JNDI realm Global Catalog question
I have multiple domain controllers, all of which are set to function as global
catalog servers.
Is it possible to put multiple alternateURL entires into your JNDIRealm
confiugration (see example below)?
Tomcat Version: 6.0.33 on Red Hat Enterprise Linux 5
--
Realm className=org.apache.catalina.realm.JNDIRealm
adCompat=true
connectionURL=ldaps://ldap1.my.domainname.com:3269
alternateURL=ldaps://ldap2.my.domainname.com:3269
alternateURL=ldaps://ldap3.my.domainname.com:3269
connectionName=u...@my.domain.com
connectionPassword=password
referrals=follow
userBase=CN=Users,dc=my,dc=domainname,dc=com
userSearch=(sAMAccountName={0})
userSubtree=true
userRoleName=memberOf
roleBase=CN=Users,dc=my,dc=domainname,dc=com
roleName=CN
roleSearch=(member={0})
roleNested=true
/
Neil Lazarow
Systems Engineer II
Email: neil.laza...@anico.com
Confidentiality: This transmission, including any attachments, is solely for
the use of the intended recipient(s). This transmission may contain information
that is confidential or otherwise protected from disclosure. The use or
disclosure of the information contained in this transmission, including any
attachments, for any purpose other than that intended by its transmittal is
strictly prohibited. Unauthorized interception of this email is a violation of
federal criminal law. If you are not an intended recipient of this
transmission, please immediately destroy all copies received and notify the
sender.
Re: Locating WebAppConfig file in embedded tomcat
Am 2015-04-28 12:10, schrieb benrog:
Hi
we use an embedded Tomcat and are trying to update from version 7.0.40
to
7.0.61. The the embedded tomcat instance starts up fine and our webapp
is
also running. However we get the following warning:
Apr 28, 2015 8:58:58 AM org.apache.catalina.startup.Tomcat
getWebappConfigFileFromJar
WARNING: Unable to determine web application context.xml webapp-name
java.io.FileNotFoundException: webapp-name (System cannot find file)
at java.util.zip.ZipFile.open(Native Method)
at java.util.zip.ZipFile.init(ZipFile.java:215)
at java.util.zip.ZipFile.init(ZipFile.java:145)
at java.util.jar.JarFile.init(JarFile.java:153)
at java.util.jar.JarFile.init(JarFile.java:117)
at
org.apache.catalina.startup.Tomcat.getWebappConfigFileFromJa
r(Tomcat.java:1162)
at
org.apache.catalina.startup.Tomcat.getWebappConfigFile(Tomca
t.java:1140)
at
org.apache.catalina.startup.Tomcat.addWebapp(Tomcat.java:543)
at
org.apache.catalina.startup.Tomcat.addWebapp(Tomcat.java:524)
at
org.apache.catalina.startup.Tomcat.addWebapp(Tomcat.java:206)
(Notice, that webapp-name is not the actual name and System cannot
find
file is a translation of the original German message)
Our start-up process looks like this:
this.tomcat = new Tomcat();
this.tomcat.setBaseDir(.);
this.tomcat.getHost().setAutoDeploy(false);
this.tomcat.getHost().setDeployOnStartup(false);
this.tomcat.setPort(port);
final StandardContext webAppCtx = (StandardContext)
this.tomcat.addWebapp(/weppapp-name, webapp-name);
Here parameters should be context and the base path
The directory structure looks like this, while working directory is
Application-Home: /Application-Home/webapps/webapp-name
We noticed that in
Tomcat.getWebappConfigFileFromJar(Tomcat.java:1162),
there is the following code:
protected URL getWebappConfigFile(String path, String url) {
File docBase = new File(path);
if (docBase.isDirectory()) {
return getWebappConfigFileFromDirectory(docBase, url);
} else {
return getWebappConfigFileFromJar(docBase, url);
}
}
The parameter path is webapp-name and the parameter url is
/webapp-name. With the working dir being Application-Home, new
File(path) will resolve to /Application-Home/webapp-name, which does
not exist. Hence, Tomcat is proceeding to load the config file from a
jar
file, which leads to the warning mentioned above.
My questions are:
- What are the correct parameters for Tomcat.addWebapp(String
contextPath,
String docBase)?
first parameter is the context of your web app and the 2nd parameter is
the
base directory/absolute path
Using the absolute path did the trick. The following code does not
produce a warning anymore and the context.xml is attempted to be loaded
from a directory and not a jar file:
final StandardContext webAppCtx = (StandardContext)
this.tomcat.addWebapp(/webapp-name,
Paths.get(this.tomcat.getHost().getAppBase(),
webapp-name).toAbsolutePath().toString());
- Is there a special working directory expected, while using an
embedded
Tomcat?
