Empty *jsp_java file after upgrade to Tomcat 8.0.26

[Yasi Xi (yxi)]

Hi, Dear Mark T and all

Sorry to resend this mail. I don't quite understand Mark's comment on this 
problem.

 WHAT IS THE PROBLEM 

I'm doing Tomcat upgrade for my J2EE server. When Tomcat is upgraded from 
7.0.54 to 8.0.26,

1) I get lots of empty *_jsp.java files in /opt/apache-tomcat_1/work/Catalina/, 
for example:

/opt/apache-tomcat_1/work/Catalina/localhost/cmp0307l/org/apache/jsp/webcomponents/jsp/globalpagenotfound_jsp.java
/opt/apache-tomcat_1/work/Catalina/localhost/svc3000/org/apache/jsp/svccomponents/common/jsp/globalerror_jsp.java

2) There're six Tomcat servers working in a round-robin manner. Each of the six 
Tomcat server has lots of empty *_jsp.java files, but they do not share the 
same group of empty *_jsp.java files. It appears random regarding which JSP 
file gets an empty *_jsp.java and in which Tomcat server.

3) When I delete a single empty *_jsp.java file in a Tomcat server and restart 
Tomcat, the previous empty *_jsp.java is generated and not empty.

4) Before Tomcat upgrade from 7.0.54 to 8.0.26, /opt/apache-tomcat_1 soft link 
points to /opt/apache-tomcat-7.0.54_1, after the upgrade, it points to 
/opt/apache-tomcat-8.0.26_1

5) /opt/apache-tomcat-7.0.54_1 and /opt/apache-tomcat-8.0.26_1 are two separate 
directories. /opt/apache-tomcat-8.0.26_1 does not exist before the upgrade.

[root@jm3btc003 opt]# ll /opt/
total 68
lrwxrwxrwx   1 root nobody  22 Dec 23 01:21 apache-tomcat_1 -> 
apache-tomcat-8.0.26_1
drwx--   7 nobody   nobody4096 Dec 11 02:23 apache-tomcat-7.0.54_1
drwxr-x---   9 root nobody4096 Nov 10 01:51 apache-tomcat-8.0.26_1
...

6) There are other empty files after upgrading to Tomcat 8.0.26, for example, 
the following picture files are created by Java process in a separate directory 
other than Tomcat directories, the picture files are empty:

-rw-rw 1 nobody nobody0 Jan 29 07:11 AQ_500/default.jpg
-rw-rw 1 nobody nobody0 Jan 28 19:04 BN_500/default.jpg
-rw-rw 1 nobody nobody0 Jan 28 21:05 CL_500/default.jpg
-rw-rw 1 nobody nobody0 Jan 28 19:00 CP_500/default.jpg
-rw-rw 1 nobody nobody0 Jan 28 20:05 DZ_500/default.jpg
-rw-rw 1 nobody nobody0 Jan 28 13:11 EG_500/default.jpg

7) We have some tomcat-embed-*.7.0.30.jar files deployed and scanned by Tomcat. 
Will these tomcat-embed-*.7.0.30.jar impact the *_jsp.java generation under 
Tomcat 8.0.26?

/opt/txs/webapps/TXS/share/tomcat-embed-core-7.0.30.jar
/opt/txs/webapps/TXS/share/tomcat-embed-jasper-7.0.30.jar

 MARK'S COMMENT 

Do you empty the work directory as part of this upgrade? If not, you should.

Mark

 YASI'S QUESTIONS 

Sorry, Mark, I don't quite understand 

1) Why empty work directory as part of Tomcat upgrade? 
/opt/apache-tomcat-8.0.26_1 does not exist before the upgrade. Should I empty 
/opt/apache-tomcat-7.0.54_1/work directory?

2) Is there any change of system IO (e.g. file read/write) in Tomcat 8 which 
may cause some file to be empty?

Really appreciate your help!

Regards,
-Yasi 

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: HTTP communication

[Maxim Neshcheret]

Hi Christoph
 
There is such option in my app (heartbeats from server to client) but I’m
curious why connection becomes stale if I don’t send any heartbeats.



On 29/01/16 16:04, "Christoph Nenning" 
wrote:

>> I have a problem with my java application related to HTTP communication.
>> 
>> Application description:
>> 
>> 1.  Client – server. Server is running in servlet container. We
>> use Tomcat.
>> 
>> Client use java HTTP library to communicate with the server.
>> 
>> 2.  When client establish connection to the server it sends GET
>> request (keepalive) and server creates AsyncContext for the client
>> with 10 days timeout.
>> 
>> 3.  After connection established server periodically sends data
>> to the client using AsyncContext and on the client side there is
>> special thread which reads and processes the data.
>> 
>> Client reading thread example:
>> 
>> private class GetRunnable implements Runnable {
>> 
>>private final HttpURLConnection httpConn;
>>private final MyConnection myConn;
>> 
>>public GetRunnable(final MyConnection myConn) throws
>> IOException, AppException {
>>  this.myConn = myConn;
>>  final String jSession = myConn.getJSession();
>>  httpConn = openHttpUrlConnection(false,
>> httpPostTimeout, jSession);
>>  httpConn.connect();
>>  final int respCode = httpConn.getResponseCode();
>>  if (respCode != HttpURLConnection.HTTP_OK) {
>> String info = "Incorrect response from server,
>> responseCode:" + respCode + ", message:" +
>httpConn.getResponseMessage();
>> log.error(info);
>> throw new AppException(info);
>>  } else {
>> log.trace("GET connected");
>>  }
>>}
>> 
>>@Override
>>public void run() {
>>  try (final BufferedReader reader = new BufferedReader
>> (new InputStreamReader(httpConn.getInputStream(), "UTF-8")) ) {
>> log.info("doGet STARTED");
>> final Thread t = Thread.currentThread();
>> while (!t.isInterrupted()) {
>>log.trace("before readline");
>>final String line = reader.readLine();
>>log.trace("after readline: [" + line + "]");
>> 
>>//INFO: DATA PROCESSING HERE
>> }
>>  } catch (IOException e) {
>> log.error("Error while doGet");
>>  } catch (Throwable e) {
>> log.debug("doGet STOPED...");
>> log.error("Error while read input msg, do logoff",
>e);
>> logoff();
>> throw e;
>>  }
>>  log.debug("doGet STOPED...");
>>  myCallback.onGetClose(myConn, connInfo);
>>}
>> }
>> 
>> Server side code to push data looks like this:
>> 
>> protected int sendMsgs(final MyConnection myConn, final String info) {
>> 
>>int res;
>>try {
>>  final AsyncContext lAc = _ac;
>>  final ServletRequest req = lAc.getRequest();
>>  if (!req.isAsyncStarted()) {
>> log.debug("AsyncStarted=false on begin, uid:" +
>> uid + ", sid:" + sid);
>> return -1;
>>  }
>> 
>>  final ServletResponse res = lAc.getResponse();
>>  ServletOutputStream  os = null;
>>  final String text = getData(myConn);
>> 
>>  if (os == null)
>> os = res.getOutputStream();
>> 
>>  write2stream(os, text, 0x4000);
>>  os.println();
>> 
>>  if (os != null)
>> os.flush();
>> } catch(IOException ex) {
>>  log.error("Notify failed");
>> } catch (InterruptedException e) {
>>  log.error("Notify failed");
>>  Thread.currentThread().interrupt();
>>  } catch (Throwable e) {
>> log.error("Notify failed");
>> logoff(true);
>>  }
>> 
>> return res;
>> }
>> 
>> public static void write2stream(final OutputStream outputStream,
>> final String text, int bufferSize) throws IOException {
>>  final CharsetEncoder encoder = getHttpEncodingCharset
>> ().newEncoder();
>> 
>>  final int fullLen = text.length();
>>  final int byteBufferSize = Math.min(bufferSize, fullLen);
>> 
>>  final int en = (int)(byteBufferSize * (double)
>> encoder.maxBytesPerChar());
>>  final byte[] byteArray = new byte[en];
>> 
>>   final ByteBuffer byteBuffer = ByteBuffer.wrap(byteArray);
>>   final CharBuffer charBuffer = CharBuffer.wrap(text);
>>  for(int pos=0, len=byteBufferSize;
>>   

Re: HTTP communication

[Maxim Neshcheret]

Hi André,

First about network. Client and server are in the same segment and there
are no firewalls in between them.
Second I expect connection to be alive because during initiation I specify
'keep-alive' property of HTTP request. Also
Tomcat and WLS are configured to support keepalive connections.

From what I noticed, I monitored TCP connection using TCPView and
Wireshark (on the client side), TCP connection is still alive
even Tomcat or WLS cannot write to the socket.

Just to mention, I have in my code an option to send periodical heartbeats
to the client if there is no data. It is configurable and
when I use this option everything works fine. But if I don’t send
heartbeats as I wrote before connection becomes stale and I want
to understand why it happens so that I can initiate, for example,
automatic client logoff and cleanup resources.



On 29/01/16 11:33, "André Warnier (tomcat)"  wrote:

>On 28.01.2016 18:38, Maxim Neshcheret wrote:
>> I have a problem with my java application related to HTTP communication.
>>
>> Application description:
>>
>> 1.  Client – server. Server is running in servlet container. We use
>>Tomcat.
>>
>> Client use java HTTP library to communicate with the server.
>>
>> 2.  When client establish connection to the server it sends GET
>>request (keepalive) and server creates AsyncContext for the client with
>>10 days timeout.
>>
>> 3.  After connection established server periodically sends data to
>>the client using AsyncContext and on the client side there is special
>>thread which reads and processes the data.
>>
>[ snip ...]
>>
>> Usually this code works fine but it there is no data from server to
>>client for 1 day and after 24 hours (can be 16 or 12) data appears,
>>server cannot send data to the client.
>> In the log there is no error. It is written that everything flushed but
>>client still waiting for data in “final String line = reader.readLine();”
>> When 2nd portion of data is sent by the server, then during flush I see
>>the following error
>>
>> 2016-01-26 00:00:00,051|INFO |GWNotify-2/50   |ClientAbort
>> 2016-01-26 00:00:00,051|TRACE|GWNotify-2/50
>>|ClientAbortException:java.io.IOException: APR error: -32
>> org.apache.catalina.connector.ClientAbortException:
>>java.io.IOException: APR error: -32
>[snip ...]
>
>Hi.
>I am unqualified to check your code, but a first question would be :
>where is the Client,
>and where is the Server and what is the connection between them like ?
>
>And the reason for the question is : it is not at all unusual, that any
>kind of network 
>connection would be interrupted at some point over a 24-hour period,
>specially if nothing
>is sent over that connection for a long time.
>When a connection "disappears", TCP sends no signal to either the client
>or the server, 
>and an error will only be caught, if one of the parties tries to write to
>the (now gone) 
>connection (which seems to be what happens above, when the server tries
>to write to the 
>Client, and gets a "client is no longer there" exception).
>
>If you want to avoid this, you will have to handle this in your code.
>You cannot just 
>expect the connection to be alive no matter what.
>
>
>
>
>-
>To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: users-h...@tomcat.apache.org
>

Re: HTTP communication

[Maxim Neshcheret]

Hi Olaf,
 
Just repeat here what I have already replied to André’s comment.
“First about network. Client and server are in the same segment and there
are no firewalls in between them.
Second I expect connection to be alive because during initiation I specify
'keep-alive' property of HTTP request. Also Tomcat and WLS are configured
to support keepalive connections.
 
From what I noticed, I monitored TCP connection using TCPView and
Wireshark (on the client side), TCP connection is still alive even Tomcat
or WLS cannot write to the socket.
 
Just to mention, I have in my code an option to send periodical heartbeats
to the client if there is no data. It is configurable and when I use this
option everything works fine. But if I don’t send heartbeats as I wrote
before connection becomes stale and I want to understand why it happens so
that I can initiate, for example, automatic client logoff and cleanup
resources.”



