvu6fhcvp22xbo; and I was wondering if there is a workaround I can use to get past this problem. Changing the method to POST will affect customers in the field and also breaks RESTful principles. Thanks - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Any way to pre-compile JSPs in Tomcat
As per the subject line, can I configure Tomcat to pre-compile the JSPs before we ship out a .war file? thx, Fred - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
AW: Is it possible to set the port for tomcat manager to 8080 and root port 80???
Hi As Pid pointed out, this doesn't work: the scope of the manager webapp is the Host it's deployed under. I didn't realize that part of his last line... The whole idea smacks of security through obscurity - which means you've accomplished nothing. That's another discussion, but it could really make sense, if you use a connector bound to a non-public interface (or even localhost) just for administration. Regards, Steffen smime.p7s Description: S/MIME cryptographic signature
Re: Any way to pre-compile JSPs in Tomcat
On 25/03/2010 16:56, fred basset wrote: As per the subject line, can I configure Tomcat to pre-compile the JSPs before we ship out a .war file? The catalina-tasks.xml file in tomcat/bin contains some importable ant tasks. See also: http://tomcat.apache.org/tomcat-6.0-doc/jasper-howto.html p thx, Fred - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Any way to pre-compile JSPs in Tomcat
From: fred basset [mailto:fredbasset1...@gmail.com] Subject: Any way to pre-compile JSPs in Tomcat As per the subject line, can I configure Tomcat to pre-compile the JSPs before we ship out a .war file? Only if you read the doc: http://tomcat.apache.org/tomcat-6.0-doc/jasper-howto.html#Production%20Configuration - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to find files that were changed/added to correct a Tomcat vulnerability
On 25/03/2010 16:35, Naaliel Mendes wrote: Dear Tomcat users, I am trying to characterize the way vulnerabilities are corrected and I have used the vulnerability reports of the Apache Tomcat in my research work. Currently I am facing difficulties to find out how some of the reported vulnerabilities were corrected, especially when there is no revision ID associated to a vulnerability report. Some of the e-mail I found at jakarta.tomcat.devel mailing list have guided me (for instance, http://article.gmane.org/gmane.comp.jakarta.tomcat.devel/79600/match=2007+5333), but even so I am not finding the files that were changed to correct certain vulnerabilities (examples: CVE-2008-0002, CVE-2007-3382, CVE-2007-1355). Could anyone please give me some advice on how to find these files (if they are available)? All of the source code - including all the changes is in SVN. Matching svn rev to CVE is on the todo list. I am aware that in some cases instead of changing files developers provide a security recommendation. I am using diff tools to compare the fixed and affected version to find out the files that were changed for correct a vulnerability, but I am wondering whether there is a easier method to do this. The CVEs normally appear in the chaneglog but without the CVE and a sometimes oblique descrioption. If you can match a CVE to a change log entry it is then easy to use svn to match it up to the code changes. I'd suggest taking a stab at matching up CVEs and changelog entries and finding the associated svn revisions. If you pick some more of the mroe recent ones, I should be able to confirm if they are correct or not. And I can then get the security pages and svn log updated. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Connecting to a Database
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Leo, On 3/25/2010 10:50 AM, Leo Donahue - PLANDEVX wrote: I can digest a password and use that digested password in the tomcat-users.xml Sorry, I was thinking server.xml for the DataSource setup: you cannot use the database's password in a hashed format. The users' passwords can (and should) be hashed for authentication. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkurnrQACgkQ9CaO5/Lv0PCbbQCgpodTTsD/b1jx24kzGAwUolhD zqAAmwQirCQ0Ixu0DxZIXV3JyFKeeOyj =ny0f -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Help required for SMAP....
