Re: Apache Tomcat 8.0.0-RC1 release vote started
Am 2013-08-01 22:59, schrieb Mark Thomas: If you'd like early sight of Tomcat 8 and an opportunity to contribute to Tomcat development, the release vote has now opened for the first Tomcat 8 release candidate. Features include: -[...] - Update to DBCP2 (now includes JMX monitoring) ^ Why if we do have the wonderful Tomcat JDBC Pool? Can't we get rid of that relic? Michael - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Apache Tomcat 8.0.0-RC1 release vote started
Michael-O 1983-01...@gmx.net wrote: Am 2013-08-01 22:59, schrieb Mark Thomas: If you'd like early sight of Tomcat 8 and an opportunity to contribute to Tomcat development, the release vote has now opened for the first Tomcat 8 release candidate. Features include: -[...] - Update to DBCP2 (now includes JMX monitoring) ^ Why if we do have the wonderful Tomcat JDBC Pool? 1. Choice (we ship both). 2. Features (DBCP covers more edge cases). 3. Maintainability. There is more chance of a DBCP fix at the moment. That should change when Filip returns. 4. Performance they should be much closer but I suspect Tomcat JDBC will be faster (those edge cases again). Can't we get rid of that relic? We could but I would not support such a move. (Relic? Hardly.) Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Problem with getRealPath() on Tomcat 8
Hi, I am just testing Tomcat 8.0.0-RC1 that is proposed for (Alpha) release. I noticed that (unlike Tomcat 7.0.42) this version throws IllegalArgumentException upon calling ServletContext.getRealPath(). It seems that TC8 expects that argument provided to getRealPath is non-empty string. The code that tries to execute getRealPath with empty argument is not mine, it is from Apache Axis2 1.6.2 (latest production release). Now, I could file a bug with Axis2, but I am actually not sure is it really necessary that getRealPath argument is non-empty string? -Ognjen P.S. More details below. Stack trace: [ERROR] java.lang.IllegalArgumentException java.lang.IllegalArgumentException at org.apache.catalina.webresources.AbstractResourceSet.checkPath(AbstractResourceSet.java:39) at org.apache.catalina.webresources.DirResourceSet.getResource(DirResourceSet.java:91) at org.apache.catalina.webresources.StandardRoot.getResourceInternal(StandardRoot.java:176) at org.apache.catalina.webresources.CachedResource.validate(CachedResource.java:62) at org.apache.catalina.webresources.Cache.getResource(Cache.java:78) at org.apache.catalina.webresources.StandardRoot.getResource(StandardRoot.java:163) at org.apache.catalina.core.StandardContext.getRealPath(StandardContext.java:4528) at org.apache.catalina.core.ApplicationContext.getRealPath(ApplicationContext.java:398) at org.apache.catalina.core.ApplicationContextFacade.getRealPath(ApplicationContextFacade.java:335) at org.apache.axis2.deployment.WarBasedAxisConfigurator.init(WarBasedAxisConfigurator.java:103) at org.apache.axis2.transport.http.AxisServlet.initConfigContext(AxisServlet.java:584) at org.apache.axis2.transport.http.AxisServlet.init(AxisServlet.java:454) at org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1235) at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1148) at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1044) at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5025) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5322) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:726) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:702) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:698) at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:968) at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1742) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) at java.util.concurrent.FutureTask.run(FutureTask.java:166) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:724) -- Axis2 code (WarBasedAxisConfigurator.java:103-106): 103:String webpath = config.getServletContext().getRealPath(); 104:if (webpath == null || webpath.length() == 0) { 105:webpath = config.getServletContext().getRealPath(/); 106:} -- Tomcat 8 code throwing the exception (AbstractResourceSet.java:37-41): protected final void checkPath(String path) { if (path == null || path.length() == 0 || path.charAt(0) != '/') { throw new IllegalArgumentException(); } } - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Cert
Hello, I am using Tomcat 7 on a windows server 2012 build for this: https://wiki.jasig.org/display/CASUM/Best+Practice+-+Setting+Up+CAS+Locally+using+the+Maven2+WAR+Overlay+Method I don't think SSL is not working correctly because every time I try to authenticate over LDAPS it does not work. I created a .csr and a .jks using the java keytool. I got a cert using my .csr file from digicert by downloading it to a .p7b file. I imported the .p7b file to my %jave_home%\bin\mykeystore.jks. I then download from digicert the same cert but in a .pem file and imported the file to my %jave_home5\jre\lib\security\cacerts. Did I miss something here, do you need any other info? Thank you, Kyle
Re: Problem with getRealPath() on Tomcat 8
Ognjen Blagojevic ognjen.d.blagoje...@gmail.com wrote: Hi, I am just testing Tomcat 8.0.0-RC1 that is proposed for (Alpha) release. I noticed that (unlike Tomcat 7.0.42) this version throws IllegalArgumentException upon calling ServletContext.getRealPath(). That looks like a bug in the new resources implementation. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Problem with getRealPath() on Tomcat 8
Mark, On 2.8.2013 13:33, Mark Thomas wrote: I noticed that (unlike Tomcat 7.0.42) this version throws IllegalArgumentException upon calling ServletContext.getRealPath(). That looks like a bug in the new resources implementation. Thank you for your prompt response. I filed a bug: https://issues.apache.org/bugzilla/show_bug.cgi?id=55345 -Ognjen - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Cert
On Aug 2, 2013, at 7:33 AM, Kyle Shattuck ky...@montcalm.edu wrote: Hello, I am using Tomcat 7 on a windows server 2012 build for this: https://wiki.jasig.org/display/CASUM/Best+Practice+-+Setting+Up+CAS+Locally+using+the+Maven2+WAR+Overlay+Method I don't think SSL is not working correctly because every time I try to authenticate over LDAPS it does not work. What part of this doesn't work? Connecting via SSL or authentication via LDAP? They are two different things. Can you connect to your server via HTTPS and access a static resource like an HTML page or image file? If not, what happens when you try to connect? I created a .csr and a .jks using the java keytool. I got a cert using my .csr file from digicert by downloading it to a .p7b file. I imported the .p7b file to my %jave_home%\bin\mykeystore.jks. I then download from digicert the same cert but in a .pem file and imported the file to my %jave_home5\jre\lib\security\cacerts. Did I miss something here, do you need any other info? - What is the specific version of Tomcat that you are using? - Do you see any errors in the log? - Include your server.xml, minus comments and minus any sensitive info like passwords Dan Thank you, Kyle - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Cert
Daniel ...he hasn't imported his DER typed certificate into the LDAP Server yet.. Martin __ Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. Subject: Re: Cert From: dmik...@gopivotal.com Date: Fri, 2 Aug 2013 08:58:12 -0400 To: users@tomcat.apache.org On Aug 2, 2013, at 7:33 AM, Kyle Shattuck ky...@montcalm.edu wrote: Hello, I am using Tomcat 7 on a windows server 2012 build for this: https://wiki.jasig.org/display/CASUM/Best+Practice+-+Setting+Up+CAS+Locally+using+the+Maven2+WAR+Overlay+Method I don't think SSL is not working correctly because every time I try to authenticate over LDAPS it does not work. What part of this doesn't work? Connecting via SSL or authentication via LDAP? They are two different things. Can you connect to your server via HTTPS and access a static resource like an HTML page or image file? If not, what happens when you try to connect? I created a .csr and a .jks using the java keytool. I got a cert using my .csr file from digicert by downloading it to a .p7b file. I imported the .p7b file to my %jave_home%\bin\mykeystore.jks. I then download from digicert the same cert but in a .pem file and imported the file to my %jave_home5\jre\lib\security\cacerts. Did I miss something here, do you need any other info? - What is the specific version of Tomcat that you are using? - Do you see any errors in the log? - Include your server.xml, minus comments and minus any sensitive info like passwords Dan Thank you, Kyle - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Cert
