Re: Question regarding running Tomcat 7.0.57 offline

2018-04-19 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

John,

On 4/19/18 4:34 PM, John Dale wrote:
> Indeed - that is what I thought as well (DNS).
> 
> But what about this (stacktrace below)?
> 
> Will see about the thread dumps (I'm in appointments for the rest
> of the day, but can't wait to make it back and read responses and
> put this one to bed).
> 
> I was reading that MySQL does some things with host bindings and 
> resolutions that might auto-resolve algorithmically, explaining
> this behavior.  Will keep that in mind as I continue.
> 
> Thanks,
> 
> John
> 
> 
> 
> -
> 
> [ERROR] 04-19-2018 13:16:50 onefortyfive.SMSNotificationPoller init
> – Unable to initialize sms daemon.
> 
> org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot create 
> PoolableConnectionFactory (Could not create connection to database 
> server. Attempted reconnect 3 times. Giving up.)
> 
> at
> org.apache.tomcat.dbcp.dbcp.BasicDataSource.createPoolableConnectionFa
ctory(BasicDataSource.java:1549)
>
>  at
> org.apache.tomcat.dbcp.dbcp.BasicDataSource.createDataSource(BasicData
Source.java:1388)
>
>  at
> org.apache.tomcat.dbcp.dbcp.BasicDataSource.getConnection(BasicDataSou
rce.java:1044)
>
>  at
> digitalcnc.data.ConnectionFactory.getConnection(ConnectionFactory.java
:56)
>
>  at
> onefortyfive.SMSNotificationPoller.init(SMSNotificationPoller.java:146
)

Sounds
> 
like the driver tried 3 times and couldn't connect :)

If you are using DHCP, let the pool do the reconnections if necessary.
Remove that autoReconnect=true junk from your JDBC URL.

Without seeing your configuration, it's tough to tell what might be
going on.

It's also not clear where the call to
onefortyfive.SMSNotificationPoller.init is coming from. If that's
happening when the application is coming-up, it might be happening
synchronously, keeping the application from completely-deploying
before anything else happens.

Can you post the COMPLETE stack trace?

The thread dump during the stall is going to be very informative, too.

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlrZFyEACgkQHPApP6U8
pFgfzg//Qk3M8mdiu0dDhPG7qaAi2zvnXhU4TKFk3qlNxwjuEaW+309EqObYe0hB
qy6YehCipMe0b/dToOieFw6UGU9RfCpsfAjAGnpDmKjeAFRKXaWYL/FEBbCvVdn7
QJLLYdaaTVw9hoJ3JLEe5M+qPXisQCdHSOI5/jxxsoDlt0hGp9nU/q4/I0PHAm13
pmAXjmFTrvMiGIfyij3UFIcrLxRQjYoaQUUxraiJDQaETJU3XDAVyAjE5xLzrKm9
bJuYOFLrjvlmOAKgqxHYVaXtRdUVc0tdlVj92qRZR0w5C4fQgp9kTaHw58sVrEMF
8aiZOJGQmZJ4xn7qD/obZH0WI/eNFBlqpCqq/evS1JZWewxRLM7ADhMLxk4hfTxB
HXIKNXUBG6HJQiKoYCTjc0NSKm9qmtnxztEME5mQHYQRc53/11Rlf/F8PD7TgQvk
VR/3PCGd6FwocE3WzpBC+X2NphJx0KX1FEc8sJYbZFe1Vqb1p97JraKsvEJslow3
zyigUwqjr7KTkaQBzQ79LCOYeeVwDePPfURccgZld/WjCKGCEPnzdz/d1uQlpHYv
iYuZuZUZzbsrW6C4N98vUbMOsmKm742dSNcWcgOc8rT7A9uwlHs+hyxSjwH0WfT7
9I6BUdOCNFP3wuRQoL0AdIv6VFCBV4LjcQGhp4koqCMyWw0gOVE=
=/jbW
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Question regarding running Tomcat 7.0.57 offline

2018-04-19 Thread John Dale 
Tomcat 7.0.57

java version "1.8.0_05"

Java(TM) SE Runtime Environment (build 1.8.0_05-b13)

Java HotSpot(TM) 64-Bit Server VM (build 25.5-b02, mixed mode)

There are a couple of subsequent emails with more information .. I'm
in meetings for a couple of hours, then I'll check back.

Thanks!

