date:20100610

On 10/06/2010 09:05, Mariano López wrote:
 According to
 http://tomcat.apache.org/tomcat-6.0-doc/config/host.html#Single%20Sign%20On
 
 *As soon as the user logs out of one web application (for example, by
 invalidating the corresponding session if form based login is used), the
 user's sessions in *all* web applications will be invalidated. Any
 subsequent attempt to access a protected resource in any application
 will require the user to authenticate himself or herself again.*

Yes, I know what it says, and it works for me - but I'm not using a
custom JAAS setup.

 This is just what i need, i suppose that this is a bug.

The point I was making was that I wasn't sure if custom JAAS
automatically worked with the SSO valve, although my gut feeling is that
it should.

Maybe one of the devs will have something to say.

Did you try setting requireReauthentication?


p

 I will search in bug database for this problem.
 
 Thank you very much for your help,
 
 Mariano
 
 2010/6/9 Pid p...@pidster.com mailto:p...@pidster.com
 
 On 09/06/2010 11:58, Mariano López wrote:
  Yes, all of the apps are in the same Host.
 
  Here is my server.xml file:
 
 
  Engine name=Catalina defaultHost=localhost
 
Realm className=org.apache.catalina.realm.JAASRealm
   resourceName=jdbc/ds_usuarios_jaas_Local
   appName=Usuarios
 
 
 userClassNames=org.sescam.chua.AutenticacionTomcatChua.UsuarioChuaLDAP
 
 
 
 roleClassNames=org.sescam.chua.AutenticacionTomcatChua.GrupoChuaPrincipal/
 
Host name=localhost  appBase=webapps
  unpackWARs=true autoDeploy=false
  xmlValidation=false xmlNamespaceAware=false
 
  Valve
 className=org.apache.catalina.authenticator.SingleSignOn /
 
 
/Host
 
 I don't know if the SSO valve makes any guarantees about working with
 custom JAASRealm's.
 
 Try setting requireReauthentication to true.
 
 http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html#Single Sign On
 Valve
 
 
 p
 
 
 
 
 




signature.asc
Description: OpenPGP digital signature

Re: Running Perl in Tomcat

On 10/06/2010 08:30, Sravan Suryadevara wrote:
 Hi,
 
 So I'm trying run a perl script within tomcat. Since I need to run
 only one script, I figured itd be easier to just include it in tomcat
 than install Apache HTTP server.
 I'm currently using Tomcat 6.0.26 on CentOS 5. I'm using port 8100
 (has worked before the cgi stuff), and my webapp is running from ROOT.
 
 I followed the howto at
 http://tomcat.apache.org/tomcat-6.0-doc/cgi-howto.html and uncommented
 the CGI servlet section and the servlet mapping.

Only Contexts which are marked as privileged may use the CGI servlet

Did you mark the context as privileged?

 http://tomcat.apache.org/tomcat-6.0-doc/config/context.html

 Then I did made a new directory under
 $CATALINA_HOME/webapps/ROOT/WEB-INF/ called cgi-bin.
 Placed my script.cgi file in $CATALINA_HOME/webapps/ROOT/WEB-INF/cgi-bin
 
 Then restarted tomcat. There are two problems:
 1. 

http://localhost:8100/cgi-bin/script.cgi gives me a 404 saying
 requested resource() is not available.
 2. Another one of my html files does not load (it uses javascript) but
 it has loaded before. My main html file still loads but that specific
 one gives me a 404 as well.

That's unfortunate.  It's probably unrelated, but as you didn't provide
any more information we can't help you with that.


 I've been playing with different tutorials and things, but none seem
 to be fixing this. 

 Please help as quickly as you can.

Please read: urgency

 http://www.catb.org/~esr/faqs/smart-questions.html


p

 Sincerely,
 Sravan Suryadevara
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 




signature.asc
Description: OpenPGP digital signature

Re: Running Perl in Tomcat

2010-06-10 Thread Sravan Suryadevara

 Only Contexts which are marked as privileged may use the CGI servlet

 Did you mark the context as privileged?

  http://tomcat.apache.org/tomcat-6.0-doc/config/context.html

I have, in conf/context.xml. Since I'm only running one app I figured
it wouldn't really be terrible if it was global.


Btw, the other html file is loading, I just named the link wrong on
one of the other pages.

Sorry, about the urgency, now I know better.

Thanks,
Sravan Suryadevara

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Running Perl in Tomcat

On 10/06/2010 09:54, Sravan Suryadevara wrote:
 Only Contexts which are marked as privileged may use the CGI servlet

 Did you mark the context as privileged?

  http://tomcat.apache.org/tomcat-6.0-doc/config/context.html
 
 I have, in conf/context.xml. Since I'm only running one app I figured
 it wouldn't really be terrible if it was global.

Have you tried setting it on the individual context?

Are there any log messages of note, complaining about an error?


p

 Btw, the other html file is loading, I just named the link wrong on
 one of the other pages.
 
 Sorry, about the urgency, now I know better.
 
 Thanks,
 Sravan Suryadevara
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 




signature.asc
Description: OpenPGP digital signature

Re: HTTP Status 408!

On 09/06/2010 21:52, neo21 zerro wrote:
 Hello, 
 
 I'm using Tomcat 6.0.26 with java 1.5 JDK.
 
 
I've developed a JAAS login module for my application and when I try 
 to login in my app a strange error occur's: 
  HTTP Status 408:The time allowed for the login process has been exceeded. If 
 you wish to continue you must either click back twice and re-click the link 
 you 
 requested or close and re-open your browser.
   I've made a little research about the problem and everyone said that it 
 goes away if you enable the cookies(made that and the error still occurs). 
 Another thing is that the actual JAAS login module authenticate the user but 
 when it should display the protected resource the error occurs.
 
 So if anyone has some ideas please share!

What have you configured the session time to be?


p



signature.asc
Description: OpenPGP digital signature

Re: Session clustering across different contexts

On 10/06/2010 06:13, Andrew Bruno wrote:
 Hello,
 
 I have managed to get session clustering working when using the same context.

Tomcat, JVM, OS exact versions please.

 I need to get session replication working across different contexts.
 Does anyone know if this is possible?

Depends what you mean.  If it works for one, it'll work for all of them,
assuming your cluster members are correctly configured.

 I get these warnings at the moment.
 
 10/06/2010 3:08:20 PM
 org.apache.catalina.ha.session.ClusterSessionListener messageReceived
 WARNING: Context manager doesn't exist:localhost#/r2

Does that server have that application installed?


p

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 




signature.asc
Description: OpenPGP digital signature

Re: Tomcat in Eclipse Error 500 java.lang.ClassNotFoundException

On 10/06/2010 03:20, Vitalstatistix wrote:
 
 
 SOLVED:
 
 There was no HelloServlet.class file so I had to put an empty main method
 into the HelloServlet.java class and run it to generate the
 HelloServlet.class file, then I placed the class file in the WEB-INF folder
 and it all worked fine.

Er, what?

1. There's no need for an empty main method.
2. We usually just compile a .java file to get a .class


p

 Vitalstatistix wrote:

 Hey, I've just been working on this tutorial here:

 http://www.ibm.com/developerworks/opensource/library/os-eclipse-tomcat/index.html

 It has been pretty good and I've got the jsp page to show the time but
 when I try going to the 
 HelloServlet I get the error 500.

 http://www.ibm.com/developerworks/opensource/library/os-eclipse-tomcat/index.html

 Error Report
 type Exception report

 message 

 description The server encountered an internal error () that prevented it
 from fulfilling this request.

 exception 

 javax.servlet.ServletException: Wrapper cannot find servlet class
 com.example.servlets.HelloServlet or a class it depends on

 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)

 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)

 org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:852)

 org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
  org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
  java.lang.Thread.run(Unknown Source)


 root cause 

 java.lang.ClassNotFoundException: com.example.servlets.HelloServlet

 org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1516)

 org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1361)

 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)

 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)

 org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:852)

 org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
  org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
  java.lang.Thread.run(Unknown Source)


 web.xml file generated in my Eclipse web project

 ?xml version=1.0 encoding=UTF-8?
 web-app xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
 xmlns=http://java.sun.com/xml/ns/javaee;
 xmlns:web=http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd;
 xsi:schemaLocation=http://java.sun.com/xml/ns/javaee
 http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd; id=WebApp_ID
 version=2.5
   display-nameFirstWebProject/display-name
   welcome-file-list
 welcome-fileindex.html/welcome-file
 welcome-fileindex.htm/welcome-file
 welcome-fileindex.jsp/welcome-file
 welcome-filedefault.html/welcome-file
 welcome-filedefault.htm/welcome-file
 welcome-filedefault.jsp/welcome-file
   /welcome-file-list
   servlet
 description/description
 display-nameHelloServlet/display-name
 servlet-nameHelloServlet/servlet-name
 servlet-classcom.example.servlets.HelloServlet/servlet-class
   /servlet
   servlet-mapping
 servlet-nameHelloServlet/servlet-name
 url-pattern/HelloServlet/url-pattern
   /servlet-mapping
 /web-app


 Sorry I don't know how to add code tags in this forum. I'm using Tomcat 6.
 I've
 made no changes to ANY web.xml files, I simply followed that short basic
 tutorial step by step. My HelloServlet.java class is exactly the same as
 in the tutorial and is in the same package. 
 Could you please tell me why it can't seem to find the class?

 Thanks heaps,

 :)










 




signature.asc
Description: OpenPGP digital signature

Re: J2EE (Spring) + Flex + Tomcat 6.0.18 problem

On 08/06/2010 15:03, kitikat wrote:
 
 Hello,
 I have been searching a solution for my problem and I haven't found an
 answer, so I decided to write here. I have a system, consisting of J2EE
 (Spring) server-side LifeCycle Data Services for my Adobe Flex client
 application. Synchronization of files plays a major role in that system - I
 repeatedly call in flex one remote method from my Spring services
 (downloadPhoto) and that method returns the content of requested file - from
 10 to 1000 KB. 
 Unfortunately, from time to time, the whole process is broken during
 downloading one of the photos. It happens to different photos; they have
 different size, etc. After successful sending request for a photo there is
 20 seconds' long period of time, and then Tomcat returns http code: 0 (I've
 used Charles 3.5.1 to analyse http request/response - request is ok). I

Chuck is *software*!?

It sounds like a timeout, rather than an empty response.
Please remove all comments and any passwords from your server.xml and
post it here.

 don't have any other information about response. I've checked that this
 situation occurs _before_ my java method code is executed. So it happens
 between accepting my request and calling my code. Server's performance (it's
 VPS) is rather good (there's 50 MB memory free and a lot of cached; there's
 plenty of hard disk space and top/load don't reveal any CPU strain). Of

50Mb free isn't a meaningful number.  More useful to know how much
memory the JVM is currently using and what it's heap is configured to use.

 course there is no trace of any bugs in logs (catalina.out and others). I
 suppose that it might be a bug in Tomcat, but maybe some of you have
 experienced similar problems?

If you think it's a bug in Tomcat, you could try using the latest
release instead of an older one.


p

 I'm looking forward to hearing from you.
 Best regards,
 Kitikat




signature.asc
Description: OpenPGP digital signature

Re: Connection is closed when CometEvent.close is called during an event

On 08/06/2010 11:26, Reich, Matthias wrote:
 Hello,
 
 I am using a CometProcessor servlet in a long-poll scenario, and recently had
 a closer look at the life span of connections that are used for poll requests.
 
 I noticed that connections are closed by Tomcat whenever a poll request 
 was answered (and closed) directly during processing of the BEGIN event.
 In our application this happens for one out of three poll requests 
 approximately
 and thus should not be neglected.   
 
 I had a look into the source code and found the reason in the 
 CoyoteAdapter.event method - it sets the 'error' flag to true in this 
 situation.
 