My Server( CAS) is using SSL and the LDAP(DC) server uses SSL. So when I try to authenticate through my CAS server to DC over LDAPS it does not work. When I look at the logs of the Applications and Services Logs --Directory Service is says-- InformationActiveDirectory_DomainService1535LDAP Interface: Internal event: The LDAP server returned an error. Additional Data Error value: 0003: LdapErr: DSID-0C060463, comment: Error decrypting ldap message, data 0, v1db1 Tomcat version:apache-tomcat-7.0.42 -Original Message- From: Daniel Mikusa [mailto:dmik...@gopivotal.com] Sent: Friday, August 02, 2013 8:59 AM To: Tomcat Users List Subject: Re: Cert On Aug 2, 2013, at 7:33 AM, Kyle Shattuck ky...@montcalm.edu wrote: Hello, I am using Tomcat 7 on a windows server 2012 build for this: https://wiki.jasig.org/display/CASUM/Best+Practice+-+Setting+Up+CAS+Locally+using+the+Maven2+WAR+Overlay+Method I don't think SSL is not working correctly because every time I try to authenticate over LDAPS it does not work. What part of this doesn't work? Connecting via SSL or authentication via LDAP? They are two different things. Can you connect to your server via HTTPS and access a static resource like an HTML page or image file? If not, what happens when you try to connect? I created a .csr and a .jks using the java keytool. I got a cert using my .csr file from digicert by downloading it to a .p7b file. I imported the .p7b file to my %jave_home%\bin\mykeystore.jks. I then download from digicert the same cert but in a .pem file and imported the file to my %jave_home5\jre\lib\security\cacerts. Did I miss something here, do you need any other info? - What is the specific version of Tomcat that you are using? - Do you see any errors in the log? - Include your server.xml, minus comments and minus any sensitive info like passwords Dan Thank you, Kyle - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org ?xml version='1.0' encoding='utf-8'? Server port=8005 shutdown=SHUTDOWN Listener className=org.apache.catalina.core.JasperListener / Listener className=org.apache.catalina.core.JreMemoryLeakPreventionListener / Listener className=org.apache.catalina.mbeans.GlobalResourcesLifecycleListener / Listener className=org.apache.catalina.core.ThreadLocalLeakPreventionListener / GlobalNamingResources Resource name=UserDatabase auth=Container type=org.apache.catalina.UserDatabase description=User database that can be updated and saved factory=org.apache.catalina.users.MemoryUserDatabaseFactory pathname=conf/tomcat-users.xml / /GlobalNamingResources Service name=Catalina Connector port=8080 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=8443 / Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=false sslProtocol=TLS keystoreFile=C:\Program Files\Java\jdk1.7.0_25\keystore.jks keystorePass=pass / Connector port=8009 protocol=AJP/1.3 redirectPort=8443 / Engine name=Catalina defaultHost=localhost Realm className=org.apache.catalina.realm.LockOutRealm Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ /Realm Host name=localhost appBase=webapps unpackWARs=true autoDeploy=true Valve className=org.apache.catalina.valves.AccessLogValve directory=logs prefix=localhost_access_log. suffix=.txt pattern=%h %l %u %t quot;%rquot; %s %b / /Host /Engine /Service /Server - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Cert
On Aug 2, 2013, at 9:23 AM, Kyle Shattuck ky...@montcalm.edu wrote: My Server( CAS) is using SSL and the LDAP(DC) server uses SSL. So when I try to authenticate through my CAS server to DC over LDAPS it does not work. When I look at the logs of the Applications and Services Logs --Directory Service is says-- InformationActiveDirectory_DomainService 1535LDAP Interface: Internal event: The LDAP server returned an error. Additional Data Error value: 0003: LdapErr: DSID-0C060463, comment: Error decrypting ldap message, data 0, v1db1 Sorry for being slow here. I'm just not quite sure how this is related to Tomcat. It seems like an application or JVM configuration issue. A couple more questions for you. - What log are you pulling this from? Is this from your LDAP server, an application log or a Tomcat log? - How are you configuring your application to connect to your LDAP server? Is this with a Resource / tag in Tomcat? or is this done in application configuration? Can you include this config for us, minus passwords? - Does your LDAP server have a certificate from a trusted certificate authority? Is this what you were talking about when you mentioned creating a keystore with a certificate from digicert in your original email? Or is the LDAP Server's certificate self signed? Dan Tomcat version:apache-tomcat-7.0.42 -Original Message- From: Daniel Mikusa [mailto:dmik...@gopivotal.com] Sent: Friday, August 02, 2013 8:59 AM To: Tomcat Users List Subject: Re: Cert On Aug 2, 2013, at 7:33 AM, Kyle Shattuck ky...@montcalm.edu wrote: Hello, I am using Tomcat 7 on a windows server 2012 build for this: https://wiki.jasig.org/display/CASUM/Best+Practice+-+Setting+Up+CAS+Locally+using+the+Maven2+WAR+Overlay+Method I don't think SSL is not working correctly because every time I try to authenticate over LDAPS it does not work. What part of this doesn't work? Connecting via SSL or authentication via LDAP? They are two different things. Can you connect to your server via HTTPS and access a static resource like an HTML page or image file? If not, what happens when you try to connect? I created a .csr and a .jks using the java keytool. I got a cert using my .csr file from digicert by downloading it to a .p7b file. I imported the .p7b file to my %jave_home%\bin\mykeystore.jks. I then download from digicert the same cert but in a .pem file and imported the file to my %jave_home5\jre\lib\security\cacerts. Did I miss something here, do you need any other info? - What is the specific version of Tomcat that you are using? - Do you see any errors in the log? - Include your server.xml, minus comments and minus any sensitive info like passwords Dan Thank you, Kyle - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org server.xml - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Cert
Kyle the ldap server requires the LDAP Attributes contained within the p7b dn: cn=username,o=organization,c=country objectclass:inetorgperson objectclass:organizationalPerson cn: username sn: surname your LDAP admin has 2 options: 1)enter each one manually from the attributes enumerated from the cert 2) import your DER formatted certificate into LDAP (and let the import utility auto-populate the LDAP attributes) for example 2a)Cisco LDAP Server http://www.cisco.com/en/US/docs/switches/datacenter/sw/6_x/nx-os/security/configuration/guide/b_Cisco_Nexus_7000_NX-OS_Security_Configuration_Guide__Release_6.x_chapter_0111.html 2b)IBM LDAP Server http://pic.dhe.ibm.com/infocenter/tivihelp/v2r1/index.jsp?topic=%2Fcom.ibm.itamfbi.doc_5.1%2FADM51mst160.htm it looks like we will need to engage the LDAP admin to take this any further..can you cc him? Martin __ Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. From: ky...@montcalm.edu To: users@tomcat.apache.org Subject: RE: Cert Date: Fri, 2 Aug 2013 13:23:12 + My Server( CAS) is using SSL and the LDAP(DC) server uses SSL. So when I try to authenticate through my CAS server to DC over LDAPS it does not work. When I look at the logs of the Applications and Services Logs --Directory Service is says-- InformationActiveDirectory_DomainService1535LDAP Interface: Internal event: The LDAP server returned an error. Additional Data Error value: 0003: LdapErr: DSID-0C060463, comment: Error decrypting ldap message, data 0, v1db1 Tomcat version:apache-tomcat-7.0.42 -Original Message- From: Daniel Mikusa [mailto:dmik...@gopivotal.com] Sent: Friday, August 02, 2013 8:59 AM To: Tomcat Users List Subject: Re: Cert On Aug 2, 2013, at 7:33 AM, Kyle Shattuck ky...@montcalm.edu wrote: Hello, I am using Tomcat 7 on a windows server 2012 build for this: https://wiki.jasig.org/display/CASUM/Best+Practice+-+Setting+Up+CAS+Locally+using+the+Maven2+WAR+Overlay+Method I don't think SSL is not working correctly because every time I try to authenticate over LDAPS it does not work. What part of this doesn't work? Connecting via SSL or authentication via LDAP? They are two different things. Can you connect to your server via HTTPS and access a static resource like an HTML page or image file? If not, what happens when you try to connect? I created a .csr and a .jks using the java keytool. I got a cert using my .csr file from digicert by downloading it to a .p7b file. I imported the .p7b file to my %jave_home%\bin\mykeystore.jks. I then download from digicert the same cert but in a .pem file and imported the file to my %jave_home5\jre\lib\security\cacerts. Did I miss something here, do you need any other info? - What is the specific version of Tomcat that you are using? - Do you see any errors in the log? - Include your server.xml, minus comments and minus any sensitive info like passwords Dan Thank you, Kyle - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Cert