John


On Thu, Apr 19, 2018 at 3:26 PM, Terence M. Bandoian  wrote:
> On 4/19/2018 12:37 PM, John Dale wrote:
>>
>> Greetings;
>>
>> I have a 2006 era macbook pro with the latest osx.
>>
>> I run MySQL, which binds to localhost just fine when the network cable
>> is unplugged and wireless turned off.
>>
>> Tomcat makes it through most of its startup, but hangs before
>> completion and requests from the browser hang and eventually timeout.
>>
>> I've tried 127.0.0.1, 0.0.0.0, and omitted for the "address" attribute
>> of the connector.
>>
>> With no network, Tomcat successfully makes a connection to MySQL to
>> creates the connection pool, but hangs.  There are no errors.
>>
>> I am running debugging transport.
>>
>> My hosts file is stock, fine.
>>
>> As soon as I plug in a network cable or connect to wireless, the
>> server comes-up fine and I can access it on 127.0.0.1 or the static ip
>> assigned to either the wireless interface or the hard LAN.
>>
>> I. am.  stumped.  Please help.  I need to be able to demo my project
>> without being connected to the network.
>>
>> :\
>>
>> I've been dealing with this issue for awhile, and I'm finally fed-up with
>> it.
>>
>> We want offline and we want it .. NOW! ;)
>>
>> Thanks folks.
>>
>> Sincerely,
>>
>> John from Spearfish, SD
>
>
>
> What do the Tomcat logs say?  Tomcat version?  JVM version?
>
> -Terence
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Question regarding running Tomcat 7.0.57 offline

2018-04-19 Thread Terence M. Bandoian 

On 4/19/2018 12:37 PM, John Dale wrote:

Greetings;

I have a 2006 era macbook pro with the latest osx.

I run MySQL, which binds to localhost just fine when the network cable
is unplugged and wireless turned off.

Tomcat makes it through most of its startup, but hangs before
completion and requests from the browser hang and eventually timeout.

I've tried 127.0.0.1, 0.0.0.0, and omitted for the "address" attribute
of the connector.

With no network, Tomcat successfully makes a connection to MySQL to
creates the connection pool, but hangs.  There are no errors.

I am running debugging transport.

My hosts file is stock, fine.

As soon as I plug in a network cable or connect to wireless, the
server comes-up fine and I can access it on 127.0.0.1 or the static ip
assigned to either the wireless interface or the hard LAN.

I. am.  stumped.  Please help.  I need to be able to demo my project
without being connected to the network.

:\

I've been dealing with this issue for awhile, and I'm finally fed-up with it.

We want offline and we want it .. NOW! ;)

Thanks folks.

Sincerely,

John from Spearfish, SD



What do the Tomcat logs say?  Tomcat version?  JVM version?

-Terence


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Connection closed error and certificateVerification="required"

2018-04-19 Thread logo 
Mark,


> Am 19.04.2018 um 20:58 schrieb Mark Thomas :
> 
> On 19/04/18 16:50, Peter@Kreuser-Online wrote:
> 
> 
> 
>> Do you mind to share more about the root cause? I’ve followed this mail 
>> communication from the start and am  curious. 
> 
> Sure.
> 
> Tomcat was configured to require CLIENT-CERT auth and the main client
> was configured to use this. Occasionally, the main client would see
> connection problems when using 8.5.x or later with NIO and the OpenSSL
> TLS implementation.
> 
> There was a second client the performed health checks on the server.
> This client did not use a certificate. The requests it made always
> failed but did so with a predictable error message that the health check
> looked for.
> 
> OpenSSL error states are stored per thread.
> 
> Each Java thread is mapped 1-to-1 to an OS thread.
> 
> The sequence of events that cause the problem was as follows:
> 
> - Health check ran
> - TLS connection failed because no client certificate was provided
> - OpenSSL set an error state that - depending on the timing of the
> socket closure - was not always cleaned up
> - Standard request was received and was handled by the thread that
> previously experienced the error
> - Because the error had not been cleaned up, this new connection thought
> the error was meant for it and closed the connection
> 
> The fix was to ensure that, whenever the Tomcat code made a call to
> OpenSSL that looked like this:
> - Do something via the OpenSSL API
> - Check the OpenSSL error state
> 
> the code was changed so it looked like this:
> - Clear the OpenSSL error state
> - Do something via the OpenSSL API
> - Check the OpenSSL error state
> 
> I also added a TODO for the arguably more complete fix which is to check
> the OpenSSL error state after every call to the OpenSSL API.
> 
>> Let me tell you that your endurance on all the tricky issues here is 
>> admirable! 
>> 
>> Thank you for that!
> 
> Thank you.
> 
> Mark
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 

Much appreciated. That was a mean one.

Best regards.
Peter
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Question regarding running Tomcat 7.0.57 offline

2018-04-19 Thread John Dale 
Indeed - that is what I thought as well (DNS).

But what about this (stacktrace below)?

Will see about the thread dumps (I'm in appointments for the rest of
the day, but can't wait to make it back and read responses and put
this one to bed).