2015-04-28 15:06 GMT+05:30 Benjamin Rogge tom...@benjamin-rogge.de:
Hello,
we use an embedded Tomcat and are trying to update from version 7.0.40
to
7.0.61. The the embedded tomcat instance starts up fine and our webapp
is
also running. However we get the following warning:
Apr 28, 2015 8:58:58 AM org.apache.catalina.startup.Tomcat
getWebappConfigFileFromJar
WARNING: Unable to determine web application context.xml webapp-name
java.io.FileNotFoundException: webapp-name (System cannot find file)
at java.util.zip.ZipFile.open(Native Method)
at java.util.zip.ZipFile.init(ZipFile.java:215)
at java.util.zip.ZipFile.init(ZipFile.java:145)
at java.util.jar.JarFile.init(JarFile.java:153)
at java.util.jar.JarFile.init(JarFile.java:117)
at
org.apache.catalina.startup.Tomcat.getWebappConfigFileFromJar(Tomcat.java:1162)
at
org.apache.catalina.startup.Tomcat.getWebappConfigFile(Tomcat.java:1140)
at
org.apache.catalina.startup.Tomcat.addWebapp(Tomcat.java:543)
at
org.apache.catalina.startup.Tomcat.addWebapp(Tomcat.java:524)
at
org.apache.catalina.startup.Tomcat.addWebapp(Tomcat.java:206)
(Notice, that webapp-name is not the actual name and System cannot
find
file is a translation of the original German message)
Our start-up process looks like this:
this.tomcat = new Tomcat();
this.tomcat.setBaseDir(.);
this.tomcat.getHost().setAutoDeploy(false);
this.tomcat.getHost().setDeployOnStartup(false);
this.tomcat.setPort(port);
final StandardContext webAppCtx = (StandardContext)
this.tomcat.addWebapp(/weppapp-name, webapp-name);
The directory structure looks like this, while working directory is
Application-Home: /Application-Home/webapps/webapp-name
We noticed that in
RE: JNDI realm Global Catalog question
-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: Tuesday, April 28, 2015 10:12 AM
To: Tomcat Users List
Subject: Re: JNDI realm Global Catalog question
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Neil,
On 4/28/15 9:48 AM, Lazarow, Neil wrote:
I have multiple domain controllers, all of which are set to function
as global catalog servers.
Is it possible to put multiple alternateURL entires into your
JNDIRealm confiugration (see example below)?
Tomcat Version: 6.0.33 on Red Hat Enterprise Linux 5
-- Realm
className=org.apache.catalina.realm.JNDIRealm adCompat=true
connectionURL=ldaps://ldap1.my.domainname.com:3269
alternateURL=ldaps://ldap2.my.domainname.com:3269
alternateURL=ldaps://ldap3.my.domainname.com:3269
connectionName=u...@my.domain.com connectionPassword=password
referrals=follow userBase=CN=Users,dc=my,dc=domainname,dc=com
userSearch=(sAMAccountName={0}) userSubtree=true
userRoleName=memberOf
roleBase=CN=Users,dc=my,dc=domainname,dc=com roleName=CN
roleSearch=(member={0}) roleNested=true /
I don't think this is currently supported, but it would be a nice enhancement.
Could you make a request in Bugzilla? http://bz.apache.org/
In the meantime, you might be able to get away with a configuration like this:
Realm className=org.apache.catalina.realm.CombinedRealm
Realm className=org.apache.catalina.realm.JNDIRealm
connectionURL=ldaps://server-1
... /
Realm className=org.apache.catalina.realm.JNDIRealm
connectionURL=ldaps://server-2
... /
Realm className=org.apache.catalina.realm.JNDIRealm
connectionURL=ldaps://server-3
... /
/Realm
The timeouts you'll experience to fail-over from one server to the other might
not be acceptable for you, though.
- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJVP6M7AAoJEBzwKT+lPKRY1H8P/3wVz99mL4m0imxfUjAm/9XQ
2fYdeigii7hzDw0tvJKLZ5jh+wMz2xoqI47CD1b0P/Nl+zQHK7AqwT0GbMidZMN5
+bEHLS66zKfVF+tWoIq1RlvPi78vI1Hzp9dvmlxzp/NOJs8Fm2zeAbPiDkXB48d5
vqA38m/ZBRQemA0DhsxPmnjvavGvX+ifZ9mpfZryLyQYxTEQqm4Ay2Gu+LkkFilb
s/iRxZEJzvIJKxXpr9MyMBwv8DXHwG9EhhDWrZ+cmbvP18jruSRZyPdwQsf1N8vu
jPX+dd5eo9ffDJKT6GjkzNMWLh0S6srZO6HMWMI4YCb2F/z/nB07GcsEd0PDnWl9
JFuEVNhL07fdlJ31rzZ+OksDGae7+r0Jnur2DIOfAMWRKMmQWrQWXAoYm1uck5ra
lvFaQEhlRpV8GAUUmYkf3LPvQGjG+yEINNhJu9OXSX4+pyxvF1Oa0wUbWRFa0aoH
FIfh22ApBsk5KEhPFTVFFQCIoh/yKGS4YDhNlm48606h7SERclz5m50Cicv03vFv
glIdrrXVL4Idbkrl7jON11CB9oZjK0//ODT4bjF7E3kSyN1DM5uBFxzpiaVIIKiO
tzeXubcZ/DYf1Qtt+t0yO66jjkr0uei1i2uPHQgS7kJq41jSmqfg2tewWrDkiRSe
l7hQL8S+t9zWdYmiUdG+
=3lwQ
-END PGP SIGNATURE-
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---
Chris,
This is what I suspected. I looked through a bunch of documentation
before
sending this question out, and found nothing. Thanks for your answer.
Neil
Confidentiality: This transmission, including any attachments, is solely for
the use of the intended recipient(s). This transmission may contain information
that is confidential or otherwise protected from disclosure. The use or
disclosure of the information contained in this transmission, including any
attachments, for any purpose other than that intended by its transmittal is
strictly prohibited. Unauthorized interception of this email is a violation of
federal criminal law. If you are not an intended recipient of this
transmission, please immediately destroy all copies received and notify the
sender.
Re: JNDI realm Global Catalog question
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Neil,
On 4/28/15 9:48 AM, Lazarow, Neil wrote:
I have multiple domain controllers, all of which are set to
function as global catalog servers.
Is it possible to put multiple alternateURL entires into your
JNDIRealm confiugration (see example below)?
Tomcat Version: 6.0.33 on Red Hat Enterprise Linux 5
-- Realm
className=org.apache.catalina.realm.JNDIRealm adCompat=true
connectionURL=ldaps://ldap1.my.domainname.com:3269
alternateURL=ldaps://ldap2.my.domainname.com:3269
alternateURL=ldaps://ldap3.my.domainname.com:3269
connectionName=u...@my.domain.com connectionPassword=password
referrals=follow userBase=CN=Users,dc=my,dc=domainname,dc=com
userSearch=(sAMAccountName={0}) userSubtree=true
userRoleName=memberOf
roleBase=CN=Users,dc=my,dc=domainname,dc=com roleName=CN
roleSearch=(member={0}) roleNested=true /
I don't think this is currently supported, but it would be a nice
enhancement. Could you make a request in Bugzilla? http://bz.apache.org/
In the meantime, you might be able to get away with a configuration
like this:
Realm className=org.apache.catalina.realm.CombinedRealm
Realm className=org.apache.catalina.realm.JNDIRealm
connectionURL=ldaps://server-1
... /
Realm className=org.apache.catalina.realm.JNDIRealm
connectionURL=ldaps://server-2
... /
Realm className=org.apache.catalina.realm.JNDIRealm
connectionURL=ldaps://server-3
... /
/Realm
The timeouts you'll experience to fail-over from one server to the
other might not be acceptable for you, though.
- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJVP6M7AAoJEBzwKT+lPKRY1H8P/3wVz99mL4m0imxfUjAm/9XQ
2fYdeigii7hzDw0tvJKLZ5jh+wMz2xoqI47CD1b0P/Nl+zQHK7AqwT0GbMidZMN5
+bEHLS66zKfVF+tWoIq1RlvPi78vI1Hzp9dvmlxzp/NOJs8Fm2zeAbPiDkXB48d5
vqA38m/ZBRQemA0DhsxPmnjvavGvX+ifZ9mpfZryLyQYxTEQqm4Ay2Gu+LkkFilb
s/iRxZEJzvIJKxXpr9MyMBwv8DXHwG9EhhDWrZ+cmbvP18jruSRZyPdwQsf1N8vu
jPX+dd5eo9ffDJKT6GjkzNMWLh0S6srZO6HMWMI4YCb2F/z/nB07GcsEd0PDnWl9
JFuEVNhL07fdlJ31rzZ+OksDGae7+r0Jnur2DIOfAMWRKMmQWrQWXAoYm1uck5ra
lvFaQEhlRpV8GAUUmYkf3LPvQGjG+yEINNhJu9OXSX4+pyxvF1Oa0wUbWRFa0aoH
FIfh22ApBsk5KEhPFTVFFQCIoh/yKGS4YDhNlm48606h7SERclz5m50Cicv03vFv
glIdrrXVL4Idbkrl7jON11CB9oZjK0//ODT4bjF7E3kSyN1DM5uBFxzpiaVIIKiO
tzeXubcZ/DYf1Qtt+t0yO66jjkr0uei1i2uPHQgS7kJq41jSmqfg2tewWrDkiRSe
l7hQL8S+t9zWdYmiUdG+
=3lwQ
-END PGP SIGNATURE-
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: JNDI realm Global Catalog question
Am 28. April 2015 17:11:55 MESZ, schrieb Christopher Schultz
ch...@christopherschultz.net:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Neil,
On 4/28/15 9:48 AM, Lazarow, Neil wrote:
I have multiple domain controllers, all of which are set to
function as global catalog servers.
Is it possible to put multiple alternateURL entires into your
JNDIRealm confiugration (see example below)?
Tomcat Version: 6.0.33 on Red Hat Enterprise Linux 5
-- Realm
className=org.apache.catalina.realm.JNDIRealm adCompat=true
connectionURL=ldaps://ldap1.my.domainname.com:3269
alternateURL=ldaps://ldap2.my.domainname.com:3269
alternateURL=ldaps://ldap3.my.domainname.com:3269
connectionName=u...@my.domain.com connectionPassword=password
referrals=follow userBase=CN=Users,dc=my,dc=domainname,dc=com
userSearch=(sAMAccountName={0}) userSubtree=true
userRoleName=memberOf
roleBase=CN=Users,dc=my,dc=domainname,dc=com roleName=CN
roleSearch=(member={0}) roleNested=true /
I don't think this is currently supported, but it would be a nice
enhancement. Could you make a request in Bugzilla?
http://bz.apache.org/
In the meantime, you might be able to get away with a configuration
like this:
Realm className=org.apache.catalina.realm.CombinedRealm
Realm className=org.apache.catalina.realm.JNDIRealm
connectionURL=ldaps://server-1
... /
Realm className=org.apache.catalina.realm.JNDIRealm
connectionURL=ldaps://server-2
... /
Realm className=org.apache.catalina.realm.JNDIRealm
connectionURL=ldaps://server-3
... /
/Realm
You could even try to set connectionURL to all servers at once separated by
space. I believe jndi supports this. That would be something like
connectionURL=ldaps://one ldaps://two ldaps://three
I haven't tested it, though.
Regards
Felix
The timeouts you'll experience to fail-over from one server to the
other might not be acceptable for you, though.
- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJVP6M7AAoJEBzwKT+lPKRY1H8P/3wVz99mL4m0imxfUjAm/9XQ
2fYdeigii7hzDw0tvJKLZ5jh+wMz2xoqI47CD1b0P/Nl+zQHK7AqwT0GbMidZMN5
+bEHLS66zKfVF+tWoIq1RlvPi78vI1Hzp9dvmlxzp/NOJs8Fm2zeAbPiDkXB48d5
vqA38m/ZBRQemA0DhsxPmnjvavGvX+ifZ9mpfZryLyQYxTEQqm4Ay2Gu+LkkFilb
s/iRxZEJzvIJKxXpr9MyMBwv8DXHwG9EhhDWrZ+cmbvP18jruSRZyPdwQsf1N8vu
jPX+dd5eo9ffDJKT6GjkzNMWLh0S6srZO6HMWMI4YCb2F/z/nB07GcsEd0PDnWl9
JFuEVNhL07fdlJ31rzZ+OksDGae7+r0Jnur2DIOfAMWRKMmQWrQWXAoYm1uck5ra
lvFaQEhlRpV8GAUUmYkf3LPvQGjG+yEINNhJu9OXSX4+pyxvF1Oa0wUbWRFa0aoH
FIfh22ApBsk5KEhPFTVFFQCIoh/yKGS4YDhNlm48606h7SERclz5m50Cicv03vFv
glIdrrXVL4Idbkrl7jON11CB9oZjK0//ODT4bjF7E3kSyN1DM5uBFxzpiaVIIKiO
tzeXubcZ/DYf1Qtt+t0yO66jjkr0uei1i2uPHQgS7kJq41jSmqfg2tewWrDkiRSe
l7hQL8S+t9zWdYmiUdG+
=3lwQ
-END PGP SIGNATURE-
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: how to convert https to http by using mod_jk
chenk818 wrote: Hi Warnier: Thank you for your reply??I always thought there was AJPs,now I understood?? but there's another question: In configuration 7, if the backend tomcat provide both http and https,which protocal will be used?Is it determined by httpd's protocol? Take a look at the standard Tomcat server.xml configuration file. There are 3 Connector defined there (2 are commented-out). Each of these Connectors accepts connections (and requests) for one protocol. It is the client which chooses to which port (Connector) it connects. In a configuration like browser - HTTP - Apache httpd + mod_jk - AJP - Tomcat AJP Connector - Tomcat webapp the Tomcat client is Apache httpd + mod_jk. It is thus Apache httpd + mod_jk which chooses to which port of Tomcat it connects (by default, 8009), and which protocol it uses (in this case, always AJP). (Look at the settings for mod_jk, in Apache). In a configuration like browser - HTTP/HTTPS - Apache httpd + mod_proxy_ajp - AJP - Tomcat AJP Connector - Tomcat webapp the Tomcat client is Apache httpd + mod_proxy_ajp. It is thus Apache httpd + mod_proxy_ajp which chooses to which port of Tomcat it connects (by default, 8009), and which protocol it uses (in this case also, always AJP). (Look at the settings for mod_proxy_ajp, in Apache). Imagine this analogy : There is a company in Germany which makes motorbikes and sells them to clients in the whole world. The factory is in Germany, and there are the workers making the motorbikes. The workers speak only German. For international clients to call, there are 3 telephone numbers : - on telephone number 8080, there is a lady speaking English and German - on telephone number 8443, there is a lady speaking Chinese and German - on telephone number 8009, there is a lady speaking Italian and German Each of these ladies can take a call in the language that she knows, and translate the customer wishes to German, for the factory workers. If a Chinese client calls on number 8009, the lady there will not understand what he says, and he will get no motorbike. But if he calls the number 8443, the lady will understand him; she will relay his order properly to the factory, in German; and the client will get his motorbike. The factory is Tomcat; the factory workers are the webapps; the ladies are the Connector's; the Connector ladies translate the customer calls from their language (HTTP, HTTPS or AJP) into a HttpServletRequest that the webapps understand. The factory workers do not need to speak English (HTTP), Chinese (HTTPS) or Italian (AJP), because they always get the requests in German (HttpServletRequest), as translated by the appropriate Connector. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Re: how to convert https to http by using mod_jk