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 TWönlìnè, On 3/25/2010 2:30 AM, TWönlìnè wrote: If you look at JSP line from 3 to 13 you'll find this, 3. % 4. %@ page import=java.util.* % 5. %@ page import=java.text.* % 6. !DOCTYPE html PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN http://www.w3.org/TR/html4/loose.dtd; 7. html 8. head 9. meta http-equiv=Content-Type content=text/html; charset=ISO-8859-1 10. titleInsert title here/title 11. /head 12. body 13. % on JAVA file, 55. out.write(\r\n\r\n\n!DOCTYPE html PUBLIC \-//W3C//DTD HTML 4.01 Transitional//EN\ \http://www.w3.org/TR/html4/loose.dtd\;\nhtml\nhead\nmeta http-equiv=\Content-Type\ content=\text/html; charset=ISO-8859-1\\ntitleInsert title here/title\n/head\nbody\n); Looks good to me: line 3 contains \r\n, as do lines 4 and 5, then lines 6-12 are obvious, and line 13 is blank, so it really doesn't matter. As you can see on the JAVA line the imports are not present which exist in JSP lines 4 and 5 Right: imports translate into import statements in the .java file, but you still have newlines after each @page directive, so they are included in the output. so the correct mapping should be 6,6:55,0 and 3,2:6,1 I disagree. That's the issue, Is this a bug in TOMCAT SMAP feature ? No, I believe it's working as expected: you just need to be more sensitive to what output your JSP is actually generating. btw is there a easier way to capture code line numbers other than using a .BAT file or creating a program for it I have no idea what you're talking about. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuroFEACgkQ9CaO5/Lv0PDSNwCglgKvOOC+xthLKDC+Wd/AKVlM gL4AoKZPrVWl6L+NFqQT5APD6guy9yD9 =0+lE -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: httpd vs. Tomcat performance
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark, On 3/24/2010 8:50 PM, Mark Thomas wrote: On 25/03/2010 00:26, Hassan Schroeder wrote: Just to get this into the archives for the next time it comes up http://tomcatexpert.com/blog/2010/03/24/myth-or-truth-one-should-always-use-apache-httpd-front-apache-tomcat-improve-perform because I don't know if the author (a certain mthomas) will mention it here. :-) (via @springsource on Twitter) Chris deserves a lot of the credit. Without his figures, it is just opinion. Hey, I could have been making all that stuff up. BTW: the link on that page to performance testing doesn't seem clickable to me (ff 3.6.2). I'll have to see if I can get the graph to display as well. It is nice to have the hard figures but the graph gives you a quicker handle on the data. I'd be happy to give you my raw data plus the graphs I already did. OOo format okay? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuroZQACgkQ9CaO5/Lv0PBulACgwHCDOu1ZeXP1Sufks7zQMWU3 dR8AnjKKnNR/FmYzyP8l3FKsazqAHiyo =WbBv -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Compiling JSP with SMAP
2010/3/24 TWönlìnè twonlinevi...@gmail.com: @Mercy, Thanks I managed to create SMAP files, using this code in my BUILD.XML - which compiles JSPs (...) Now it is creating .SMAP files. SMAPs are appended to the *.class files. That is why you do not see them as separate files when running Tomcat. Format of the SMAP is specified by JSR 045, http://jcp.org/en/jsr/detail?id=045 Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Any way to pre-compile JSPs in Tomcat
2010/3/25 Pid p...@pidster.com: On 25/03/2010 16:56, fred basset wrote: As per the subject line, can I configure Tomcat to pre-compile the JSPs before we ship out a .war file? The catalina-tasks.xml file in tomcat/bin contains some importable ant tasks. See also: http://tomcat.apache.org/tomcat-6.0-doc/jasper-howto.html Please note, though, that 1. You must use exactly the same version of Tomcat (x.y.z) as the one where you will be deploying your war file. 2. Some Jasper options and system properties affect compilation. It is unlikely that that will be a concern for you, though. 3. It is possible to precompile JSP pages of a web application that is already deployed on the web server. See chapter JSP.11.4.2 Precompilation Protocol in the JSP 2.1 specification. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to find files that were changed/added to correct a Tomcat vulnerability
On Thu, Mar 25, 2010 at 5:11 PM, Mark Thomas ma...@apache.org wrote: On 25/03/2010 16:35, Naaliel Mendes wrote: Dear Tomcat users, I am trying to characterize the way vulnerabilities are corrected and I have used the vulnerability reports of the Apache Tomcat in my research work. Currently I am facing difficulties to find out how some of the reported vulnerabilities were corrected, especially when there is no revision ID associated to a vulnerability report. Some of the e-mail I found at jakarta.tomcat.devel mailing list have guided me (for instance, http://article.gmane.org/gmane.comp.jakarta.tomcat.devel/79600/match=2007+5333 ), but even so I am not finding the files that were changed to correct certain vulnerabilities (examples: CVE-2008-0002, CVE-2007-3382, CVE-2007-1355). Could anyone please give me some advice on how to find these files (if they are