We don't necessarily have a LDAP admin, so I need more details on how to execute this. I read the IBM site you provided and am not sure how to start. Our OS are Windows, they are talking about Tivoli Access Manager LDAP server Thank you for all the information! -Original Message- From: Martin Gainty [mailto:mgai...@hotmail.com] Sent: Friday, August 02, 2013 10:06 AM To: Tomcat Users List Subject: RE: Cert Kyle the ldap server requires the LDAP Attributes contained within the p7b dn: cn=username,o=organization,c=country objectclass:inetorgperson objectclass:organizationalPerson cn: username sn: surname your LDAP admin has 2 options: 1)enter each one manually from the attributes enumerated from the cert 2) import your DER formatted certificate into LDAP (and let the import utility auto-populate the LDAP attributes) for example 2a)Cisco LDAP Server http://www.cisco.com/en/US/docs/switches/datacenter/sw/6_x/nx-os/security/configuration/guide/b_Cisco_Nexus_7000_NX-OS_Security_Configuration_Guide__Release_6.x_chapter_0111.html 2b)IBM LDAP Server http://pic.dhe.ibm.com/infocenter/tivihelp/v2r1/index.jsp?topic=%2Fcom.ibm.itamfbi.doc_5.1%2FADM51mst160.htm it looks like we will need to engage the LDAP admin to take this any further..can you cc him? Martin __ Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. From: ky...@montcalm.edu To: users@tomcat.apache.org Subject: RE: Cert Date: Fri, 2 Aug 2013 13:23:12 + My Server( CAS) is using SSL and the LDAP(DC) server uses SSL. So when I try to authenticate through my CAS server to DC over LDAPS it does not work. When I look at the logs of the Applications and Services Logs --Directory Service is says-- InformationActiveDirectory_DomainService1535LDAP Interface: Internal event: The LDAP server returned an error. Additional Data Error value: 0003: LdapErr: DSID-0C060463, comment: Error decrypting ldap message, data 0, v1db1 Tomcat version:apache-tomcat-7.0.42 -Original Message- From: Daniel Mikusa [mailto:dmik...@gopivotal.com] Sent: Friday, August 02, 2013 8:59 AM To: Tomcat Users List Subject: Re: Cert On Aug 2, 2013, at 7:33 AM, Kyle Shattuck ky...@montcalm.edu wrote: Hello, I am using Tomcat 7 on a windows server 2012 build for this: https://wiki.jasig.org/display/CASUM/Best+Practice+-+Setting+Up+CAS+Lo cally+using+the+Maven2+WAR+Overlay+Method I don't think SSL is not working correctly because every time I try to authenticate over LDAPS it does not work. What part of this doesn't work? Connecting via SSL or authentication via LDAP? They are two different things. Can you connect to your server via HTTPS and access a static resource like an HTML page or image file? If not, what happens when you try to connect? I created a .csr and a .jks using the java keytool. I got a cert using my .csr file from digicert by downloading it to a .p7b file. I imported the .p7b file to my %jave_home%\bin\mykeystore.jks. I then download from digicert the same cert but in a .pem file and imported the file to my %jave_home5\jre\lib\security\cacerts. Did I miss something here, do you need any other info? - What is the specific version of Tomcat that you are using? - Do you see any errors in the log? - Include your server.xml, minus comments and minus any sensitive info like passwords Dan Thank you, Kyle - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail:
Tomcat Websocket Implementation
Dear all, I'm looking into a solution that will make extensive use of websockets. Details are unimportant, but here's the question that I'd like to have some insight into. The current implementation (official examplehttp://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/classes/websocket/chat/ChatWebSocketServlet.java?revision=1354477view=markup) seems independent of the JSR 356http://docs.oracle.com/javaee/7/tutorial/doc/websocket.htm. Is work underway to implement the javax.websocket.* objects, or is what's in org.apache.catalina.websocket it for the enforceable future? Thanks in advance, --Igor. www.sanguinecomputing.com
Re: Tomcat Websocket Implementation
On Aug 2, 2013, at 12:05 PM, Igor Urisman wrote: Dear all, I'm looking into a solution that will make extensive use of websockets. Details are unimportant, but here's the question that I'd like to have some insight into. The current implementation (official examplehttp://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/classes/websocket/chat/ChatWebSocketServlet.java?revision=1354477view=markup) seems independent of the JSR 356http://docs.oracle.com/javaee/7/tutorial/doc/websocket.htm. Is work underway to implement the javax.websocket.* objects, or is what's in org.apache.catalina.websocket it for the enforceable future? Tomcat 8 has a completed (though not yet fully tested and vetted) implementation of JSR-356. We're voting right now on the developer's mailing list whether to release Tomcat 8.0.0-RC1 alpha. Though Tomcat 8 is the only Tomcat that will support the Servlet, JSP, and EL specifications included in Java EE 7 (they will not be back-ported to Tomcat 7), a decision was made a while ago to deprecate the existing Tomcat 7 WebSocket implementation and back-port JSR-356 to Tomcat 7. This is the only Java EE 7 component that will be back-ported to Tomcat 7, AFAIK. I don't personally know this will happen (I'm not one of the developers), but since the JSR-356 implementation in Tomcat 8 is complete now, it shouldn't be too long. If you want to play with the JSR-356 implementation for now, feel free to download and use Tomcat 8 RC1 when it releases in (hopefully) the next few days. We encourage it, because the more people who download it and try it out, the better our chances of chasing down and fixing bugs now instead of after a general release. Nick - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat Websocket Implementation
On Aug 2, 2013, at 12:42 PM, Nick Williams wrote: On Aug 2, 2013, at 12:05 PM, Igor Urisman wrote: Dear all, I'm looking into a solution that will make extensive use of websockets. Details are unimportant, but here's the question that I'd like to have some insight into. The current implementation (official examplehttp://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/classes/websocket/chat/ChatWebSocketServlet.java?revision=1354477view=markup) seems independent of the JSR 356http://docs.oracle.com/javaee/7/tutorial/doc/websocket.htm. Is work underway to implement the javax.websocket.* objects, or is what's in org.apache.catalina.websocket it for the enforceable future? Tomcat 8 has a completed (though not yet fully tested and vetted) implementation of JSR-356. We're voting right now on the developer's mailing list whether to release Tomcat 8.0.0-RC1 alpha. Though Tomcat 8 is the only Tomcat that will support the Servlet, JSP, and EL specifications included in Java EE 7 (they will not be back-ported to Tomcat 7), a decision was made a while ago to deprecate the existing Tomcat 7 WebSocket implementation and back-port JSR-356 to Tomcat 7. This is the only Java EE 7 component that will be back-ported to Tomcat 7, AFAIK. I don't personally know this will happen (I'm not one of the developers), but since the JSR-356 implementation in Tomcat 8 is complete now, it shouldn't be too long. **I don't personally know WHEN this will happen… If you want to play with the JSR-356 implementation for now, feel free to download and use Tomcat 8 RC1 when it releases in (hopefully) the next few days. We encourage it, because the more people who download it and try it out, the better our chances of chasing down and fixing bugs now instead of after a general release. You could also download the POTENTIAL release candidate that is being voted on right now (https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.0-RC1/bin/), but I can't guarantee that this is the actual release candidate that will come out. Nick
Re: Tomcat Websocket Implementation