On 29/01/16 16:13, "Olaf Kock"  wrote:

>I'll second Andre's answer: Just because you declare a 10d timeout, you
>can't rely on the connection to stay up for that long. You can't even
>rely on a connection to stay up during the download of a simple gif
>(although that's so quick that the odds for connection termination are a
>lot lower).
>
>This is without looking at the code - just relying on a connection to
>stay up is not a proper assumption. You'll have to work around anything
>in between to fail and reconnect if necessary. Declaring a 10d timeout -
>if it works - will cause the appropriately configured endpoint to assume
>it's open. It has no effect on any of the components in between the
>endpoints.
>
>Olaf
>
>Am 29.01.2016 um 09:33 schrieb André Warnier (tomcat):
>> On 28.01.2016 18:38, Maxim Neshcheret wrote:
>>> I have a problem with my java application related to HTTP
>>>communication.
>>>
>>> Application description:
>>>
>>> 1.  Client – server. Server is running in servlet container. We
>>> use Tomcat.
>>>
>>> Client use java HTTP library to communicate with the server.
>>>
>>> 2.  When client establish connection to the server it sends GET
>>> request (keepalive) and server creates AsyncContext for the client
>>> with 10 days timeout.
>>>
>>> 3.  After connection established server periodically sends data
>>> to the client using AsyncContext and on the client side there is
>>> special thread which reads and processes the data.
>>>
>> [ snip ...]
>>>
>>> Usually this code works fine but it there is no data from server to
>>> client for 1 day and after 24 hours (can be 16 or 12) data appears,
>>> server cannot send data to the client.
>>> In the log there is no error. It is written that everything flushed
>>> but client still waiting for data in “final String line =
>>> reader.readLine();”
>>> When 2nd portion of data is sent by the server, then during flush I
>>> see the following error
>>>
>>> 2016-01-26 00:00:00,051|INFO |GWNotify-2/50   |ClientAbort
>>> 2016-01-26 00:00:00,051|TRACE|GWNotify-2/50
>>> |ClientAbortException:java.io.IOException: APR error: -32
>>> org.apache.catalina.connector.ClientAbortException:
>>> java.io.IOException: APR error: -32
>> [snip ...]
>>
>> Hi.
>> I am unqualified to check your code, but a first question would be :
>> where is the Client, and where is the Server and what is the
>> connection between them like ?
>>
>> And the reason for the question is : it is not at all unusual, that
>> any kind of network connection would be interrupted at some point over
>> a 24-hour period, specially if nothing is sent over that connection
>> for a long time.
>> When a connection "disappears", TCP sends no signal to either the
>> client or the server, and an error will only be caught, if one of the
>> parties tries to write to the (now gone) connection (which seems to be
>> what happens above, when the server tries to write to the Client, and
>> gets a "client is no longer there" exception).
>>
>> If you want to avoid this, you will have to handle this in your code.
>> You cannot just expect the connection to be alive no matter what.
>>
>>
>>
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>
>
>-
>To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: users-h...@tomcat.apache.org
>

Re: client ssl renegotiation after invalidating session

[Gael Abadin]

Thank you very much for your reply,

I tried your solution on APR, NIO and BIO connectors but it seems my
problem comes from somewhere else.

>From what I could gather, it is a matter of browser SSL credentials store
mechanism, and it doesn't seem to have a solution yet (even the suggested
window.crypto.logout() for Firefox doesn't work for me. Firefox doesn't
seem to implement that function on its latest version):

http://stackoverflow.com/questions/10487205/https-client-certificate-logout-relogin
:

http://stackoverflow.com/questions/10229027/how-to-trigger-ssl-rehandshake-on-a-web-browser


For the time being I'll just warn the users that they are not being truly
logged out until they close all browser windows.


2016-01-29 18:56 GMT+01:00 George Stanchev :

>
> 
> -Original Message-
> From: Gael Abadin [mailto:gael.aba...@imatia.com]
> Sent: Friday, January 29, 2016 10:33 AM
> To: Tomcat Users List
> Subject: client ssl renegotiation after invalidating session
>
> I want to invalidate the client ssl cert authentication after the user
> logs out of my application.
>
> There is nothing about it in the docs and google just digs out this
> unanswered old thread from this users list in 2007:
>
>
> https://mail-archives.apache.org/mod_mbox/tomcat-users/200706.mbox/%3c306958.89260...@web36804.mail.mud.yahoo.com%3E
>
> Does anybody know if there is any way to do it?
> 
>
> Depends what your version of Tomcat is. Since we skipped from 5.5 to 7.0 I
> don't know if 6 has this attribute. For 5.5 we used reflection to dig into
> the Request object and dig the SSLSessionManager which was kind of annoying
> since things shifted underground and we had to readjust for different
> releases of 5.5
>
>
>
> private static boolean
> invalidateTomcat7AndAboveSSLSession(HttpServletRequest httpRequest) {
> String serverInfo =
> FedSrvServlet.getServletContainerServerInfo();
>
> if (serverInfo == null) {
> log.error("Failed to determine server version");
> return false;
> }
>
> boolean compatibleTomcat =
> (serverInfo.indexOf("Tomcat") > 0 &&
> serverInfo.indexOf("7.0") > 0) ||
> (serverInfo.indexOf("Tomcat") > 0 &&
> serverInfo.indexOf("8.0") > 0) ||
> (serverInfo.indexOf("Tomcat") > 0 &&
> serverInfo.indexOf("9.0") > 0);
>
> if (compatibleTomcat) {
> // Invalidate the SSL Session
> (org.apache.tomcat.util.net.SSLSessionManager)
> Method invalidateSessionMethod = null;
> Object mgr =
> httpRequest.getAttribute("javax.servlet.request.ssl_session_mgr");
> if (mgr != null) {
> try {
> invalidateSessionMethod =
> mgr.getClass().getMethod("invalidateSession");
> if (invalidateSessionMethod ==
> null) {
> log.error("Failed to reset
> SSL session: Method invalidateSessionMethod =
> mgr.getClass().getMethod(\"invalidateSession\") failed to return method");
> }
>
> invalidateSessionMethod.setAccessible(true);
> } catch (Throwable t) {
> log.error("Failed to reset SSL
> session: " + t.getMessage(), t);
> }
>
> // Invalidate the session
> try {
>
> invalidateSessionMethod.invoke(mgr);
> log.trace("SSL session reset
> successfully");
> return true;
> } catch (Throwable t) {
> log.error("Failed to reset SSL
> session: invalidateSession() threw exception: " + t.getMessage(), t);
> }
> } else {
> log.error("Failed to reset SSL session:
> httpRequest.getAttribute(\"javax.servlet.request.ssl_session_mgr\") call
> failed to return session manager object");
> }
> }
>
> return false;
> }
>
> Hope this helps.
>
> George
>



-- 



.

Alberto Gael Abadin Martinez
Junior Developer

[image: IMATIA]

www.imatia.com

*Tel: *+34 986 342 774 ext 4531

*Email: *gael.aba...@imatia.com
Edificio CITEXVI
Fonte das Abelleiras, s/n - Local 27
36310 Vigo (Pontevedra)
España

.



.

Este mensaje, y en su caso, cualquier fichero anexo al mismo, puede
contener información confidencial, siendo para uso exclusivo del
destinatario. Queda prohibida su divulgación copia o 

Virtual Hosting, HTTP 302 to HTTPS?

[Björn Raupach]

Dear group,

I have two web applications (a,b) that are both reachable via subdomains:

a.example.com 
b.example.com 

For b.example.com  exists a SSL certificate. 
a.example.com  does not need SSL.
The HTTPS connector uses a a Java keystore with the certificate. 

I configured Apache Tomcat 8.0.20 with Virtual Hosting.

CATALINA_HOME/webapps_a
CATALINA_HOME/webapps_b

The server.xml has been adjusted.



 
   ...
 

 
   ...
 



Both web apps are deployed using ROOT.war. They get unpacked and there are no 
errors in the log files.

Here is my problem. b works fine, but I can't reach a.

curl -I http://a.example.com 
HTTP/1.1 302 Found
Server: Apache-Coyote/1.1
Cache-Control: private 
Expires: Thu, 01 Jan 1970 01:00:00 CET
Location: https://a.example.com 
Content-Length: 0
Date: Mon, 01 Feb 2016 13:52:32 GMT

curl -I http://b.example.com 
HTTP/1.1 302 Found
Server: Apache-Coyote/1.1
Cache-Control: private 
Expires: Thu, 01 Jan 1970 01:00:00 CET
Location: https://b.example.com 
Content-Length: 0
Date: Mon, 01 Feb 2016 13:52:54 GMT  

The redirect sets Location to https. I know this can't work because I have no
certificate for srv.grasmueck.de  nor do I need https.

And I see the web application `b` instead of `a` despite the error.

Do I need a Apache HTTPD fronted? 


Thanks for the support! I appreciate it.

Björn

RE: client ssl renegotiation after invalidating session

[George Stanchev]

Yeah I forgot to mention that this works for NIO and BIO connectors. Not sure 
about the APR. And been there in regards to the caching in the browser. There 
is nothing I have found either...

George


-Original Message-
From: Gael Abadin [mailto:gael.aba...@imatia.com] 
Sent: Monday, February 01, 2016 2:17 AM
To: Tomcat Users List
Subject: Re: client ssl renegotiation after invalidating session

Thank you very much for your reply,

I tried your solution on APR, NIO and BIO connectors but it seems my problem 
comes from somewhere else.

From what I could gather, it is a matter of browser SSL credentials store 
mechanism, and it doesn't seem to have a solution yet (even the suggested
window.crypto.logout() for Firefox doesn't work for me. Firefox doesn't seem to 
implement that function on its latest version):

http://stackoverflow.com/questions/10487205/https-client-certificate-logout-relogin
:

http://stackoverflow.com/questions/10229027/how-to-trigger-ssl-rehandshake-on-a-web-browser


For the time being I'll just warn the users that they are not being truly 
logged out until they close all browser windows.


2016-01-29 18:56 GMT+01:00 George Stanchev :

>
> 
> -Original Message-
> From: Gael Abadin [mailto:gael.aba...@imatia.com]
> Sent: Friday, January 29, 2016 10:33 AM
> To: Tomcat Users List
> Subject: client ssl renegotiation after invalidating session
>
> I want to invalidate the client ssl cert authentication after the user 
> logs out of my application.
>
> There is nothing about it in the docs and google just digs out this 
> unanswered old thread from this users list in 2007:
>
>
> https://mail-archives.apache.org/mod_mbox/tomcat-users/200706.mbox/%3C
> 306958.89260...@web36804.mail.mud.yahoo.com%3E
>
> Does anybody know if there is any way to do it?
> 
>
> Depends what your version of Tomcat is. Since we skipped from 5.5 to 
> 7.0 I don't know if 6 has this attribute. For 5.5 we used reflection 
> to dig into the Request object and dig the SSLSessionManager which was 
> kind of annoying since things shifted underground and we had to 
> readjust for different releases of 5.5
>
>
>
> private static boolean
> invalidateTomcat7AndAboveSSLSession(HttpServletRequest httpRequest) {
> String serverInfo =
> FedSrvServlet.getServletContainerServerInfo();
>
> if (serverInfo == null) {
> log.error("Failed to determine server version");
> return false;
> }
>
> boolean compatibleTomcat =
> (serverInfo.indexOf("Tomcat") > 0 &&
> serverInfo.indexOf("7.0") > 0) ||
> (serverInfo.indexOf("Tomcat") > 0 &&
> serverInfo.indexOf("8.0") > 0) ||
> (serverInfo.indexOf("Tomcat") > 0 &&
> serverInfo.indexOf("9.0") > 0);
>
> if (compatibleTomcat) {
> // Invalidate the SSL Session
> (org.apache.tomcat.util.net.SSLSessionManager)
> Method invalidateSessionMethod = null;
> Object mgr =
> httpRequest.getAttribute("javax.servlet.request.ssl_session_mgr");
> if (mgr != null) {
> try {
> invalidateSessionMethod = 
> mgr.getClass().getMethod("invalidateSession");
> if (invalidateSessionMethod ==
> null) {
> log.error("Failed to 
> reset SSL session: Method invalidateSessionMethod =
> mgr.getClass().getMethod(\"invalidateSession\") failed to return method");
> }
>
> invalidateSessionMethod.setAccessible(true);
> } catch (Throwable t) {
> log.error("Failed to reset SSL
> session: " + t.getMessage(), t);
> }
>
> // Invalidate the session
> try {
>
> invalidateSessionMethod.invoke(mgr);
> log.trace("SSL session reset 
> successfully");
> return true;
> } catch (Throwable t) {
> log.error("Failed to reset SSL
> session: invalidateSession() threw exception: " + t.getMessage(), t);
> }
> } else {
> log.error("Failed to reset SSL session:
> httpRequest.getAttribute(\"javax.servlet.request.ssl_session_mgr\") 
> call failed to return session manager object");
> }
> }
>
> return false;
> }
>
> Hope this helps.
>
> George
>



-- 



.

