Re: Form authentication with Tomcat 7.0.63 behind Apache HTTPD and mod_jk
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Konstantin, On 7/9/2015 10:39 PM, Konstantin Kolinko wrote: 2015-07-10 2:35 GMT+03:00 Mark Eggers its_toas...@yahoo.com.invalid: Folks, I seem to be having a problem trying to use form-based authentication. What worked in 7.0.62 no longer works in 7.0.63. Using 7.0.62 I can successfully authenticate in my toy application and the latest version of Jenkins. Using 7.0.63 I end up on the form error page in my toy application and the latest version of Jenkins. I've not changed any of the configuration files. I run Tomcat using $CATALINA_HOME and $CATALINA_BASE. To upgrade Tomcat, I just install a new version and move some links around. Here is a rundown of my environment: [] How it fails? (Steps, maybe also Access Log output) Steps to fail: Use the following architecture: Browser -- Apache HTTPD -- mod-jk -- Tomcat 7.0.63 -- Application 1. Access main page of application 2. Select the login link 3. Fill out the login form (username and password) 4. Click on the login button 5. Get the error login page Quick test with direct access to Tomcat and examples webapp = success. (http://localhost:8080/examples/jsp/security/protected/index.jsp) Possible areas to test: 1. httpd / mod_jk : Do you have failure with direct access to Tomcat ? No, direct access to Tomcat 7.0.63 on port 8080 works as expected. In other words: Browser -- Tomcat 7.0.63 -- Application works. 2. cookie / set-cookie headers e.g. see AccessLogValve configuration here: https://bz.apache.org/bugzilla/show_bug.cgi?id=57872#c0 Here's what I placed in the pattern attribute of the AccessLogValve (all one line): %a - - %t %m %U %H %s %B SessionId: %S Cookie received: %{cookie}i Set-Cookie sent: %{set-cookie}o Here's the log output in the following scenario: Browser -- Apache HTTPD -- mod-jk -- Tomcat 7.0.63 -- Application 192.168.0.250 - - [10/Jul/2015:01:19:39 -0700] GET /RPets HTTP/1.1 302 0 SessionId: - Cookie received: - Set-Cookie sent: - 192.168.0.250 - - [10/Jul/2015:01:19:39 -0700] GET /RPets/ HTTP/1.1 200 1595 SessionId: 38503E0B0A32A870DABE772453A5A553 Cookie received: JSESSIONID=38503E0B0A32A870DABE772453A5A553 Set-Cookie sent: - 192.168.0.250 - - [10/Jul/2015:01:19:43 -0700] GET /RPets/protected/personalize.jsp HTTP/1.1 304 0 SessionId: F1DCC3FDF2DD75F563A67430BA985287 Cookie received: JSESSIONID=38503E0B0A32A870DABE772453A5A553 Set-Cookie sent: JSESSIONID=F1DCC3FDF2DD75F563A67430BA985287; Path=/RPets/; HttpOnly 192.168.0.250 - - [10/Jul/2015:01:19:53 -0700] POST /RPets/protected/j_security_check HTTP/1.1 200 SessionId: F1DCC3FDF2DD75F563A67430BA985287 Cookie received: JSESSIONID=F1DCC3FDF2DD75F563A67430BA985287 Set-Cookie sent: - [ and the error page for a failed login is displayed ] Here's the log output in the following scenario: Browser -- Tomcat 7.0.63 -- Application 192.168.0.250 - - [10/Jul/2015:01:32:44 -0700] GET /RPets HTTP/1.1 302 0 SessionId: - Cookie received: - Set-Cookie sent: - 192.168.0.250 - - [10/Jul/2015:01:32:44 -0700] GET /RPets/ HTTP/1.1 200 1595 SessionId: F1DCC3FDF2DD75F563A67430BA985287 Cookie received: JSESSIONID=F1DCC3FDF2DD75F563A67430BA985287 Set-Cookie sent: - 192.168.0.250 - - [10/Jul/2015:01:32:47 -0700] GET /RPets/protected/personalize.jsp HTTP/1.1 200 1090 SessionId: 6E42788DECF5F96688EF7D51FC41EA0F Cookie received: JSESSIONID=F1DCC3FDF2DD75F563A67430BA985287 Set-Cookie sent: JSESSIONID=6E42788DECF5F96688EF7D51FC41EA0F; Path=/RPets/; HttpOnly 192.168.0.250 - - [10/Jul/2015:01:32:56 -0700] POST /RPets/protected/j_security_check HTTP/1.1 302 0 SessionId: 6E42788DECF5F96688EF7D51FC41EA0F Cookie received: JSESSIONID=6E42788DECF5F96688EF7D51FC41EA0F Set-Cookie sent: - 192.168.0.250 - - [10/Jul/2015:01:32:56 -0700] GET /RPets/protected/personalize.jsp HTTP/1.1 200 2405 SessionId: CC61312515FED5CF197475B41AA7B017 Cookie received: JSESSIONID=F1DCC3FDF2DD75F563A67430BA985287 Set-Cookie sent: JSESSIONID=CC61312515FED5CF197475B41AA7B017; Path=/RPets/; HttpOnly 192.168.0.250 - - [10/Jul/2015:01:32:57 -0700] GET /RPets/protected/css/pbasic.css HTTP/1.1 304 0 SessionId: CC61312515FED5CF197475B41AA7B017 Cookie received: JSESSIONID=CC61312515FED5CF197475B41AA7B017 Set-Cookie sent: - [ login succeeds and the personalize.jsp page is displayed ] Here's the log output in the following scenario: Browser -- Apache HTTPD -- mod-jk -- Tomcat 7.0.62 -- Application 192.168.0.250 - - [10/Jul/2015:01:54:24 -0700] GET /RPets HTTP/1.1 302 0 SessionId: - Cookie received: - Set-Cookie sent: - 192.168.0.250 - - [10/Jul/2015:01:54:25 -0700] GET /RPets/ HTTP/1.1 200 1595 SessionId: - Cookie received: - Set-Cookie sent: - 192.168.0.250 - - [10/Jul/2015:01:54:29 -0700] GET /RPets/protected/personalize.jsp HTTP/1.1 304 0 SessionId: 11AD7E9AE579C904277AB59A8DAC0F58 Cookie received: - Set-Cookie sent: JSESSIONID=11AD7E9AE579C904277AB59A8DAC0F58; Path=/RPets/; HttpOnly 192.168.0.250 - - [10/Jul/2015:01:54:38 -0700]
Double call to requestInitialized when forwarding for FORM auth
Hi. I have a problem with DeltaSpike Servlet module ( https://deltaspike.apache.org/documentation/servlet.html ) that seems to be caused by an incorrect behavior of Tomcat. The thread on DS mailiing list : http://mail-archives.apache.org/mod_mbox/deltaspike-users/201507.mbox/%3C559E1F24.40408%40senat.fr%3E I am using Tomcat 8.0.23 and it seems that requestInitialized is called twice when a forward is performed. In my case, this forward is performed because I am using container managed security with auth method set to FORM and Tomcat redirects to the login page. Is this behavior incorrect or should I propose a patch to DS ? Thanks in advance, Ludovic | | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT. |
Re: Tomcat unaware that connection has been dropped
In case someone has the same problem, here is what I got from Amazon: Thank you for contacting AWS support. The behavior you are seeing is due to the way ELB HTTP/S listeners work. When many client requests come in, the ELB will create a number of connections to the backend application server, and will pipeline the client requests over these connections. This is optimized for performance reasons, but the client requests are not mapped 1-to-1 to the backend request. This is why ELB does not notify Tomcat of a terminated client connection. If you would like to change this behavior and notify Tomcat of a client connection reset, you can change the listener type from HTTPS to SSL (Secure TCP). To do so, go to you ELB Listeners tab and hit Edit. When the listener is set to SSL TCP, all client connections to ELB are mapped 1-to-1 to the backend, and Tomcat will be notified if the client disconnects prematurely. This will not affect the behavior of the rest of your application and HTTPS client requests will continue to be processed, but ELB will not do the connection pipelining that is causing your issue. For more information on the difference between the Listener protocols please see http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-listener-config.html . On Thu, Jul 9, 2015 at 3:17 AM, André Warnier a...