 I modified the code (in 6.0.20 and 6.0.26) so that the error flag is not set.
 With that change Tomcat kept the connection open:
 
 ...
 // Calling the container
 connector.getContainer().getPipeline().getFirst().event(request, 
 response, request.getEvent());
 
 if (!error  !response.isClosed()  
 (request.getAttribute(Globals.EXCEPTION_ATTR) != null)) {
 // An unexpected exception occurred while processing the event, so
 // error should be called
 request.getEvent().setEventType(CometEvent.EventType.ERROR);
 request.getEvent().setEventSubType(null);
 error = true;
 connector.getContainer().getPipeline().getFirst().event(request, 
 response, request.getEvent());
 }
 if (response.isClosed() || !request.isComet()) {
 if (status==SocketStatus.OPEN) {
 //CometEvent.close was called during an event.
 request.getEvent().setEventType(CometEvent.EventType.END);
 request.getEvent().setEventSubType(null);
 
 // don't set the error flag here - otherwise the connection will be closed 
 // whenever a long poll is answered already during event handling:
 // error = true;
 
 connector.getContainer().getPipeline().getFirst().event(request, 
 response, request.getEvent());
 }
 res.action(ActionCode.ACTION_COMET_END, null);
 } else if (!error  read  request.getAvailable()) {
 // If this was a read and not all bytes have been read, or if no data
 // was read from the connector, then it is an error
 request.getEvent().setEventType(CometEvent.EventType.ERROR);
 
 request.getEvent().setEventSubType(CometEvent.EventSubType.IOEXCEPTION);
 error = true;
 connector.getContainer().getPipeline().getFirst().event(request, 
 response, request.getEvent());
 }
 return (!error);
 ...
 
 In my first tests I did not observe any undesired side effects of the change.
 However, I did not yet do extensive tests - especially not with a steaming 
 client.
 
 Do you agree that this should be considered a bug and fixed in the next Tomcat
 release?

You'll need one of the devs with Async knowledge to look at this, I think.


p

 Regards,
 Matthias
 
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 




signature.asc
Description: OpenPGP digital signature

Re: Running Perl in Tomcat

2010-06-10 Thread Sravan Suryadevara

Okay, after looking through the logs, I decided to check my web.xml
and context.xml files, so I realized that the servlet mapping included
for the CGI Servlet, maps to within the ROOT directory (where my
webapp is sitting). I also had to put the script in ROOT/WEB-INF/cgi.
So now it's working.

Thanks for the help,
Sravan


On Thu, Jun 10, 2010 at 2:40 PM, Pid p...@pidster.com wrote:
 On 10/06/2010 09:54, Sravan Suryadevara wrote:
 Only Contexts which are marked as privileged may use the CGI servlet

 Did you mark the context as privileged?

  http://tomcat.apache.org/tomcat-6.0-doc/config/context.html

 I have, in conf/context.xml. Since I'm only running one app I figured
 it wouldn't really be terrible if it was global.

 Have you tried setting it on the individual context?

 Are there any log messages of note, complaining about an error?


 p

 Btw, the other html file is loading, I just named the link wrong on
 one of the other pages.

 Sorry, about the urgency, now I know better.

 Thanks,
 Sravan Suryadevara

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: HyperLink Office connection

On 10/06/2010 10:31, antonio giulio wrote:
 No proxy for the browser.
 
 I try to describe better with header stuff steps:
 
 1) When the user click on link the request for the URL is sent by Office/Word
 2) Office/Word connect 200 to the server
 3) Server sends back 302 http status and a redirect on the Location:
 /login-page
 4) Office/Word cause of 302 try to connect again and gets 200
 5) Server sends 200 and Location: /login-page

Servers don't send 200 and a Location header, are you sure this is
what's happening?

 6) Now the web broser page is open on the /login-page

You said earlier this stuff occurred in the OS browser?
At which step does it switch to a OS browser window?


N.B.  If Office is handling the connection requests up to some step,
then Tomcat can't do anything about it - the problem is occuring before
Tomcat has any influence over the situation.


p

 There is a common JSESSIONID for the steps 1-5 and a new JSESSIONID for 6
 
 Julio
 
 On 10 June 2010 10:12, Pid p...@pidster.com wrote:
 On 09/06/2010 22:33, antonio giulio wrote:
 How have you configured your login form?
 Please include it's path/filename, the definition in web.xml, and the
 raw HTML for the login form itself.

 I don't get what u mean exactly. Anyway I used Spring-Security 2.0.5
 but I have not the code with me right now.

 Sorry, I missed that.

 Can you confirm what happens when you click the URL in Word?
 Is it as Chris/Chuck asked opening in an embedded browser in Word, or
 does it launch a new tab/window in the default OS web browser?

 When I click it launches a new tab in the default OS web browser (or
 new browser instance if not any)

 Is the browser configured to use a proxy / what proxy settings does the
 browser have?


 p






signature.asc
Description: OpenPGP digital signature

Re: HyperLink Office connection

2010-06-10 Thread antonio giulio

 N.B.  If Office is handling the connection requests up to some step,
 then Tomcat can't do anything about it - the problem is occuring before
 Tomcat has any influence over the situation.

Yes, Unfortunely I think you are right. A solution maybe could be
writing a CGI for Apache and redirect there the connection and change
HTTP-headers to communicate with Office.

Thanks,
Julio

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Tomcat DBCP

On 10/06/2010 08:25, Altanis Alexandros wrote:
 Thanks! 
 
 However, when I try to checkout the repository, I get 
 
 Repository moved permanently to
 '/viewvc/tomcat/trunk/modules/jdbc-pool/';
 
 I had to use 
 
 http://svn.apache.org/repos/asf/tomcat/trunk/modules/jdbc-pool/
 
 in order to checkout. 
 
 Thanks again!

Sorry. My bad. I gave you the url for the viewer not the actual svn
checkout. The url you are using is the correct one.

Mark


 
 Alexander
 
 -Original Message-
 From: Mark Thomas [mailto:ma...@apache.org] 
 Sent: Wednesday, June 09, 2010 1:31 PM
 To: Tomcat Users List
 Subject: Re: Tomcat DBCP
 
 On 09/06/2010 10:15, Altanis Alexandros wrote:
 My question is this: can I use this feature with Tomcat 6?
 
 Yes.
 
 Where can I get a hold of the source code? I found some svn
 links that point to 404. 
 http://svn.apache.org/viewvc/tomcat/trunk/modules/jdbc-pool/
 
 Mark
 
 
 
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: HTTP Status 408!





Hello Pid ,


Thanks for your time! 

I put this in my web.xml :


  session-config
  session-timeout30/session-timeout   !-- 30 minutes --
  /session-config





From: Pid p...@pidster.com
To: Tomcat Users List users@tomcat.apache.org
Sent: Thu, June 10, 2010 12:13:34 PM
Subject: Re: HTTP Status 408!

On 09/06/2010 21:52, neo21 zerro wrote:
 Hello, 
 
 I'm using Tomcat 6.0.26 with java 1.5 JDK.
 
 
I've developed a JAAS login module for my application and when I try 
 to login in my app a strange error occur's: 
  HTTP Status 408:The time allowed for the login process has been exceeded. If 
 you wish to continue you must either click back twice and re-click the link 
 you 
 requested or close and re-open your browser.
   I've made a little research about the problem and everyone said that it 
 goes away if you enable the cookies(made that and the error still occurs). 
 Another thing is that the actual JAAS login module authenticate the user but 
 when it should display the protected resource the error occurs.
 
 So if anyone has some ideas please share!

What have you configured the session time to be?


p

RE: J2EE (Spring) + Flex + Tomcat 6.0.18 problem

2010-06-10 Thread Martin Gainty

if your bean implemenents implements Lifecycle it is likely that you
LifecycleBean is not running in which case you'll need to restart it e.g

bean id=lifecycle class=test.beans.LifecycleBean
init-method=declaredInitMethod
property name=initMethodDeclaredvaluetrue/value/property
/bean

if(!context.getBean(lifecycle).isRunning())
context.getBean(lifecycle).start();

if your bean implelements FactoryBeanEhcache then increase the
timeToLive(default is 120sec) or maxElementsInMemory(default is 1) or
maxElementsOnDisk(default is 1000)

post your code if you need further assistance
Martin Gainty
__
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité

Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger
sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung
oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem
Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung.
Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung
fuer den Inhalt uebernehmen.Ce message est confidentiel et peut être
privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec
bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non
autorisée ou la copie de ceci est interdite. Ce message sert à l'information
seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant
donné que les email peuvent facilement être sujets à la manipulation, nous ne
pouvons accepter aucune responsabilité pour le contenu fourni.

Date: Thu, 10 Jun 2010 10:25:37 +0100
From: p...@pidster.com
To: users@tomcat.apache.org
Subject: Re: J2EE (Spring) + Flex + Tomcat 6.0.18 problem

On 08/06/2010 15:03, kitikat wrote:

Hello,
I have been searching a solution for my problem and I haven't found an
answer, so I decided to write here. I have a system, consisting of J2EE
(Spring) server-side LifeCycle Data Services for my Adobe Flex client
application. Synchronization of files plays a major role in that system - I
repeatedly call in flex one remote method from my Spring services
(downloadPhoto) and that method returns the content of requested file - from
10 to 1000 KB.
Unfortunately, from time to time, the whole process is broken during
downloading one of the photos. It happens to different photos; they have
different size, etc. After successful sending request for a photo there is
20 seconds' long period of time, and then Tomcat returns http code: 0 (I've
used Charles 3.5.1 to analyse http request/response - request is ok). I

Chuck is *software*!?

It sounds like a timeout, rather than an empty response.
Please remove all comments and any passwords from your server.xml and
post it here.

don't have any other information about response. I've checked that this
situation occurs _before_ my java method code is executed. So it happens
between accepting my request and calling my code. Server's performance (it's
VPS) is rather good (there's 50 MB memory free and a lot of cached; there's
plenty of hard disk space and top/load don't reveal any CPU strain). Of

50Mb free isn't a meaningful number. More useful to know how much
memory the JVM is currently using and what it's heap is configured to use.

course there is no trace of any bugs in logs (catalina.out and others). I
suppose that it might be a bug in Tomcat, but maybe some of you have
experienced similar problems?

If you think it's a bug in Tomcat, you could try using the latest
release instead of an older one.

I'm looking forward to hearing from you.
Best regards,
Kitikat

_
The New Busy is not the too busy. Combine all your e-mail accounts with Hotmail.
http://www.windowslive.com/campaign/thenewbusy?tile=multiaccountocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_4

Re: HyperLink Office connection


antonio giulio wrote:

N.B.  If Office is handling the connection requests up to some step,
then Tomcat can't do anything about it - the problem is occuring before
Tomcat has any influence over the situation.


Yes, Unfortunely I think you are right. A solution maybe could be
writing a CGI for Apache and redirect there the connection and change
HTTP-headers to communicate with Office.


Julio,
I also believe that this is a bit off-topic for this list.
But what you are trying to do does not seem very exotic, and I am 
interested in the topic, and I think that I can help you.
So if you want to continue this discussion off-list, send me an email 
directly.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: HTTP Status 408!

Hello ,


Good news I found a way to get rid of the error with this code in my JASS:
session = req.getSession(true);


But now I get another strage error :

HTTP Status 400 - Invalid direct reference to form login page


type Status report
message Invalid direct reference to form login page
description The request sent by the client was syntactically incorrect (Invalid 
direct reference to form login page).






The response header looks like this: 

 Response Headersview source
Server Apache-Coyote/1.1 
Content-Type text/html;charset=utf-8 
Content-Length 1100 
Date Thu, 10 Jun 2010 10:51:56 
GMT 
Connection close 
Request Headersview source
Host localhost:8080 
User-Agent Mozilla/5.0 (Windows; U; 
Windows NT 5.2; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 
Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
Accept-Language en-us,en;q=0.5 
Accept-Encoding gzip,deflate 
Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7 
Keep-Alive 115 
Connection keep-alive 
Cookie JSESSIONID=3AFB0FC0977ABA49563E858035F02617 
 







From: Pid p...@pidster.com
To: Tomcat Users List users@tomcat.apache.org
Sent: Thu, June 10, 2010 12:13:34 PM
Subject: Re: HTTP Status 408!

On 09/06/2010 21:52, neo21 zerro wrote:
 Hello, 
 
 I'm using Tomcat 6.0.26 with java 1.5 JDK.
 
 
I've developed a JAAS login module for my application and when I try 
 to login in my app a strange error occur's: 
  HTTP Status 408:The time allowed for the login process has been exceeded. If 
 you wish to continue you must either click back twice and re-click the link 
 you 
 requested or close and re-open your browser.
   I've made a little research about the problem and everyone said that it 
 goes away if you enable the cookies(made that and the error still occurs). 
 Another thing is that the actual JAAS login module authenticate the user but 
 when it should display the protected resource the error occurs.
 