Super helpful -- thanks, Nick. I'll switch to T8 right away. It's alpha status is not a problem in my case. -Igor. On Fri, Aug 2, 2013 at 10:45 AM, Nick Williams nicho...@nicholaswilliams.net wrote: On Aug 2, 2013, at 12:42 PM, Nick Williams wrote: On Aug 2, 2013, at 12:05 PM, Igor Urisman wrote: Dear all, I'm looking into a solution that will make extensive use of websockets. Details are unimportant, but here's the question that I'd like to have some insight into. The current implementation (official example http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/classes/websocket/chat/ChatWebSocketServlet.java?revision=1354477view=markup ) seems independent of the JSR 356http://docs.oracle.com/javaee/7/tutorial/doc/websocket.htm. Is work underway to implement the javax.websocket.* objects, or is what's in org.apache.catalina.websocket it for the enforceable future? Tomcat 8 has a completed (though not yet fully tested and vetted) implementation of JSR-356. We're voting right now on the developer's mailing list whether to release Tomcat 8.0.0-RC1 alpha. Though Tomcat 8 is the only Tomcat that will support the Servlet, JSP, and EL specifications included in Java EE 7 (they will not be back-ported to Tomcat 7), a decision was made a while ago to deprecate the existing Tomcat 7 WebSocket implementation and back-port JSR-356 to Tomcat 7. This is the only Java EE 7 component that will be back-ported to Tomcat 7, AFAIK. I don't personally know this will happen (I'm not one of the developers), but since the JSR-356 implementation in Tomcat 8 is complete now, it shouldn't be too long. **I don't personally know WHEN this will happen… If you want to play with the JSR-356 implementation for now, feel free to download and use Tomcat 8 RC1 when it releases in (hopefully) the next few days. We encourage it, because the more people who download it and try it out, the better our chances of chasing down and fixing bugs now instead of after a general release. You could also download the POTENTIAL release candidate that is being voted on right now ( https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.0-RC1/bin/), but I can't guarantee that this is the actual release candidate that will come out. Nick
Tomcat native 1.1.27 libapr-1.so.0 is not deployed
Hi, I built APR 1.4.8 and Tomcat 7.0.42 from source code on redhat linux I compiled the tomcat native library 1.1.27 as below ./configure --with-apr=/apps/mstrat/apache/apr-1.4.8 \ --with-java-home=/apps/mstrat/java/jdk1.7.0_25 \ --with-ssl=/apps/mstrat/apache/openssl-1.0.1e \ --prefix=/apps/mstrat/apache-tomcat-7.0.42 make make install I see new libraries at /apps/mstrat/apache-tomcat-7.0.42/lib libtcnative-1.so.0.1.27 libtcnative-1.so.0 - libtcnative-1.so.0.1.27 libtcnative-1.so - libtcnative-1.so.0.1.27 libtcnative-1.la libtcnative-1.a but NOT libapr-1.so.0 libapr-1.so.0 and libapr-1.so.0.4.8 are available at APR install directory (/apps/mstrat/apache/apr-1.4.8/lib) When I start Tomcat, I see the following error in the log file catalina.out:java.lang.UnsatisfiedLinkError: /apps/mstrat/apache-tomcat-7.0.42/lib/libtcnative-1.so.0.1.27: libapr-1.so.0: cannot open shared object file: No such file or directory From tomcat lib folder strings libtcnative-1.so.0.1.27 | more | grep libapr libapr-1.so.0 On manually copying the libapr-1.so.0 from APR lib to Tomcat lib, the error is gone on tomcat restart Why doesn't Tomcat native library buildinstall deploy libapr-1.so.0 to the Tomcat lib folder? Thanks, -sri
Re: Apache Tomcat 8.0.0-RC1 release vote started
Am 2013-08-02 11:43, schrieb Mark Thomas: Michael-O 1983-01...@gmx.net wrote: Am 2013-08-01 22:59, schrieb Mark Thomas: If you'd like early sight of Tomcat 8 and an opportunity to contribute to Tomcat development, the release vote has now opened for the first Tomcat 8 release candidate. Features include: -[...] - Update to DBCP2 (now includes JMX monitoring) ^ Why if we do have the wonderful Tomcat JDBC Pool? 1. Choice (we ship both). 2. Features (DBCP covers more edge cases). 3. Maintainability. There is more chance of a DBCP fix at the moment. That should change when Filip returns. 4. Performance they should be much closer but I suspect Tomcat JDBC will be faster (those edge cases again). According to Apache's JIRA DBCP2 is still in the works whereas Tomcat JDBC Pool already works quite well. If so, I would favor the first option and make Tomcat JDBC Pool the default. Anyway DBCP2 will be a breaking change for DBCP 1.x users. Why not go the extra mile with Tomcat JDBC Pool and use that. Can't we get rid of that relic? We could but I would not support such a move. (Relic? Hardly.) I consinder it as a relic. Tomcat JDBC Pool's site even states that DBCP was written in ancient times withou multithreading in mind. Pre Java 5 and so forth. From my point of view, I have achieved tremendous improvements in our apps with Tomcat JDBC Pool and even found several bugs which would not have been possible with DBCP. Michael - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Auto-loading of the SQL Server JDBC Driver in 6.0.35
I expect that by putting the SQL Server JDBC4 driver jar (sqljdbc4.jar) into ${CATALINA_HOME}/lib, that the driver would be automatically available upon server start. As expected, this works in 6.0.33, but fails in 6.0.35. It seems that the fix to Bug 51640 is the cause of this, and in fact, setting driverManagerProtection to false in the JreMemoryLeakPreventionListener allows this to work in 6.0.35 as well. I would not have expected that a change to the MemoryLeak Listener would have changed the behavior of the JDBC driver. I don't know the internals of the SQL Server driver, so I don't know exactly why this is happening. The MySQL driver loads without any issue. I am wondering if anyone else has seen this problem. Thanks, Mark
RE: Apache Tomcat 8.0.0-RC1 release vote started
From: Michael-O [mailto:1983-01...@gmx.net] Subject: Re: Apache Tomcat 8.0.0-RC1 release vote started According to Apache's JIRA DBCP2 is still in the works whereas Tomcat JDBC Pool already works quite well. If so, I would favor the first option and make Tomcat JDBC Pool the default. Your original message implied that the Tomcat JDBC pool was the relic you wanted to get rid of: Why if we do have the wonderful Tomcat JDBC Pool? Can't we get rid of that relic? Since the most recent noun in the wording before that relic was Tomcat JDBC Pool, I certainly interpreted relic as a reference to Filip's creation, not the original DBCP - and I suspect Mark T did as well. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Auto-loading of the SQL Server JDBC Driver in 6.0.35
Am 2013-08-02 21:24, schrieb mw...@loftware.com: I expect that by putting the SQL Server JDBC4 driver jar (sqljdbc4.jar) into ${CATALINA_HOME}/lib, that the driver would be automatically available upon server start. As expected, this works in 6.0.33, but fails in 6.0.35. It seems that the fix to Bug 51640 is the cause of this, and in fact, setting driverManagerProtection to false in the JreMemoryLeakPreventionListener allows this to work in 6.0.35 as well. I would not have expected that a change to the MemoryLeak Listener would have changed the behavior of the JDBC driver. I don't know the internals of the SQL Server driver, so I don't know exactly why this is happening. The MySQL driver loads without any issue. Why should the driver being loaded into memory if no one uses it? Actually, a driver is loaded into the container's classloader cache upon first access. This is what happens at least for me with the Oracle driver. Everything else does not make sense to me. Michael - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Apache Tomcat 8.0.0-RC1 release vote started
Am 2013-08-02 21:26, schrieb Caldarale, Charles R: From: Michael-O [mailto:1983-01...@gmx.net] Subject: Re: Apache Tomcat 8.0.0-RC1 release vote started According to Apache's JIRA DBCP2 is still in the works whereas Tomcat JDBC Pool already works quite well. If so, I would favor the first option and make Tomcat JDBC Pool the default. Your original message implied that the Tomcat JDBC pool was the relic you wanted to get rid of: Why if we do have the wonderful Tomcat JDBC Pool? Can't we get rid of that relic? Since the most recent noun in the wording before that relic was Tomcat JDBC Pool, I certainly interpreted relic as a reference to Filip's creation, not the original DBCP - and I suspect Mark T did as well. Oh ok, sorry for that misunderstanding. Relic solely referred to Commons DBCP and *not* Tomcat JDBC Pool. This obviously happened because I am not a native English speaker. Michael - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Apache Tomcat 8.0.0-RC1 release vote started