available)? All of the source code - including all the changes is in SVN. Matching svn rev to CVE is on the todo list. I am aware that in some cases instead of changing files developers provide a security recommendation. I am using diff tools to compare the fixed and affected version to find out the files that were changed for correct a vulnerability, but I am wondering whether there is a easier method to do this. The CVEs normally appear in the chaneglog but without the CVE and a sometimes oblique descrioption. If you can match a CVE to a change log entry it is then easy to use svn to match it up to the code changes. I'd suggest taking a stab at matching up CVEs and changelog entries and finding the associated svn revisions. If you pick some more of the mroe recent ones, I should be able to confirm if they are correct or not. And I can then get the security pages and svn log updated. Thank you for your suggestion. I am working on that and, if I succeed, I will send you the results of the mapping between CVEs and changelog and its respective svn revision ID. Should I use this mailing list to keep in touch? Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: httpd vs. Tomcat performance
On 25/03/2010 17:47, Christopher Schultz wrote: Mark, On 3/24/2010 8:50 PM, Mark Thomas wrote: On 25/03/2010 00:26, Hassan Schroeder wrote: Just to get this into the archives for the next time it comes up http://tomcatexpert.com/blog/2010/03/24/myth-or-truth-one-should-always-use-apache-httpd-front-apache-tomcat-improve-perform because I don't know if the author (a certain mthomas) will mention it here. :-) (via @springsource on Twitter) Chris deserves a lot of the credit. Without his figures, it is just opinion. Hey, I could have been making all that stuff up. BTW: the link on that page to performance testing doesn't seem clickable to me (ff 3.6.2). I'll have to see if I can get the graph to display as well. It is nice to have the hard figures but the graph gives you a quicker handle on the data. I'd be happy to give you my raw data plus the graphs I already did. OOo format okay? Perfect. Tx. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to find files that were changed/added to correct a Tomcat vulnerability
On 25/03/2010 18:12, Naaliel Mendes wrote: Thank you for your suggestion. I am working on that and, if I succeed, I will send you the results of the mapping between CVEs and changelog and its respective svn revision ID. Should I use this mailing list to keep in touch? Yes please. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: httpd vs. Tomcat performance
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jason, On 3/25/2010 3:01 AM, Jason Brittain wrote: Chris: there are no units on your results numbers, and I'm not seeing any procedure you used, nor any configurations you used, so I'm not sure how to interpret the numbers. I'd be happy to give you a quick explanation, while a complete writeup is still... on the back burner. Those Tomcat people keep putting out new releases and it takes a long time to run all the tests. I have yet to run keepalive versus non-keepalive (well, just the keepalive test) against all the connectors (plus httpd) AND Andre' asked about SSL, so I suppose I'll have to try that, too. Here's the deal: All numbers in the cells are effective transfer rate (in KiB/sec) over an 8-minute testing window: basically, I made as many requests as I could for 8 minutes straight to a single static file (file size listed in the left-hand column) and let ApacheBench tell me what the transfer rate was (which IIRC does not include HTTP headers, etc.: just the file content). It looks like Mark cherry-picked the results with this profile: keepalive=off, concurrency=40, Client VM I also did concurrencies (parallel client threads) of 1, 80, 160, and 200 (I think... I hadn't yet merged that data into my spreadsheet). It's all very repeatable using a set of scripts I wrote for this purpose. It would be great to get more information about how the benchmark was conducted, which HTTP client was used, and what server hardware was used. - From my forthcoming (!) write-up: These tests were performed on a modest machine with a single-core 32-bit microprocessor (see Appendix A for a complete description of the test hardware) and 1GiB RAM. Tomcat 6.0.20, tcnative 1.1.18, and apr 1.3.8 was tested on Sun's Java Virtual Machine 1.6.0_15_b03 (client and server JVMs were tested separately: see the individual tests for details). Apache httpd 2.2.12 was used for comparison. Both httpd and Tomcat were used in their default configurations where applicable (that is, no performance-oriented tuning was performed on either configuration). ApacheBench 2.3 was used to test transfer rates from each server configuration. The tests were run from the local machine to avoid network interference. Unless otherwise specified, all software was kept in it's default configuration. That is, no tuning was performed on any of the components for these tests. I did try to think up and benchmark the most likely use cases for serving typical webapp content, but anyone