 So if anyone has some ideas please share!

What have you configured the session time to be?


p

Question about context.xml

2010-06-10 Thread Abid Hussain

Hello,
 
I'm sure this question has been posted in the past already, but when 
searching for Tomcat 6 context.xml (or similar) I didn't find anything 
which described my question.

My question is about the several possibility to declare context 
elements for configuring JNDI resources in Tomcat 6 configuration.
In Tomcat 6 documentation 
(http://tomcat.apache.org/tomcat-6.0-doc/jndi-resources-howto.html#conte
xt.xml%20configuration) there are described to ways to configure JNDI 
resources for a webapp:
* in $CATALINA_BASE$/conf/server.xml
* in META-INF/context.xml for each webapp

AFAIK there is an additional possibilities two configure JNDI resources:
* in $CATALINA_BASE$/conf/Catalina/localhost/name-of-web-app.xml
Is that correct?

And why is there a context.xml in $CATALINA_BASE/conf and what is it 
for? Would be happy if someone could help me out with this.

Best regards,

Abid

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: HTTP Status 408!

On 10/06/2010 12:06, neo21 zerro wrote:
 Hello ,
 
 
 Good news I found a way to get rid of the error with this code in my JASS:
 session = req.getSession(true);
 
 
 But now I get another strage error :
 
 HTTP Status 400 - Invalid direct reference to form login page
 
 
 type Status report
 message Invalid direct reference to form login page
 description The request sent by the client was syntactically incorrect 
 (Invalid 
 direct reference to form login page).

Does this occur every time you try to log in?

Please post the login config from web.xml.


p




 
 
 
 The response header looks like this: 
 
  Response Headersview source
 Server Apache-Coyote/1.1 
 Content-Type text/html;charset=utf-8 
 Content-Length 1100 
 Date Thu, 10 Jun 2010 10:51:56 
 GMT 
 Connection close 
 Request Headersview source
 Host localhost:8080 
 User-Agent Mozilla/5.0 (Windows; U; 
 Windows NT 5.2; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 
 Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
 Accept-Language en-us,en;q=0.5 
 Accept-Encoding gzip,deflate 
 Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7 
 Keep-Alive 115 
 Connection keep-alive 
 Cookie JSESSIONID=3AFB0FC0977ABA49563E858035F02617 
  
 
 
 
 
 
 
 
 From: Pid p...@pidster.com
 To: Tomcat Users List users@tomcat.apache.org
 Sent: Thu, June 10, 2010 12:13:34 PM
 Subject: Re: HTTP Status 408!
 
 On 09/06/2010 21:52, neo21 zerro wrote:
 Hello, 

 I'm using Tomcat 6.0.26 with java 1.5 JDK.


I've developed a JAAS login module for my application and when I try 
 to login in my app a strange error occur's: 
  HTTP Status 408:The time allowed for the login process has been exceeded. 
 If you wish to continue you must either click back twice and re-click the 
 link you 
 requested or close and re-open your browser.
   I've made a little research about the problem and everyone said that 
 it goes away if you enable the cookies(made that and the error still 
 occurs). Another thing is that the actual JAAS login module authenticate the 
 user but when it should display the protected resource the error occurs.

 So if anyone has some ideas please share!
 
 What have you configured the session time to be?
 
 
 p
 
 
   




signature.asc
Description: OpenPGP digital signature

Re: Question about context.xml

On 10/06/2010 12:47, Abid Hussain wrote:
 Hello,
  
 I'm sure this question has been posted in the past already, but when 
 searching for Tomcat 6 context.xml (or similar) I didn't find anything 
 which described my question.
 
 My question is about the several possibility to declare context 
 elements for configuring JNDI resources in Tomcat 6 configuration.
 In Tomcat 6 documentation 
 (http://tomcat.apache.org/tomcat-6.0-doc/jndi-resources-howto.html#conte
 xt.xml%20configuration) there are described to ways to configure JNDI 
 resources for a webapp:
 * in $CATALINA_BASE$/conf/server.xml
 * in META-INF/context.xml for each webapp
 
 AFAIK there is an additional possibilities two configure JNDI resources:
 * in $CATALINA_BASE$/conf/Catalina/localhost/name-of-web-app.xml
 Is that correct?

Yes.

 And why is there a context.xml in $CATALINA_BASE/conf and what is it 
 for? Would be happy if someone could help me out with this.

It's the default context definition for the server.


p

 Best regards,
 
 Abid
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 




signature.asc
Description: OpenPGP digital signature

RE: Question about context.xml

2010-06-10 Thread Caldarale, Charles R

 From: Abid Hussain [mailto:abid.huss...@dilax.com]
 Subject: Question about context.xml

 My question is about the several possibility to declare context
 elements for configuring JNDI resources in Tomcat 6 configuration.

Read the Context (not context - case matters) doc first, then search:
http://tomcat.apache.org/tomcat-6.0-doc/config/context.html

 And why is there a context.xml in $CATALINA_BASE/conf and what 
 is it for?

Read the above doc reference.

 - Chuck

THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: J2EE (Spring) + Flex + Tomcat 6.0.18 problem

2010-06-10 Thread Caldarale, Charles R

 From: Pid [mailto:p...@pidster.com]
 Subject: Re: J2EE (Spring) + Flex + Tomcat 6.0.18 problem

  I've used Charles 3.5.1 to analyse http request/response

 Chuck is *software*!?

The secret is out...

(But not quite as soft as I used to be, since we started using a Wii Fit.)

 - Chuck

THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: HTTP Status 408!



Yes every time I want to login!

security-constraint
web-resource-collection
web-resource-nameUser Application/web-resource-name
url-pattern/*/url-pattern
/web-resource-collection
auth-constraint
role-nameuser/role-name
/auth-constraint
/security-constraint

login-config
auth-methodFORM/auth-method
realm-nameuser/realm-name
form-login-config
form-login-page/forms/login.html/form-login-page
form-error-page/forms/error.html/form-error-page
/form-login-config
/login-config 
security-role
  descriptionUser Role for authentication/description
  role-nameuser/role-name
/security-role





From: Pid p...@pidster.com
To: Tomcat Users List users@tomcat.apache.org
Sent: Thu, June 10, 2010 3:43:18 PM
Subject: Re: HTTP Status 408!

On 10/06/2010 12:06, neo21 zerro wrote:
 Hello ,
 
 
 Good news I found a way to get rid of the error with this code in my JASS:
 session = req.getSession(true);
 
 
 But now I get another strage error :
 
 HTTP Status 400 - Invalid direct reference to form login page
 
 
 type Status report
 message Invalid direct reference to form login page
 description The request sent by the client was syntactically incorrect 
 (Invalid 
 direct reference to form login page).

Does this occur every time you try to log in?

Please post the login config from web.xml.


p




 
 
 
 The response header looks like this: 
 
  Response Headersview source
 Server Apache-Coyote/1.1 
 Content-Type text/html;charset=utf-8 
 Content-Length 1100 
 Date Thu, 10 Jun 2010 10:51:56 
 GMT 
 Connection close 
 Request Headersview source
 Host localhost:8080 
 User-Agent Mozilla/5.0 (Windows; U; 
 Windows NT 5.2; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 
 Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
 Accept-Language en-us,en;q=0.5 
 Accept-Encoding gzip,deflate 
 Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7 
 Keep-Alive 115 
 Connection keep-alive 
 Cookie JSESSIONID=3AFB0FC0977ABA49563E858035F02617 
  
 
 
 
 
 
 
 
 From: Pid p...@pidster.com
 To: Tomcat Users List users@tomcat.apache.org
 Sent: Thu, June 10, 2010 12:13:34 PM
 Subject: Re: HTTP Status 408!
 
 On 09/06/2010 21:52, neo21 zerro wrote:
 Hello, 

 I'm using Tomcat 6.0.26 with java 1.5 JDK.


I've developed a JAAS login module for my application and when I try 
 to login in my app a strange error occur's: 
  HTTP Status 408:The time allowed for the login process has been exceeded. 
 If you wish to continue you must either click back twice and re-click the 
 link you 
 requested or close and re-open your browser.
   I've made a little research about the problem and everyone said that 
 it goes away if you enable the cookies(made that and the error still 
 occurs). Another thing is that the actual JAAS login module authenticate the 
 user but when it should display the protected resource the error occurs.

 So if anyone has some ideas please share!
 
 What have you configured the session time to be?
 
 
 p

Re: HTTP Status 408!

On 10/06/2010 14:19, neo21 zerro wrote:
 
 Yes every time I want to login!
 
 security-constraint
 web-resource-collection
 web-resource-nameUser Application/web-resource-name
 url-pattern/*/url-pattern
 /web-resource-collection
 auth-constraint
 role-nameuser/role-name
 /auth-constraint
 /security-constraint
 
 login-config
 auth-methodFORM/auth-method
 realm-nameuser/realm-name
 form-login-config
 form-login-page/forms/login.html/form-login-page
 form-error-page/forms/error.html/form-error-page

I usually place them in:

 WEB-INF/login/form.jsp
 WEB-INF/login/error.jsp

so they can't be requested directly.

Use a JSP so you can properly encode the j_security_check URL.

 %= response.encodeURL('j_security_check') %



p

 /form-login-config
 /login-config 
 security-role
descriptionUser Role for authentication/description
role-nameuser/role-name
 /security-role
 
 
 
 
 *From:* Pid p...@pidster.com
 *To:* Tomcat Users List users@tomcat.apache.org
 *Sent:* Thu, June 10, 2010 3:43:18 PM
 *Subject:* Re: HTTP Status 408!
 
 On 10/06/2010 12:06, neo21 zerro wrote:
 Hello ,


 Good news I found a way to get rid of the error with this code in my JASS:
 session = req.getSession(true);


 But now I get another strage error :

 HTTP Status 400 - Invalid direct reference to form login page
 

 type Status report
 message Invalid direct reference to form login page
 description The request sent by the client was syntactically incorrect
 (Invalid
 direct reference to form login page).
 
 Does this occur every time you try to log in?
 
 Please post the login config from web.xml.
 
 
 p
 
 
 
 
 


 The response header looks like this:

  Response Headersview source
 Server Apache-Coyote/1.1
 Content-Type text/html;charset=utf-8
 Content-Length 1100
 Date Thu, 10 Jun 2010 10:51:56
 GMT
 Connection close
 Request Headersview source
 Host localhost:8080
 User-Agent Mozilla/5.0 (Windows; U;
 Windows NT 5.2; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3
 Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
 Accept-Language en-us,en;q=0.5
 Accept-Encoding gzip,deflate
 Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7
 Keep-Alive 115
 Connection keep-alive
 Cookie JSESSIONID=3AFB0FC0977ABA49563E858035F02617
 






 
 From: Pid p...@pidster.com mailto:p...@pidster.com
 To: Tomcat Users List users@tomcat.apache.org
 mailto:users@tomcat.apache.org
 Sent: Thu, June 10, 2010 12:13:34 PM
 Subject: Re: HTTP Status 408!

 On 09/06/2010 21:52, neo21 zerro wrote:
 Hello,

 I'm using Tomcat 6.0.26 with java 1.5 JDK.


I've developed a JAAS login module for my application and when
 I try to login in my app a strange error occur's:
  HTTP Status 408:The time allowed for the login process has been
 exceeded. If you wish to continue you must either click back twice and
 re-click the link you
 requested or close and re-open your browser.
  I've made a little research about the problem and everyone said
 that it goes away if you enable the cookies(made that and the error
 still occurs). Another thing is that the actual JAAS login module
 authenticate the user but when it should display the protected resource
 the error occurs.

 So if anyone has some ideas please share!

 What have you configured the session time to be?


 p


 
 
 
 




signature.asc
Description: OpenPGP digital signature

RE: HTTP Status 408!

2010-06-10 Thread Martin Gainty


the form-login-page login.html *should* contain the j_security parameters for 
your login form e.g.:


form method=POST action=j_security_check
   input type=text name=j_username
   input type=text name=j_password
   input type=submit value=Log in
/form

is this the case?
Martin Gainty 
__ 
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité

 
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger 
sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung 
oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem 
Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. 
Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung 
fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le 
destinataire prévu, nous te demandons avec bonté que pour satisfaire informez 
l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est 
interdite. Ce message sert à l'information seulement et n'aura pas n'importe 
quel effet légalement obligatoire. Étant donné que les email peuvent facilement 
être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité 
pour le contenu fourni.