Alberto Gael Abadin Martinez
Junior Developer

[image: IMATIA]

www.imatia.com

*Tel: *+34 986 

Re: WebAppClassLoaderBase.clearReferencesThreads warning

[Yuval Schwartz]

Hello Terence,

Thanks for the input.
I shutdown the ScheduledExecutorService in the contextDestroyed method of
the app's ServletContextListener class as well.
I also call shutDownNow() followed by an if statement with
!awaitTermination() as the condition.

Are you sure that the new warning that I'm getting is also related to the
ScheduledExecutorService?
The warning again is:

WARNING [main] org.apache.tomcat.util.net.AbstractEndpoint.shutdownExecutor
The executor associated with thread pool [http-apr-8080] has not fully
shutdown. Some application threads may still be running

I didn't find much information about http-apr-8080 on google.
When I do a thread dump while tomcat is running I see http-apr-8080-exec-1,
http-apr-8080-exec-2,...http-apr-8080-exec-10.
I'm not sure what these do? Are these threads the same as http-apr-8080
that is referenced in the warning?

How else can I go about debugging this message?

Thank you

On Mon, Feb 1, 2016 at 5:59 PM, Terence M. Bandoian 
wrote:

> On 2/1/2016 8:54 AM, Yuval Schwartz wrote:
>
>> Hello Mark,
>>
>> I think that the issue below was related to the way I was shutting down an
>> instance of ScheduledExecutorService.
>> I changed the way it is shutdown when the context is destroyed...I will
>> update here if I don't receive any more warnings.
>>
>> However, I now get a warning:
>>
>> WARNING [main] org.apache.tomcat.util.net
>> .AbstractEndpoint.shutdownExecutor
>> The executor associated with thread pool [http-apr-8080] has not fully
>> shutdown. Some application threads may still be running
>>
>> I am not sure if this is related or not?
>> When I do a heap dump with jstack I see http-apr-8080-exec-[1-10] but I
>> don't see any thread named http-apr-8080.
>> Any ideas on how to trouble shoot this?
>>
>> Thanks.
>>
>
>
> Hi, Yuval-
>
> Where are you shutting down the ScheduledExecutorService?  I ran into a
> similar problem trying to stop a ScheduledExecutorService in the
> contextDestroyed method of a ServletContextListener.  Adding a call to
> Thread.yield() after the executor was terminated removed the warning.  To
> terminate the executor, I used the shutdown() method followed by a loop
> with a call to awaitTermination().
>
> -Terence Bandoian
>
>
>
>
>> On Sun, Jan 31, 2016 at 8:18 PM, Yuval Schwartz > >
>> wrote:
>>
>>
>>> On Sunday, 31 January 2016, Mark Thomas  wrote:
>>>
>>> On 31/01/2016 08:06, Yuval Schwartz wrote:

> Hellow Mark,
>
> Thanks for the reply.
> Follow up questions below.
>
> On Fri, Jan 29, 2016 at 6:22 PM, Mark Thomas  wrote:
>
> On 29/01/2016 14:34, Yuval Schwartz wrote:
>>
>>> Hello,
>>>
>>> tomcat version: 8.0.22
>>> java: jdk1.8.0_05
>>> server: Amazon Linux AMI
>>>
>>> I get the following warning message in my catalina log when I
>>>
>> undeploy a

> web application:
>>>
>>> *WARNING [ContainerBackgroundProcessor[StandardEngine[Catalina]]]
>>>
>>>
 org.apache.catalina.loader.WebappClassLoaderBase.clearReferencesThreads

> The
>>
>>> web application [ROOT##002] appears to have started a thread named
>>> [pool-2-thread-1] but has failed to stop it. This is very likely to
>>>
>> create
>>
>>> a memory leak. Stack trace of thread*
>>>
>>> As you can see, for some reason, I don't get a stack trace of the
>>>
>> thread.

> Therefore, I have no idea how to debug this warning.
>>>
>>> This particular warning was generated when tomcat detected an unused
>>> version and undeployed it (I set undeployOldVersions="true").
>>>
>>> Does anyone know how I can debug this warning. How can I know more
>>>
>> about

> this thread?
>>>
>> That looks like a thread from Commons Pool (possibly via DBCP). The
>>
> only

> way to be sure you have a leak or not is to use a profiler. See
>>
>>
>>
 http://home.apache.org/~markt/presentations/2010-11-04-Memory-Leaks-60mins.pdf

>
> Is VisualVM a good profiler to start with considering my system?
>
 Sorry, don't know. Never used it. I use YourKit, mainly because they
 kindly donate free licenses to OpenSource developers to use with their
 OpenSource projects.

>>>
>>> Thank you Mark,
>>>
>>> I installed VisualVM as a profiler.
>>> I can now see all of the threads that tomcat is "using" (?not sure if
>>> that's the correct term) (there's 35 live threads and 33 daemon threads).
>>> Do you have any recommendations for how I might trouble shoot the
>>> original
>>> warning that I got? Would I do a "heap dump"?
>>> I have restarted tomcat since the time of the original warning message,
>>> so
>>> I can't expect to find the same thread, correct?
>>> Any tips?
>>>
>>> FYI: I never saw my cpu climbing or anything, I am troubleshooting this
>>> warning solely on seeing 

Re: Tomcat Server - Arraylist java.util.ConcurrentModificationException issue

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Paul,

Please don't hijack threads. If you want to start a new thread, please
start a new email message addressed to this list; don't find an
existing message and reply to it.

- -chris

On 2/1/16 7:50 AM, Subhro Paul wrote:
> Hi Team,
> 
> Our web application has a "header.jsp" which has 2  Arraylist on
> it. Each ArrayList has more than 50 items inside. The code is to
> identify the mobile device and requested page and transfer the call
> to mobile page accordingly.
> 
> This code works fine once we restart the server and can continue
> running 2 months without any issue. But day by day it starts
> showing 500 error with exception in log
> "ConcurrentModificationException". Below is the code snippet of JSP
> code. My Question is why this issue is happening around 2 months?
> If we clear the temp file created by the server in work folder then
> that will run for some time( 2- 3 days) and then again the same 
> exception starts occurring. I have identified one solution by
> moving the JAVA code from JSP to JAVA file which worked good while
> perform testing but client wants to know the root cause of the
> issue.
> 
> FYI, earlier we had Vector in place of Arraylist which gave trouble
> of thread blocking due to synchronization. So, converting from
> Arraylist to Vector will not be a good idea.
> 
> 
> Exception:
> 
> java.util.ConcurrentModificationException at 
> java.util.ArrayList$Itr.checkForComodification(ArrayList.java:859) 
> at java.util.ArrayList$Itr.next(ArrayList.java:831) at 
> org.apache.jsp.includes.header_jsp.isHomePage(header_jsp.java:97)
> 
> 
> Code Snippet:
> 
> <%! private Set uas = new HashSet(); ArrayList urlnames =
> new ArrayList(); ArrayList excludePathList = new
> ArrayList();
> 
> private boolean haveToRedirect(HttpServletRequest request, String
> stopMobiCookie) { boolean doRedirect = false;
> 
> String userAgent = request.getHeader("User-Agent"); if (!
> stopMobiCookie.equals("yes") && userAgent != null && 
> userAgent.length()!=0 && (userAgent.indexOf("UsableNet")==-1)) {
> 
> Iterator iter = uas.iterator(); while (iter.hasNext()) { if
> (userAgent.indexOf((String)iter.next())!=-1) { doRedirect = true; 
> break;
> 
> 
> } } } return doRedirect; }
> 
> private boolean isHomePage(HttpServletRequest request){ 
> Iterator itr = urlnames.iterator(); String path = ""; while
> (itr.hasNext()) { path = itr.next(); if 
> (request.getRequestURI().toString().equalsIgnoreCase(path)){ return
> true; } } return false; }
> 
> private boolean isExcludePath(HttpServletRequest request){ 
> Iterator itr = excludePathList.iterator(); String path =
> ""; while (itr.hasNext()) { path = itr.next(); if
> (request.getRequestURI().startsWith(path) && 
> !request.getRequestURI().startsWith("/info/contact.jsp")){ return
> true; } } return false; }
> 
> %>
> 
> 
> <%
> 
> uas.add("Blazer"); uas.add("Danger hiptop"); uas.add("DoCoMo/"); 
> uas.add("Ericsson"); uas.add("Googlebot-Mobile"); uas.add("MSN
> Mobile Proxy"); uas.add("Handheld"); uas.add("HTC_HD2_T58585
> Opera"); uas.add("iPhone"); uas.add("iPod"); uas.add("Klondike"); 
> uas.add("LG-"); uas.add("LGE-"); ... Arround 40 items
> 
> 
> excludePathList.add("/business/my_account"); 
> excludePathList.add("/business/save_energy"); 
> excludePathList.add("/business/services"); 
> excludePathList.add("/business/small_large_business"); 
> excludePathList.add("/info/environment"); 
> excludePathList.add("/info/about"); 
> excludePathList.add("/info/index.jsp"); 
> excludePathList.add("/info/ambassador.jsp");  more than 50
> items
> 
> 
> stopMobiCookie = some cookie code
> 
> boolean doRedirect = haveToRedirect((HttpServletRequest)request, 
> stopMobiCookie);
> 
> 
> if(doRedirect){ boolean isHomePage = 
> isHomePage((HttpServletRequest)request); boolean isExcludePath = 
> isExcludePath((HttpServletRequest)request);
> 
> session.setAttribute("mobile_agent", "yes");
> 
> if(!isHomePage && !isExcludePath){ String mobileServer =
> "mobile.server.com"; try{ mobileServer = mobileServer + 
> request.getRequestURI().toString(); }catch(Exception e){} %> 
>  window.location 
> ="<%=mobileServer%>";  <% } } %>
> 
> 
> 
> Thanks & Regards Subhro Paul =-=-= Notice: The
> information contained in this e-mail message and/or attachments to
> it may contain confidential or privileged information. If you are 
> not the intended recipient, any dissemination, use, review,
> distribution, printing or copying of the information contained in
> this e-mail message and/or attachments to it are strictly
> prohibited. If you have received this communication in error, 
> please notify us by reply e-mail or telephone and immediately and
> permanently delete the message and any attachments. Thank you
> 
> 
> 
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