I was reading that MySQL does some things with host bindings and
resolutions that might auto-resolve algorithmically, explaining this
behavior.  Will keep that in mind as I continue.

Thanks,

John



-

[ERROR] 04-19-2018 13:16:50 onefortyfive.SMSNotificationPoller init –
Unable to initialize sms daemon.

org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot create
PoolableConnectionFactory (Could not create connection to database
server. Attempted reconnect 3 times. Giving up.)

at 
org.apache.tomcat.dbcp.dbcp.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:1549)

at 
org.apache.tomcat.dbcp.dbcp.BasicDataSource.createDataSource(BasicDataSource.java:1388)

at 
org.apache.tomcat.dbcp.dbcp.BasicDataSource.getConnection(BasicDataSource.java:1044)

at 
digitalcnc.data.ConnectionFactory.getConnection(ConnectionFactory.java:56)

at 
onefortyfive.SMSNotificationPoller.init(SMSNotificationPoller.java:146)

On Thu, Apr 19, 2018 at 2:29 PM, Christopher Schultz
 wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> John,
>
> On 4/19/18 4:06 PM, John Dale wrote:
>> String hostname = InetAddress.getLocalHost().getHostName();
>> InetAddress[] addresses = InetAddress.getAllByName(hostname);
>
> I'll bet that either or both of these lines are the ones hanging.
>
> Take a thread-dump during your waiting-period during startup and see
> if that's where you are stuck.
>
> - -chris
> -BEGIN PGP SIGNATURE-
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlrY/CgACgkQHPApP6U8
> pFg04w/9FqSFVAId63DcVCFe8zkYgw74rjv7BPuUgoEaG90wZv6ozbQJab9zXvA4
> csuTT01bjzs39lZDciB/1WhwJRWzvkzz1d9AexWOJgAv1tg1LtSV+TXPmxGJcuAV
> +bh8dNb1271iV1Cd62V7rkBhvprN9HKELsYp6FBvHctSvotEWweSLg4dwbJhjpzb
> owWR/iQ/67hpqkoqBfqzgfYyZtaE4jvP2tzSzU8eqyLPzaTAki54B1PZLTo79102
> 57YH8k85b32KM3eS3HYf0Bnz0WyN3RAoH4mnDEf8U3YWbAFKz8GKf7iElVI3Uujq
> f/UWMIiBR4vRgVUnYzYMH7JVVUBSXnNH5ND7DDarTb2F5KCjoyTsTpaqRgj0POeH
> skTcGz0epNJpxi74WD//AvmtRynfuFNaqH9ZwQGDFxzEnnV1V20Msu7cxlB+Ehxs
> G3QJCXmpL170BaVNIWP/PY6TWCTuZYydmDUkn1fpJABMN1UhvLnmGQvCRQaMtC+8
> KX6tgUy4jr+Z0MozGLeCTjx1yrrc16uCX2IrSuAxCDjsLtiZpNEweWZY66AB1e9h
> vkZKOdYqXAhRpJxej4cXNm73ZX7qFFkTDyafFV7h7z+i/xQO5wyF4w7G0gyaE4IO
> SBZMzWu40fCNQ3z8STUB8GP7dd+BoZFm4bmkDmuUBDraOKL8Nmo=
> =EKt1
> -END PGP SIGNATURE-
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Question regarding running Tomcat 7.0.57 offline

2018-04-19 Thread John Dale 
also .. no matter what, I can't seem to shut down tomcat normally
unless network is plugged-in (have to kill it).

I assure you ladies and gents .. tomcat is indeed running. :)

Will see if I can double-back and look at the thread dumps in more
detail .. I like that idea.  Thanks!


SEVERE: Could not contact localhost:8005. Tomcat may not be running.
Apr 19, 2018 2:26:04 PM org.apache.catalina.startup.Catalina stopServer
SEVERE: Catalina.stop:
java.net.ConnectException: Connection refused
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:345)
at 
java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at java.net.Socket.connect(Socket.java:538)
at java.net.Socket.(Socket.java:434)
at java.net.Socket.(Socket.java:211)
at org.apache.catalina.startup.Catalina.stopServer(Catalina.java:498)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:483)
at org.apache.catalina.startup.Bootstrap.stopServer(Bootstrap.java:370)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:457)