I got it,thank you very much。 chenk...@126.com ?From:?André WarnierDate:?2015-04-28?16:46To:?Tomcat Users ListSubject:?Re: how to convert https to http by using mod_jkchenk818 wrote: Hi Warnier: Thank you for your reply。I always thought there was AJPs,now I understood。 but there's another question: In configuration 7, if the backend tomcat provide both http and https,which protocal will be used?Is it determined by httpd's protocol? ? Take a look at the standard Tomcat server.xml configuration file. There are 3 Connector defined there (2 are commented-out).? Each of these Connectors accepts connections (and requests) for one protocol. It is the client which chooses to which port (Connector) it connects. ? In a configuration like ? browser - HTTP - Apache httpd + mod_jk - AJP - Tomcat AJP Connector - Tomcat webapp ? the Tomcat client is Apache httpd + mod_jk. It is thus Apache httpd + mod_jk which chooses to which port of Tomcat it connects (by default, 8009), and which protocol it uses (in this case, always AJP). (Look at the settings for mod_jk, in Apache). ? In a configuration like ? browser - HTTP/HTTPS - Apache httpd + mod_proxy_ajp - AJP - Tomcat AJP Connector - Tomcat webapp ? the Tomcat client is Apache httpd + mod_proxy_ajp. It is thus Apache httpd + mod_proxy_ajp which chooses to which port of Tomcat it connects (by default, 8009), and which protocol it uses (in this case also, always AJP). (Look at the settings for mod_proxy_ajp, in Apache). ? Imagine this analogy : ? There is a company in Germany which makes motorbikes and sells them to clients in the whole world.? The factory is in Germany, and there are the workers making the motorbikes. The workers speak only German. ? For international clients to call, there are 3 telephone numbers : - on telephone number 8080, there is a lady speaking English and German - on telephone number 8443, there is a lady speaking Chinese and German - on telephone number 8009, there is a lady speaking Italian and German ? Each of these ladies can take a call in the language that she knows, and translate the customer wishes to German, for the factory workers. ? If a Chinese client calls on number 8009, the lady there will not understand what he says, and he will get no motorbike.? But if he calls the number 8443, the lady will understand him; she will relay his order properly to the factory, in German; and the client will get his motorbike. ? The factory is Tomcat; the factory workers are the webapps; the ladies are the Connector's; the Connector ladies translate the customer calls from their language (HTTP, HTTPS or AJP) into a HttpServletRequest that the webapps understand. The factory workers do not need to speak English (HTTP), Chinese (HTTPS) or Italian (AJP), because they always get the requests in German (HttpServletRequest), as translated by the appropriate Connector. ? ? ? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org ?