@ice-sa.com wrote: Tecno Brain wrote: Hi Andre, These files can be huge (for a few of my clients). It can take more than an hour for the entire file to be generated. Then you also have to take into account that when the browser issues a request to the server, it expects *some* answer within a maximum of about 5 minutes maximum. If it doesn't get that, the browser will drop the connection and display a message like the server is not responding... I just didn't want to save them. I was expecting that if the file was too big, the process would just be aborted. As it is now, my webapp keeps working eventhough no browser is receiving the data. I guess I will have to save them (In S3) an notify my client via e-mail when the file is available. I am not even sure that in such a case, having the file be generated by a webserver webapp is the best design. It means that when the browser issues such a request, one of the webserver's threads/children is busy with that request for a very extended period of time, unable to do anything else. That looks like an ideal case for a Denial of Service e.g. You may want to re-examine the whole principle of this thing. In some restaurants, if you want some special dish that take a long time to prepare, you have to order it in advance; you can't just walk in and order it from the menu. I'll also ask Amazon about it. Thank you, -Jorge On Thu, Jul 9, 2015 at 2:06 AM, André Warnier a...@ice-sa.com wrote: Tecno Brain wrote: I am running Tomcat 8.0.20 in Ubuntu with Java 1.8u45 This server runs in Amazon EC2 behind an ELB (load balancer), although the cluster size is just one server. My application allows to download some data in CSV format. The CSV data is generated on the fly, and there is no way to known in advance the size of the response. So, the data is an attachment. response.setContentType(text/csv;charset=utf-8); filename = data.csv response.setHeader(Content-Disposition, attachment; filename=\ + filename + .csv\); The download starts immediately but after 100 MB the browser stopped received data -my internet connection was not the best-, so I canceled the download as it was not progressing anymore. Nevertheless, my web app keeps generating the CSV data, unaware that the connection has been dropped. I was expecting that my code would get an IOException when writing to the servlet OutputStream (which was wrapped by a BufferedOutputStream and wrapped by an OutputStreamWriter). Is this a problem I can solve through the configuration of the NIO connector ? Or is this a problem of Amazon ELB that still consumes the stream even though it can't be forwarded to the browser anymore? Yes, that kind of thing. There may also be load-balancers, proxies, gateways, etc. between Tomcat and the end-user browser. As long as Tomcat itself is able to write to that connection, there is no way for an application within Tomcat, to even find out that the ultimate client has gone away. I don't remember having this problem when working with Apache HTTP as the load balancer. If I remember correctly, I would get an error indicating that the client closed the connection. Yes, in some cases, because then there was less buffering in-between. Any pointers are appreciated. If your generated files are really that big, I would suggest that the Tomcat side writes them to disk to a temporary file, and then returns to the client a short response, with a link where it can retrieve that file. Then there could be a separate cleanup procedure, which cleans up such temporary files
Tomcat 8 - Manager Deploy
Hello - currently I'm running a multi instance Tomcat 8 server and wish to use Manager to deploy war files via its HTTP API command line interface. When attempting to deploy there is a continuous issue with the context path not being recognised. Here is an example of the command - curl -v -X PUT http://user:password@localhost:10080/manager/text/deploy?path=/address-information-ds-1.0war=file:/usr/share/tomcat/deployments/20150706/address-information-ds-1.0 FAIL - Deployed application at context path /address-information-ds-1.0 but context failed to start Now check the list of installed webapps - $ curl -X GET http://tcsct:cbiw2PXB@localhost:10080/manager/text/list OK - Listed applications