can say their webapp isn't like that. I stuck to static files because nobody cares what the performance of running a JSP relative to httpd is... since HTTP doesn't serve them :) I'm happy to see that Chris' independent benchmark numbers help to show that it is indeed a myth that Tomcat needs HTTPD in front of it in order to get good performance serving static files. And, it's great to see benchmark results for file sizes that I wasn't able to benchmark. I also intend to show what the overhead is of adding httpd needlessly in front of Tomcat. I suspect that it won't be that bad :) - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkurqD0ACgkQ9CaO5/Lv0PBTTQCeNdqh/MEeFA0pdrlXtnWNC9qI ZY4AoLNyKI2RyhL64tcEoqDjzlVitqqY =iBpD -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Is it possible to set the port for tomcat manager to 8080 and root port 80???
2010/3/25 Steffen Heil li...@steffen-heil.de: Hi As Pid pointed out, this doesn't work: the scope of the manager webapp is the Host it's deployed under. I didn't realize that part of his last line... It will not see what applications are deployed under separate Host. So, it will be effectively useless for you. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat PUT not working
2010/3/25 Kumar Kadiyala kumark...@yahoo.com: We are in the process of migrating to tomcat and I noticed that my web service which uses PUT is not able to get the request body anymore. I use HttpServletRequest's getInputStream and it always returns null. It should be something in your application. Note, that e.g. Tomcat Manager application (o.a.catalina.manager.ManagerServlet) uses PUT for some requests (e.g. when called from Ant tasks). So it definitely does work. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Is it possible to set the port for tomcat manager to 8080 and root port 80???
From: Steffen Heil [mailto:li...@steffen-heil.de] Subject: AW: Is it possible to set the port for tomcat manager to 8080 and root port 80??? That's another discussion, but it could really make sense, if you use a connector bound to a non-public interface (or even localhost) just for administration. Which is what the RemoteAddrValve is for. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat PUT not working
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Kumar, On 3/25/2010 12:53 PM, Kumar Kadiyala wrote: I have REST based web services some of which use the PUT method. The PUT method can contain a request body. The web service works fine with Websphere and is out in the field. We are in the process of migrating to tomcat and I noticed that my web service which uses PUT is not able to get the request body anymore. I use HttpServletRequest's getInputStream and it always returns null. What is the Content-Type of the request? Changing the method to POST will affect customers in the field and also breaks RESTful principles. You shouldn't have to switch to POST. In fact, the problem in your reference message was that the OP wanted to use POST-style semantics, that is, use a application/x-www-form-urlencoded body in a PUT, which is not really appropriate. Are you saying that you are using PUT and don't have access to your request body? That definitely should not be happening, unless some other component is consuming the request body. Is the InputStream null, or does it just not appear to contain any data? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuru3AACgkQ9CaO5/Lv0PA1XQCgoicJ8PcmaxCTOuEb8FN3m/I5 qLgAni3INqZJCxNDFOpSMBK0zWsevclX =X+Cv -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Any way to pre-compile JSPs in Tomcat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Konstantin, On 3/25/2010 2:01 PM, Konstantin Kolinko wrote: 2010/3/25 Pid p...@pidster.com: On 25/03/2010 16:56, fred basset wrote: As per the subject line, can I configure Tomcat to pre-compile the JSPs before we ship out a .war file? The catalina-tasks.xml file in tomcat/bin contains some importable ant tasks. See also: http://tomcat.apache.org/tomcat-6.0-doc/jasper-howto.html Please note, though, that 1. You must use exactly the same version of Tomcat (x.y.z) as the one where you will be deploying your war file. Do you mean that you'll need to use a matching version in order to enjoy all the benefits and features of that version, or is there something more sinister? I would expect that you can pre-compile JSPs into servlets that will run on any servlet container using the same servlet API version and tag library versions (including JSTL, which might vary from Tomcat-to-Tomcat). - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkurvH0ACgkQ9CaO5/Lv0PB4QACdFQ8ukAlZwVG9YNbAr+54iLxH 6QgAn17IzykgGW7Iou9kDYUGNsPnFu4z =PGjw -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: UndeclaredThrowableException as a result of false ClassLoading