Re: com.microsoft.sqlserver.jdbc.SQLServerException: Connection reset - Errors

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Nithin,

On 2/1/16 11:55 AM, Bomma, Nithun wrote:
> We are using Tomcat 6.x for one of our application. It was working
> fine until today morning and all of sudden we tomcat application
> was not responding and was throwing below errors:
> 
> 
> Feb 1, 2016 9:00:16 AM
> com.microsoft.sqlserver.jdbc.SQLServerConnection Prelogin WARNING:
> ConnectionID:96869 Prelogin error: host
> MSSENTCLUSQL01P.amtrak.ad.nrpc port 1433 Error sending prelogin
> request: Connection reset Caught exception
> com.microsoft.sqlserver.jdbc.SQLServerException: Connection reset 
> Feb 1, 2016 9:00:22 AM
> com.microsoft.sqlserver.jdbc.SQLServerConnection Prelogin WARNING:
> ConnectionID:96899 Prelogin error: host
> MSSENTCLUSQL01P.amtrak.ad.nrpc port 1433 Error sending prelogin
> request: Connection reset Caught exception
> com.microsoft.sqlserver.jdbc.SQLServerException: Connection reset 
> Feb 1, 2016 9:00:29 AM org.apache.jk.common.ChannelSocket
> processConnection WARNING: processCallbacks status 2
> 
> Caught exception com.microsoft.sqlserver.jdbc.SQLServerException:
> Connection reset Caught exception
> com.microsoft.sqlserver.jdbc.SQLServerException: Connection reset 
> Caught exception com.microsoft.sqlserver.jdbc.SQLServerException:
> Connection reset Caught exception
> com.microsoft.sqlserver.jdbc.SQLServerException: Connection reset 
> Caught exception com.microsoft.sqlserver.jdbc.SQLServerException:
> Connection reset Feb 1, 2016 9:04:25 AM
> com.microsoft.sqlserver.jdbc.TDSChannel enableSSL INFO:
> java.security path: /usr/java/jdk1.6.0_17/jre/lib/security Security
> providers: [SUN version 1.6, SunRsaSign version 1.5, SunJSSE
> version 1.6, SunJCE version 1.6, SunJGSS version 1.0, SunSASL
> version 1.5, XMLDSig version 1.0, SunPCSC version 1.6] SSLContext
> provider info: Sun JSSE provider(PKCS12, SunX509 key/trust
> factories, SSLv3, TLSv1) SSLContext provider services: [SunJSSE:
> KeyFactory.RSA -> sun.security.rsa.RSAKeyFactory aliases:
> [1.2.840.113549.1.1, OID.1.2.840.113549.1.1] , SunJSSE:
> KeyPairGenerator.RSA -> sun.security.rsa.RSAKeyPairGenerator 
> aliases: [1.2.840.113549.1.1, OID.1.2.840.113549.1.1] , SunJSSE:
> Signature.MD2withRSA -> sun.security.rsa.RSASignature$MD2withRSA 
> aliases: [1.2.840.113549.1.1.2, OID.1.2.840.113549.1.1.2] ,
> SunJSSE: Signature.MD5withRSA ->
> sun.security.rsa.RSASignature$MD5withRSA aliases:
> [1.2.840.113549.1.1.4, OID.1.2.840.113549.1.1.4] , SunJSSE:
> Signature.SHA1withRSA -> sun.security.rsa.RSASignature$SHA1withRSA 
> aliases: [1.2.840.113549.1.1.5, OID.1.2.840.113549.1.1.5,
> 1.3.14.3.2.29, OID.1.3.14.3.2.29] , SunJSSE:
> Signature.MD5andSHA1withRSA ->
> com.sun.net.ssl.internal.ssl.RSASignature , SunJSSE:
> KeyManagerFactory.SunX509 ->
> com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509 ,
> SunJSSE: KeyManagerFactory.NewSunX509 ->
> com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$X509 , SunJSSE:
> TrustManagerFactory.SunX509 ->
> com.sun.net.ssl.internal.ssl.TrustManagerFactoryImpl$SimpleFactory 
> , SunJSSE: TrustManagerFactory.PKIX ->
> com.sun.net.ssl.internal.ssl.TrustManagerFactoryImpl$PKIXFactory 
> aliases: [SunPKIX, X509, X.509] , SunJSSE: SSLContext.SSL ->
> com.sun.net.ssl.internal.ssl.SSLContextImpl , SunJSSE:
> SSLContext.SSLv3 -> com.sun.net.ssl.internal.ssl.SSLContextImpl ,
> SunJSSE: SSLContext.TLS ->
> com.sun.net.ssl.internal.ssl.SSLContextImpl , SunJSSE:
> SSLContext.TLSv1 -> com.sun.net.ssl.internal.ssl.SSLContextImpl ,
> SunJSSE: SSLContext.Default ->
> com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl , SunJSSE:
> KeyStore.PKCS12 -> com.sun.net.ssl.internal.pkcs12.PKCS12KeyStore 
> ] java.ext.dirs:
> /usr/java/jdk1.6.0_17/jre/lib/ext:/usr/java/packages/lib/ext Caught
> exception com.microsoft.sqlserver.jdbc.SQLServerException: The
> driver could not establish a secure connection to SQL Server by
> using Secure Sockets Layer (SSL) encryption. Error: "Connection
> reset". Feb 1, 2016 9:04:38 AM org.apache.jk.common.ChannelSocket
> processConnection WARNING: processCallbacks status 2

No description of the underlying error. :(

I would imagine someone finally disabled SSLv3 on the database server,
so you have to use a higher protocol to connect to it?

> After 6 Minutes, we started getting OutOfmemory Errors. SEVERE:
> Caught exception (java.lang.OutOfMemoryError: GC overhead limit
> exceeded) executing
> org.apache.jk.common.ChannelSocket$SocketAcceptor@a03fd6a,
> terminating thread Caught exception
> org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot get a
> connection, pool error Timeout waiting for idle object Caught
> exception org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot
> get a connection, pool error Timeout waiting for idle object Caught
> exception org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot
> get a connection, pool error Timeout waiting for idle object Caught
> exception com.microsoft.sqlserver.jdbc.SQLServerException:
> Connection reset

Perhaps the SQL 

Re: com.microsoft.sqlserver.jdbc.SQLServerException: Connection reset - Errors

[George Sexton]

On 2/1/2016 10:16 AM, Christopher Schultz wrote:

processConnection WARNING: processCallbacks status 2
No description of the underlying error. :(

I would imagine someone finally disabled SSLv3 on the database server,
so you have to use a higher protocol to connect to it?


+1

I've been working on upgrading an App that stopped working because the 
web service provider disabled SSLv3. The client was using JDK 1.6.0_0 
and it just didn't support TLS. The host machine's a mess because the 
OpenSSL libs are so outdated that apt-get can't connect to repositories 
to get files for upgrade.


Unfortunately for the client, when I tried running JDK 1.8, he got class 
cast exceptions. I ended up going through a very painful process of 
upgrading them to the current Hibernate/Spring versions so I could get 
them to JDK 1.8.




--
George Sexton
*MH Software, Inc.*
Voice: 303 438 9585
http://www.mhsoftware.com

Tomcat Server - Arraylist java.util.ConcurrentModificationException issue

[Subhro Paul]

Hi Team,

Our web application has a "header.jsp" which has 2  Arraylist on it. Each 
ArrayList has more than 50 items inside. The code is to identify the 
mobile device and requested page and transfer the call to mobile page 
accordingly.

This code works fine once we restart the server and can continue running 2 
months without any issue. But day by day it starts showing 500 error with 
exception in log "ConcurrentModificationException". Below is the code 
snippet of JSP code. My Question is why this issue is happening around 2 
months? If we clear the temp file created by the server in work folder 
then that will run for some time( 2- 3 days) and then again the same 
exception starts occurring. I have identified one solution by moving the 
JAVA code from JSP to JAVA file which worked good while perform testing 
but client wants to know the root cause of the issue.

FYI, earlier we had Vector in place of Arraylist which gave trouble of 
thread blocking due to synchronization. So, converting from Arraylist to 
Vector will not be a good idea.


Exception:

java.util.ConcurrentModificationException
at 
java.util.ArrayList$Itr.checkForComodification(ArrayList.java:859)
at java.util.ArrayList$Itr.next(ArrayList.java:831)
at 
org.apache.jsp.includes.header_jsp.isHomePage(header_jsp.java:97)


Code Snippet:

<%!
private Set uas = new HashSet();
ArrayList urlnames = new ArrayList();
ArrayList excludePathList = new ArrayList();

private boolean haveToRedirect(HttpServletRequest request,
String stopMobiCookie) {
boolean doRedirect = false;
 
String userAgent = request.getHeader("User-Agent");
if (! stopMobiCookie.equals("yes") && userAgent != null && 
userAgent.length()!=0 && (userAgent.indexOf("UsableNet")==-1))
{

Iterator iter = uas.iterator();
while (iter.hasNext()) {
if (userAgent.indexOf((String)iter.next())!=-1) {
doRedirect = true;
break;


}
}
}
return doRedirect;
}

private boolean isHomePage(HttpServletRequest request){
Iterator itr = urlnames.iterator();
String path = "";
while (itr.hasNext()) { 
 path = itr.next();
 if 
(request.getRequestURI().toString().equalsIgnoreCase(path)){
 return true;
 }
}
return false;
}
 
private boolean isExcludePath(HttpServletRequest request){
Iterator itr = excludePathList.iterator();
String path = "";
while (itr.hasNext()) { 
 path = itr.next();
 if (request.getRequestURI().startsWith(path) && 
!request.getRequestURI().startsWith("/info/contact.jsp")){
 return true;
 }
}
return false;
}

%>


<%

uas.add("Blazer");
uas.add("Danger hiptop");
uas.add("DoCoMo/");
uas.add("Ericsson");
uas.add("Googlebot-Mobile");
uas.add("MSN Mobile Proxy");
uas.add("Handheld");
uas.add("HTC_HD2_T58585 Opera");
uas.add("iPhone");
uas.add("iPod");
uas.add("Klondike");
uas.add("LG-");
uas.add("LGE-");
... Arround 40 items


excludePathList.add("/business/my_account");
excludePathList.add("/business/save_energy");
excludePathList.add("/business/services");
excludePathList.add("/business/small_large_business");
excludePathList.add("/info/environment");
excludePathList.add("/info/about");
excludePathList.add("/info/index.jsp");
excludePathList.add("/info/ambassador.jsp");
 more than 50 items


stopMobiCookie = some cookie code

boolean doRedirect = haveToRedirect((HttpServletRequest)request, 
stopMobiCookie);


if(doRedirect){
boolean isHomePage = 
isHomePage((HttpServletRequest)request);
boolean isExcludePath = 
isExcludePath((HttpServletRequest)request);
 
session.setAttribute("mobile_agent", "yes");

if(!isHomePage && !isExcludePath){
String mobileServer = "mobile.server.com";
try{
mobileServer = mobileServer + 
request.getRequestURI().toString();
}catch(Exception e){}
%>

window.location 
="<%=mobileServer%>";

<%
}
}
%>



Thanks & Regards
Subhro Paul
=-=-=
Notice: The information contained in this e-mail
message and/or attachments to it may contain 
confidential or privileged information. If you are 
not the intended recipient, any dissemination, use, 

Re: Virtual Hosting, HTTP 302 to HTTPS?

[Mark Thomas]

On 01/02/2016 15:27, Björn Raupach wrote:
>> On 01 Feb 2016, at 16:20, Mark Thomas  wrote:
>> On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach"  
>> wrote:



>>> Do I need a Apache HTTPD fronted? 
>>
>> No.  The name of your virtual host (or one of its aliases) must match the 
>> host header. If they don't match the default host will be used.
>>
>> Given that you've already told us one of the real host names, you might as 
>> well show us the real configuration and the real request if you need help 
>> spotting the configuration error.
> 
> And here I am trying to be smart. ;)
> 
> srv.grasmueck.de 
> isiee.grasmueck.de 



>unpackWARs="true" autoDeploy="true">



>   
> 
>unpackWARs="true" autoDeploy="true">



>   
> 
>   
> 

To repeat: The name of your virtual host (or one of its aliases) must
match the host header.

You should be using

and


Mark


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: rotate catalina.out without restart?

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Harald,

On 2/1/16 10:42 AM, Harald Dunkel wrote:
> would it be possible to integate apache's rotatelogs into
> catalina.sh to support daily rotation of catalina.out without
> restart?

Nope.

> This would be #1 on my wish list for version 9.

If you use the Tomcat startup scripts, the shell is responsible for
output redirection. Hacking that to pipe-through an external program
(eg. chronolog, etc.) is possible but makes the scripts very complicated
.

If you want to rotate stdout/stderr logs, you should use jsvc or some
other service-runner; they will know how to rotate those files. For
example, jsvc can rotate those files when it receives a signal.

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlavgtcACgkQ9CaO5/Lv0PBzogCffGyiTvRD2KmYsu45t9q/n1w9
U9cAnjGidN7YfcwiDnU4JCvHnCBUhmSD
=1VN9
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: HTTP communication

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Maxim,

On 2/1/16 4:53 AM, Maxim Neshcheret wrote:
> There is such option in my app (heartbeats from server to client)
> but I’m curious why connection becomes stale if I don’t send any
> heartbeats.

Any networking component can decide that a connection has been open
for too long. It could be the OS's TCP/IP stack, a software firewall
on either end, etc. Or the client could have gone to sleep (e.g. OS
sleep mode). Your heartbeats keep it from going to sleep , maybe?

If you want a 10-day connection to stay open, heartbeats are the only
way to do it. Presumably, you can catch the heartbeat failure? Under
that condition, take appropriate action.