On 02/08/2013 21:17, Michael-O wrote: Am 2013-08-02 11:43, schrieb Mark Thomas: Michael-O 1983-01...@gmx.net wrote: Am 2013-08-01 22:59, schrieb Mark Thomas: If you'd like early sight of Tomcat 8 and an opportunity to contribute to Tomcat development, the release vote has now opened for the first Tomcat 8 release candidate. Features include: -[...] - Update to DBCP2 (now includes JMX monitoring) ^ Why if we do have the wonderful Tomcat JDBC Pool? 1. Choice (we ship both). 2. Features (DBCP covers more edge cases). 3. Maintainability. There is more chance of a DBCP fix at the moment. That should change when Filip returns. 4. Performance they should be much closer but I suspect Tomcat JDBC will be faster (those edge cases again). According to Apache's JIRA DBCP2 is still in the works The bulk of the work was in Pool 2 and that has been complete for a while. There are some discussions about further simplification of the Pool 2 API but the core pooling code is ready and is unlikely to change. The work to convert DBCP to use Pool 2 has been completed. DBCP currently has a number of open bugs and enhancement requests and that is holding up a formal release as a number of them are likely to trigger API changes both in Pool 2 and DBCP 2. In short, the core of DBCP2 is ready to go but the API is not stable. Getting it into the Tomcat 8 RC's is part of getting feedback to help stablise the API. whereas Tomcat JDBC Pool already works quite well. For some users yes. As I said previously, it does not cover as many edge cases as DBCP does. If so, I would favor the first option and make Tomcat JDBC Pool the default. Anyway DBCP2 will be a breaking change for DBCP 1.x users. What makes you say that? I can't think of any configuration changes in DBCP2 so far that would cause breakage (although I could be wrong). Why not go the extra mile with Tomcat JDBC Pool and use that. It is (still) a one line configuration change to switch between the two. Personally, I'm not happy with JDBC Pool as the default - primarily because it is essentially supported by a single committer. It hasn't built up a development community yet. DBCP has that development community and is less dependent on a single committer. Can't we get rid of that relic? We could but I would not support such a move. (Relic? Hardly.) I consinder it as a relic. Tomcat JDBC Pool's site even states that DBCP was written in ancient times withou multithreading in mind. Pre Java 5 and so forth. That is true of DBCP 1. It does not apply to DBCP 2. From my point of view, I have achieved tremendous improvements in our apps with Tomcat JDBC Pool and even found several bugs which would not have been possible with DBCP. Great. You are free to continue using it. It will continue to be part of Tomcat 8 in the same way it is part of Tomcat 7. Getting those same performance improvements for users that need / want DBCP is a primary driver for Pool 2 and DBCP 2. Ultimately, I'd like to see the code bases converge but that is probably an optimistic goal for a number of reasons. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Apache Tomcat 8.0.0-RC1 release vote started
On 02/08/2013 21:30, Michael-O wrote: Am 2013-08-02 21:26, schrieb Caldarale, Charles R: From: Michael-O [mailto:1983-01...@gmx.net] Subject: Re: Apache Tomcat 8.0.0-RC1 release vote started According to Apache's JIRA DBCP2 is still in the works whereas Tomcat JDBC Pool already works quite well. If so, I would favor the first option and make Tomcat JDBC Pool the default. Your original message implied that the Tomcat JDBC pool was the relic you wanted to get rid of: Why if we do have the wonderful Tomcat JDBC Pool? Can't we get rid of that relic? Since the most recent noun in the wording before that relic was Tomcat JDBC Pool, I certainly interpreted relic as a reference to Filip's creation, not the original DBCP - and I suspect Mark T did as well. Oh ok, sorry for that misunderstanding. Relic solely referred to Commons DBCP and *not* Tomcat JDBC Pool. This obviously happened because I am not a native English speaker. No problem. I assumed you meant DBCP was the relic and replied accordingly. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Auto-loading of the SQL Server JDBC Driver in 6.0.35
From: Michael-O [mailto:1983-01...@gmx.net] Sent: Friday, August 02, 2013 3:28 PM To: Tomcat Users List Subject: Re: Auto-loading of the SQL Server JDBC Driver in 6.0.35 Am 2013-08-02 21:24, schrieb mw...@loftware.com: I expect that by putting the SQL Server JDBC4 driver jar (sqljdbc4.jar) into ${CATALINA_HOME}/lib, that the driver would be automatically available upon server start. As expected, this works in 6.0.33, but fails in 6.0.35. It seems that the fix to Bug 51640 is the cause of this, and in fact, setting driverManagerProtection to false in the JreMemoryLeakPreventionListener allows this to work in 6.0.35 as well. I would not have expected that a change to the MemoryLeak Listener would have changed the behavior of the JDBC driver. I don't know the internals of the SQL Server driver, so I don't know exactly why this is happening. The MySQL driver loads without any issue. Why should the driver being loaded into memory if no one uses it? Actually, a driver is loaded into the container's classloader cache upon first access. This is what happens at least for me with the Oracle driver. Everything else does not make sense to me. Michael Sorry, I wasn't clear. It's not loading the driver into memory, but rather registering it with the DriverManager that has changed, so that it can be loaded on the first request. This is no longer occurring. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Auto-loading of the SQL Server JDBC Driver in 6.0.35
On 8/2/2013 1:30 PM, mw...@loftware.com wrote: From: Michael-O [mailto:1983-01...@gmx.net] Sent: Friday, August 02, 2013 3:28 PM To: Tomcat Users List Subject: Re: Auto-loading of the SQL Server JDBC Driver in 6.0.35 Am 2013-08-02 21:24, schrieb mw...@loftware.com: I expect that by putting the SQL Server JDBC4 driver jar (sqljdbc4.jar) into ${CATALINA_HOME}/lib, that the driver would be automatically available upon server start. As expected, this works in 6.0.33, but fails in 6.0.35. It seems that the fix to Bug 51640 is the cause of this, and in fact, setting driverManagerProtection to false in the JreMemoryLeakPreventionListener allows this to work in 6.0.35 as well. I would not have expected that a change to the MemoryLeak Listener would have changed the behavior of the JDBC driver. I don't know the internals of the SQL Server driver, so I don't know exactly why this is happening. The MySQL driver loads without any issue. Why should the driver being loaded into memory if no one uses it? Actually, a driver is loaded into the container's classloader cache upon first access. This is what happens at least for me with the Oracle driver. Everything else does not make sense to me. Michael Sorry, I wasn't clear. It's not loading the driver into memory, but rather registering it with the DriverManager that has changed, so that it can be loaded on the first request. This is no longer occurring. Mark How are you accessing the driver? Are you using JDBC directly, or are you creating a JNDI pooled connection and letting Tomcat manage it. . . . . just my two questions /mde/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Help about my problem
Hi i have use Tom-Cat ver 6.0.10 and i have only one web site on this my problem is when i try to connect to web server on localhost or network computers browser status is changing to connecting to ... but nothing hppens after long time my valid ip address is http://89.165.70.133/ i trying shutdown.sh and startup.sh to restart this but the problem is not solved i attached the log file after start in PDF i am wondered if you can help me Thanks a lot - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Help about my problem