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Fares, On 3/25/2010 6:56 AM, Mikasch, Fares (EXT-IBM - DE/Berlin) wrote: In the case where the ValidationException is wrapped by the UndeclaredThrowableException, the WebappClassLoader instance of the current thread and the instance of the WebappClassLoader of the caught (and wrapped) ValidationException are different. Can you supply the full source of ValidationException? Are you storing ClassLoader objects in the ValidationException or anything like that, which might have a problem being de-serialized? Is it possible that you are throwing a ValidationException from one container whose serialVersionID doesn't match that of the receiving container? getUniqueID also prints the ClassLoader information. In this case both ValidationExceptions are loaded by different WebappClassLoader instances. Care to show us the output of the above code? It seems that during unmarshalling of the ValidationException it is not predictable which ValidationException (identified by its ClassLoader) is constructed. It seems that the WebApp may get a ValidationException that doesn't fit to its own ClassLoader but to a ClassLoader of another WebApp. Are you calling a lookback RMI server (meaning the JVM is contacting itself)? It would be strange for one webapp to get an object that was loaded by another webapp unless you had put your library in a shared location or otherwise used some kind of shared resource: anything loaded through RMI should probably come through the WebappClassLoader. You might want to check to see if the RMI client always uses Thread's context class loader to load/define new classes. Otherwise, you might see some weirdness like this. Is this a bug of the tomcat? I mean shouldn't the WebApp get the ValidationException from the same ClassLoader that belongs to the WebApp that invoked the RMI call? One would hope, but this has absolutely nothing to do with Tomcat: RMI is entirely outside Tomcat's scope. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkurvggACgkQ9CaO5/Lv0PC2awCgsEOJoamv1fh5zVQy0Avhdpmo 4fQAnjF93rzRyCAObMDoW/C/9KyUcfGu =mvkF -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
[OT] SecurityManager and Java Policy Files
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, This is off-topic in that it doesn't really have anything to do specifically with Tomcat, but I would be willing to bet that readers would be interested in the answer. Besides, the pool of brain cells available to this list is rather deep and I'd love an explanation of policies. I recently tried to set up Tomcat 6.x running under a SecurityManager. As I fell down the rabbit hole, I saw that lots of things needed to be granted to my code, which all makes sense in general. What I don't quite get is the hierarchy of checks that are done. In the Tomcat SecurityManager docs (http://tomcat.apache.org/tomcat-6.0-doc/security-manager-howto.html), most of the grants in the policy file do not have a codeBase. Some of them do, such as granting AllPermission to things like bootstrap.jar, which presumably means that any class in bootstrap.jar can do anything it wants. By the way, I /have/ read http://java.sun.com/j2se/1.5.0/docs/guide/security/PolicyFiles.html but some things are still unclear. Since I didn't feel like granting permission to, say, write to my application log file, to the entire webapp, I chose to grant that privilege only to my log4j.jar file and the classes therein: grant codeBase jar:file:@app-dir@/WEB-INF/lib/log4j-1.2.15.jar!/- { permission java.io.FilePermission @app-log-dir@/log4j.log, write; permission java.util.PropertyPermission log4j.*, read; }; (Don't worry about all that @app-dir@ junk: it points to the right place eventually, and I didn't feel like replacing it with something plausible for publication). Anyhow, this would seem to work great, except that I also configure commons-logging to use the log4j logger, and the commons-logging library tries to initialize the log4j logger at some point, which throws permission errors. Hmm. So, I tried adding this, too: grant codeBase jar:file:@app-dir@/WEB-INF/lib/commons-logging-1.1.1.jar!/- { permission java.io.FilePermission @app-log-dir@/log4j.log, write; permission java.util.PropertyPermission org.apache.commons.logging.*, read; permission java.util.PropertyPermission log4j.*, read; }; That seemed to get me further through the process but then my own application code was failing because... guess what? My code wasn't allowed to call code that /was/ allowed to write to log4j.log. :( Okay, fine: grant codeBase file:@app-dir@/WEB-INF/classes/- { permission java.io.FilePermission @app-log-dir@/log4j.log, write; permission java.util.PropertyPermission org.apache.commons.logging.*, read; permission java.util.PropertyPermission log4j.