- -chris

> On 29/01/16 16:04, "Christoph Nenning"
>  wrote:
> 
>>> I have a problem with my java application related to HTTP
>>> communication.
>>> 
>>> Application description:
>>> 
>>> 1.  Client – server. Server is running in servlet
>>> container. We use Tomcat.
>>> 
>>> Client use java HTTP library to communicate with the server.
>>> 
>>> 2.  When client establish connection to the server it sends
>>> GET request (keepalive) and server creates AsyncContext for the
>>> client with 10 days timeout.
>>> 
>>> 3.  After connection established server periodically sends
>>> data to the client using AsyncContext and on the client side
>>> there is special thread which reads and processes the data.
>>> 
>>> Client reading thread example:
>>> 
>>> private class GetRunnable implements Runnable {
>>> 
>>> private final HttpURLConnection httpConn; private final
>>> MyConnection myConn;
>>> 
>>> public GetRunnable(final MyConnection myConn) throws 
>>> IOException, AppException { this.myConn = myConn; final String
>>> jSession = myConn.getJSession(); httpConn =
>>> openHttpUrlConnection(false, httpPostTimeout, jSession); 
>>> httpConn.connect(); final int respCode =
>>> httpConn.getResponseCode(); if (respCode !=
>>> HttpURLConnection.HTTP_OK) { String info = "Incorrect response
>>> from server, responseCode:" + respCode + ", message:" +
>> httpConn.getResponseMessage();
>>> log.error(info); throw new AppException(info); } else { 
>>> log.trace("GET connected"); } }
>>> 
>>> @Override public void run() { try (final BufferedReader reader
>>> = new BufferedReader (new
>>> InputStreamReader(httpConn.getInputStream(), "UTF-8")) ) { 
>>> log.info("doGet STARTED"); final Thread t =
>>> Thread.currentThread(); while (!t.isInterrupted()) { 
>>> log.trace("before readline"); final String line =
>>> reader.readLine(); log.trace("after readline: [" + line +
>>> "]");
>>> 
>>> //INFO: DATA PROCESSING HERE } } catch (IOException e) { 
>>> log.error("Error while doGet"); } catch (Throwable e) { 
>>> log.debug("doGet STOPED..."); log.error("Error while read input
>>> msg, do logoff",
>> e);
>>> logoff(); throw e; } log.debug("doGet STOPED..."); 
>>> myCallback.onGetClose(myConn, connInfo); } }
>>> 
>>> Server side code to push data looks like this:
>>> 
>>> protected int sendMsgs(final MyConnection myConn, final String
>>> info) {
>>> 
>>> int res; try { final AsyncContext lAc = _ac; final
>>> ServletRequest req = lAc.getRequest(); if
>>> (!req.isAsyncStarted()) { log.debug("AsyncStarted=false on
>>> begin, uid:" + uid + ", sid:" + sid); return -1; }
>>> 
>>> final ServletResponse res = lAc.getResponse(); 
>>> ServletOutputStream  os = null; final String text =
>>> getData(myConn);
>>> 
>>> if (os == null) os = res.getOutputStream();
>>> 
>>> write2stream(os, text, 0x4000); os.println();
>>> 
>>> if (os != null) os.flush(); } catch(IOException ex) { 
>>> log.error("Notify failed"); } catch (InterruptedException e) { 
>>> log.error("Notify failed"); 
>>> Thread.currentThread().interrupt(); } catch (Throwable e) { 
>>> log.error("Notify failed"); logoff(true); }
>>> 
>>> return res; }
>>> 
>>> public static void write2stream(final OutputStream
>>> outputStream, final String text, int bufferSize) throws
>>> IOException { final CharsetEncoder encoder =
>>> getHttpEncodingCharset ().newEncoder();
>>> 
>>> final int fullLen = text.length(); final int byteBufferSize =
>>> Math.min(bufferSize, fullLen);
>>> 
>>> final int en = (int)(byteBufferSize * (double) 
>>> encoder.maxBytesPerChar()); final byte[] byteArray = new
>>> byte[en];
>>> 
>>> final ByteBuffer byteBuffer = ByteBuffer.wrap(byteArray); final
>>> CharBuffer charBuffer = CharBuffer.wrap(text); for(int pos=0,
>>> len=byteBufferSize; pos < fullLen; pos=len,
>>> len=Math.min(pos+byteBufferSize, fullLen)) {
>>> 
>>> try { final CharBuffer window = charBuffer.subSequence(pos,
>> len);
>>> 
>>> CoderResult res = encoder.encode(window, byteBuffer, true);
>>> 
>>> if (!res.isUnderflow()) res.throwException();
>>> 
>>> res = encoder.flush(byteBuffer);
>>> 
>>> if (!res.isUnderflow()) res.throwException();
>>> 
>>> } catch (final CharacterCodingException x) { throw new
>>> Error(x); }
>>> 
>>> outputStream.write(byteArray, 0, byteBuffer.position());
>>> 

Re: rotate catalina.out without restart?

[Rainer Frey (Inxmail GmbH)]

> On 01.02.2016, at 16:42, Harald Dunkel  wrote:
> 
> Hi folks,
> 
> would it be possible to integate apache's rotatelogs
> into catalina.sh to support daily rotation of catalina.out
> without restart?

On linux, (system) logrotate ha a “copytruncate” option that could be used.
You’d need to check whether that could lose some log lines though - and if 
you could live with that.

Rainer
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Empty *jsp_java file after upgrade to Tomcat 8.0.26

[Yasi Xi (yxi)]

Loop in Mark

-Yasi

-Original Message-
From: Yasi Xi (yxi) 
Sent: Tuesday, February 02, 2016 9:17 AM
To: Tomcat Users List 
Subject: Empty *jsp_java file after upgrade to Tomcat 8.0.26

Hi, Dear Mark T and all

Sorry to resend this mail. I don't quite understand Mark's comment on this 
problem.

 WHAT IS THE PROBLEM 

I'm doing Tomcat upgrade for my J2EE server. When Tomcat is upgraded from 
7.0.54 to 8.0.26,

1) I get lots of empty *_jsp.java files in /opt/apache-tomcat_1/work/Catalina/, 
for example:

/opt/apache-tomcat_1/work/Catalina/localhost/cmp0307l/org/apache/jsp/webcomponents/jsp/globalpagenotfound_jsp.java
/opt/apache-tomcat_1/work/Catalina/localhost/svc3000/org/apache/jsp/svccomponents/common/jsp/globalerror_jsp.java

2) There're six Tomcat servers working in a round-robin manner. Each of the six 
Tomcat server has lots of empty *_jsp.java files, but they do not share the 
same group of empty *_jsp.java files. It appears random regarding which JSP 
file gets an empty *_jsp.java and in which Tomcat server.

3) When I delete a single empty *_jsp.java file in a Tomcat server and restart 
Tomcat, the previous empty *_jsp.java is generated and not empty.

4) Before Tomcat upgrade from 7.0.54 to 8.0.26, /opt/apache-tomcat_1 soft link 
points to /opt/apache-tomcat-7.0.54_1, after the upgrade, it points to 
/opt/apache-tomcat-8.0.26_1

5) /opt/apache-tomcat-7.0.54_1 and /opt/apache-tomcat-8.0.26_1 are two separate 
directories. /opt/apache-tomcat-8.0.26_1 does not exist before the upgrade.

[root@jm3btc003 opt]# ll /opt/
total 68
lrwxrwxrwx   1 root nobody  22 Dec 23 01:21 apache-tomcat_1 -> 
apache-tomcat-8.0.26_1
drwx--   7 nobody   nobody4096 Dec 11 02:23 apache-tomcat-7.0.54_1
drwxr-x---   9 root nobody4096 Nov 10 01:51 apache-tomcat-8.0.26_1
...

6) There are other empty files after upgrading to Tomcat 8.0.26, for example, 
the following picture files are created by Java process in a separate directory 
other than Tomcat directories, the picture files are empty:

-rw-rw 1 nobody nobody0 Jan 29 07:11 AQ_500/default.jpg
-rw-rw 1 nobody nobody0 Jan 28 19:04 BN_500/default.jpg
-rw-rw 1 nobody nobody0 Jan 28 21:05 CL_500/default.jpg
-rw-rw 1 nobody nobody0 Jan 28 19:00 CP_500/default.jpg
-rw-rw 1 nobody nobody0 Jan 28 20:05 DZ_500/default.jpg
-rw-rw 1 nobody nobody0 Jan 28 13:11 EG_500/default.jpg

7) We have some tomcat-embed-*.7.0.30.jar files deployed and scanned by Tomcat. 
Will these tomcat-embed-*.7.0.30.jar impact the *_jsp.java generation under 
Tomcat 8.0.26?

/opt/txs/webapps/TXS/share/tomcat-embed-core-7.0.30.jar
/opt/txs/webapps/TXS/share/tomcat-embed-jasper-7.0.30.jar

 MARK'S COMMENT 

Do you empty the work directory as part of this upgrade? If not, you should.

Mark

 YASI'S QUESTIONS 

Sorry, Mark, I don't quite understand 

1) Why empty work directory as part of Tomcat upgrade? 
/opt/apache-tomcat-8.0.26_1 does not exist before the upgrade. Should I empty 
/opt/apache-tomcat-7.0.54_1/work directory?

2) Is there any change of system IO (e.g. file read/write) in Tomcat 8 which 
may cause some file to be empty?

Really appreciate your help!

Regards,
-Yasi 

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Tomcat Server - Arraylist java.util.ConcurrentModificationException issue

[Terence M. Bandoian]

On 2/1/2016 6:50 AM, Subhro Paul wrote:

Hi Team,

Our web application has a "header.jsp" which has 2  Arraylist on it. Each
ArrayList has more than 50 items inside. The code is to identify the
mobile device and requested page and transfer the call to mobile page
accordingly.

This code works fine once we restart the server and can continue running 2
months without any issue. But day by day it starts showing 500 error with
exception in log "ConcurrentModificationException". Below is the code
snippet of JSP code. My Question is why this issue is happening around 2
months? If we clear the temp file created by the server in work folder
then that will run for some time( 2- 3 days) and then again the same
exception starts occurring. I have identified one solution by moving the
JAVA code from JSP to JAVA file which worked good while perform testing
but client wants to know the root cause of the issue.

FYI, earlier we had Vector in place of Arraylist which gave trouble of
thread blocking due to synchronization. So, converting from Arraylist to
Vector will not be a good idea.


Exception:

java.util.ConcurrentModificationException
 at
java.util.ArrayList$Itr.checkForComodification(ArrayList.java:859)
 at java.util.ArrayList$Itr.next(ArrayList.java:831)
 at
org.apache.jsp.includes.header_jsp.isHomePage(header_jsp.java:97)


Code Snippet:

<%!
private Set uas = new HashSet();
ArrayList urlnames = new ArrayList();
ArrayList excludePathList = new ArrayList();



Hi, Subhro-

Fields declared in a declarations section (<%!  ... %>) are class 
variables.  If Tomcat uses a single JSP object to serve multiple 
requests, which I believe it does, access to these fields should be made 
thread safe.  A simple solution would be to move the declarations of 
these fields to a scriptlet section (<% ... %>) which would result in 
them being local to the JSP service method.  It isn't the most efficient 
way to go about it but it should solve the concurrent access problem 
you're seeing.


-Terence Bandoian
/http://www.tmbsw.com/
/



private boolean haveToRedirect(HttpServletRequest request,
 String stopMobiCookie) {
 boolean doRedirect = false;
  
 String userAgent = request.getHeader("User-Agent");

 if (! stopMobiCookie.equals("yes") && userAgent != null &&
userAgent.length()!=0 && (userAgent.indexOf("UsableNet")==-1))
 {

 Iterator iter = uas.iterator();
 while (iter.hasNext()) {
 if (userAgent.indexOf((String)iter.next())!=-1) {
 doRedirect = true;
 break;


 }
 }
 }
 return doRedirect;
}

 private boolean isHomePage(HttpServletRequest request){
 Iterator itr = urlnames.iterator();
 String path = "";
 while (itr.hasNext()) {
  path = itr.next();
  if
(request.getRequestURI().toString().equalsIgnoreCase(path)){
  return true;
  }
 }
 return false;
 }
  
 private boolean isExcludePath(HttpServletRequest request){

 Iterator itr = excludePathList.iterator();
 String path = "";
 while (itr.hasNext()) {
  path = itr.next();
  if (request.getRequestURI().startsWith(path) &&
!request.getRequestURI().startsWith("/info/contact.jsp")){
  return true;
  }
 }
 return false;
 }

%>


<%

uas.add("Blazer");
uas.add("Danger hiptop");
uas.add("DoCoMo/");
uas.add("Ericsson");
uas.add("Googlebot-Mobile");
uas.add("MSN Mobile Proxy");
uas.add("Handheld");
uas.add("HTC_HD2_T58585 Opera");
uas.add("iPhone");
uas.add("iPod");
uas.add("Klondike");
uas.add("LG-");
uas.add("LGE-");
... Arround 40 items


excludePathList.add("/business/my_account");
excludePathList.add("/business/save_energy");
excludePathList.add("/business/services");
excludePathList.add("/business/small_large_business");
excludePathList.add("/info/environment");
excludePathList.add("/info/about");
excludePathList.add("/info/index.jsp");
excludePathList.add("/info/ambassador.jsp");
 more than 50 items


stopMobiCookie = some cookie code

boolean doRedirect = haveToRedirect((HttpServletRequest)request,
stopMobiCookie);


if(doRedirect){
 boolean isHomePage =
isHomePage((HttpServletRequest)request);
 boolean isExcludePath =
isExcludePath((HttpServletRequest)request);
  
 session.setAttribute("mobile_agent", "yes");


 if(!isHomePage && !isExcludePath){
 String mobileServer = "mobile.server.com";

Re: WebAppClassLoaderBase.clearReferencesThreads warning

[Yuval Schwartz]

Hello Mark,

I think that the issue below was related to the way I was shutting down an
instance of ScheduledExecutorService.
I changed the way it is shutdown when the context is destroyed...I will
update here if I don't receive any more warnings.