Re: users Digest 27 Apr 2015 09:53:19 -0000 Issue 12222
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jian (Replying to both you and the list) On 4/28/15 1:52 PM, Jian Wu wrote: I don't know how to reply to my question directly because I subscribed to the digest mail list. I'm not sure, either. I suspect that replying to the digest message will reach the list. What you did was okay, too. Consider joining the real-time mailing list. You can always throw the messages into a folder so they don't choke-up your inbox. First, thank you very much for replying to my question. To clarify my question, the load balancer, and three web servers are on different virtual machines. I use heartbeat-ldirectord for loading balancing, and Tomcat to deploy my web application (not httpd). --- virtual machine1 (tomcat instance 1) | -- load balancer --- virtual machine 2 (tomcat instance 2) | --- virtual machine 3 (tomcat instance 3) All the three Tomcat instances are the same. Okay, this is good information. I know 2000 is a lot, but our site receives more than 2 million hits per day (including crawlers), and sometimes, it is easy to reach to the default value, which makes server unreachable. That is why we set it to 2000. But even though, sometimes, this limit was reached. I don't know why. The BRecv and BSend are stats shown by Tomcat manager under Server Status. To be more clear, I attach a screen shot. [The screenshot just shows a sample of threads on the lb. Also includes this text: Max threads: 1000 Current thread count: 228 Current thread busy: 42 Keeped alive sockets count: 1 Max processing time: 3453257ms Processing time: 2726939.0s Request count: 62453 Error count: 14423 Bytes received: 0.27 MB Bytes sent: 51310.35 MB] What do those values represent? The stats on the lb? Or the stats on a single (or multiple) Tomcat instance? I also send you the Connectors section in my server.xml file (same for all Tomcat instances). Connector port=8080 protocol=org.apache.coyote.http11.Http11NioProtocol connectionTimeout=2 redirectPort=8443 maxThreads=1500/ You said that you had maxThreads=2000 but it's set to 1500 here. - From the screenshot, it looks like maxThread=1000. Can you clarify the mismatch between these three values? What is your peak load, in terms of simultaneous connections? How is the lb deciding whether a node is available, and how to distribute load? With a completely even load, 2M requests per day is only ~1400 req/sec, and you have the capacity to handle 4500 simultaneous requests (3 * 1500, as configured above). What is your average response rate? IF you can respond within 1000ms, then you should be able to handle that amount of load without a problem. Now... if you have bursty-load -- which is usually the case -- it's important to know what the maximum you can expect might be. For instance, perhaps you get all 2M of those requests during regular business hours in your time zone. That means that you will be handling ~4200 req/sec. Under that kind of load, can you still respond within 1000ms? You still have enough threads to handle that load, but if they can't respond fast enough, you'll slow down to a halt. The nice thing about Nio is that it can accept lots of connections and only allocate a processing thread once the request line and headers have been read. But, if you accept too many requests, you can make it hard to process the load. So the first thing I'd like to know if whether your 3-node cluster is capable of handling the load you actually have. If so, you ought to be able to configure it appropriately. If not, no amount of configuration is going to fix your problem. As for configuration, I have a few suggestions: 1. The default maxConnections for the NIO connector is 1, which might be too low for you. 2. If your lb can use HTTP KeepAlive with the backend Tomcat instances, you'll probably improve your performance. 3. Especially if you have multiple Connectors (but even if you don't), you might want to consider using an Executor: Connector executor=myExecutor ... /? Executor name=myExecutor namePrefix=catalina-exec- maxThreads=1500 minSpareThreads=500 / If you have more than one Connector you can share the Executor between them. This will allow you to use fewer threads to handle your load, rather than having 1500 threads available for one Connector and some other (possibly large) number of threads for another Connector . Now, if you want to have an administrative Connector that can't be starved by regular requests, then you'll want to use a separate Executor. 4. Your connectionTimeout is 2 which is a looong time. For a high-volume site, you should probably lower that value. The load-balancer shouldn't be connecting to you and then not doing anything: it should be sending the request pretty much immediately. So, consider lowering that timeout a bit. If you are using HTTP KeepAlive, then it *does* make sense to have a long timeout, because the lb will have
Locating WebAppConfig file in embedded tomcat
Hello,
we use an embedded Tomcat and are trying to update from version 7.0.40
to 7.0.61. The the embedded tomcat instance starts up fine and our
webapp is also running. However we get the following warning:
Apr 28, 2015 8:58:58 AM org.apache.catalina.startup.Tomcat
getWebappConfigFileFromJar
WARNING: Unable to determine web application context.xml webapp-name
java.io.FileNotFoundException: webapp-name (System cannot find file)
at java.util.zip.ZipFile.open(Native Method)
at java.util.zip.ZipFile.init(ZipFile.java:215)
at java.util.zip.ZipFile.init(ZipFile.java:145)
at java.util.jar.JarFile.init(JarFile.java:153)
at java.util.jar.JarFile.init(JarFile.java:117)
at
org.apache.catalina.startup.Tomcat.getWebappConfigFileFromJar(Tomcat.java:1162)
at
org.apache.catalina.startup.Tomcat.getWebappConfigFile(Tomcat.java:1140)
at org.apache.catalina.startup.Tomcat.addWebapp(Tomcat.java:543)
at org.apache.catalina.startup.Tomcat.addWebapp(Tomcat.java:524)
at org.apache.catalina.startup.Tomcat.addWebapp(Tomcat.java:206)
(Notice, that webapp-name is not the actual name and System cannot
find file is a translation of the original German message)
Our start-up process looks like this:
this.tomcat = new Tomcat();
this.tomcat.setBaseDir(.);
this.tomcat.getHost().setAutoDeploy(false);
this.tomcat.getHost().setDeployOnStartup(false);
this.tomcat.setPort(port);
final StandardContext webAppCtx = (StandardContext)
this.tomcat.addWebapp(/weppapp-name, webapp-name);
The directory structure looks like this, while working directory is
Application-Home: /Application-Home/webapps/webapp-name
We noticed that in Tomcat.getWebappConfigFileFromJar(Tomcat.java:1162),
there is the following code:
protected URL getWebappConfigFile(String path, String url) {
File docBase = new File(path);
if (docBase.isDirectory()) {
return getWebappConfigFileFromDirectory(docBase, url);
} else {
return getWebappConfigFileFromJar(docBase, url);
}
}
The parameter path is webapp-name and the parameter url is
/webapp-name. With the working dir being Application-Home, new
File(path) will resolve to /Application-Home/webapp-name, which does
not exist. Hence, Tomcat is proceeding to load the config file from a
jar file, which leads to the warning mentioned above.
My questions are:
- What are the correct parameters for Tomcat.addWebapp(String
contextPath, String docBase)?
- Is there a special working directory expected, while using an embedded
Tomcat?