for virtual host localhost /manager:running:0:manager /:running:0:ROOT /address-information-ds-1.0:stopped:0:address-information-ds-1.0.war /host-manager:running:0:host-manager Localaccess.log - [10/Jul/2015:11:07:54 +0100] 127.0.0.1 - tcsct PUT /manager/text/deploy?path=/address-information-ds-1.0 HTTP/1.1 - \ - - - \ - ?path=/address-information-ds-1.0 200 111 - 31 26 127.0.0.1 [10/Jul/2015:11:07:54 +0100] Catanlina.log 10-Jul-2015 11:20:54.560 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deploying web application archive /opt/tomcat/webapps/address-information-ds-1.0.war /logs/catalina.2015-07-10.log:10-Jul-2015 11:20:54.568 SEVERE [localhost-startStop-1] org.apache.catalina.startup.ContextConfig.beforeStart Exception fixing docBase for context [/address-information-ds-1.0] org.apache.catalina.LifecycleException: Failed to start component [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/address-information-ds-1.0]] 10-Jul-2015 11:20:54.572 SEVERE [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Error deploying web application archive /opt/tomcat/webapps/address-information-ds-1.0.war java.lang.IllegalStateException: ContainerBase.addChild: start: org.apache.catalina.LifecycleException: Failed to start component [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/address-information-ds-1.0]] 10-Jul-2015 11:20:54.573 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application archive /opt/tomcat/webapps/address-information-ds-1.0.war has finished in 13 ms Any advice or pointer would be much appreciated. - The Mileage Company Limited is a limited company registered in England under company number 2260073 whose registered office address is at Astral Towers, Betts Way, London Road, Crawley, West Sussex, RH10 9XY. This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by Mimecast for the presence of computer viruses. -
Re: HTML 508 error with container authentication and virtual host
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 David, On 7/8/15 3:12 PM, David Hoffer wrote: Here is information on how we have Apache configured. Apache is the virtual host and it redirects to the (war) app deployed in Tomcat. Note it has the app name in the ProxyPass/ProxyPassReverse URL. Regarding your question on how we deploy the app, I use Tomcat's Manager app to upload a war file. Note this same Tomcat instance has several other war apps as well. Note at first we thought this was working as it does redirect to the right app and the correct login page, the problem is when they click the Login button that's when the 408 error occurs. The 408 error does not occur if we launch the app via http://localhost:8080/myapp/. The error only occurs when users use sub1.mydomain.com which is the only URL that will have access to. What are we doing wrong? We are probably missing something simple...just don't see it. Also I'd be happy to upgrade Tomcat to a later version if that would help. ##Apache: Just a ReverseProxy to the Tomcat app: VirtualHost *:80 ServerName sub1.mydomain.com ServerAlias sub1.mydomain.com ## ReverseProxy's ProxyRequests Off ProxyPreserveHost Off # Have tried both on and off Proxy * Order deny,allow Allow from all /Proxy ProxyPass / http://localhost:8080/myapp/ ProxyPassReverse / http://localhost:8080/myapp/ Changing the context path in ProxyPass(Reverse) is a recipe for many headaches and tears. Is there any way your users could tolerate adding /myapp to the end of their URLs? Or, you could re-name your WAR from myapp.war to ROOT.war and use the root context (/) instead of /myapp. - -chris -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVn7/iAAoJEBzwKT+lPKRY56gQAKvTUdxjUii9/a1ypVDT028U 0hhw1Uv/ZxwozzCVVK9LnUhV7ntQKfrttdBjUTR61yer0y1Z/yKm25L+zAL9Ou4s tVHi5/NdheCx1SmG68ZfJTkH6p8n2aQiDOraTwufJMLqM8z7e6XJd9PKDxwxOGU9 