 

 Date: Thu, 10 Jun 2010 06:19:36 -0700
 From: neo21_ze...@yahoo.com
 Subject: Re: HTTP Status 408!
 To: users@tomcat.apache.org; p...@pidster.com
 
 
 
 Yes every time I want to login!
 
 security-constraint
 web-resource-collection
 web-resource-nameUser Application/web-resource-name
 url-pattern/*/url-pattern
 /web-resource-collection
 auth-constraint
 role-nameuser/role-name
 /auth-constraint
 /security-constraint
 
 login-config
 auth-methodFORM/auth-method
 realm-nameuser/realm-name
 form-login-config
 form-login-page/forms/login.html/form-login-page
 form-error-page/forms/error.html/form-error-page
 /form-login-config
 /login-config 
 security-role
 descriptionUser Role for authentication/description
 role-nameuser/role-name
 /security-role
 
 
 
 
 
 From: Pid p...@pidster.com
 To: Tomcat Users List users@tomcat.apache.org
 Sent: Thu, June 10, 2010 3:43:18 PM
 Subject: Re: HTTP Status 408!
 
 On 10/06/2010 12:06, neo21 zerro wrote:
  Hello ,
  
  
  Good news I found a way to get rid of the error with this code in my JASS:
  session = req.getSession(true);
  
  
  But now I get another strage error :
  
  HTTP Status 400 - Invalid direct reference to form login page
  
  
  type Status report
  message Invalid direct reference to form login page
  description The request sent by the client was syntactically incorrect 
  (Invalid 
  direct reference to form login page).
 
 Does this occur every time you try to log in?
 
 Please post the login config from web.xml.
 
 
 p
 
 
 
 
  
  
  
  The response header looks like this: 
  
  Response Headersview source
  Server Apache-Coyote/1.1 
  Content-Type text/html;charset=utf-8 
  Content-Length 1100 
  Date Thu, 10 Jun 2010 10:51:56 
  GMT 
  Connection close 
  Request Headersview source
  Host localhost:8080 
  User-Agent Mozilla/5.0 (Windows; U; 
  Windows NT 5.2; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 
  Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
  Accept-Language en-us,en;q=0.5 
  Accept-Encoding gzip,deflate 
  Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7 
  Keep-Alive 115 
  Connection keep-alive 
  Cookie JSESSIONID=3AFB0FC0977ABA49563E858035F02617 
  
  
  
  
  
  
  
  
  From: Pid p...@pidster.com
  To: Tomcat Users List users@tomcat.apache.org
  Sent: Thu, June 10, 2010 12:13:34 PM
  Subject: Re: HTTP Status 408!
  
  On 09/06/2010 21:52, neo21 zerro wrote:
  Hello, 
 
  I'm using Tomcat 6.0.26 with java 1.5 JDK.
 
 
  I've developed a JAAS login module for my application and when I try to 
  login in my app a strange error occur's: 
  HTTP Status 408:The time allowed for the login process has been exceeded. 
  If you wish to continue you must either click back twice and re-click the 
  link you 
  requested or close and re-open your browser.
  I've made a little research about the problem and everyone said that it 
  goes away if you enable the cookies(made that and the error still occurs). 
  Another thing is that the actual JAAS login module authenticate the user 
  but when it should display the protected resource the error occurs.
 
  So if anyone has some ideas please share!
  
  What have you configured the session time to be?
  
  
  p
  
  
  
 
 
 
  
_
Hotmail is redefining busy with tools for the New Busy. Get more from your 
inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_2

Re: J2EE (Spring) + Flex + Tomcat 6.0.18 problem

Caldarale, Charles R wrote:

From: Pid [mailto:p...@pidster.com]
Subject: Re: J2EE (Spring) + Flex + Tomcat 6.0.18 problem

I've used Charles 3.5.1 to analyse http request/response

Chuck is *software*!?

The secret is out...

That release is at least 50 years old however, and although it is 
supportive, it is no longer supported.  The OP may want to trade it in 
against a newer version.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: EL 2.2 in Tomcat 7 RC1/RC2 does not fully support method invocation, such as #{helloWorldController.doSomething(helloWorldModel)}

2010-06-10 Thread John Wu

Hi Mark,

The fix of to derive the type directly from the value which ... sounds not
a solution. In a slightly more complex scenario, the fix still fails.

Say the method signature is public * theMethod(TheSupperType o) and
calling the method in EL like
#{theClassInstance.theMethod(theDerivedTypeInstance)}, where the supper
type can be a supper class or an interface, your fix fails.

Example project attached.

My suggestion as to the solution of resolving which method to call:
. Retrieve all methods of *theClassInstance*, and put them into the
CANDIDATES collection;

// Search a match by method name
. For each method in CANDIDATES,
. if the name is not *theMethod*, remove it from CANDIDATES
. If CANDIDATES is empty, then NOT-FOUND;
. else if only one is left, then FOUND;

// Search a match by params count
. else, count the number of actual params,
. For each method in CANDIDATES,
. if the number of formal params does not match that of actual params,
remove it from CANDIDATES
. // Optoional, handle cases of method has variable number of arguments
. If CANDIDATES is empty, then NOT-FOUND;
. else if only one is left, then FOUND;

// Search a match by param types
. else, evaluate all actual params;
. For each method in CANDIDATES,
. if NOT( for-each formalParamType.isAssignableFrom(actualParamType) ),
remove it from CANDIDATES
. // Optoional, handle cases of method has variable number of arguments
. If CANDIDATES is empty, then NOT-FOUND;
. else if only one is left, then FOUND;

. else, AMBIGUOUS

John Wu
http://old.nabble.com/file/p28843317/jsf-2.0-el-2.2.testcase-v2.zip
jsf-2.0-el-2.2.testcase-v2.zip
--
View this message in context:
http://old.nabble.com/EL-2.2-in-Tomcat-7-RC1-RC2-does-not-fully-support-method-invocation%2C-such-as-%22-%7BhelloWorldController.doSomething%28helloWorldModel%29%7D%22-tp28671969p28843317.html
Sent from the Tomcat - User mailing list archive at Nabble.com.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: HTTP Status 408!

2010-06-10 Thread Christopher Schultz

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Neo21,

On 6/9/2010 4:52 PM, neo21 zerro wrote:
 I'm using Tomcat 6.0.26 with java 1.5 JDK.
 
 I've developed a JAAS login module for my application and when I try
 to login in my app a strange error occur's: HTTP Status 408:The time
 allowed for the login process has been exceeded. If you wish to
 continue you must either click back twice and re-click the link you 
 requested or close and re-open your browser.

Are you trying to login without having first requested a protected page?
The behavior you describe is how Tomcat acts if it's not expecting a
login, but gets one anyway.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkwQ7KgACgkQ9CaO5/Lv0PCQIACcDLKAA/VzAlElHHTknzz8XjCW
XUcAoLnJOKG/tNhcGf0O2FOIvSrDH9Ss
=fnzD
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: HTTP Status 408!





Hello,

this is my login.html page:

FORM ACTION=j_security_check METHOD=POST
 input id=username type=text size=20 name=j_username 
AUTOCOMPLETE=OFF
input type=password size=20 name=j_password AUTOCOMPLETE=OFF
input type=submit name=login value=Login


From: Martin Gainty mgai...@hotmail.com
To: Tomcat Users List users@tomcat.apache.org
Sent: Thu, June 10, 2010 4:34:11 PM
Subject: RE: HTTP Status 408!


the form-login-page login.html *should* contain the j_security parameters for 
your login form e.g.:


form method=POST action=j_security_check
   input type=text name=j_username
   input type=text name=j_password
   input type=submit value=Log in
/form

is this the case?
Martin Gainty 
__ 
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité


Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger 
sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung 
oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem 
Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. 
Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung 
fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le 
destinataire prévu, nous te demandons avec bonté que pour satisfaire informez 
l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est 
interdite. Ce message sert à l'information seulement et n'aura pas n'importe 
quel effet légalement obligatoire. Étant donné que les email peuvent facilement 
être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité 
pour le contenu fourni.





 Date: Thu, 10 Jun 2010 06:19:36 -0700
 From: neo21_ze...@yahoo.com
 Subject: Re: HTTP Status 408!
 To: users@tomcat.apache.org; p...@pidster.com
 
 
 
 Yes every time I want to login!
 
 security-constraint
 web-resource-collection
 web-resource-nameUser Application/web-resource-name
 url-pattern/*/url-pattern
 /web-resource-collection
 auth-constraint
 role-nameuser/role-name
 /auth-constraint
 /security-constraint
 
 login-config
 auth-methodFORM/auth-method
 realm-nameuser/realm-name
 form-login-config
 form-login-page/forms/login.html/form-login-page
 form-error-page/forms/error.html/form-error-page
 /form-login-config
 /login-config 
 security-role
 descriptionUser Role for authentication/description
 role-nameuser/role-name
 /security-role
 
 
 
 
 
 From: Pid p...@pidster.com
 To: Tomcat Users List users@tomcat.apache.org
 Sent: Thu, June 10, 2010 3:43:18 PM
 Subject: Re: HTTP Status 408!
 
 On 10/06/2010 12:06, neo21 zerro wrote:
  Hello ,
  
  
  Good news I found a way to get rid of the error with this code in my JASS:
  session = req.getSession(true);
  
  
  But now I get another strage error :
  
  HTTP Status 400 - Invalid direct reference to form login page
  
  
  type Status report
  message Invalid direct reference to form login page
  description The request sent by the client was syntactically incorrect 
  (Invalid 
  direct reference to form login page).
 
 Does this occur every time you try to log in?
 
 Please post the login config from web.xml.
 
 
 p
 
 
 
 
  
  
  
  The response header looks like this: 
  
  Response Headersview source
  Server Apache-Coyote/1.1 
  Content-Type text/html;charset=utf-8 
  Content-Length 1100 
  Date Thu, 10 Jun 2010 10:51:56 
  GMT 
  Connection close 
  Request Headersview source
  Host localhost:8080 
  User-Agent Mozilla/5.0 (Windows; U; 
  Windows NT 5.2; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 
  Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
  Accept-Language en-us,en;q=0.5 
  Accept-Encoding gzip,deflate 
  Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7 
  Keep-Alive 115 
  Connection keep-alive 
  Cookie JSESSIONID=3AFB0FC0977ABA49563E858035F02617 
  
  
  
  
  
  
  
  
  From: Pid p...@pidster.com
  To: Tomcat Users List users@tomcat.apache.org
  Sent: Thu, June 10, 2010 12:13:34 PM
  Subject: Re: HTTP Status 408!
  
  On 09/06/2010 21:52, neo21 zerro wrote:
  Hello, 
 
  I'm using Tomcat 6.0.26 with java 1.5 JDK.
 
 
  I've developed a JAAS login module for my application and when I try to 
  login in my app a strange error occur's: 
  HTTP Status 408:The time allowed for the login process has been exceeded. 
  If you wish to continue you must either click back twice and re-click the 
  link you 
  requested or close and re-open your browser.
  I've made a little research about the problem and everyone said that it 
  goes away if you enable the cookies(made that and the error still occurs). 
  Another thing is that the actual JAAS login module authenticate the user 
  but when it should display the protected resource the error

Re: HTTP Status 408!





Yes I am requesting a protected resource but I don't know why is this happening.


 I've tried to set all sort of cookies in my browser but nothing 
works.The problem is that I'm not using jsp like Pid said 
and I think I should try to use jsp...for my login page.
 Are there other versions of Tomcat ? I mean newer versions, like 7 ? 



Thanks for your time! 




From: Christopher Schultz ch...@christopherschultz.net
To: Tomcat Users List users@tomcat.apache.org
Sent: Thu, June 10, 2010 4:46:16 PM
Subject: Re: HTTP Status 408!

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Neo21,

On 6/9/2010 4:52 PM, neo21 zerro wrote:
 I'm using Tomcat 6.0.26 with java 1.5 JDK.
 
 I've developed a JAAS login module for my application and when I try
 to login in my app a strange error occur's: HTTP Status 408:The time
 allowed for the login process has been exceeded. If you wish to
 continue you must either click back twice and re-click the link you 
 requested or close and re-open your browser.