However, I now get a warning:

WARNING [main] org.apache.tomcat.util.net.AbstractEndpoint.shutdownExecutor
The executor associated with thread pool [http-apr-8080] has not fully
shutdown. Some application threads may still be running

I am not sure if this is related or not?
When I do a heap dump with jstack I see http-apr-8080-exec-[1-10] but I
don't see any thread named http-apr-8080.
Any ideas on how to trouble shoot this?

Thanks.

On Sun, Jan 31, 2016 at 8:18 PM, Yuval Schwartz 
wrote:

>
>
> On Sunday, 31 January 2016, Mark Thomas  wrote:
>
>> On 31/01/2016 08:06, Yuval Schwartz wrote:
>> > Hellow Mark,
>> >
>> > Thanks for the reply.
>> > Follow up questions below.
>> >
>> > On Fri, Jan 29, 2016 at 6:22 PM, Mark Thomas  wrote:
>> >
>> >> On 29/01/2016 14:34, Yuval Schwartz wrote:
>> >>> Hello,
>> >>>
>> >>> tomcat version: 8.0.22
>> >>> java: jdk1.8.0_05
>> >>> server: Amazon Linux AMI
>> >>>
>> >>> I get the following warning message in my catalina log when I
>> undeploy a
>> >>> web application:
>> >>>
>> >>> *WARNING [ContainerBackgroundProcessor[StandardEngine[Catalina]]]
>> >>>
>> org.apache.catalina.loader.WebappClassLoaderBase.clearReferencesThreads
>> >> The
>> >>> web application [ROOT##002] appears to have started a thread named
>> >>> [pool-2-thread-1] but has failed to stop it. This is very likely to
>> >> create
>> >>> a memory leak. Stack trace of thread*
>> >>>
>> >>> As you can see, for some reason, I don't get a stack trace of the
>> thread.
>> >>> Therefore, I have no idea how to debug this warning.
>> >>>
>> >>> This particular warning was generated when tomcat detected an unused
>> >>> version and undeployed it (I set undeployOldVersions="true").
>> >>>
>> >>> Does anyone know how I can debug this warning. How can I know more
>> about
>> >>> this thread?
>> >> That looks like a thread from Commons Pool (possibly via DBCP). The
>> only
>> >> way to be sure you have a leak or not is to use a profiler. See
>> >>
>> >>
>> http://home.apache.org/~markt/presentations/2010-11-04-Memory-Leaks-60mins.pdf
>> >
>> >
>> > Is VisualVM a good profiler to start with considering my system?
>>
>> Sorry, don't know. Never used it. I use YourKit, mainly because they
>> kindly donate free licenses to OpenSource developers to use with their
>> OpenSource projects.
>
>
> Thank you Mark,
>
> I installed VisualVM as a profiler.
> I can now see all of the threads that tomcat is "using" (?not sure if
> that's the correct term) (there's 35 live threads and 33 daemon threads).
> Do you have any recommendations for how I might trouble shoot the original
> warning that I got? Would I do a "heap dump"?
> I have restarted tomcat since the time of the original warning message, so
> I can't expect to find the same thread, correct?
> Any tips?
>
> FYI: I never saw my cpu climbing or anything, I am troubleshooting this
> warning solely on seeing the "Warning" message. Is this overkill? Should I
> wait until something more severe occurs? (I have not yet gone live with my
> webapp but planned on doing so soon).
>
> Thanks.
>
>
>>
>> Mark
>>
>> > I would just like to confirm that this warning is not something serious.
>> > I am currently having a little trouble running VisualVM (jstatd) from a
>> > remote machine but can struggle with it a little more to try to get it
>> > working.
>> >
>> >
>> > Thanks.
>> >
>> >
>> >
>> >>
>> >>> I used the manager app and clicked "find leaks" but it said that there
>> >> were
>> >>> none.
>> >>> (Can someone also explain why I have to be cautious when using this
>> >> feature
>> >>> on production environments).
>> >>
>> >> It triggers a full GC which may (hopefully briefly) pause the entire
>> JVM.
>> >>
>> >> Mark
>> >>
>> >>
>> >> -
>> >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> >> For additional commands, e-mail: users-h...@tomcat.apache.org
>> >>
>> >>
>> >
>>
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>>

Re: Virtual Hosting, HTTP 302 to HTTPS?

[Björn Raupach]

> On 01 Feb 2016, at 16:20, Mark Thomas  wrote:
> 
> On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach"  wrote:
>> Dear group,
>> 
>> I have two web applications (a,b) that are both reachable via
>> subdomains:
>> 
>> a.example.com 
>> b.example.com 
>> 
>> For b.example.com  exists a SSL certificate. 
>> a.example.com  does not need SSL.
>> The HTTPS connector uses a a Java keystore with the certificate. 
>> 
>> I configured Apache Tomcat 8.0.20 with Virtual Hosting.
>> 
>> CATALINA_HOME/webapps_a
>> CATALINA_HOME/webapps_b
>> 
>> The server.xml has been adjusted.
>> 
>> 
>> 
>> 
>>  ...
>> 
>> 
>> 
>>  ...
>> 
>> 
>> 
>> 
>> Both web apps are deployed using ROOT.war. They get unpacked and there
>> are no errors in the log files.
>> 
>> Here is my problem. b works fine, but I can't reach a.
>> 
>> curl -I http://a.example.com 
>> HTTP/1.1 302 Found
>> Server: Apache-Coyote/1.1
>> Cache-Control: private 
>> Expires: Thu, 01 Jan 1970 01:00:00 CET
>> Location: https://a.example.com 
>> Content-Length: 0
>> Date: Mon, 01 Feb 2016 13:52:32 GMT
>> 
>> curl -I http://b.example.com 
>> HTTP/1.1 302 Found
>> Server: Apache-Coyote/1.1
>> Cache-Control: private 
>> Expires: Thu, 01 Jan 1970 01:00:00 CET
>> Location: https://b.example.com 
>> Content-Length: 0
>> Date: Mon, 01 Feb 2016 13:52:54 GMT  
>> 
>> The redirect sets Location to https. I know this can't work because I
>> have no
>> certificate for srv.grasmueck.de  nor do I
>> need https.
>> 
>> And I see the web application `b` instead of `a` despite the error.
>> 
>> Do I need a Apache HTTPD fronted? 
> 
> No.  The name of your virtual host (or one of its aliases) must match the 
> host header. If they don't match the default host will be used.
> 
> Given that you've already told us one of the real host names, you might as 
> well show us the real configuration and the real request if you need help 
> spotting the configuration error.

And here I am trying to be smart. ;)

srv.grasmueck.de 
isiee.grasmueck.de 

Here is my server.xml:


  
  
  
  
  
  
  
  

  
  





  

  
  




















  
  

  
  


  

  







  

  



  

  



> 
> Mark



> 
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 

RE: Virtual Hosting, HTTP 302 to HTTPS?

[Jeffrey Janner]

> -Original Message-
> From: Mark Thomas [mailto:ma...@apache.org]
> Sent: Monday, February 01, 2016 9:21 AM
> To: Tomcat Users List 
> Subject: Re: Virtual Hosting, HTTP 302 to HTTPS?
> 
> On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach" 
> wrote:
> >Dear group,
> >
> >I have two web applications (a,b) that are both reachable via
> >subdomains:
> >
> >a.example.com 
> >b.example.com 
> >
> >For b.example.com  exists a SSL certificate.
> >a.example.com  does not need SSL.
> >The HTTPS connector uses a a Java keystore with the certificate.
> >
> >I configured Apache Tomcat 8.0.20 with Virtual Hosting.
> >
> >CATALINA_HOME/webapps_a
> >CATALINA_HOME/webapps_b
> >
> >The server.xml has been adjusted.
> >
> >
> >
> >
> >   ...
> > 
> >
> >
> >   ...
> > 
> >
> >
> >
> >Both web apps are deployed using ROOT.war. They get unpacked and there
> >are no errors in the log files.
> >
> >Here is my problem. b works fine, but I can't reach a.
> >
> >curl -I http://a.example.com 
> >HTTP/1.1 302 Found
> >Server: Apache-Coyote/1.1
> >Cache-Control: private
> >Expires: Thu, 01 Jan 1970 01:00:00 CET
> >Location: https://a.example.com 
> >Content-Length: 0
> >Date: Mon, 01 Feb 2016 13:52:32 GMT
> >
> >curl -I http://b.example.com 
> >HTTP/1.1 302 Found
> >Server: Apache-Coyote/1.1
> >Cache-Control: private
> >Expires: Thu, 01 Jan 1970 01:00:00 CET
> >Location: https://b.example.com 
> >Content-Length: 0
> >Date: Mon, 01 Feb 2016 13:52:54 GMT
> >
> >The redirect sets Location to https. I know this can't work because I
> >have no
> >certificate for srv.grasmueck.de  nor do I
> >need https.
> >
> >And I see the web application `b` instead of `a` despite the error.
> >
> >Do I need a Apache HTTPD fronted?
> 
> No.  The name of your virtual host (or one of its aliases) must match
> the host header. If they don't match the default host will be used.
> 
> Given that you've already told us one of the real host names, you might
> as well show us the real configuration and the real request if you need
> help spotting the configuration error.
> 
> Mark
> 
Since the information provided shows that both URLs are responding with a 302 
redirect to the HTTPS connector with the same hostname as provided, I'd say 
that his server.xml configuration is working correctly.
Obviously, there is something in both webapps that is forcing the redirect.
Might I suggest the OP take a look at the web.xml file for the A host to see if 
he can see that it is indeed requesting the redirect?  (hint: 
 section.)
Jeff

Re: Virtual Hosting, HTTP 302 to HTTPS?

[Björn Raupach]

> On 01 Feb 2016, at 16:29, Jeffrey Janner  wrote:
> 
>> -Original Message-
>> From: Mark Thomas [mailto:ma...@apache.org]
>> Sent: Monday, February 01, 2016 9:21 AM
>> To: Tomcat Users List 
>> Subject: Re: Virtual Hosting, HTTP 302 to HTTPS?
>> 
>> On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach" 
>> wrote:
>>> Dear group,
>>> 
>>> I have two web applications (a,b) that are both reachable via
>>> subdomains:
>>> 
>>> a.example.com 
>>> b.example.com 
>>> 
>>> For b.example.com  exists a SSL certificate.
>>> a.example.com  does not need SSL.
>>> The HTTPS connector uses a a Java keystore with the certificate.
>>> 
>>> I configured Apache Tomcat 8.0.20 with Virtual Hosting.
>>> 
>>> CATALINA_HOME/webapps_a
>>> CATALINA_HOME/webapps_b
>>> 
>>> The server.xml has been adjusted.
>>> 
>>> 
>>> 
>>> 
>>>  ...
>>> 
>>> 
>>> 
>>>  ...
>>> 
>>> 
>>> 
>>> 
>>> Both web apps are deployed using ROOT.war. They get unpacked and there
>>> are no errors in the log files.
>>> 
>>> Here is my problem. b works fine, but I can't reach a.
>>> 
>>> curl -I http://a.example.com 
>>> HTTP/1.1 302 Found
>>> Server: Apache-Coyote/1.1
>>> Cache-Control: private
>>> Expires: Thu, 01 Jan 1970 01:00:00 CET
>>> Location: https://a.example.com 
>>> Content-Length: 0
>>> Date: Mon, 01 Feb 2016 13:52:32 GMT
>>> 
>>> curl -I http://b.example.com 
>>> HTTP/1.1 302 Found
>>> Server: Apache-Coyote/1.1
>>> Cache-Control: private
>>> Expires: Thu, 01 Jan 1970 01:00:00 CET
>>> Location: https://b.example.com 
>>> Content-Length: 0
>>> Date: Mon, 01 Feb 2016 13:52:54 GMT
>>> 
>>> The redirect sets Location to https. I know this can't work because I
>>> have no
>>> certificate for srv.grasmueck.de  nor do I
>>> need https.
>>> 
>>> And I see the web application `b` instead of `a` despite the error.
>>> 
>>> Do I need a Apache HTTPD fronted?
>> 
>> No.  The name of your virtual host (or one of its aliases) must match
>> the host header. If they don't match the default host will be used.
>> 
>> Given that you've already told us one of the real host names, you might
>> as well show us the real configuration and the real request if you need
>> help spotting the configuration error.
>> 
>> Mark
>> 
> Since the information provided shows that both URLs are responding with a 302 
> redirect to the HTTPS connector with the same hostname as provided, I'd say 
> that his server.xml configuration is working correctly.
> Obviously, there is something in both webapps that is forcing the redirect.
> Might I suggest the OP take a look at the web.xml file for the A host to see 
> if he can see that it is indeed requesting the redirect?  (hint: 
>  section.)
> Jeff

Hi Jeff,

the web application with the certificate does have a security constraint in the 
web.xml.