2BMEzbr5Lyv7oT+oj3NjhflMEESwcSgwzV46qDvgn0zav7QJgN4fgU4x2pvdQNOk 98oihJE6PA0F427rZ+W0Sb917Ly71FxqCYAwJ3K69S5XN6HIZ7EWrm7Kg+Vd5Y5e vZ3Gjv81ZwlO5mY6u/lO9TPx4yltqNsWg4gelBLYPsj2TWZbD7R0eYZjOV7Nz3Tk rFyowLeLy1F/VZWtv7vDDL7J5RN6rdZ3KQohJMHLwThwcITB9KIADqZQXPp3KWn9 PnxvExKd7Lw0yE/nAIPpNs0FOzZ964XFrn8ltykpI65HeBUzrcPuS+gvJyybUD// u4YVygy8mah6Odwb0yI55IfGblkukD7IxyKYeC+G0LAoaX/+f6VHPXw4/rHqmKl4 60DZxrKsvhzI04ilPNnX9LJ5oIizqqtTVSCj5OVKsqxrsmc0mWwmC6RiqUyWMYD6 0Eiz4okdbBP6+tNoFsr3wBh5yn9gq9zKjRv1XW9qVUGzuV0TN1IEZpK4uECP3KyD 1h3+gMwOdt0Lu8OG3NZq =UpYE -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Apache Tomcat 7 on windows 2008: how to host mutiple domains
Will this work. I want 123.abc.com to go to xyz.abc.com. So 123.abc.com is an alias for xyz.abc.com. Both the sites are pointing to the same appbase. Host name=www.knowledgefolders.com appBase=D:/webpage_demos/akc unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Aliasknowledgefolders.com/Alias Aliaswww.knowledgefolders.net/Alias Aliasknowledgefolders.net/Alias Aliaswww.knowledgefolders.org/Alias Aliasknowledgefolders.org/Alias Aliaswww.satyakomatineni.com/Alias Aliaswww.kavithakomatineni.com/Alias Context path= docBase=D:/webpage_demos/akc debug=0 reloadable=false/ Context path=/akc docBase=D:/webpage_demos/akc debug=0 reloadable=false/ /Host Notice how all of the following host names point to the same web app, akc (which was the previous name for Knowledge Folders). knowledgefolders.com www.knowledgefolders.com knowledgefolders.net www.knowledgefolders.net knowledgefolders.org www.knowledgefolders.org www.satyakomatineni.com www.kavithakomatineni.com -- View this message in context: http://tomcat.10.x6.nabble.com/Apache-Tomcat-7-on-windows-2008-how-to-host-mutiple-domains-tp5037160p5037161.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tomcat-7 and Oracle Universal Connection Pool (UCP)
Hi, short question. I am in the process of moving an application from using the Oracle JDBC pool to using UCP. I have some problems understanding the relations between the resource definition in the context and what to put into web.xml. So, the context includes: Resource name=jdbc/myDataSource auth=Container factory=oracle.ucp.jdbc.PoolDataSourceImpl type=oracle.ucp.jdbc.PoolDataSource description=Oracle datasource using UCP connectionFactoryClassName=oracle.jdbc.pool.OracleDataSource initialPoolSize=25 minPoolSize=15 maxPoolSize=210 maxStatements=100 connectionWaitInterval=200 timeoutCheckInterval=600 inactiveConnectionTimeout=100 abandonConnectionTimeout=600 validateConnectionOnBorrow=true sqlForValidateConnection=select 1 from DUAL connectionPoolName=MyUCPPool connectionProperties=(defaultRowPrefetch=200) url=jdbc:oracle:thin:@connect_info user=user password=passwd / What is not clear to my, what I have to put into the resource-ref in web.xml. For the old JDBC configuration we had: resource-ref descriptionMy Data Source/description res-ref-namejdbc/myDataSource/res-ref-name res-typeoracle.jdbc.pool.OracleDataSource/res-type res-authContainer/res-auth /resource-ref The res-type matched the type= from the resource definition. Unfortunately, I never found an explanation/documentation of what the res-type actually relates to. So now I see three possibilities: 1) match type= from the resource res-typeoracle.ucp.jdbc.PoolDataSource/res-type 2) match connectionFactoryClassName= from the resource res-typeoracle.jdbc.pool.OracleDataSource/res-type 3) just put in javax.sql.DataSource as someone suggested to me off-line res-typejavax.sql.DataSource/res-type Now I know that I could just experiment with that. But time is scarce and maybe someone knows the correct (or at least working :-) solution. Thanks in advance Martin -- -- Martin Knoblauch email: k n o b i AT knobisoft DOT de www: http://www.knobisoft.de