Are you trying to login without having first requested a protected page?
The behavior you describe is how Tomcat acts if it's not expecting a
login, but gets one anyway.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkwQ7KgACgkQ9CaO5/Lv0PCQIACcDLKAA/VzAlElHHTknzz8XjCW
XUcAoLnJOKG/tNhcGf0O2FOIvSrDH9Ss
=fnzD
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

tomcat 6.0 404 error only on firefox due to backslashes?


Dear all,

I had to setup a Windows 2008r2 box running tomcat 6.0.26 in a virtual
machine, in order to see if a project/site from a windows 2003 SP2 and
tomcat 5.0 could run on it. During the upgrade process everything worked
well (after a few tricks), except from one thing (at this point I have to
declare that I am no tomcat/Windows expert!):

The site has a place where people can download files from. When it displays
the files to be downloaded, it contains a hyperlink containing backslashes
in their names. Once a user clicks on those hyperlinks (using firefox), a
new tab is created and a blank page is displayed. The address bar shows the
link containing the backslashes. If I change them to frontslashes by hand,
the file is downloaded. If I use firefox and click on the same links on the
same site hosted on the older machine (tomcat 5, etc.), it works just fine.
IE on the other hand works fine on both servers.

I used a packet sniffer to intercept the packets and my results are as
follows (server1 is the old server and server2 is the new):

server1:

GET /site/archive%5C150%5CdownloadFile%5C3535%5CLec-1.ppt HTTP/1.1
Host: server1:8083
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.9.1.9)
Gecko/20100526 Firefox/3.5.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer:
http://server1:8083/site/cms.downloadFile.data.do?method=jsplistPRMID=1020
Cookie: JSESSIONID=71B2F50E3D20E9CD2812BE4635315C4E;
__utma=55546303.157551831.1272378139.1274780984.1274887786.4;
__utmz=55546303.1272378139.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
If-Modified-Since: Tue, 17 Mar 2009 09:08:43 GMT
If-None-Match: W/2693120-1237280923177


HTTP/1.1 304 Not Modified
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: No-cache
Date: Thu, 10 Jun 2010 13:20:39 GMT
Server: Apache-Coyote/1.1



server2:

GET /site/archive%5C150%5CdownloadFile%5C3535%5CLec-1.ppt HTTP/1.1
Host: server2:8083
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.9.1.9)
Gecko/20100526 Firefox/3.5.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer:
http://server2:8083/site/cms.downloadFile.data.do?method=jsplistPRMID=1020
Cookie: JSESSIONID=DD8FE273A842A3F922C1ABE9C2803DA8;
__utma=55546303.157551831.1272378139.1274780984.1274887786.4;
__utmz=55546303.1272378139.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)


HTTP/1.1 400 Bad Request
Server: Apache-Coyote/1.1
Content-Length: 0
Date: Thu, 10 Jun 2010 13:20:38 GMT
Connection: close


The above transactions are intercepted firefox sessions from the same client
to the two servers. One may notice that there are no practical differences
other than the two headers regarding caching (If-Modified-Since and
If-None-Match). Do be honest, I am not sure why the old server receives
caching headers whereas the new one doesn't (the configuration of the old
server was performed by other admins). Maybe the answer is hidden in this
point...but I don't think so.

Does anyone have a clue to what may be happening? I would very much like to
set some configuration directive in tomcat that instructs it to treat
backslashes in URIs as if they were frontslashes in order to stop this
issue, but I cannot find such one.

I Hope that somebody may help me in this.

Thank you all for your time in advance!
-- 
View this message in context: 
http://old.nabble.com/tomcat-6.0-404-error-only-on-firefox-due-to-backslashes--tp28844040p28844040.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: HyperLink Office connection

2010-06-10 Thread antonio giulio

Hi Andre',

thanks for the offer, you are right, at this point is off-topic,
anyway I solved (sorry for the OT) all in Apache-httpd:

on the virtual host configuration:

RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule (.*)  https://%{HTTP_HOST}/cgi-bin/redirect.pl$1

and the simple redirect.pl in the cgi-bin/ is:

#!/usr/bin/perl
$uri = $ENV{'REQUEST_URI'};
$context = substr $uri, 27;
$url = https://$ENV{'HTTP_HOST'}$context;

print Content-type:text/html\r\n\r\n;
print html;
print head;
print meta http-equiv=\refresh\ content=\0;url=$url\ /;
print /head;
print body;
print /body;
print /html;

1;

basically the address:

http://mycompany.com/rest_of_the_url

is redirect from the RewriteRule to:

https://mycompany.com/cgi-bin/redirect.pl/rest_of_the_url

and the redirect.pl just retrieve rest_of_the_url string and compose
the new string.
The html returned has:

meta http-equiv=\refresh\ content=\0;url=$url\ /

meta-refresh sends back to Office/Word 200, and this time Office can
open correctly the browser returned in the meta /

Thanks,
Julio

On 10 June 2010 11:52, André Warnier a...@ice-sa.com wrote:
 antonio giulio wrote:

 N.B.  If Office is handling the connection requests up to some step,
 then Tomcat can't do anything about it - the problem is occuring before
 Tomcat has any influence over the situation.

 Yes, Unfortunely I think you are right. A solution maybe could be
 writing a CGI for Apache and redirect there the connection and change
 HTTP-headers to communicate with Office.

 Julio,
 I also believe that this is a bit off-topic for this list.
 But what you are trying to do does not seem very exotic, and I am interested
 in the topic, and I think that I can help you.
 So if you want to continue this discussion off-list, send me an email
 directly.

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: tomcat 6.0 404 error only on firefox due to backslashes?


I have seen the configuration variables: 

org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH
and
org.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH

that if they could be set to true, they could solve my problem, but I have
no idea where to place them (configuration file?!), and/or their syntax.
-- 
View this message in context: 
http://old.nabble.com/tomcat-6.0-404-error-only-on-firefox-due-to-backslashes--tp28844040p28844410.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: How to configure a web app

2010-06-10 Thread Mark H. Wood

On Wed, Jun 09, 2010 at 05:20:22PM +0200, Thomas Kloeber wrote:
 Mark H. Wood wrote on 09.06.2010 17:03:
  On Wed, Jun 09, 2010 at 04:19:17PM +0200, Thomas Kloeber wrote:
 
  the problems I have are:
 
   * the IP address of the backing database is one of the parameters
 that needs to be configured (in context.xml), so I can't get any
 data from the db unless it is configured...
   * the other confgurables (SPNEGO and kerberos stuff)  are in web.xml
 and as long as they are not set up correct, my app won't start!
   * sounds like a catch 22 to me ...
   
  Context parameter pointing to a properties file somewhere?  Then you
  can put the settings wherever you want them, and move them anytime
  with minimal fuss.  Install the app. outside of any appBase and use an
  external Context file 
  ($CATALINA_BASE/conf/Catalina/hostname/contextname.xml)
to point to it and provide the parameter's value:
 
 Context docBase='/some/where/myapp'
   Parameter name='configuration'
  value='/some/where/else/myapp.properties'
  description='where the configurables are'/
 /Context
 
  You could just define the configurables as separate Parameters, but I
  would keep them separated from configuration of the servlet container
  (which the above is) if possible.  Tastes vary.
 
 sounds like a good idea, but what about the web.xml stuff? Can I use 
 some redirection there as well?

I guess I don't understand why web.xml must be customized at all.
In Tomcat, Resources can be configured in a Context; Environment
entries can be made in a Context; initialization parameters can
be set in a Context.  Is there something else?  And Tomcat allows
you to place the Context declaration outside of the app. as noted above.

 Caldarale, Charles R wrote on 09.06.2010 17:04:
  how do you make changes in context.xml inside archive?
   
  Unpack it with the jar utility, update, repack.  Alternatively, you can 
  supply theContext  element in a separate file, and have the admin put 
  that in conf/Catalina/[host]/[appName].xml after modifying the 
  site-specific attributes.
 I was afraid you say something like that, but to me that is why to 
 complicated/error prone...

I agree.  This always feels to me like telling someone that he can
configure his word processor by using a binary editor on the
executable.  Customers should never have to put their fingers inside
the app; it should get customer-specific information from some place
whose location is told to it at startup.

-- 
Mark H. Wood, Lead System Programmer   mw...@iupui.edu
Balance your desire for bells and whistles with the reality that only a 
little more than 2 percent of world population has broadband.
-- Ledford and Tyler, _Google Analytics 2.0_


pgpwUHUXGxhao.pgp
Description: PGP signature

Re: tomcat 6.0 404 error only on firefox due to backslashes?

On 10/06/2010 15:41, mamalacation wrote:
 
 Dear all,
 
 I had to setup a Windows 2008r2 box running tomcat 6.0.26 in a virtual
 machine, in order to see if a project/site from a windows 2003 SP2 and
 tomcat 5.0 could run on it. During the upgrade process everything worked
 well (after a few tricks), except from one thing (at this point I have to
 declare that I am no tomcat/Windows expert!):
 
 The site has a place where people can download files from. When it displays
 the files to be downloaded, it contains a hyperlink containing backslashes
 in their names. Once a user clicks on those hyperlinks (using firefox), a
 new tab is created and a blank page is displayed. The address bar shows the
 link containing the backslashes. If I change them to frontslashes by hand,
 the file is downloaded. If I use firefox and click on the same links on the
 same site hosted on the older machine (tomcat 5, etc.), it works just fine.
 IE on the other hand works fine on both servers.
 
 I used a packet sniffer to intercept the packets and my results are as
 follows (server1 is the old server and server2 is the new):
 
 server1:
 
 GET /site/archive%5C150%5CdownloadFile%5C3535%5CLec-1.ppt HTTP/1.1
 Host: server1:8083
 User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.9.1.9)
 Gecko/20100526 Firefox/3.5.9
 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
 Accept-Language: en-us,en;q=0.5
 Accept-Encoding: gzip,deflate
 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
 Keep-Alive: 300
 Connection: keep-alive
 Referer:
 http://server1:8083/site/cms.downloadFile.data.do?method=jsplistPRMID=1020
 Cookie: JSESSIONID=71B2F50E3D20E9CD2812BE4635315C4E;
 __utma=55546303.157551831.1272378139.1274780984.1274887786.4;
 __utmz=55546303.1272378139.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
 If-Modified-Since: Tue, 17 Mar 2009 09:08:43 GMT
 If-None-Match: W/2693120-1237280923177
 
 
 HTTP/1.1 304 Not Modified
 Cache-Control: no-cache
 Expires: Thu, 01 Jan 1970 00:00:00 GMT
 Pragma: No-cache
 Date: Thu, 10 Jun 2010 13:20:39 GMT
 Server: Apache-Coyote/1.1
 
 
 
 server2:
 
 GET /site/archive%5C150%5CdownloadFile%5C3535%5CLec-1.ppt HTTP/1.1
 Host: server2:8083
 User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.9.1.9)
 Gecko/20100526 Firefox/3.5.9
 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
 Accept-Language: en-us,en;q=0.5
 Accept-Encoding: gzip,deflate
 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
 Keep-Alive: 300
 Connection: keep-alive
 Referer:
 http://server2:8083/site/cms.downloadFile.data.do?method=jsplistPRMID=1020
 Cookie: JSESSIONID=DD8FE273A842A3F922C1ABE9C2803DA8;
 __utma=55546303.157551831.1272378139.1274780984.1274887786.4;
 __utmz=55546303.1272378139.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
 
 
 HTTP/1.1 400 Bad Request
 Server: Apache-Coyote/1.1
 Content-Length: 0
 Date: Thu, 10 Jun 2010 13:20:38 GMT
 Connection: close
 
 
 The above transactions are intercepted firefox sessions from the same client
 to the two servers. One may notice that there are no practical differences
 other than the two headers regarding caching (If-Modified-Since and
 If-None-Match). Do be honest, I am not sure why the old server receives
 caching headers whereas the new one doesn't (the configuration of the old
 server was performed by other admins). Maybe the answer is hidden in this
 point...but I don't think so.
 
 Does anyone have a clue to what may be happening? I would very much like to
 set some configuration directive in tomcat that instructs it to treat
 backslashes in URIs as if they were frontslashes in order to stop this
 issue, but I cannot find such one.

Why not just fix the URLs?


p

 I Hope that somebody may help me in this.
 