/index.xhtml


CONFIDENTIAL



> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org 
> 
> For additional commands, e-mail: users-h...@tomcat.apache.org 
> 

rotate catalina.out without restart?

[Harald Dunkel]

Hi folks,

would it be possible to integate apache's rotatelogs
into catalina.sh to support daily rotation of catalina.out
without restart?

This would be #1 on my wish list for version 9.


Keep on your good work
Harri

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Virtual Hosting, HTTP 302 to HTTPS?

[Mark Thomas]

On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach"  wrote:
>Dear group,
>
>I have two web applications (a,b) that are both reachable via
>subdomains:
>
>a.example.com 
>b.example.com 
>
>For b.example.com  exists a SSL certificate. 
>a.example.com  does not need SSL.
>The HTTPS connector uses a a Java keystore with the certificate. 
>
>I configured Apache Tomcat 8.0.20 with Virtual Hosting.
>
>CATALINA_HOME/webapps_a
>CATALINA_HOME/webapps_b
>
>The server.xml has been adjusted.
>
>
>
>
>   ...
> 
>
>
>   ...
> 
>
>
>
>Both web apps are deployed using ROOT.war. They get unpacked and there
>are no errors in the log files.
>
>Here is my problem. b works fine, but I can't reach a.
>
>curl -I http://a.example.com 
>HTTP/1.1 302 Found
>Server: Apache-Coyote/1.1
>Cache-Control: private 
>Expires: Thu, 01 Jan 1970 01:00:00 CET
>Location: https://a.example.com 
>Content-Length: 0
>Date: Mon, 01 Feb 2016 13:52:32 GMT
>
>curl -I http://b.example.com 
>HTTP/1.1 302 Found
>Server: Apache-Coyote/1.1
>Cache-Control: private 
>Expires: Thu, 01 Jan 1970 01:00:00 CET
>Location: https://b.example.com 
>Content-Length: 0
>Date: Mon, 01 Feb 2016 13:52:54 GMT  
>
>The redirect sets Location to https. I know this can't work because I
>have no
>certificate for srv.grasmueck.de  nor do I
>need https.
>
>And I see the web application `b` instead of `a` despite the error.
>
>Do I need a Apache HTTPD fronted? 

No.  The name of your virtual host (or one of its aliases) must match the host 
header. If they don't match the default host will be used.

Given that you've already told us one of the real host names, you might as well 
show us the real configuration and the real request if you need help spotting 
the configuration error.

Mark



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: WebAppClassLoaderBase.clearReferencesThreads warning

[Terence M. Bandoian]

On 2/1/2016 8:54 AM, Yuval Schwartz wrote:

Hello Mark,

I think that the issue below was related to the way I was shutting down an
instance of ScheduledExecutorService.
I changed the way it is shutdown when the context is destroyed...I will
update here if I don't receive any more warnings.

However, I now get a warning:

WARNING [main] org.apache.tomcat.util.net.AbstractEndpoint.shutdownExecutor
The executor associated with thread pool [http-apr-8080] has not fully
shutdown. Some application threads may still be running

I am not sure if this is related or not?
When I do a heap dump with jstack I see http-apr-8080-exec-[1-10] but I
don't see any thread named http-apr-8080.
Any ideas on how to trouble shoot this?

Thanks.



Hi, Yuval-

Where are you shutting down the ScheduledExecutorService?  I ran into a 
similar problem trying to stop a ScheduledExecutorService in the 
contextDestroyed method of a ServletContextListener.  Adding a call to 
Thread.yield() after the executor was terminated removed the warning.  
To terminate the executor, I used the shutdown() method followed by a 
loop with a call to awaitTermination().


-Terence Bandoian




On Sun, Jan 31, 2016 at 8:18 PM, Yuval Schwartz 
wrote:



On Sunday, 31 January 2016, Mark Thomas  wrote:


On 31/01/2016 08:06, Yuval Schwartz wrote:

Hellow Mark,

Thanks for the reply.
Follow up questions below.

On Fri, Jan 29, 2016 at 6:22 PM, Mark Thomas  wrote:


On 29/01/2016 14:34, Yuval Schwartz wrote:

Hello,

tomcat version: 8.0.22
java: jdk1.8.0_05
server: Amazon Linux AMI

I get the following warning message in my catalina log when I

undeploy a

web application:

*WARNING [ContainerBackgroundProcessor[StandardEngine[Catalina]]]


org.apache.catalina.loader.WebappClassLoaderBase.clearReferencesThreads

The

web application [ROOT##002] appears to have started a thread named
[pool-2-thread-1] but has failed to stop it. This is very likely to

create

a memory leak. Stack trace of thread*

As you can see, for some reason, I don't get a stack trace of the

thread.

Therefore, I have no idea how to debug this warning.

This particular warning was generated when tomcat detected an unused
version and undeployed it (I set undeployOldVersions="true").

Does anyone know how I can debug this warning. How can I know more

about

this thread?

That looks like a thread from Commons Pool (possibly via DBCP). The

only

way to be sure you have a leak or not is to use a profiler. See



http://home.apache.org/~markt/presentations/2010-11-04-Memory-Leaks-60mins.pdf


Is VisualVM a good profiler to start with considering my system?

Sorry, don't know. Never used it. I use YourKit, mainly because they
kindly donate free licenses to OpenSource developers to use with their
OpenSource projects.


Thank you Mark,

I installed VisualVM as a profiler.
I can now see all of the threads that tomcat is "using" (?not sure if
that's the correct term) (there's 35 live threads and 33 daemon threads).
Do you have any recommendations for how I might trouble shoot the original
warning that I got? Would I do a "heap dump"?
I have restarted tomcat since the time of the original warning message, so
I can't expect to find the same thread, correct?
Any tips?

FYI: I never saw my cpu climbing or anything, I am troubleshooting this
warning solely on seeing the "Warning" message. Is this overkill? Should I
wait until something more severe occurs? (I have not yet gone live with my
webapp but planned on doing so soon).

Thanks.



Mark


I would just like to confirm that this warning is not something serious.
I am currently having a little trouble running VisualVM (jstatd) from a
remote machine but can struggle with it a little more to try to get it
working.


Thanks.




I used the manager app and clicked "find leaks" but it said that there

were

none.
(Can someone also explain why I have to be cautious when using this

feature

on production environments).

It triggers a full GC which may (hopefully briefly) pause the entire

JVM.

Mark


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

com.microsoft.sqlserver.jdbc.SQLServerException: Connection reset - Errors

[Bomma, Nithun]

Hello,

We are using Tomcat 6.x for one of our application. It was working fine until 
today morning and all of sudden we tomcat application was not responding and 
was throwing below errors:


Feb 1, 2016 9:00:16 AM com.microsoft.sqlserver.jdbc.SQLServerConnection Prelogin
WARNING: ConnectionID:96869 Prelogin error: host MSSENTCLUSQL01P.amtrak.ad.nrpc 
port 1433 Error sending prelogin request: Connection reset
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: Connection 
reset
Feb 1, 2016 9:00:22 AM com.microsoft.sqlserver.jdbc.SQLServerConnection Prelogin
WARNING: ConnectionID:96899 Prelogin error: host MSSENTCLUSQL01P.amtrak.ad.nrpc 
port 1433 Error sending prelogin request: Connection reset
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: Connection 
reset
Feb 1, 2016 9:00:29 AM org.apache.jk.common.ChannelSocket processConnection
WARNING: processCallbacks status 2

Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: Connection 
reset
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: Connection 
reset
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: Connection 
reset
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: Connection 
reset
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: Connection 
reset
Feb 1, 2016 9:04:25 AM com.microsoft.sqlserver.jdbc.TDSChannel enableSSL
INFO: java.security path: /usr/java/jdk1.6.0_17/jre/lib/security
Security providers: [SUN version 1.6, SunRsaSign version 1.5, SunJSSE version 
1.6, SunJCE version 1.6, SunJGSS version 1.0, SunSASL version 1.5, XMLDSig 
version 1.0, SunPCSC version 1.6]
SSLContext provider info: Sun JSSE provider(PKCS12, SunX509 key/trust 
factories, SSLv3, TLSv1)
SSLContext provider services:
[SunJSSE: KeyFactory.RSA -> sun.security.rsa.RSAKeyFactory
  aliases: [1.2.840.113549.1.1, OID.1.2.840.113549.1.1]
, SunJSSE: KeyPairGenerator.RSA -> sun.security.rsa.RSAKeyPairGenerator
  aliases: [1.2.840.113549.1.1, OID.1.2.840.113549.1.1]
, SunJSSE: Signature.MD2withRSA -> sun.security.rsa.RSASignature$MD2withRSA
  aliases: [1.2.840.113549.1.1.2, OID.1.2.840.113549.1.1.2]
, SunJSSE: Signature.MD5withRSA -> sun.security.rsa.RSASignature$MD5withRSA
  aliases: [1.2.840.113549.1.1.4, OID.1.2.840.113549.1.1.4]
, SunJSSE: Signature.SHA1withRSA -> sun.security.rsa.RSASignature$SHA1withRSA
  aliases: [1.2.840.113549.1.1.5, OID.1.2.840.113549.1.1.5, 1.3.14.3.2.29, 
OID.1.3.14.3.2.29]
, SunJSSE: Signature.MD5andSHA1withRSA -> 
com.sun.net.ssl.internal.ssl.RSASignature
, SunJSSE: KeyManagerFactory.SunX509 -> 
com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509
, SunJSSE: KeyManagerFactory.NewSunX509 -> 
com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$X509
, SunJSSE: TrustManagerFactory.SunX509 -> 
com.sun.net.ssl.internal.ssl.TrustManagerFactoryImpl$SimpleFactory
, SunJSSE: TrustManagerFactory.PKIX -> 
com.sun.net.ssl.internal.ssl.TrustManagerFactoryImpl$PKIXFactory
  aliases: [SunPKIX, X509, X.509]
, SunJSSE: SSLContext.SSL -> com.sun.net.ssl.internal.ssl.SSLContextImpl
, SunJSSE: SSLContext.SSLv3 -> com.sun.net.ssl.internal.ssl.SSLContextImpl
, SunJSSE: SSLContext.TLS -> com.sun.net.ssl.internal.ssl.SSLContextImpl
, SunJSSE: SSLContext.TLSv1 -> com.sun.net.ssl.internal.ssl.SSLContextImpl
, SunJSSE: SSLContext.Default -> 
com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl
, SunJSSE: KeyStore.PKCS12 -> com.sun.net.ssl.internal.pkcs12.PKCS12KeyStore
]
java.ext.dirs: /usr/java/jdk1.6.0_17/jre/lib/ext:/usr/java/packages/lib/ext
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: The driver 
could not establish a secure connection to SQL Server by using Secure Sockets 
Layer (SSL) encryption. Error: "Connection reset".
Feb 1, 2016 9:04:38 AM org.apache.jk.common.ChannelSocket processConnection
WARNING: processCallbacks status 2


After 6 Minutes, we started getting OutOfmemory Errors.
SEVERE: Caught exception (java.lang.OutOfMemoryError: GC overhead limit 
exceeded) executing org.apache.jk.common.ChannelSocket$SocketAcceptor@a03fd6a, 
terminating thread
Caught exception org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot get a 
connection, pool error Timeout waiting for idle object
Caught exception org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot get a 
connection, pool error Timeout waiting for idle object
Caught exception org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot get a 
connection, pool error Timeout waiting for idle object
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: Connection 
reset

Feb 1, 2016 9:11:29 AM com.microsoft.sqlserver.jdbc.TDSChannel enableSSL


Can you please me understand what caused this issue?