From: Mehdi Yousefi [mailto:mmeh...@gmail.com] Subject: Help about my problem i have use Tom-Cat ver 6.0.10 It's Tomcat, not Tom-Cat. Version 6.0.10 is over six years old and should not be used by anyone these days. Doing so is irresponsible, given the number of bug fixes and security issues corrected since then. my problem is when i try to connect to web server on localhost or network computers browser status is changing to connecting to ... but nothing hppens after long time Since you've provided no real information about your configuration, JVM version, platform you're running on, or log data, one can only speculate what the problem might be. The symptoms are typical of either using the wrong port number on the URL or a firewall blocking the port, but the actual cause might be something completely different. i attached the log file after start in PDF The list does not allow most attachments, especially ones that are easily infected by viruses. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Configuration question for 2500 simultaneous users.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Alec, On 8/1/13 6:14 PM, Tomcat Random wrote: I'm expecting 5000 simultaneous users, with a physical load balancer to two physical app servers. So ~2500 per machine, each running an instance of tomcat not fronted by httpd or any proxy server. (i.e., using Tomcat to serve a few static assets along with the webapp). Again, how many simultaneous /connections/ -- or requests -- do you expect to handle? The number of simultaneous users is really only relevant if you use sessions and then it comes down to memory (heap) and failover (replication) if you want it. What's much more important is the transaction rate. For instance, if you expect 5000 users (really ~2500 per instance) and they each make a request once per minute, than that's 2500 requests per minute or ~40 req/sec. If your average transaction takes longer than 1/40 sec (250ms), then you are in trouble because you will not be able to keep up with demand. If your users make 2 transactions per minute, then you need to have average transaction time down to 1/80 sec (125ms) or you will not be able to keep up. What happens if one host fails and the other one picks up *all* the traffic? That means you need to do the average transaction in 1/160 sec (62ms) or you will not be able to keep up. You might consider using a hot-spare or 3 instances. are you just interested in speculative performance tuning? That's correct - with just one user (myself) testing it everything is wonderful. I've just got that uneasy feeling the servers will explode when we flip over from our old host/codebase and get all the traffic. JMeter is your friend. Put in the time to build workflow simulations. It will pay you back manifold. You can even use your JMeter load tests to do quick smoke-testing in production after a release just to make sure you didn't miss anything. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJR/GnEAAoJEBzwKT+lPKRYx68QAJPE1VHVN4tX+cmssoaO3Qhr 4zjRtYYmpYna8L4EfAjPX8E3/owXilFj5bLBEpl6eYJg+i+RF+8+zlut45OXqrMO 1s5pvgwglq6kzZw70Wt8PavxP9ppcp2kwy82rNQbDLaskfkGcsV2o9QnJzcNgIIC 1Kr7jf1iqF7qJC8/F9F3cg3YBvzz2fozdaX1nWigdus9QsXq00ZRjByR1rd43ePH gLEoJVzD95djWYP/JRiv65ZTqdDY6dMMsHwlfSfFPa9/w2uoZsjFaJmg8Eoj0K9o 4f2RHzIioizY9pLPWqRh4D3rOBOlTKMZyiRrYh4gdVpYWfS6D0Ae5zZx67r0VFje MdVM3AUUyADwsHIE3+MBRu/OAeYnMDHIMHRlXON/YNXwYpRYMI9deS2y+kkYcxhY ttl+B88UBRD0MR5twmCJ2OAAMe5WNtq0jlhuAGTnPJpDHSSd6fa/sm8Csoj1gdqr ZSTh0JUy6RlECePeVHW+FCEBDPsWfM05pHY8p73KZrS3c4QWPXsH5GmnxGOcOuQh Az1agFN4gqebFTG6l1K40CBSf7DWw38aYw+sFZWLJLM5/eSQtIaYgKhMwOu1N0Cp oVgtwRVWQ0x/l3B4WNfgMHDq5xigD+ElGcvhPhRepzHPH4dZJxLYlpHDSV31o6k+ Myi3cewJzt+JVL4KN1yf =u5fy -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Clean up after building and installing ARP on RHEL 6
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Alec, On 8/1/13 6:41 PM, Tomcat Random wrote: Spent a while getting APR installed and my logs are now showing no warning and indicate the native libraries are working. As per the docs: The libraries will be found in $CATALINA_HOME/lib - Yup, that's fine. But it seems like I have APR/native directories in several places now. Did you actually compile APR or just tcnative? Are the APR libraries in lib self-contained? Anyone know if other directories or files related to their build are safe to delete? Examples: /usr/bin/apr-1-config /usr/local/www/apache-tomcat-7.0.42/bin/tomcat-native-1.1.27-src/jni/native Would not be heartbroken if I had to wget the same files to rebuild. I'm sort of a neat freak with stray files and would rather rm them. The usual build(s) will yield dynamically-linked libraries. That means that the LD_LIBRARY_PATH for the JVM process needs to ultimately contain libtcnative.so, libapr.so, and libssl.so. The latter two are likely provided by your OS via package-manager, and live in /lib or /usr/lib and you don't have to worry. The libtcnative.so lives in $CATALINA_HOME/lib as you've said before. You can remove the entire directory you used to build libtcnative.so (and associated symlinks -- you probably have 3 or 4 files and/or links... it's best to keep them all in their original configuration). If you had to build libapr.so as well, then toss that set of files into CATALINA_HOME/lib and delete from anywhere else you had them sitting around for compilation purposes, etc. That you have /usr/bin/apr-1-config suggests that you have a package-managed install of libapr -- don't touch that. You can probably safely delete /usr/local/www/apache-tomcat-7.0.42/bin/tomcat-native-1.1.27-src and its contents. You can always re-expand from the tarball and re-build, right? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJR/GrWAAoJEBzwKT+lPKRYEIkQAL7Typbq9kGPFz6rBxmTYoB1 oIzc1j40Me1ewSXiH9DPXCNDJ9VCbEi8DvGE6m/Wrf51fD5mQ522+zJ48XfVHJAU VBsumKxq2XS8mLdOOFMGbEIlWOSsS0VxLauqxRfaHVrMV2nAtiQxfoX73iwN4M2x w/NKsKlbQpojKUZYHIMnr6S+D2p7fPwQ+pa64LxrSTLKkk3LBG+7OVuHNm4CVM6J 8lXuXo0WPgTFGwqFLjNLJsD27Q49cB+iwA7m376rJ0Z4sXzIqruQMRXb/4J6knUi MvvmnXxduCCF7QUZNygnnbu5cJhCkwPnlwHxIm5XXNLIz2WVCilCWu0rKHQXjnfq bjFNQ26Gyph3HfBxJt3bxjDtN0DLLKxOizjzN2lnGkDEdZFB1NTOyO2UPQy3CLbX kPdUQFv0Kai1Qi0sH08Ews+7JedS+U64mohGbMZnYx0fBL7zSljsKtr8hCU0191g 3csQOlfRbpbTNFG9WatDGqsaJANovFb+Xze6ghZf2mcHz9Ff64ZlSxINYcardTcT Xe9vQODH8mwtDm0YIELpu/MvnL+Or9HePdTsn88s0VqIW3H1i8cIDziGQXMXlsC5 JImb3V17exHhhzpTYCQPxA9SbX44Me2phG5XF7T/4DdfbzlAKPKeci92K79QR/n8 FY3x1ewzrSXas0/0rJQe =v/WW -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat native 1.1.27 libapr-1.so.0 is not deployed
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 srinivas, On 8/2/13 2:47 PM, srinivas yelamanchili wrote: I built APR 1.4.8 and Tomcat 7.0.42 from source code on redhat linux Please don't hijack threads. Instead of replying to an existing message, start a new message to users@tomcat.apache.org. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJR/GwTAAoJEBzwKT+lPKRYqPMP/R08PN/pM378Zmr4DXRXKHRQ UrMeGxyCH0GKWZDsdQ7rDQkjgM4fO4MNbIloFPW4Tqk3VR9FfPN/MOYBTsBd1Sqp utnUHPEVZNh3QgVxPeHD6IKnSIWkTDMrbn8eCfMcfcBirNXY8qW+ZyUxvB9Xm4Es /g6vUJXGKs1JzXdn15iMGDJ6vS/K923ZYdcvnXPSqprT+eo3SyYTQNrgU1xpQeO4 BRtNfjUWk6rmQXLFsQgsG3zTXNz/zSRCy8VfAfs8b30yMpVymCMcMmC09kCH2qs7 DeSpiMBziveklKjfv8ywv07SPeQ6qP1vF8UEQ2J7PZc6U3MsD7fzUKW45oojBulb 8t0DIqrnfSbdPUKqpWXbRwC2YVAqG0vb2oY/+KkVUUWA2C+keBTyU2+NdwQyxUnd CBDrwFLnR4T4aAj+zNX1L0ARfxaZzaL0WNW2msq4Itt5U7ooYb/EwITp4hI5to5K xFRRjFNW1jWncLaREJnUkcYXIF+PCi/GYeXPEai05HnIUy8sM9B8gfMLJJyE9HaQ MswvyMVBK2+iZmxRk+7RcRolNkKgQCST9ziA37FTZh3sEJX4cHb8S4fDQ3XoAAaR 8YcghWw7GvdpKHcevw2h/T4VE5dmX/KC6ArYT+vmSWQt1A0Bs8akbXGncujZmLyH JFbDL7TaKT5/S2u8E/XB =sW6S -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
libapr-1.so.0 not deployed for Tomcat 7
Hi, I built APR 1.4.8 from source code as non-root user on redhat linux and deployed to /apps/mstrat/apache/apr-1.4.8 Installed Tomcat 7.0.42 at /apps/mstrat/apache-tomcat-7.0.42 by untar the .tar.gz file The Tomcat lib folder doesn't have libapr-1.so.0 I compiled the tomcat native library 1.1.27 as below ./configure --with-apr=/apps/mstrat/apache/apr-1.4.8 \ --with-java-home=/apps/mstrat/java/jdk1.7.0_25 \ --with-ssl=/apps/mstrat/apache/openssl-1.0.1e \ --prefix=/apps/mstrat/apache-tomcat-7.0.42 make make install I see new libraries at /apps/mstrat/apache-tomcat-7.0.42/lib libtcnative-1.so.0.1.27 libtcnative-1.so.0 - libtcnative-1.so.0.1.27 libtcnative-1.so - libtcnative-1.so.0.1.27 libtcnative-1.la libtcnative-1.a but NOT libapr-1.so.0 libapr-1.so.0 and libapr-1.so.0.4.8 are available at APR install directory (/apps/mstrat/apache/apr-1.4.8/lib) When I start Tomcat, I see the following error in the log file catalina.out:java.lang.UnsatisfiedLinkError: /apps/mstrat/apache-tomcat-7.0.42/lib/libtcnative-1.so.0.1.27: libapr-1.so.0: cannot open shared object file: No such file or directory From tomcat lib folder strings libtcnative-1.so.0.1.27 | more | grep libapr libapr-1.so.0 On manually copying the libapr-1.so.0 from APR lib to Tomcat lib, the error is gone on tomcat restart Why doesn't Tomcat native library buildinstall deploy libapr-1.so.0 to the Tomcat lib folder or the Tomcat include this library by default? We cannot ask root user to install these software and I want to make Tomcat work as non-root user without installing any in global paths/libraries, so when we compile and deploy to our local folders I would expect it to work 'out of the box' ps : sorry about earlier post, I used 'reply' to an existing thread and overwrote the subject and content with my topic, without realizing it was still 'chained' to the original thread Thanks, -sri