*, read; }; This seemed to make things happy again, as far as the log file was concerned. There are other issues for me to deal with, but this example is illustrative: it appears that the SecurityManager is enforcing permissions along with the call chain, not just with the finest-grained code being checked for its permissions. First: do I have this right? The JVM makes sure that permissions are in place for every class on the call stack when such permissions are checked? I suppose that would make sense, because then you could say well, my JDBC driver does the actual connecting to the database, but I certainly don't want some rogue code in my webapp to create such a connection... only allow Tomcat to create connections on my behalf. Second - as a corollary to the first - is this why most examples of policy grants simply say grant { whatever } to allow all code running in the JVM to have that permission? Because the alternative is so onerous that nobody wants to do it? Well, I kinda want to do it, so I just want to know what the rules are. Third: doesn't this make performance really suck? Anyone who could shed some light on my understanding would certainly be appreciated. I'm happy to read any references posted as well. Thanks, - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkurwYAACgkQ9CaO5/Lv0PD/DQCeMB+W7fvLhJeyWRdV6+uifI/w 3/8AoMJx1BWYeGnhCl5OZNGjrmraagja =SF0w -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Problem with different protocols and ports
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andreas, On 3/25/2010 11:38 AM, Hagenlocher-Wemssen, Andreas wrote: Unfortunately, it has to be open in case they use the ports on other apps. One of the selling points. Ok, then I just have to live with it. Yeah, I think you're stuck: all of the connecting mechanics happen at a level that is lower than either your client or your webapp's code: there's very little you can do, here. On the webapp's side, Tomcat won't even get a notification that a client /tried/ to connect because the SSL handshake will fail (from either end if HTTP is attempted on HTTPS). If the client uses HTTPS to connect to your HTTP service, Tomcat will end up replying with a 400 Bad Request response, which you /might/ be able to handle, yet not meaningfully (because there is no sane HTTP request). I dunno about Tomcat, but IIRC the default message for Apache httpd when you attempt to use HTTPS to connect to the (plain) HTTP server is that you get a message saying It looks like you're speaking HTTPS to me, though the client might not read it properly since it's trying to use SSL to connect before it reads any of the response. Basically, everyone loses when you have an HTTP-HTTPS mismatch. :( - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkurwtwACgkQ9CaO5/Lv0PAdQwCfZxobgiISCE8f0NeK5JJRu4vc LrAAn24UwWoZKaqsnpLIVxUGeDkl7DEC =pIMW -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Any way to pre-compile JSPs in Tomcat
On 25/03/2010 19:41, Christopher Schultz wrote: Do you mean that you'll need to use a matching version in order to enjoy all the benefits and features of that version, or is there something more sinister? I would expect that you can pre-compile JSPs into servlets that will run on any servlet container using the same servlet API version and tag library versions (including JSTL, which might vary from Tomcat-to-Tomcat). Nope. pre-compilation ties in Tomcat internals which can, and have, varied between point releases. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat PUT not working
Hi Chris, On 3/25/2010 12:53 PM, Kumar Kadiyala wrote: I have REST based web services some of which use the PUT method. The PUT method can contain a request body. The web service works fine with Websphere and is out in the field. We are in the process of migrating to tomcat and I noticed that my web service which uses PUT is not able to get the request body anymore. I use HttpServletRequest's getInputStream and it always returns null. What is the Content-Type of the request? KK The Content-Type is text/xml. Changing the method to POST will affect customers in the field and also breaks RESTful principles. You shouldn't have to switch to POST. In fact, the problem in your reference message was that the OP wanted to use POST-style semantics, that is, use a application/x-www-form-urlencoded body in a PUT, which is not really appropriate. Are you saying that you are using PUT and don't have access to your request body? That definitely should not be happening, unless some other component is consuming the request body. KK Yes, It does seem like the request body is empty. Is the InputStream null, or does it just not appear to contain any data? KK I misspoke earlier. The InputStream is not null but the method available() on the InputStream is returning 0. If I change the method to POST, InputStream's avialable() is returning a value 0. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
tomcat maven project
Hello, I'd like to start contributing to Tomcat, but I would appreciate some direction on a couple of things (yes I read the FAQ already). Is there a maven project publicly available for Tomcat? (I'd rather pull that then set everything up myself) Thanks, Matthew - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat maven project
On 25/03/2010 20:56, ntwrkd wrote: Hello, I'd like to start contributing to Tomcat, but I would appreciate some direction on a couple of things (yes I read the FAQ already). Great! Welome. Is there a maven project publicly available for Tomcat? (I'd rather pull that then set everything up myself) No. Tomcat doesn't use Maven. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Why is tomcat taking so long to start?