Re: Form authentication with Tomcat 7.0.63 behind Apache HTTPD and mod_jk
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Now with the shipped examples goodness: On 7/9/2015 10:39 PM, Konstantin Kolinko wrote: 2015-07-10 2:35 GMT+03:00 Mark Eggers its_toas...@yahoo.com.invalid: Folks, I seem to be having a problem trying to use form-based authentication. What worked in 7.0.62 no longer works in 7.0.63. Using 7.0.62 I can successfully authenticate in my toy application and the latest version of Jenkins. Using 7.0.63 I end up on the form error page in my toy application and the latest version of Jenkins. I've not changed any of the configuration files. I run Tomcat using $CATALINA_HOME and $CATALINA_BASE. To upgrade Tomcat, I just install a new version and move some links around. Here is a rundown of my environment: [] How it fails? (Steps, maybe also Access Log output) Quick test with direct access to Tomcat and examples webapp = success. (http://localhost:8080/examples/jsp/security/protected/index.jsp) Architecture where this works: - -- Browser -- Apache HTTPD -- mod-jk -- Tomcat 7.0.62 -- examples Browser -- Tomcat 7.0.62 -- examples Browser -- Tomcat 7.0.63 -- examples Architecture where this fails (brings up invalid login page) - Browser -- Apache HTTPD -- mod-jk -- Tomcat 7.0.63 -- examples Possible areas to test: 1. httpd / mod_jk : Do you have failure with direct access to Tomcat ? 2. cookie / set-cookie headers e.g. see AccessLogValve configuration here: https://bz.apache.org/bugzilla/show_bug.cgi?id=57872#c0 3. Realm Best regards, Konstantin Kolinko So it does appear to be an issue with the supplied examples as well. I didn't see anything obviously wrong with my mod-jk configuration (posted in the first email). I'll try to start working through the code changes to see where the likely culprit is. . . . just my puzzled 2 cents /mde/ -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBAgAGBQJVoA6LAAoJEEFGbsYNeTwtgcEH/1Rb2Wji7oSELJgeUgTfdTRm oDCnPQ5f11RBnx/7+0SHFN/4qu1VIOce0dckPIRM2KIkNI9mNsKPF2Bgt1Ixejvw IaqlafbRgQTqXoomEB/Y3vxpzhRvo0sQCwJN4O81JLUcnT5wIgnaZr8Gwd0vkzMF dktu5TEAIAiHRIWudFPpSuO5tWvJAu4FWzay4YPqfic4wGtCNGXtZQCeuL3bq6Jl Hc51dvNMdkF1gWqDNNzarQu9POLb1qDW2Ezy4grlRKIHCUQWALoxqTZj3IL8g0Sc phdi3pqd54pe5VDNc7l3mIdOCaYY+f529vz0CGBzzKox7qaa3/Lvpqy6CcQ5xtU= =+F5Q -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
issue with application finding tomcat jars
I have an application that uses the websocket jars from tomcat and sometimes get this error, java.util.ServiceConfigurationError: javax.websocket.ContainerProvider: Provider org.apache.tomcat.websocket.WsContainerProvider not found Then it gets the error for a while and magically finds the jars and runs which is weird. What may be causing this behavior to not find the jars then magically find the jars? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Apache Tomcat 7 on windows 2008: how to host mutiple domains
Hi there, I’m new to Apache Tomcat. I have been asked to point new domain name to the existing domain name. E.g. We have https://xyz.abc.com, we want new domain name http://123.abc.com to point to xyz.abc.com. The Apache Tomcat 7 server is installed Windows 2008 R2 server. We have created the DNS entry for 123.abc.com Can someone tell me how to do this? Do I need to create a virtual host and if so how. How do I restart tomcat server on windows 2008 R2? I read that if I modify server.xml then I need to restart Tomcat. How do I restart Tomcat? I have a following entry in config/server.xml file:Host name=localhost appBase=webapps unpackWARs=true autoDeploy=true Valve className=org.apache.catalina.valves.AccessLogValve directory=logs prefix=localhost_access_log. suffix=.txt pattern=%h %l %u %t quot;%rquot; %s %b / /Host Thanks Joe