Re: Help about my problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mehdi, On 8/2/13 7:27 PM, Mehdi Yousefi wrote: Hi i have use Tom-Cat ver 6.0.10 and i have only one web site on this my problem is when i try to connect to web server on localhost or network computers browser status is changing to connecting to ... but nothing hppens after long time my valid ip address is http://89.165.70.133/ Great (Fire)Wall of Iran? Or maybe just misconfiguration: Starting Nmap 6.01 ( http://nmap.org ) at 2013-08-02 22:50 EDT Nmap scan report for 89.165.70.133 Host is up (0.13s latency). Not shown: 994 filtered ports PORT STATE SERVICE 21/tcp open ftp 554/tcp open rtsp 911/tcp closed xact-backup 912/tcp closed apex-mesh 7070/tcp open realserver 8000/tcp open http-alt Device type: WAP|storage-misc|general purpose|printer Running (JUST GUESSING): Apple embedded (93%), NetBSD 4.X (89%), Ricoh embedded (85%) OS CPE: cpe:/o:netbsd:netbsd:4.0 Aggressive OS guesses: Apple AirPort Extreme WAP v7.3.2 (93%), Apple AirPort Extreme WAP or Time Capsule NAS device (90%), Apple Airport Extreme WAP (89%), NetBSD 4.0 (89%), Apple AirPort Extreme WAP (86%), Ricoh Aficio MP C6000 or GX3050N printer (85%) No exact OS matches for host (test conditions non-ideal). OS detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 36.37 seconds If you have a web server listening on port 8000, then your URL needs to look like this: http://89.165.70.133:8000/ That doesn't work (for me), as there is apparently nothing responding on port 8000. Are you sure your Tomcat is up? What port number do you think it should be on? Have you poked a hole in your firewall? Or, are you a home-user and have your router set to port-forward everything to your Apple TV? Or was this post just a ruse to get people to prod your server? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJR/HG/AAoJEBzwKT+lPKRY6A0P/0ABGMH10waEyDEu8r/fzCPY A3vdQjPiRzg5o5LANj2wekCRgZjlA+MBRNoaWHRz0SYElSHy3i1myszs+SQyOfpX M6rEfzFhbc3bi85w2q7lIRoXC26zl21RfbHbZ5swBckmaCTysU0z6pOC0FzLcr02 vuWXGud4r3ujcaYtS00jCOb/tMJoGZF3JbVyNdRx8+GH1YaSWxGJ1B0HFvDNgH4l EbU0TqfajHzchvTWTOboiZ5hZv3aL+YgJ057+UmZo937sHypOr8frB+gt/Dl9vgH Acb7QcLPUelOazSFUczEmv9e9nustNRBSIsUpSTBeH0JWUGTF8aDj/cEZ29kzG7y gfAiaoZovRNXYs3VY8DBGDgYyfMf8m551IJSQn1X4RZP1CQ+X6Y7B+/ZAZJtMZrK gcKa6bWZ2QA7DZOTqi8nGkyyBzxE2QGGMWe0W9KOc/q3v7Un1IAmnXo5qtbvcP1t DOBb+gdOGCyUVdr5GptPMafLr91PoSaamo2PPG8yoEiBQweI5H38KjHVA7F0mUZG QcByI1MmMTyJK4a3xH4+XRfJfjPKAwB1EYYvqoO8pDfD5ZIgxw133RKFarxepkWh /roEnvpwSei+fHXcXZ63o9miESaieFss8bTEiAg/B2ujYSXWY862AXXTITTsbtVv hBY0YwqfasdlUTH1tYoO =S8Yu -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: libapr-1.so.0 not deployed for Tomcat 7
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 srinivas, On 8/2/13 10:51 PM, srinivas yelamanchili wrote: Hi, I built APR 1.4.8 from source code as non-root user on redhat linux and deployed to /apps/mstrat/apache/apr-1.4.8 Installed Tomcat 7.0.42 at /apps/mstrat/apache-tomcat-7.0.42 by untar the .tar.gz file The Tomcat lib folder doesn't have libapr-1.so.0 I compiled the tomcat native library 1.1.27 as below ./configure --with-apr=/apps/mstrat/apache/apr-1.4.8 \ --with-java-home=/apps/mstrat/java/jdk1.7.0_25 \ --with-ssl=/apps/mstrat/apache/openssl-1.0.1e\ --prefix=/apps/mstrat/apache-tomcat-7.0.42 make make install I see new libraries at /apps/mstrat/apache-tomcat-7.0.42/lib libtcnative-1.so.0.1.27 libtcnative-1.so.0 - libtcnative-1.so.0.1.27 libtcnative-1.so - libtcnative-1.so.0.1.27 libtcnative-1.la libtcnative-1.a but NOT libapr-1.so.0 libapr-1.so.0 and libapr-1.so.0.4.8 are available at APR install directory (/apps/mstrat/apache/apr-1.4.8/lib) When I start Tomcat, I see the following error in the log file catalina.out:java.lang.UnsatisfiedLinkError: /apps/mstrat/apache-tomcat-7.0.42/lib/libtcnative-1.so.0.1.27: libapr-1.so.0: cannot open shared object file: No such file or directory From tomcat lib folder strings libtcnative-1.so.0.1.27 | more | grep libapr libapr-1.so.0 On manually copying the libapr-1.so.0 from APR lib to Tomcat lib, the error is gone on tomcat restart Why doesn't Tomcat native library buildinstall deploy libapr-1.so.0 to the Tomcat lib folder or the Tomcat include this library by default? We cannot ask root user to install these software and I want to make Tomcat work as non-root user without installing any in global paths/libraries, so when we compile and deploy to our local folders I would expect it to work 'out of the box' It wouldn't be appropriate for tcnative to install software other than itself. For instance, I have libapr on my system already, so having the build scripts for tcnative copy the APR shared libraries from /usr/lib (where they are installed on my system) into CATALINA_HOME/lib is a mistake: they would eclipse the system-installed libraries. Note that your source distribution of APR should include a build script with an install target. If you have specified a prefix directory (like $CATALINA_HOME) then you should be able to make install and have it but the binary libraries into $CATALINA_HOME/lib ps : sorry about earlier post, I used 'reply' to an existing thread and overwrote the subject and content with my topic, without realizing it was still 'chained' to the original thread It's a common mistake and often only noticed by readers who have threading properly configured in their email readers (as I do). Don't feel bad. There are several problems with hijacking threads in this way, the two most irritating are: 1. It often truly hijacks the thread and nobody will answer the original question because it's been lost in the shuffle 2. The (properly-threaded) mailing list archives will show your question as a reply to some unrelated topic, and it will be more difficult to find (and pollute the original thread in the archives, just as in #1). Next time, just click New Message instead of Reply. No big deal. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJR/HPNAAoJEBzwKT+lPKRYRBUP/1CGoBk4XxTTePkQPFhPAtHm Cg1cSQsCNGYYc6DSpVF3t7RtLLof/Et+iGKACW9I8E/JVDLzvdq/qB5yT540CgjL Y7vt1ihwBWYrkpKtR9FJw1q+S/fmtFfBxu0qapoaI3W4ugj4BfHswJBDZLUa3JU4 dCwB3QodMrvsSXjPAMsiuzqWvY/bsMTrRtpZcSmu2EGtOco4FOO4aF9kzJBYitYN Fk9VBLzQOF9VqbAfJFsSWXbbyawCyDK741zsLLYJYWQHPYvAVQmklPpc4iWYl9ZO tOrQLBRIqXsX9J9NTsP1CJ82HGoaeMSwEji6bUqEcCBrCorD235Ud4PKeonBCUeM uuBp6NIjhTvvHykdDmL7Em1Cmq+JwwVMSCvTOOjLvfcbfUGfoRr5tVGB7BxRThwA TZZxSXEbuGEKbSnGdgH/N4V/joeYRKGqpOkW+dVDuoRG2aDbQiqUKCl83YWh+V9K /KBXKqBfxg132y1lLYcjEG0gXoP4p+nQfZWwrYfqYhZ+w2CYNmuSqgjvMxHKGHl0 n3RWydi/o6+paOSyjT+oKDaF9Lp/XuRY5Mesw9/hTUH1A0UsdYVWHwHRSprpSvJr i04PrIi+KPR9J3IWRiilkEf8DSPuDkgeDhzDTcRnqgcw8jOlAiN2+UD4mUlQlVyc voKOn0FHNmT74UvV7dHR =k7kl -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Configuration question for 2500 simultaneous users.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Alec, On 8/1/13 6:08 PM, Tomcat Random wrote: Thanks Mark, I've been getting up to speed on JMeter. I've used selenium before. The particulars depend on your particular application - agreed. That part I can work out myself by looking at bottlenecks, generally timing areas of the application with more and more granularity, in places where the app behaves slowly. Just remember that you can't really benchmark your application with a single client. There are behaviors that only emerge under some kind of load. For instance, uncontended object monitors (i.e. synchronized methods, blocks, etc.) in the JVM can be obtained very quickly. So, if you have a resource that requires serialized access (e.g. db connection pool), it may perform very well under an isolated test: you find that your most time-consuming request/response pair takes, say, 850ms. That's great: you do the math and say that you can handle 1.18 req/sec on average and with users expected to make 1 request every 10 seconds, that means that you can handle ~12 simultaneous users with no apparent slow-down. Then you get contended locks, which are slower. Instead of roughly zero time to obtain an object lock, let's say it takes 50ms (that's grossly overstating the amount of time required to obtain an object lock, but somewhat instructive). So now you're up to 900ms for your transaction and you can handle 1.11 req/sec with no slowdown and you can only handle 11 simultaneous users. Multiply those effects by a lot (lots of transactions, lots of users, lots of multi-threaded conflicts) and you can find that you really can only handle 91% of the traffic you thought you could. If you use JMeter, your software will get better: you will be able to identify those transactions that don't perform well and focus your optimization efforts in those places, instead of just reading code, changing StringBuffer to StringBuilder and new Integer() to Integer.valueOf() and convincing yourself that you now have an optimized piece of software. With a load-testing suite, you can prove to yourself (and, perhaps more importantly, your boss) that