 Thank you all for your time in advance!




signature.asc
Description: OpenPGP digital signature

Re: How to configure a web app


Mark H. Wood wrote:

On Wed, Jun 09, 2010 at 05:20:22PM +0200, Thomas Kloeber wrote:

Mark H. Wood wrote on 09.06.2010 17:03:

On Wed, Jun 09, 2010 at 04:19:17PM +0200, Thomas Kloeber wrote:
   

the problems I have are:

 * the IP address of the backing database is one of the parameters
   that needs to be configured (in context.xml), so I can't get any
   data from the db unless it is configured...
 * the other confgurables (SPNEGO and kerberos stuff)  are in web.xml
   and as long as they are not set up correct, my app won't start!
 * sounds like a catch 22 to me ...
 

Context parameter pointing to a properties file somewhere?  Then you
can put the settings wherever you want them, and move them anytime
with minimal fuss.  Install the app. outside of any appBase and use an
external Context file 
($CATALINA_BASE/conf/Catalina/hostname/contextname.xml)
  to point to it and provide the parameter's value:

   Context docBase='/some/where/myapp'
 Parameter name='configuration'
value='/some/where/else/myapp.properties'
description='where the configurables are'/
   /Context

You could just define the configurables as separate Parameters, but I
would keep them separated from configuration of the servlet container
(which the above is) if possible.  Tastes vary.
   
sounds like a good idea, but what about the web.xml stuff? Can I use 
some redirection there as well?


I guess I don't understand why web.xml must be customized at all.
In Tomcat, Resources can be configured in a Context; Environment
entries can be made in a Context; initialization parameters can
be set in a Context.  Is there something else?  And Tomcat allows
you to place the Context declaration outside of the app. as noted above.


Caldarale, Charles R wrote on 09.06.2010 17:04:

how do you make changes in context.xml inside archive?
 

Unpack it with the jar utility, update, repack.  Alternatively, you can supply 
theContext  element in a separate file, and have the admin put that in 
conf/Catalina/[host]/[appName].xml after modifying the site-specific attributes.
I was afraid you say something like that, but to me that is why to 
complicated/error prone...


I agree.  This always feels to me like telling someone that he can
configure his word processor by using a binary editor on the
executable.  Customers should never have to put their fingers inside
the app; it should get customer-specific information from some place
whose location is told to it at startup.



Let me speak for the OP, and for others like me who do not necessarily 
write the applications and filters which they are installing on customer 
systems.
Sometimes, you have to deal with such third-party modules, which have to 
be used e.g. as a servlet filter in conjunction with your own 
application.  And sometimes, these third-party modules are like they are 
and you cannot change their code.  And sometimes, they require some 
site-specific parameters, which they expect to be in their respective 
filter section inside the application's web.xml file.
A typical example in my case is authentication servlet filters, which 
require for example a domain name or a domain controller address which 
is specific to each given customer.
If at the same time you have a customer who insists on receiving war 
files for application updates, you're cooked, because you have to build 
a customer-specific war file every time.


One suggestion I have in the case of Tomcat - and unfortunately only in 
the case of Tomcat - would be an extension mechanism to the web.xml 
file, which would allow some form of include in the web.xml.
(And maybe this would not be an extension, nor a Tomcat-specific thing, 
if XML per se already allowed such things).

Then one could insert in web.xml something like this :
...
filter
filter-nameNtlmHttpFilter/filter-name
filter-classjcifs.http.NtlmHttpFilter/filter-class

  !-- %%include-fragment: /some/path/local/to/customer/localparams.xml 
%% --


...
/filter
...

and in localparams.xml one would have e.g. :

fragment
init-param
param-namejcifs.smb.client.domain/param-name
param-valueEU/param-value
/init-param
/fragment

(The above example being from some obsolete and no longer recommendable 
piece of software).


Is something like that possible ?

Because then, you could set up the localparams.xml file once for a given 
customer (and it would even be easy for them to edit it if needed), and 
supply them in the future with updated war files which would always be 
indentical for all customers, and this without having to modify the 
third-party filter code (which is not necessarily open-source).



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: tomcat 6.0 404 error only on firefox due to backslashes?




Pid * wrote:
 
 
 Why not just fix the URLs?
 
 p
 
  
 

I am not sure what you mean by saying fix the URLs, but in the meantime I
found out how to set the option org.apache.catalina.connector.
CoyoteAdapter.ALLOW_BACKSLASH=true in conf/catalina.properties, so now it
almost works! It starts downloading the file, but the filename to be saved
is path\to\file.ext  instead of file.ext.

Does anybody know how this can be fixed?
-- 
View this message in context: 
http://old.nabble.com/tomcat-6.0-404-error-only-on-firefox-due-to-backslashes--tp28844040p28845001.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: tomcat 6.0 404 error only on firefox due to backslashes?


mamalacation wrote:



Pid * wrote:


Why not just fix the URLs?

p

 



I am not sure what you mean by saying fix the URLs, but in the meantime I
found out how to set the option org.apache.catalina.connector.
CoyoteAdapter.ALLOW_BACKSLASH=true in conf/catalina.properties, so now it
almost works! It starts downloading the file, but the filename to be saved
is path\to\file.ext  instead of file.ext.

Does anybody know how this can be fixed?


No. But before you find a solution and create a big security issue, I 
suggest that from now on you check this with different browsers, and 
particularly different IE versions.


I think that the fix you found is really a kludge, in that it kind of 
works by making some pieces of software believe that this is an 
acceptable file name, while other pieces may see this as a file path.

But it seems *really* dangerous to me.

As pid indicated, you should fix the problem, not the symptom.
Or you will end up sorry, I am quite certain.

Fixing the URLs in this case means to replace the %5C's (escaped \) by 
escaped / characters, before you send the links to the browser.




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: tomcat 6.0 404 error only on firefox due to backslashes?

2010-06-10 Thread Ziggy

For security purposes, Mozilla applications block links to local files (and
directories) from remote files. This includes linking to files on your hard
drive, on mapped network drives, and accessible via Uniform Naming
Conventionhttp://en.wikipedia.org/wiki/Path_%28computing%29#Uniform_Naming_Convention(UNC)
paths. This
*prevents* a number of unpleasant possibilities, including:

- Allowing sites to detect your operating system by checking default
installation paths
- Allowing sites to exploit system vulnerabilities (e.g., C:\con\con in
Windows 95/98)
- Allowing sites to detect browser preferences or read sensitive data

See here for more info
http://kb.mozillazine.org/Links_to_local_pages_don%27t_work

--
Dini

On Thu, Jun 10, 2010 at 5:18 PM, André Warnier a...@ice-sa.com wrote:

mamalacation wrote:

Pid * wrote:

Why not just fix the URLs?

I am not sure what you mean by saying fix the URLs, but in the meantime
I
found out how to set the option org.apache.catalina.connector.
CoyoteAdapter.ALLOW_BACKSLASH=true in conf/catalina.properties, so now it
almost works! It starts downloading the file, but the filename to be saved
is path\to\file.ext instead of file.ext.

Does anybody know how this can be fixed?

No. But before you find a solution and create a big security issue, I
suggest that from now on you check this with different browsers, and
particularly different IE versions.

I think that the fix you found is really a kludge, in that it kind of
works by making some pieces of software believe that this is an acceptable
file name, while other pieces may see this as a file path.
But it seems *really* dangerous to me.

As pid indicated, you should fix the problem, not the symptom.
Or you will end up sorry, I am quite certain.

Fixing the URLs in this case means to replace the %5C's (escaped \) by
escaped / characters, before you send the links to the browser.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: tomcat 6.0 404 error only on firefox due to backslashes?

awarnier wrote:

No. But before you find a solution and create a big security issue, I
suggest that from now on you check this with different browsers, and
particularly different IE versions.

I think that the fix you found is really a kludge, in that it kind of
works by making some pieces of software believe that this is an
acceptable file name, while other pieces may see this as a file path.
But it seems *really* dangerous to me.

As pid indicated, you should fix the problem, not the symptom.
Or you will end up sorry, I am quite certain.

Fixing the URLs in this case means to replace the %5C's (escaped \) by
escaped / characters, before you send the links to the browser.

OK, now I understand what you mean by fixing the URLs. The problem with
this alternative, is that I have no access to the source code (which is
huge, by the way), and I wish to solve this issue through the
configuration-way (because I believe that the problem can be solved that
way) and not the code-way . That is because on tomcat 5 there is no issue
with the filenames, and hence I assumed that this should be the case with
tomcat 6 too.

On the other hand, you are right as far as security is concerned, and I
wouldn't want to impose any security holes by using this fix. I just
assume that there should be a rational solution to my problem, without
having to touch the sources and/or opening holes in my system.

Thank you for your answer and time.
--
View this message in context:
http://old.nabble.com/tomcat-6.0-404-error-only-on-firefox-due-to-backslashes--tp28844040p28845545.html
Sent from the Tomcat - User mailing list archive at Nabble.com.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: tomcat 6.0 404 error only on firefox due to backslashes?


mamalacation wrote:



awarnier wrote:


No. But before you find a solution and create a big security issue, I 
suggest that from now on you check this with different browsers, and 
particularly different IE versions.


I think that the fix you found is really a kludge, in that it kind of 
works by making some pieces of software believe that this is an 
acceptable file name, while other pieces may see this as a file path.

But it seems *really* dangerous to me.

As pid indicated, you should fix the problem, not the symptom.
Or you will end up sorry, I am quite certain.

Fixing the URLs in this case means to replace the %5C's (escaped \) by 
escaped / characters, before you send the links to the browser.





OK, now I understand what you mean by fixing the URLs. The problem with
this alternative, is that I have no access to the source code (which is
huge, by the way), and I wish to solve this issue through the
configuration-way (because I believe that the problem can be solved that
way) and not the code-way . That is because on tomcat 5 there is no issue
with the filenames, and hence I assumed that this should be the case with
tomcat 6 too.

On the other hand, you are right as far as security is concerned, and I
wouldn't want to impose any security holes by using this fix. 


The potential issue here is that if the filename comes from the server 
as \windows\system32\some.dll, and the user just clicks on OK, and 
some buggy version of a browser just does it, you may get some very 
unhappy users.


I just

assume that there should be a rational solution to my problem, without
having to touch the sources and/or opening holes in my system.


That is not so sure.
I have not checked this (and it would require some work) but it is at 
least possible that this difference in behaviour between Tomcat 5.x and 
6.x is the result of a change made explicitly to avoid such a security 
issue.  In such a case, I would not expect that there would be any 
configuration possibility at the server level in Tomcat 6.x that would 
allow you to do something that is fundamentally incorrect.
It is also possible that this was a bug in Tomcat 5.x, and that this bug 
has been fixed in a later version of Tomcat 5.x, but not in the version 
you  are running on the old server.


The basic problem here seems to be at the application level, which 
creates invalid URL links to documents on the server. (At least I think 
they are invalid, and that even if the server is a Windows server, URLs 
pointing to server files should still have / as the path separator).
So you should first complain to the application developers, and ask them 
to fix their application.
I know that this is not necessarily easy, but asking the Tomcat 
developers to provide an option which /might/ create a security issue is 
not going to be any easier.


Otherwise, you /may/ still have a couple of options.
One of them would be this :
http://tuckey.org/urlrewrite/
which may allow you to catch these URLs early, and flip their slashes 
before letting Tomcat try to serve the document.
But I do not know if it would see the original URL soon enough to avoid 
the Tomcat error.


If not, then you could try an Apache httpd with mod_rewrite, in front of 
your Tomcat.  But maybe Apache httpd also rejects these URLs early.




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: HyperLink Office connection


Hi.

I am glad that you found a solution that works for you, and maybe the 
most important at this point is that it quickly solves your problem.


About the solution below however, I want to point out that it is rather 
expensive in many respects, and I hope that this is not supposed to be 
a high-volume server.