Thanks,
Nithun Bomma
Sr WebSphere Administrator
Amtrak - Information Technology (Operations)
Desk: 770-604-3514; Cell: 215-704-4981

Re: com.microsoft.sqlserver.jdbc.SQLServerException: Connection reset - Errors

[tomcat]

On 01.02.2016 17:55, Bomma, Nithun wrote:

Hello,

We are using Tomcat 6.x for one of our application. It was working fine until 
today morning and all of sudden we tomcat application was not responding and 
was throwing below errors:


Feb 1, 2016 9:00:16 AM com.microsoft.sqlserver.jdbc.SQLServerConnection Prelogin
WARNING: ConnectionID:96869 Prelogin error: host MSSENTCLUSQL01P.amtrak.ad.nrpc 
port 1433 Error sending prelogin request: Connection reset
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: Connection 
reset
Feb 1, 2016 9:00:22 AM com.microsoft.sqlserver.jdbc.SQLServerConnection Prelogin
WARNING: ConnectionID:96899 Prelogin error: host MSSENTCLUSQL01P.amtrak.ad.nrpc 
port 1433 Error sending prelogin request: Connection reset
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: Connection 
reset
Feb 1, 2016 9:00:29 AM org.apache.jk.common.ChannelSocket processConnection
WARNING: processCallbacks status 2

Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: Connection 
reset
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: Connection 
reset
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: Connection 
reset
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: Connection 
reset
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: Connection 
reset
Feb 1, 2016 9:04:25 AM com.microsoft.sqlserver.jdbc.TDSChannel enableSSL
INFO: java.security path: /usr/java/jdk1.6.0_17/jre/lib/security
Security providers: [SUN version 1.6, SunRsaSign version 1.5, SunJSSE version 
1.6, SunJCE version 1.6, SunJGSS version 1.0, SunSASL version 1.5, XMLDSig 
version 1.0, SunPCSC version 1.6]
SSLContext provider info: Sun JSSE provider(PKCS12, SunX509 key/trust 
factories, SSLv3, TLSv1)
SSLContext provider services:
[SunJSSE: KeyFactory.RSA -> sun.security.rsa.RSAKeyFactory
   aliases: [1.2.840.113549.1.1, OID.1.2.840.113549.1.1]
, SunJSSE: KeyPairGenerator.RSA -> sun.security.rsa.RSAKeyPairGenerator
   aliases: [1.2.840.113549.1.1, OID.1.2.840.113549.1.1]
, SunJSSE: Signature.MD2withRSA -> sun.security.rsa.RSASignature$MD2withRSA
   aliases: [1.2.840.113549.1.1.2, OID.1.2.840.113549.1.1.2]
, SunJSSE: Signature.MD5withRSA -> sun.security.rsa.RSASignature$MD5withRSA
   aliases: [1.2.840.113549.1.1.4, OID.1.2.840.113549.1.1.4]
, SunJSSE: Signature.SHA1withRSA -> sun.security.rsa.RSASignature$SHA1withRSA
   aliases: [1.2.840.113549.1.1.5, OID.1.2.840.113549.1.1.5, 1.3.14.3.2.29, 
OID.1.3.14.3.2.29]
, SunJSSE: Signature.MD5andSHA1withRSA -> 
com.sun.net.ssl.internal.ssl.RSASignature
, SunJSSE: KeyManagerFactory.SunX509 -> 
com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509
, SunJSSE: KeyManagerFactory.NewSunX509 -> 
com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$X509
, SunJSSE: TrustManagerFactory.SunX509 -> 
com.sun.net.ssl.internal.ssl.TrustManagerFactoryImpl$SimpleFactory
, SunJSSE: TrustManagerFactory.PKIX -> 
com.sun.net.ssl.internal.ssl.TrustManagerFactoryImpl$PKIXFactory
   aliases: [SunPKIX, X509, X.509]
, SunJSSE: SSLContext.SSL -> com.sun.net.ssl.internal.ssl.SSLContextImpl
, SunJSSE: SSLContext.SSLv3 -> com.sun.net.ssl.internal.ssl.SSLContextImpl
, SunJSSE: SSLContext.TLS -> com.sun.net.ssl.internal.ssl.SSLContextImpl
, SunJSSE: SSLContext.TLSv1 -> com.sun.net.ssl.internal.ssl.SSLContextImpl
, SunJSSE: SSLContext.Default -> 
com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl
, SunJSSE: KeyStore.PKCS12 -> com.sun.net.ssl.internal.pkcs12.PKCS12KeyStore
]
java.ext.dirs: /usr/java/jdk1.6.0_17/jre/lib/ext:/usr/java/packages/lib/ext
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not 
establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) 
encryption. Error: "Connection reset".
Feb 1, 2016 9:04:38 AM org.apache.jk.common.ChannelSocket processConnection
WARNING: processCallbacks status 2


After 6 Minutes, we started getting OutOfmemory Errors.
SEVERE: Caught exception (java.lang.OutOfMemoryError: GC overhead limit 
exceeded) executing org.apache.jk.common.ChannelSocket$SocketAcceptor@a03fd6a, 
terminating thread
Caught exception org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot get a 
connection, pool error Timeout waiting for idle object
Caught exception org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot get a 
connection, pool error Timeout waiting for idle object
Caught exception org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot get a 
connection, pool error Timeout waiting for idle object
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException: Connection 
reset

Feb 1, 2016 9:11:29 AM com.microsoft.sqlserver.jdbc.TDSChannel enableSSL


Can you please me understand what caused this issue?



Maybe : from the looks of it, your tomcat uses some (non-tomcat) mechanism to connect to 
an external Microsoft SQL Server, and that is not working (anymore).

It does not seem to have anything to do with Tomcat per se.
What happened 

Re: com.microsoft.sqlserver.jdbc.SQLServerException: Connection reset - Errors

[tomcat]

On 01.02.2016 18:16, Christopher Schultz wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Nithin,

On 2/1/16 11:55 AM, Bomma, Nithun wrote:

We are using Tomcat 6.x for one of our application. It was working
fine until today morning and all of sudden we tomcat application
was not responding and was throwing below errors:


Feb 1, 2016 9:00:16 AM
com.microsoft.sqlserver.jdbc.SQLServerConnection Prelogin WARNING:
ConnectionID:96869 Prelogin error: host
MSSENTCLUSQL01P.amtrak.ad.nrpc port 1433 Error sending prelogin
request: Connection reset Caught exception
com.microsoft.sqlserver.jdbc.SQLServerException: Connection reset
Feb 1, 2016 9:00:22 AM
com.microsoft.sqlserver.jdbc.SQLServerConnection Prelogin WARNING:
ConnectionID:96899 Prelogin error: host
MSSENTCLUSQL01P.amtrak.ad.nrpc port 1433 Error sending prelogin
request: Connection reset Caught exception
com.microsoft.sqlserver.jdbc.SQLServerException: Connection reset
Feb 1, 2016 9:00:29 AM org.apache.jk.common.ChannelSocket
processConnection WARNING: processCallbacks status 2

Caught exception com.microsoft.sqlserver.jdbc.SQLServerException:
Connection reset Caught exception
com.microsoft.sqlserver.jdbc.SQLServerException: Connection reset
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException:
Connection reset Caught exception
com.microsoft.sqlserver.jdbc.SQLServerException: Connection reset
Caught exception com.microsoft.sqlserver.jdbc.SQLServerException:
Connection reset Feb 1, 2016 9:04:25 AM
com.microsoft.sqlserver.jdbc.TDSChannel enableSSL INFO:
java.security path: /usr/java/jdk1.6.0_17/jre/lib/security Security
providers: [SUN version 1.6, SunRsaSign version 1.5, SunJSSE
version 1.6, SunJCE version 1.6, SunJGSS version 1.0, SunSASL
version 1.5, XMLDSig version 1.0, SunPCSC version 1.6] SSLContext
provider info: Sun JSSE provider(PKCS12, SunX509 key/trust
factories, SSLv3, TLSv1) SSLContext provider services: [SunJSSE:
KeyFactory.RSA -> sun.security.rsa.RSAKeyFactory aliases:
[1.2.840.113549.1.1, OID.1.2.840.113549.1.1] , SunJSSE:
KeyPairGenerator.RSA -> sun.security.rsa.RSAKeyPairGenerator
aliases: [1.2.840.113549.1.1, OID.1.2.840.113549.1.1] , SunJSSE:
Signature.MD2withRSA -> sun.security.rsa.RSASignature$MD2withRSA
aliases: [1.2.840.113549.1.1.2, OID.1.2.840.113549.1.1.2] ,
SunJSSE: Signature.MD5withRSA ->
sun.security.rsa.RSASignature$MD5withRSA aliases:
[1.2.840.113549.1.1.4, OID.1.2.840.113549.1.1.4] , SunJSSE:
Signature.SHA1withRSA -> sun.security.rsa.RSASignature$SHA1withRSA
aliases: [1.2.840.113549.1.1.5, OID.1.2.840.113549.1.1.5,
1.3.14.3.2.29, OID.1.3.14.3.2.29] , SunJSSE:
Signature.MD5andSHA1withRSA ->
com.sun.net.ssl.internal.ssl.RSASignature , SunJSSE:
KeyManagerFactory.SunX509 ->
com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509 ,
SunJSSE: KeyManagerFactory.NewSunX509 ->
com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$X509 , SunJSSE:
TrustManagerFactory.SunX509 ->
com.sun.net.ssl.internal.ssl.TrustManagerFactoryImpl$SimpleFactory
, SunJSSE: TrustManagerFactory.PKIX ->
com.sun.net.ssl.internal.ssl.TrustManagerFactoryImpl$PKIXFactory
aliases: [SunPKIX, X509, X.509] , SunJSSE: SSLContext.SSL ->
com.sun.net.ssl.internal.ssl.SSLContextImpl , SunJSSE:
SSLContext.SSLv3 -> com.sun.net.ssl.internal.ssl.SSLContextImpl ,
SunJSSE: SSLContext.TLS ->
com.sun.net.ssl.internal.ssl.SSLContextImpl , SunJSSE:
SSLContext.TLSv1 -> com.sun.net.ssl.internal.ssl.SSLContextImpl ,
SunJSSE: SSLContext.Default ->
com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl , SunJSSE:
KeyStore.PKCS12 -> com.sun.net.ssl.internal.pkcs12.PKCS12KeyStore
] java.ext.dirs:
/usr/java/jdk1.6.0_17/jre/lib/ext:/usr/java/packages/lib/ext Caught
exception com.microsoft.sqlserver.jdbc.SQLServerException: The
driver could not establish a secure connection to SQL Server by
using Secure Sockets Layer (SSL) encryption. Error: "Connection
reset". Feb 1, 2016 9:04:38 AM org.apache.jk.common.ChannelSocket
processConnection WARNING: processCallbacks status 2


No description of the underlying error. :(

I would imagine someone finally disabled SSLv3 on the database server,
so you have to use a higher protocol to connect to it?


After 6 Minutes, we started getting OutOfmemory Errors. SEVERE:
Caught exception (java.lang.OutOfMemoryError: GC overhead limit
exceeded) executing
org.apache.jk.common.ChannelSocket$SocketAcceptor@a03fd6a,
terminating thread Caught exception
org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot get a
connection, pool error Timeout waiting for idle object Caught
exception org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot
get a connection, pool error Timeout waiting for idle object Caught
exception org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot
get a connection, pool error Timeout waiting for idle object Caught
exception com.microsoft.sqlserver.jdbc.SQLServerException:
Connection reset


Perhaps the SQL Server driver doesn't clean-up its resources when it
gets a fatal connection error likethis.

There's no Tomcat configuration 

Re: Virtual Hosting, HTTP 302 to HTTPS?

[Björn Raupach]

> On 01 Feb 2016, at 17:30, Mark Thomas  wrote:
> 
> On 01/02/2016 15:27, Björn Raupach wrote:
>>> On 01 Feb 2016, at 16:20, Mark Thomas  wrote:
>>> On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach"  
>>> wrote:
> 
> 
> 
 Do I need a Apache HTTPD fronted? 
>>> 
>>> No.  The name of your virtual host (or one of its aliases) must match the 
>>> host header. If they don't match the default host will be used.
>>> 
>>> Given that you've already told us one of the real host names, you might as 
>>> well show us the real configuration and the real request if you need help 
>>> spotting the configuration error.
>> 
>> And here I am trying to be smart. ;)
>> 
>> srv.grasmueck.de 
>> isiee.grasmueck.de 
> 
> 
> 
>>  >unpackWARs="true" autoDeploy="true">
> 
> 
> 
>>  
>> 
>>  >unpackWARs="true" autoDeploy="true">
> 
> 
> 
>>  
>>
>>  
>> 
> 
> To repeat: The name of your virtual host (or one of its aliases) must
> match the host header.
> 
> You should be using
> 
> and
> 

Thank you for being so patient. This worked!

> 
> Mark
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org