From: Pid [mailto:p...@pidster.com] Subject: Re: Why is tomcat taking so long to start? You have some errors there, you're trying to start multiple Connectors on port 8443, so the second one fails. To say nothing of several other problems, the most glaring of which is using an unsupported version of Tomcat. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Project : SPDY connector for Tomcat
Thank you Mark, now i understood the idea, but i think it's would be better if you give us more details and explanations about this idea to let us know more about this idea and to let us show you our proposal. I didn't uderstand the idea from the start, that's why i proposed a JAVA API. So if you give us more details, it's will be very helpful for us. Thanks. 2010/3/25 Mark Thomas ma...@apache.org On 25/03/2010 03:27, Nouhoun KANE wrote: I would like to work on this project. I propose a JAVA API that we can use to let Tomcat support SPDY. I'm waiting for your critics about this proposal. What proposal? Writing an API? The project is to provide an SPDY implementation for the existing connector API. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Project : SPDY connector for Tomcat
Thank you very much Rajeev, i saw your link and it was very helpful. I'm still reading the page. Thank you. 2010/3/25 Rajeev Sampath rjvra...@gmail.com Hi Nouhoun, I too was interested in this idea and Jean-Frederic provided a brief explanation and also some useful resources. Perhaps you will also find them useful to get started. I'm including a link [1] to the discussion below. [1] http://marc.info/?l=tomcat-devm=126924586709978w=2 Regards, Rajeev On Thu, Mar 25, 2010 at 8:57 AM, Nouhoun KANE nouhounk...@gmail.com wrote: I would like to work on this project. I propose a JAVA API that we can use to let Tomcat support SPDY. I'm waiting for your critics about this proposal. Thank you very much. Nouhoun
tomcat maven plugin datasource
I am having trouble setting datasource here is my configration for datasource Context Resource name=jdbc/artmsDataSource auth=Container type=javax.sql.DataSource username=username password=password driverClassName=oracle.jdbc.driver.OracleDriver url=myurl/ /Context and here my pom configration plugin groupIdorg.codehaus.mojo/groupId artifactIdtomcat-maven-plugin/artifactId version1.0-beta-1/version configuration path/artms/path contextFile${basedir}/context.xml/contextFile reloadautomatic/reload /configuration dependencies dependency groupIdcommons-dbcp/groupId artifactIdcommons-dbcp/artifactId version1.2.2/version scopecompile/scope /dependency dependency groupIdcom.oracle/groupId artifactIdojdbc/artifactId version14/version scopecompile/scope /dependency /dependencies /plugin am I missing anything ? my application fails starting, complaining cannot find datasource ,please tell me what am I doing wrong ? -- View this message in context: http://old.nabble.com/tomcat-maven--plugin-datasource-tp28037478p28037478.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Why is tomcat taking so long to start?