What is happening in your schema is :
- Word requests a page by sending a HTTP request to the server 
(directly, or going through some IE functionality)

- the server gets the request
- the server starts a new separate perl interpreter process
- the perl interpreter compiles your script
- the perl interpreter runs your script, producing the initial html 
response, and exits

- Apache reads the response from perl and sends it to the browser
- the browser (or Word) receives the html page
- the browser (or Word) interprets the refresh header, and makes a new 
request to the server

- the server now processes what should have been the original request

I am a fan of Apache and perl myself, but you may want to revise this a 
bit if this is supposed to handle many clients.



antonio giulio wrote:

Hi Andre',

thanks for the offer, you are right, at this point is off-topic,
anyway I solved (sorry for the OT) all in Apache-httpd:

on the virtual host configuration:

RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule (.*)  https://%{HTTP_HOST}/cgi-bin/redirect.pl$1

and the simple redirect.pl in the cgi-bin/ is:

#!/usr/bin/perl
$uri = $ENV{'REQUEST_URI'};
$context = substr $uri, 27;
$url = https://$ENV{'HTTP_HOST'}$context;

print Content-type:text/html\r\n\r\n;
print html;
print head;
print meta http-equiv=\refresh\ content=\0;url=$url\ /;
print /head;
print body;
print /body;
print /html;

1;

basically the address:

http://mycompany.com/rest_of_the_url

is redirect from the RewriteRule to:

https://mycompany.com/cgi-bin/redirect.pl/rest_of_the_url

and the redirect.pl just retrieve rest_of_the_url string and compose
the new string.
The html returned has:

meta http-equiv=\refresh\ content=\0;url=$url\ /

meta-refresh sends back to Office/Word 200, and this time Office can
open correctly the browser returned in the meta /

Thanks,
Julio

On 10 June 2010 11:52, André Warnier a...@ice-sa.com wrote:

antonio giulio wrote:

N.B.  If Office is handling the connection requests up to some step,
then Tomcat can't do anything about it - the problem is occuring before
Tomcat has any influence over the situation.

Yes, Unfortunely I think you are right. A solution maybe could be
writing a CGI for Apache and redirect there the connection and change
HTTP-headers to communicate with Office.


Julio,
I also believe that this is a bit off-topic for this list.
But what you are trying to do does not seem very exotic, and I am interested
in the topic, and I think that I can help you.
So if you want to continue this discussion off-list, send me an email
directly.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: How to configure a web app

On 10/06/2010 16:43, André Warnier wrote:
 
 If at the same time you have a customer who insists on receiving war
 files for application updates, you're cooked, because you have to build
 a customer-specific war file every time.

This might be /tedious/, but it's not /hard/.  If it was something that
occurs frequently enough to be a problem, then I'd incorporate it into
my build system and generate multiple .war files, each in the their own
directory with whatever else you might need to send out with a release.

It's not so difficult to do that with Ant (or Maven I'd imagine).


p

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 




signature.asc
Description: OpenPGP digital signature

Re: How to configure a web app

2010/6/10 André Warnier a...@ice-sa.com:

 Let me speak for the OP, and for others like me who do not necessarily write
 the applications and filters which they are installing on customer systems.
 Sometimes, you have to deal with such third-party modules, which have to be
 used e.g. as a servlet filter in conjunction with your own application.  And
 sometimes, these third-party modules are like they are and you cannot change
 their code.  And sometimes, they require some site-specific parameters,
 which they expect to be in their respective filter section inside the
 application's web.xml file.
 A typical example in my case is authentication servlet filters, which
 require for example a domain name or a domain controller address which is
 specific to each given customer.
 If at the same time you have a customer who insists on receiving war files
 for application updates, you're cooked, because you have to build a
 customer-specific war file every time.

 One suggestion I have in the case of Tomcat - and unfortunately only in the
 case of Tomcat - would be an extension mechanism to the web.xml file, which
 would allow some form of include in the web.xml.
 (And maybe this would not be an extension, nor a Tomcat-specific thing, if
 XML per se already allowed such things).
 Then one could insert in web.xml something like this :
 ...

Servlet 3.0 defines support for web fragments. Already implemented
in Tomcat 7.

That allows to pack servlets + web.xml fragment + static resources or
JSPs in a jar file to be placed in WEB-INF/lib,
 and web.xml and resources in your war file will take precedence over
ones in those jars, allowing you to customize it for your needs.

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: HyperLink Office connection

2010-06-10 Thread antonio giulio

Hi Andrè,

yes I know the route is very long tho at this point I don't see many
alternatives.
The 200 returned to Office with the same path of the first request
(changing http to https) make it working with one session only.
I have not the Office's specification for this communication (maybe
are closed cos I didn't find anything about it) but I suspect that
every value returned but 200 cause Office creates a new session and
if you close the communication after the first request, Word returns
an error-popup about connection (no good for the customers of course).

The only points where I can see possible improvements are:

1) Avoiding CGI, and working directly in the httpd.conf with some
mod_* (I don't know what)
2) Using C instead of Perl for the CGI
3) Some way to pass through Tomcat and maybe the application (but I
cannot see a real gain respect to the CGI)

Any hints?

On 10 June 2010 18:36, André Warnier a...@ice-sa.com wrote:
 Hi.

 I am glad that you found a solution that works for you, and maybe the most
 important at this point is that it quickly solves your problem.

 About the solution below however, I want to point out that it is rather
 expensive in many respects, and I hope that this is not supposed to be a
 high-volume server.
 What is happening in your schema is :
 - Word requests a page by sending a HTTP request to the server (directly, or
 going through some IE functionality)
 - the server gets the request
 - the server starts a new separate perl interpreter process
 - the perl interpreter compiles your script
 - the perl interpreter runs your script, producing the initial html
 response, and exits
 - Apache reads the response from perl and sends it to the browser
 - the browser (or Word) receives the html page
 - the browser (or Word) interprets the refresh header, and makes a new
 request to the server
 - the server now processes what should have been the original request

 I am a fan of Apache and perl myself, but you may want to revise this a bit
 if this is supposed to handle many clients.


 antonio giulio wrote:

 Hi Andre',

 thanks for the offer, you are right, at this point is off-topic,
 anyway I solved (sorry for the OT) all in Apache-httpd:

 on the virtual host configuration:

 RewriteEngine on
 ReWriteCond %{SERVER_PORT} !^443$
 RewriteRule (.*)  https://%{HTTP_HOST}/cgi-bin/redirect.pl$1

 and the simple redirect.pl in the cgi-bin/ is:

 #!/usr/bin/perl
 $uri = $ENV{'REQUEST_URI'};
 $context = substr $uri, 27;
 $url = https://$ENV{'HTTP_HOST'}$context;

 print Content-type:text/html\r\n\r\n;
 print html;
 print head;
 print meta http-equiv=\refresh\ content=\0;url=$url\ /;
 print /head;
 print body;
 print /body;
 print /html;

 1;

 basically the address:

 http://mycompany.com/rest_of_the_url

 is redirect from the RewriteRule to:

 https://mycompany.com/cgi-bin/redirect.pl/rest_of_the_url

 and the redirect.pl just retrieve rest_of_the_url string and compose
 the new string.
 The html returned has:

 meta http-equiv=\refresh\ content=\0;url=$url\ /

 meta-refresh sends back to Office/Word 200, and this time Office can
 open correctly the browser returned in the meta /

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: How to configure a web app

On 10/06/2010 20:52, André Warnier wrote:
 Does there exist *any* way to put the actual values value1, value2,
 etc.. in some place *outside* the web.xml file, and *outside* the war
 that would be created for this application, and still allow the
 application, on startup, to read the values of these parameters from
 web.xml ?

Yes.

 And if yes, is this Tomcat-specific, or servlet-engine-generic ?

Tomcat specific.

Any xml configuration file processed by the digester (server.xml, global
and application context.xml, global and application web,xml) can use ant
style property replacement.

Use ${myproperty} in the xml file and in
$CATALINA_BASE/conf/catalina.properties use:
myproperty=realvalue

There are some restrictions on exactly how you can use this. It
certainly works for attribute values, it may work for
value${...}/value as well - I haven't tested it or checked the code
to see exactrly how it works.

Mark



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: How to configure a web app


Mark Thomas wrote:

On 10/06/2010 20:52, André Warnier wrote:

Does there exist *any* way to put the actual values value1, value2,
etc.. in some place *outside* the web.xml file, and *outside* the war
that would be created for this application, and still allow the
application, on startup, to read the values of these parameters from
web.xml ?


Yes.


And if yes, is this Tomcat-specific, or servlet-engine-generic ?


Tomcat specific.

Any xml configuration file processed by the digester (server.xml, global
and application context.xml, global and application web,xml) can use ant
style property replacement.

Use ${myproperty} in the xml file and in
$CATALINA_BASE/conf/catalina.properties use:
myproperty=realvalue

There are some restrictions on exactly how you can use this. It
certainly works for attribute values, it may work for
value${...}/value as well - I haven't tested it or checked the code
to see exactrly how it works.


Thanks, Mark.
I will test that.
If this works, then I think that it would be an answer in line with what 
the original OP was looking for, and me too.




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: How to configure a web app


Konstantin Kolinko wrote:

2010/6/10 André Warnier a...@ice-sa.com:

Let me speak for the OP, and for others like me who do not necessarily write
the applications and filters which they are installing on customer systems.
Sometimes, you have to deal with such third-party modules, which have to be
used e.g. as a servlet filter in conjunction with your own application.  And
sometimes, these third-party modules are like they are and you cannot change
their code.  And sometimes, they require some site-specific parameters,
which they expect to be in their respective filter section inside the
application's web.xml file.
A typical example in my case is authentication servlet filters, which
require for example a domain name or a domain controller address which is
specific to each given customer.
If at the same time you have a customer who insists on receiving war files
for application updates, you're cooked, because you have to build a
customer-specific war file every time.

One suggestion I have in the case of Tomcat - and unfortunately only in the
case of Tomcat - would be an extension mechanism to the web.xml file, which
would allow some form of include in the web.xml.
(And maybe this would not be an extension, nor a Tomcat-specific thing, if
XML per se already allowed such things).
Then one could insert in web.xml something like this :
...


Servlet 3.0 defines support for web fragments. Already implemented
in Tomcat 7.

That allows to pack servlets + web.xml fragment + static resources or
JSPs in a jar file to be placed in WEB-INF/lib,
 and web.xml and resources in your war file will take precedence over
ones in those jars, allowing you to customize it for your needs.


Konstantin,
if I understand this correctly, then it still means that the fragments 
in question are inside the webapp file hierarchy, thus if you create a 
war file, these fragments are inside also.

Which leaves the same problem as I explain above, no ?

And to *pid : yes, I know it is not difficult, but it is tedious.  And 
the point is avoiding the tedious bit.  And it makes all the difference 
between posting one war file on a website, where all customers can 
download it, or creating and posting umpteen individual war files, one 
per customer, in individual download directories.


Let me phrase the question another way then.
Assuming that some rogue application or filter *requires* site-specific 
parameters in web.xml, normally like so :


...
   init-param
param-nameparameter1/param-name
param-valuevalue1/param-value
/init-param
   init-param
param-nameparameter2/param-name
param-valuevalue2/param-value
/init-param

 etc..

Does there exist *any* way to put the actual values value1, value2, 
etc.. in some place *outside* the web.xml file, and *outside* the war 
that would be created for this application, and still allow the 
application, on startup, to read the values of these parameters from 
web.xml ?

Like for example :

   init-param
param-nameparameter1/param-name
param-value${value1}/param-value
/init-param
   init-param
param-nameparameter2/param-name
param-value${value2}/param-value
/init-param

where value1, value2 would be the names of some kind of variables, 
defined elsewhere ?


And if yes, is this Tomcat-specific, or servlet-engine-generic ?
And if no, is this because the Servlet Spec explicitly forbids this, or 
is it because nobody thought about this before ?




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: How to configure a web app

2010-06-10 Thread David kerber


On 6/10/2010 3:52 PM, André Warnier wrote:

...



Does there exist *any* way to put the actual values value1, value2,
etc.. in some place *outside* the web.xml file, and *outside* the war
that would be created for this application, and still allow the
application, on startup, to read the values of these parameters from
web.xml ?


How early is on startup for your purposes?  Will it be early enough if 
you read them in from a servletContextListener?  That's where I pull in 
my external properties files, and is executed pretty early in the tomcat 
startup sequence.  Certainly before anybody can try to log into it.


D

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: HTTP Status 408!

On 10/06/2010 15:39, neo21 zerro wrote:
 
 Yes I am requesting a protected resource but I don't know why is this 
 happening.
 