your software can handle the load you expect. It also helps with resource planning: if you know that a single instance of Tomcat on X hardware can handle Y load and you expect Z actual load, then you know you need Z / Y pieces of X hardware to run properly. Then multiply by some fudge factor (say 20%) and take the ceiling of that (so you always have an extra server... just in case). So maybe it's more like [ Z * 1.2 / Y ]. Oh, and remember that Z needs to represent *peak load* and not average load. If you have an online flower shop, you need to plan for the week of Valentine's Day during business hours, not the following Saturday in the middle of the night. Gather a ton of data and look at it. Graph it. You will learn a lot. Oh, and if you're using httpd (you didn't say), you might want to look into the event MPM: it won't waste connections waiting around for KeepAlive requests that never come from clients. The default MPM for httpd 2.4 on *NIX is event when supported by the OS and prefork for httpd 2.2. I believe event is stable on 2.2 -- just not the default. Benchmark with and without it and see if it makes a difference. With JMeter, your tests might be distorted because of how the tests run (e.g. constantly). You might have to fiddle with the JMeter configuration to get it to act more like a real browser by leaving connections open for a few seconds after making all the requests for a page. Then you may notice a difference. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJR/HgrAAoJEBzwKT+lPKRYkR8P/R5W8g/vnfEH/QxFfsQMCJnT TDv4oZecfNZ2PDZjGj+KpAJv6OoDe9wQLlAR4VWZMmnI3qJPqVwWg04ZSnEszf22 XkiuvnbPQXwt95bTXk/zPp5lcb4kuLAwvokAyMQQo7P941SYOmvA+xEADmlE8Vfc AgxnQY7GnifBU1wLZtzXrDnUWOzYwEL2vsec1bmlasbBg5NpxsQ9IyAq3DcPmDtO hQUbET12JTjka51Ub6TG5gP2O+ZzYz50XyVtUWcn86u4acZYmvfCtFq/XilZXv4G 962bNxXinf9GmoeCokCOejJ/Ob8XC7UpXtTXTJlzx64Gn8EDNKYyZxg6wt6MLktq xppytGQ+FfsxEFRtn9a0UM5Am0+7L4OpQWXesm5IcdypGNWn9Ng4bg2YI3c+P//O Q0eyS7WN19oFMvq60tbKHfhCv7QFYQatKnxiAChDsFoA53u6xZIlzmz5h/0G2kCH h7u57zUh2sSiBkSEs7QOxYNHS2tfTAAO2d5CMTuiAnIYk0joo0gOZ7u50DpAXaoR lnxcimpO+wy5Qc3AEfZtYlmco+EhjJ4hHZyCvcE3MRkGdrWODHZkV1+B9TB0TH3M sp1MEr3dlKeMDTj9jwB7mny8BY8lmIsPjWLl1s0wW+IST4Z4ax2t5eDvFDwtgtHy t9b2VNjEizaTBrp88r7T =iVJy -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] Using the bin/daemon.sh script on ubuntu.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Christian On 8/1/13 11:55 AM, Christian Schneider wrote: On our (AWS) installation we have limited space on /opt, therefore we attached an EBS volume to /var/, - otherwise we would get problems with the log files. Now it can grow above some GB. Have you thought about using /mnt/ephemeral[0-9]? Our instances have ~1TiB in combined ephemeral storage available per instance. I'm sure it depends upon the instance type, though. Remember that terminating the instance loses the ephemeral data.. that's what makes it ... ephemeral. Just remember to copy what you need back to an EBS-backed storage volume before you terminate. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJR/HlFAAoJEBzwKT+lPKRYXJ8P/j3ouG9axBAGB5SvTV7VHImf JzFOZr37S5Dv/3jerxe/w7prBc713efM/8MDIPJ1ccmNRxbsfB+Q2xvHIhxvKA4m 30HYsdGL08zjx9skyUaoSBLP9EU0FA5if3FhvGMeyhp5uwqZSL9SlBtBOZI03DDg EiLi1qUP6MQ4MqZDIPTY1To0zA4Jwn3not3rclGGPDLcdffoEXSr495jbfFS8Hg0 2eRpS0jQF82G6W9iDb8PqvouEdnIRGwWbh2bDVthp72n3ykwM0TZObC574c10JsR 2Dkno5Qs9nwr92aonCYCIJmXSWo+OETV5nVDqWViZfTqXuN+Ewd+vWgyW3XOA/Kr hwIhsVfql3Ay9XD/oAA2kFzgleTWkY0z/TLckFBoWzzQUnCcQsE+aoSzJ7K2UbGF DPtoSicgNpByQjo1jR/OJYIpfx4o0T864t5V2c0z4sBRd6kQDxr370A12enzbL7t lWD+Xwk+pTrX3fS9DDwYC2LVYBb7UBhA85wj1dtlBE5TBoRGJ4QZprceZM0QXM2i LQF9lt2YGGCwR0DinV1RRExMZEcPiDpfkxBA5WRzV82roKPKPniYifyl6pd7nlzj HguCAm7AHgwFhj3Zju32VBEsahMipvf50PjWgWoIA9UuCuLs1wzC7ave87yQvf91 RGuhap359f8Ej2WWLcag =UO6k -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: users Digest 3 Aug 2013 03:00:27 -0000 Issue 11464
Yeah, i'll bet y'all are users. Sent from Yahoo! Mail on Android
Re: libapr-1.so.0 not deployed for Tomcat 7
Thanks Chris I installed the APR with --prefix=/apps/mstrat/apache/apr-1.4.8 The tomcat native configure had this parameter '--with-apr=/apps/mstrat/apache/apr-1.4.8' , so if it's building libtcnative i would expected it pick the libapr-1.so.0 from this apr folder just to be sure that the libtcnative and libapr in the deployed catalina lib folder are on the same page. I however noted your point (and valid) and will copy the libapr from APR lib manually to catalina lib Thanks again, -sri From: Christopher Schultz ch...@christopherschultz.net To: Tomcat Users List users@tomcat.apache.org Sent: Friday, August 2, 2013 11:06 PM Subject: Re: libapr-1.so.0 not deployed for Tomcat 7 -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 srinivas, On 8/2/13 10:51 PM, srinivas yelamanchili wrote: Hi, I built APR 1.4.8 from source code as non-root user on redhat linux and deployed to /apps/mstrat/apache/apr-1.4.8 Installed Tomcat 7.0.42 at /apps/mstrat/apache-tomcat-7.0.42 by untar the .tar.gz file The Tomcat lib folder doesn't have libapr-1.so.0 I compiled the tomcat native library 1.1.27 as below ./configure --with-apr=/apps/mstrat/apache/apr-1.4.8 \ --with-java-home=/apps/mstrat/java/jdk1.7.0_25 \ --with-ssl=/apps/mstrat/apache/openssl-1.0.1e \ --prefix=/apps/mstrat/apache-tomcat-7.0.42 make make install I see new libraries at /apps/mstrat/apache-tomcat-7.0.42/lib libtcnative-1.so.0.1.27 libtcnative-1.so.0 - libtcnative-1.so.0.1.27 libtcnative-1.so - libtcnative-1.so.0.1.27 libtcnative-1.la libtcnative-1.a but NOT libapr-1.so.0 libapr-1.so.0 and libapr-1.so.0.4.8 are available at APR install directory (/apps/mstrat/apache/apr-1.4.8/lib) When I start Tomcat, I see the following error in the log file catalina.out:java.lang.UnsatisfiedLinkError: /apps/mstrat/apache-tomcat-7.0.42/lib/libtcnative-1.so.0.1.27: libapr-1.so.0: cannot open shared object file: No such file or directory From tomcat lib folder strings libtcnative-1.so.0.1.27 | more | grep libapr libapr-1.so.0 On manually copying the libapr-1.so.0 from APR lib to Tomcat lib, the error is gone on tomcat restart Why doesn't Tomcat native library buildinstall deploy libapr-1.so.0 to the Tomcat lib folder or the Tomcat include this library by default? We cannot ask root user to install these software and I want to make Tomcat work as non-root user without installing any in global paths/libraries, so when we compile and deploy to our local folders I would expect it to work 'out of the box' It wouldn't be appropriate for tcnative to install software other than itself. For instance, I have libapr on my system already, so having the build scripts for tcnative copy the APR shared libraries from /usr/lib (where they are installed on my system) into CATALINA_HOME/lib is a mistake: they would eclipse the system-installed libraries. Note that your source distribution of APR should include a build script with an install target. If you have specified a prefix directory (like $CATALINA_HOME) then you should be able to make install and have it but the binary libraries into $CATALINA_HOME/lib ps : sorry about earlier post, I used 'reply' to an existing thread and overwrote the subject and content with my topic, without realizing it was still 'chained' to the original thread It's a common mistake and often only noticed by readers who have threading properly configured in their email readers (as I do). Don't feel bad. There are several problems with hijacking threads in this way, the two most irritating are: 1. It often truly hijacks the thread and nobody will answer the original question because it's been lost in the shuffle 2. The (properly-threaded) mailing list archives will show your question as a reply to some unrelated topic, and it will be more difficult to find (and pollute the original thread in the archives, just as in #1). Next time, just click New Message instead of Reply. No big deal. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJR/HPNAAoJEBzwKT+lPKRYRBUP/1CGoBk4XxTTePkQPFhPAtHm Cg1cSQsCNGYYc6DSpVF3t7RtLLof/Et+iGKACW9I8E/JVDLzvdq/qB5yT540CgjL Y7vt1ihwBWYrkpKtR9FJw1q+S/fmtFfBxu0qapoaI3W4ugj4BfHswJBDZLUa3JU4 dCwB3QodMrvsSXjPAMsiuzqWvY/bsMTrRtpZcSmu2EGtOco4FOO4aF9kzJBYitYN Fk9VBLzQOF9VqbAfJFsSWXbbyawCyDK741zsLLYJYWQHPYvAVQmklPpc4iWYl9ZO tOrQLBRIqXsX9J9NTsP1CJ82HGoaeMSwEji6bUqEcCBrCorD235Ud4PKeonBCUeM uuBp6NIjhTvvHykdDmL7Em1Cmq+JwwVMSCvTOOjLvfcbfUGfoRr5tVGB7BxRThwA TZZxSXEbuGEKbSnGdgH/N4V/joeYRKGqpOkW+dVDuoRG2aDbQiqUKCl83YWh+V9K /KBXKqBfxg132y1lLYcjEG0gXoP4p+nQfZWwrYfqYhZ+w2CYNmuSqgjvMxHKGHl0 n3RWydi/o6+paOSyjT+oKDaF9Lp/XuRY5Mesw9/hTUH1A0UsdYVWHwHRSprpSvJr i04PrIi+KPR9J3IWRiilkEf8DSPuDkgeDhzDTcRnqgcw8jOlAiN2+UD4mUlQlVyc voKOn0FHNmT74UvV7dHR =k7kl -END PGP SIGNATURE-