Charles While this may be an unsupported version of Tomcat, version support is not an issue for us here. I am guessing that Tomcat 5.0 should not be having these issues, just because it is no longer supported. What are the other problems you alluded to? --- On Thu, 3/25/10, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Caldarale, Charles R chuck.caldar...@unisys.com Subject: RE: Why is tomcat taking so long to start? To: Tomcat Users List users@tomcat.apache.org Date: Thursday, March 25, 2010, 5:56 PM From: Pid [mailto:p...@pidster.com] Subject: Re: Why is tomcat taking so long to start? You have some errors there, you're trying to start multiple Connectors on port 8443, so the second one fails. To say nothing of several other problems, the most glaring of which is using an unsupported version of Tomcat. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Why is tomcat taking so long to start?
From: Mon Cab [mailto:futo...@yahoo.com] Subject: RE: Why is tomcat taking so long to start? While this may be an unsupported version of Tomcat, version support is not an issue for us here. But it is for people who volunteer to support Tomcat - even the doc for that level is difficult to access. What are the other problems you alluded to? Please upgrade to a supported version so we can discuss them. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
SSL requests are getting timedout with the error
Hi, We noticed the below error when the SSL requests failed to complete. I have tomcat 5.5.9 running on Solaris 10 SPARC server with 16 Gig of Memory and 32 CPU. However the plain requests and SSL with just domain works ok. ex: https://www.abc.com. My sincere apologize for the minimal description, however is the below error is related any bug ? Kindly advice. SEVERE: Error decoding request java.io.IOException at org.apache.jk.common.JkInputStream.receive(JkInputStream.java:252) at org.apache.jk.common.HandlerRequest.decodeRequest(HandlerRequest.java:525) at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:363) at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:748) at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:678) at org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:871) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) at java.lang.Thread.run(Thread.java:595) Mar 25, 2010 2:47:09 PM org.apache.jk.common.ChannelSocket processConnection Best Regards, Arun Janarthanan
RE: SSL requests are getting timedout with the error
From: Arunkumar Janarthanan [mailto:arunkumar.webad...@gmail.com] Subject: SSL requests are getting timedout with the error I have tomcat 5.5.9 Happy fifth birthday to that version of Tomcat - which means it's very, very old, and many, many fixes for a variety of issues have gone into Tomcat, mod_jk, and httpd since then. Don't suppose you could try 5.5.28 to see if that makes a difference? Also, what versions of mod_jk and httpd are you using? And what JVM version? However the plain requests and SSL with just domain works ok. What does SSL with just domain mean? My sincere apologize for the minimal description, however is the below error is related any bug ? And the maximum possible answer given the minimal description is: maybe. The problem may well be in httpd or mod_jk, rather than Tomcat itself. Doubtful that anyone is terribly interested in searching through five years of changelogs for three different products looking for something vaguely corresponding to the description. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL requests are getting timedout with the error
Hi Chris, Very valid point the Tomcat to be upgraded, does the error makes any sense could be caused by SSL protocol ? Thanks for your advice. Best Regards, Arun J On Thu, Mar 25, 2010 at 11:34 PM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Arunkumar Janarthanan [mailto:arunkumar.webad...@gmail.com] Subject: SSL requests are getting timedout with the error I have tomcat 5.5.9 Happy fifth birthday to that version of Tomcat - which means it's very, very old, and many, many fixes for a variety of issues have gone into Tomcat, mod_jk, and httpd since then. Don't suppose you could try 5.5.28 to see if that makes a difference? Also, what versions of mod_jk and httpd are you using? And what JVM version? However the plain requests and SSL with just domain works ok. What does SSL with just domain mean? My sincere apologize for the minimal description, however is the below error is related any bug ? And the maximum possible answer given the minimal description is: maybe. The problem may well be in httpd or mod_jk, rather than Tomcat itself. Doubtful that anyone is terribly interested in searching through five years of changelogs for three different products looking for something vaguely corresponding to the description. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SSL requests are getting timedout with the error
From: Arunkumar Janarthanan [mailto:arunkumar.webad...@gmail.com] Subject: Re: SSL requests are getting timedout with the error Hi Chris, It's Chuck (or Charles, if you want to be formal), not Chris. Very valid point the Tomcat to be upgraded And probably httpd and mod_jk. does the error makes any sense could be caused by SSL protocol ? It's impossible to tell. The SSL decoding would be handled by httpd, not the AJP Connector in Tomcat. Since you've provided no configuration information for any component, nor answered the other questions asked, there's not really any way to answer that. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org