 
  I've tried to set all sort of cookies in my browser but nothing 
 works.The problem is that I'm not using jsp like Pid said 
 and I think I should try to use jsp...for my login page.
  Are there other versions of Tomcat ? I mean newer versions, like 7 ?

That assumes a) there is a bug in Tomcat and b) that it is fixed in a
newer version of 6.0.26.

I have yet to see any evidence in this thread that there is a bug in Tomcat.

Mark



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: HTTP Status 408!

2010/6/10 neo21 zerro neo21_ze...@yahoo.com:
     Are there other versions of Tomcat ? I mean newer versions, like 7 ?


There is RC 4 build of Tomcat 7 available for testing.  See a thread on d...@.

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: How to configure a web app


David kerber wrote:

On 6/10/2010 3:52 PM, André Warnier wrote:

...



Does there exist *any* way to put the actual values value1, value2,
etc.. in some place *outside* the web.xml file, and *outside* the war
that would be created for this application, and still allow the
application, on startup, to read the values of these parameters from
web.xml ?


How early is on startup for your purposes?  Will it be early enough if 
you read them in from a servletContextListener?  That's where I pull in 
my external properties files, and is executed pretty early in the tomcat 
startup sequence.  Certainly before anybody can try to log into it.



David,
the point here is : this is unknown, because these parameters are being 
read (in some cases) by applications or filters which we did not write 
ourselves and do not have the source of.
That is also why they *must* be in web.xml as opposed to somewhere 
else more practical : because the application/filter manual says that 
this is where they should be, and we cannot change that.


So we are looking for something transparent to an application/filter, 
without changing the code of that application/filter.



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Connection is closed when CometEvent.close is called during an event

2010/6/8 Reich, Matthias matthias.re...@siemens-enterprise.com:
 I modified the code (in 6.0.20 and 6.0.26) so that the error flag is not set.
 With that change Tomcat kept the connection open:

 ...
    if (response.isClosed() || !request.isComet()) {
        if (status==SocketStatus.OPEN) {
        //CometEvent.close was called during an event.
        request.getEvent().setEventType(CometEvent.EventType.END);
        request.getEvent().setEventSubType(null);

 // don't set the error flag here - otherwise the connection will be closed
 // whenever a long poll is answered already during event handling:
        // error = true;


1. I think that I do not understand you. What is your meaning of long
poll? Can you describe your situation as a sequence of events how
they occur step-by-step on a timeline?

2. The above fragment when using Comet should be equivalent to

if (response.isClosed()) {
if (status==SocketStatus.OPEN) {
//CometEvent.close was called during an event.
request.getEvent().setEventType(CometEvent.EventType.END);
request.getEvent().setEventSubType(null);

 // don't set the error flag here - otherwise the connection will be closed
 // whenever a long poll is answered already during event handling:
// error = true;


Response#isClosed():
public boolean isClosed() {
return outputBuffer.isClosed();
}

If you will not be able to send your answer, why not to close the
socket right away?

3. It would be much more readable, if you provided your changes in the
unified diff format. (even better if it were generated with svn diff
command against sources retrieved from svn).


Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: EL 2.2 in Tomcat 7 RC1/RC2 does not fully support method invocation, such as #{helloWorldController.doSomething(helloWorldModel)}

On 10/06/2010 14:42, John Wu wrote:
 
 Hi Mark,
 
 The fix of to derive the type directly from the value which ... sounds not
 a solution. In a slightly more complex scenario, the fix still fails.
 
 Say the method signature is public * theMethod(TheSupperType o) and
 calling the method in EL like
 #{theClassInstance.theMethod(theDerivedTypeInstance)}, where the supper
 type can be a supper class or an interface, your fix fails.

super has one p, not two.

I looked at the current code and the spec again. There is no need for
any of this complexity. The exact types are defined when the method
expression is created. I'm not sure why I was trying to derive them at
invocation time when they were already available.

I have added a test case, modified the implementation and checked the
new code with the EL TCK and all looks to be OK.

Mark

 
 Example project attached.
 
 My suggestion as to the solution of resolving which method to call:
 . Retrieve all methods of *theClassInstance*, and put them into the
 CANDIDATES collection;
 
 // Search a match by method name
 . For each method in CANDIDATES,
. if the name is not *theMethod*, remove it from CANDIDATES
 . If CANDIDATES is empty, then NOT-FOUND;
 . else if only one is left, then FOUND;
 
 // Search a match by params count
 . else, count the number of actual params,
 . For each method in CANDIDATES,
. if the number of formal params does not match that of actual params,
 remove it from CANDIDATES
. // Optoional, handle cases of method has variable number of arguments
 . If CANDIDATES is empty, then NOT-FOUND;
 . else if only one is left, then FOUND;
 
 // Search a match by param types
 . else, evaluate all actual params;
 . For each method in CANDIDATES,
. if NOT( for-each formalParamType.isAssignableFrom(actualParamType) ),
 remove it from CANDIDATES
. // Optoional, handle cases of method has variable number of arguments
 . If CANDIDATES is empty, then NOT-FOUND;
 . else if only one is left, then FOUND;
 
 . else, AMBIGUOUS
 
 
 John Wu
 http://old.nabble.com/file/p28843317/jsf-2.0-el-2.2.testcase-v2.zip
 jsf-2.0-el-2.2.testcase-v2.zip 




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Connection is closed when CometEvent.close is called during an event

2010-06-10 Thread Reich, Matthias

On 10/06/2010 9:49 PM, Konstantin Kolinko wrote: 
 2010/6/8 Reich, Matthias:
  I modified the code (in 6.0.20 and 6.0.26) so that the 
 error flag is not set.
  With that change Tomcat kept the connection open:
 
  ...
     if (response.isClosed() || !request.isComet()) {
         if (status==SocketStatus.OPEN) {
         //CometEvent.close was called during an event.
         request.getEvent().setEventType(CometEvent.EventType.END);
         request.getEvent().setEventSubType(null);
 
  // don't set the error flag here - otherwise the connection 
 will be closed
  // whenever a long poll is answered already during event handling:
         // error = true;
 
 
 1. I think that I do not understand you. What is your meaning of long
 poll? Can you describe your situation as a sequence of events how
 they occur step-by-step on a timeline?

The concept of long poll is e.g. described in
http://www.javaworld.com/javaworld/jw-03-2008/jw-03-asynchhttp.html?page=6

The sequence of events in my situation is as follows:
- a poll request is received by the server
- the CoyoteAdapter.service method is called and in turn
  invokes the servlet's event method with a BEGIN event 
- request.isComet() is still true when the control returns 
  to the CoyoteAdapter.service method 
- some other thread writes a response and closes the Writer
  of the response
- the CoyoteAdapter.event method is called and in turn 
  invokes the servlet's event method with an END event
- the servlet calls event.close()
- when the control returns to the CoyoteAdapter.event method
  we have exactly this situation:
  response.isClosed()  !request.isComet()  status==SocketStatus.OPEN
- thus, if the error flag is set in this situation, 
  the connection will be closed, and a new connection must be opened
  by the browser for the subsequent poll request 

According to the above sequence I would expect that the connection
is always closed if request.isComet() is still true when control
returns to the CoyoteAdapter.service method after processing
the BEGIN event -  no matter how long it takes from then
until the response is written. 
Surprisingly, I did not always observe this.

Anyway, if the error flag is not set in this situation, 
the connection is kept open.


 
 2. The above fragment when using Comet should be equivalent to
 
 if (response.isClosed()) {
 if (status==SocketStatus.OPEN) {
 //CometEvent.close was called during an event.
 request.getEvent().setEventType(CometEvent.EventType.END);
 request.getEvent().setEventSubType(null);
 
  // don't set the error flag here - otherwise the connection 
 will be closed
  // whenever a long poll is answered already during event handling:
 // error = true;
 
 
 Response#isClosed():
 public boolean isClosed() {
 return outputBuffer.isClosed();
 }

No, it is not equivalent: response.isClosed() is true after closing
the Writer or OutputStream, whereas request.isComet() is true 
until event.close() is called.

 
 If you will not be able to send your answer, why not to close the
 socket right away?

I was able to send the answer and would like to use the connection 
also for the next poll request. (or for some other request 
the browser decides to send through this connection)

 
 3. It would be much more readable, if you provided your changes in the
 unified diff format. (even better if it were generated with svn diff
 command against sources retrieved from svn).
 

--- 
C:\DOCUME~1\rm041693\LOCALS~1\Temp\CoyoteAdapter.java-revBASE.svn001.tmp.java   
Do Jun 10 22:22:20 2010
+++ 
D:\tomcat\TOMCAT_6_0_26\java\org\apache\catalina\connector\CoyoteAdapter.java   
Mo Jun  7 17:30:23 2010
@@ -215,7 +215,9 @@
 //CometEvent.close was called during an event.
 
request.getEvent().setEventType(CometEvent.EventType.END);
 request.getEvent().setEventSubType(null);
-error = true;
+// don't set the error flag - otherwise the socket 
will be closed 
+// whenever CometEvent.close is called during the event
+// error = true;
 
connector.getContainer().getPipeline().getFirst().event(request, response, 
request.getEvent());
 }
 res.action(ActionCode.ACTION_COMET_END, null);

 
 Best regards,
 Konstantin Kolinko
 

Regards,
Matthias 

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: EL 2.2 in Tomcat 7 RC1/RC2 does not fully support method invocation, such as #{helloWorldController.doSomething(helloWorldModel)}

2010-06-10 Thread John Wu


That sounds even better. I'm looking forward to test the modified impl in the
next RC/release.


Mark Thomas wrote:
 
 On 10/06/2010 14:42, John Wu wrote:
 
 Hi Mark,
 
 The fix of to derive the type directly from the value which ... sounds
 not
 a solution. In a slightly more complex scenario, the fix still fails.
 
 Say the method signature is public * theMethod(TheSupperType o) and
 calling the method in EL like
 #{theClassInstance.theMethod(theDerivedTypeInstance)}, where the supper
 type can be a supper class or an interface, your fix fails.
 
 super has one p, not two.
 
 I looked at the current code and the spec again. There is no need for
 any of this complexity. The exact types are defined when the method
 expression is created. I'm not sure why I was trying to derive them at
 invocation time when they were already available.
 
 I have added a test case, modified the implementation and checked the
 new code with the EL TCK and all looks to be OK.
 
 Mark
 
 
 Example project attached.
 
 My suggestion as to the solution of resolving which method to call:
 . Retrieve all methods of *theClassInstance*, and put them into the
 CANDIDATES collection;
 
 // Search a match by method name
 . For each method in CANDIDATES,
. if the name is not *theMethod*, remove it from CANDIDATES
 . If CANDIDATES is empty, then NOT-FOUND;
 . else if only one is left, then FOUND;
 
 // Search a match by params count
 . else, count the number of actual params,
 . For each method in CANDIDATES,
. if the number of formal params does not match that of actual params,
 remove it from CANDIDATES
. // Optoional, handle cases of method has variable number of
 arguments
 . If CANDIDATES is empty, then NOT-FOUND;
 . else if only one is left, then FOUND;
 
 // Search a match by param types
 . else, evaluate all actual params;
 . For each method in CANDIDATES,
. if NOT( for-each formalParamType.isAssignableFrom(actualParamType)
 ),
 remove it from CANDIDATES
. // Optoional, handle cases of method has variable number of
 arguments
 . If CANDIDATES is empty, then NOT-FOUND;
 . else if only one is left, then FOUND;
 
 . else, AMBIGUOUS
 
 
 John Wu
 http://old.nabble.com/file/p28843317/jsf-2.0-el-2.2.testcase-v2.zip
 jsf-2.0-el-2.2.testcase-v2.zip 
 
 
 
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 
 
 

-- 
View this message in context: 
http://old.nabble.com/EL-2.2-in-Tomcat-7-RC1-RC2-does-not-fully-support-method-invocation%2C-such-as-%22-%7BhelloWorldController.doSomething%28helloWorldModel%29%7D%22-tp28671969p28850494.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Question about licensincing of tomcat 6 latest

2010-06-10 Thread kartikey . shukla




Dear Sir/Madam ,

We are devloping a web application . We will use tomcat6 as web
container for our product .

We want package tomcat server with our build . Can you please tell me
what is licensing policy for packaging tomcat server .

Waiting for your warm reply .

Thanks
Kartikey





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Connection is closed when CometEvent.close is called during an event