Thanks in advance for any support,
Benjamin Rogge
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Locating WebAppConfig file in embedded tomcat
Hi
we use an embedded Tomcat and are trying to update from version 7.0.40 to
7.0.61. The the embedded tomcat instance starts up fine and our webapp is
also running. However we get the following warning:
Apr 28, 2015 8:58:58 AM org.apache.catalina.startup.Tomcat
getWebappConfigFileFromJar
WARNING: Unable to determine web application context.xml webapp-name
java.io.FileNotFoundException: webapp-name (System cannot find file)
at java.util.zip.ZipFile.open(Native Method)
at java.util.zip.ZipFile.init(ZipFile.java:215)
at java.util.zip.ZipFile.init(ZipFile.java:145)
at java.util.jar.JarFile.init(JarFile.java:153)
at java.util.jar.JarFile.init(JarFile.java:117)
at org.apache.catalina.startup.Tomcat.getWebappConfigFileFromJa
r(Tomcat.java:1162)
at org.apache.catalina.startup.Tomcat.getWebappConfigFile(Tomca
t.java:1140)
at org.apache.catalina.startup.Tomcat.addWebapp(Tomcat.java:543)
at org.apache.catalina.startup.Tomcat.addWebapp(Tomcat.java:524)
at org.apache.catalina.startup.Tomcat.addWebapp(Tomcat.java:206)
(Notice, that webapp-name is not the actual name and System cannot find
file is a translation of the original German message)
Our start-up process looks like this:
this.tomcat = new Tomcat();
this.tomcat.setBaseDir(.);
this.tomcat.getHost().setAutoDeploy(false);
this.tomcat.getHost().setDeployOnStartup(false);
this.tomcat.setPort(port);
final StandardContext webAppCtx = (StandardContext)
this.tomcat.addWebapp(/weppapp-name, webapp-name);
Here parameters should be context and the base path
The directory structure looks like this, while working directory is
Application-Home: /Application-Home/webapps/webapp-name
We noticed that in Tomcat.getWebappConfigFileFromJar(Tomcat.java:1162),
there is the following code:
protected URL getWebappConfigFile(String path, String url) {
File docBase = new File(path);
if (docBase.isDirectory()) {
return getWebappConfigFileFromDirectory(docBase, url);
} else {
return getWebappConfigFileFromJar(docBase, url);
}
}
The parameter path is webapp-name and the parameter url is
/webapp-name. With the working dir being Application-Home, new
File(path) will resolve to /Application-Home/webapp-name, which does
not exist. Hence, Tomcat is proceeding to load the config file from a jar
file, which leads to the warning mentioned above.
My questions are:
- What are the correct parameters for Tomcat.addWebapp(String contextPath,
String docBase)?
first parameter is the context of your web app and the 2nd parameter is the
base directory/absolute path
- Is there a special working directory expected, while using an embedded
Tomcat?
2015-04-28 15:06 GMT+05:30 Benjamin Rogge tom...@benjamin-rogge.de:
Hello,
we use an embedded Tomcat and are trying to update from version 7.0.40 to
7.0.61. The the embedded tomcat instance starts up fine and our webapp is
also running. However we get the following warning:
Apr 28, 2015 8:58:58 AM org.apache.catalina.startup.Tomcat
getWebappConfigFileFromJar
WARNING: Unable to determine web application context.xml webapp-name
java.io.FileNotFoundException: webapp-name (System cannot find file)
at java.util.zip.ZipFile.open(Native Method)
at java.util.zip.ZipFile.init(ZipFile.java:215)
at java.util.zip.ZipFile.init(ZipFile.java:145)
at java.util.jar.JarFile.init(JarFile.java:153)
at java.util.jar.JarFile.init(JarFile.java:117)
at
org.apache.catalina.startup.Tomcat.getWebappConfigFileFromJar(Tomcat.java:1162)
at
org.apache.catalina.startup.Tomcat.getWebappConfigFile(Tomcat.java:1140)
at org.apache.catalina.startup.Tomcat.addWebapp(Tomcat.java:543)
at org.apache.catalina.startup.Tomcat.addWebapp(Tomcat.java:524)
at org.apache.catalina.startup.Tomcat.addWebapp(Tomcat.java:206)
(Notice, that webapp-name is not the actual name and System cannot find
file is a translation of the original German message)
Our start-up process looks like this:
this.tomcat = new Tomcat();
this.tomcat.setBaseDir(.);
this.tomcat.getHost().setAutoDeploy(false);
this.tomcat.getHost().setDeployOnStartup(false);
this.tomcat.setPort(port);
final StandardContext webAppCtx = (StandardContext)
this.tomcat.addWebapp(/weppapp-name, webapp-name);
The directory structure looks like this, while working directory is
Application-Home: /Application-Home/webapps/webapp-name
We noticed that in Tomcat.getWebappConfigFileFromJar(Tomcat.java:1162),
there is the following code:
protected URL getWebappConfigFile(String path, String url) {
File docBase = new File(path);
if (docBase.isDirectory()) {
return getWebappConfigFileFromDirectory(docBase, url);
} else {
return getWebappConfigFileFromJar(docBase, url);
}
}
The parameter path is