On Thu, Apr 19, 2018 at 1:13 PM, Mark Thomas  wrote:
> On 19/04/18 18:37, John Dale wrote:
>> Greetings;
>>
>> I have a 2006 era macbook pro with the latest osx.
>>
>> I run MySQL, which binds to localhost just fine when the network cable
>> is unplugged and wireless turned off.
>>
>> Tomcat makes it through most of its startup, but hangs before
>> completion
>
> If you take 3 thread dumps ~5 seconds apart you should be able to see
> where it is hanging. If you can tell us that we might be able to provide
> you with some ideas to fix it or additional debug options to try.
>
> For the record I have an OSX development laptop and I've never seen this
> issue. Admittedly the hardware is rather newer.
>
> Mark
>
>
>
>> and requests from the browser hang and eventually timeout.
>>
>> I've tried 127.0.0.1, 0.0.0.0, and omitted for the "address" attribute
>> of the connector.
>>
>> With no network, Tomcat successfully makes a connection to MySQL to
>> creates the connection pool, but hangs.  There are no errors.
>>
>> I am running debugging transport.
>>
>> My hosts file is stock, fine.
>>
>> As soon as I plug in a network cable or connect to wireless, the
>> server comes-up fine and I can access it on 127.0.0.1 or the static ip
>> assigned to either the wireless interface or the hard LAN.
>>
>> I. am.  stumped.  Please help.  I need to be able to demo my project
>> without being connected to the network.
>>
>> :\
>>
>> I've been dealing with this issue for awhile, and I'm finally fed-up with it.
>>
>> We want offline and we want it .. NOW! ;)
>>
>> Thanks folks.
>>
>> Sincerely,
>>
>> John from Spearfish, SD
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Question regarding running Tomcat 7.0.57 offline

2018-04-19 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

John,

On 4/19/18 4:06 PM, John Dale wrote:
> String hostname = InetAddress.getLocalHost().getHostName(); 
> InetAddress[] addresses = InetAddress.getAllByName(hostname);

I'll bet that either or both of these lines are the ones hanging.

Take a thread-dump during your waiting-period during startup and see
if that's where you are stuck.

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlrY/CgACgkQHPApP6U8
pFg04w/9FqSFVAId63DcVCFe8zkYgw74rjv7BPuUgoEaG90wZv6ozbQJab9zXvA4
csuTT01bjzs39lZDciB/1WhwJRWzvkzz1d9AexWOJgAv1tg1LtSV+TXPmxGJcuAV
+bh8dNb1271iV1Cd62V7rkBhvprN9HKELsYp6FBvHctSvotEWweSLg4dwbJhjpzb
owWR/iQ/67hpqkoqBfqzgfYyZtaE4jvP2tzSzU8eqyLPzaTAki54B1PZLTo79102
57YH8k85b32KM3eS3HYf0Bnz0WyN3RAoH4mnDEf8U3YWbAFKz8GKf7iElVI3Uujq
f/UWMIiBR4vRgVUnYzYMH7JVVUBSXnNH5ND7DDarTb2F5KCjoyTsTpaqRgj0POeH
skTcGz0epNJpxi74WD//AvmtRynfuFNaqH9ZwQGDFxzEnnV1V20Msu7cxlB+Ehxs
G3QJCXmpL170BaVNIWP/PY6TWCTuZYydmDUkn1fpJABMN1UhvLnmGQvCRQaMtC+8
KX6tgUy4jr+Z0MozGLeCTjx1yrrc16uCX2IrSuAxCDjsLtiZpNEweWZY66AB1e9h
vkZKOdYqXAhRpJxej4cXNm73ZX7qFFkTDyafFV7h7z+i/xQO5wyF4w7G0gyaE4IO
SBZMzWu40fCNQ3z8STUB8GP7dd+BoZFm4bmkDmuUBDraOKL8Nmo=
=EKt1
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Question regarding running Tomcat 7.0.57 offline

2018-04-19 Thread John Dale 
Greetings;

So I have an update on this issue.   YAY! :D

I have a service that creates a little bit of metadata in the database
for sending large amounts of emails/sms (for speed, the user doesn't
have to wait for the population of the queue).

I create a servlet on startup that polls the table, then uses the
metadata to populate another table with the communications details
(addresses, message bodies, subjects, as required).

I'm using a timer to do this.  Asynchronous makes it fast for the user
and more fault tolerant during processing.  All in all, a great
algorithm that takes very little code and is scalable and fast.  w00t!

On startup, Tomcat deploys the poller servlet, but here is where
things get weird.

When the poller tries to get its first database connection, it times
out with this error:
"Cannot create PoolableConnectionFactory (Could not create connection
to database server. Attempted reconnect 3 times. Giving up."

After it times-out, startup resumes regularly and the other services
in the application come alive and are poolable to the database?!

I have a code sample below that is from the init method of the
servlet.  Note that I'm using the MBeanServer code to get the port
automatically so I don't have to change a configuration from dev to
production (I couldn't find an easier more reliable way to do this).
The code times out on the database connection attempt here: connection
= ConnectionFactory.getConnection();

Note - if I plug in ethernet, it's a snappy startup.  If I unplug
ethernet and wait for this servlet init to time-out, then the DBCP is
eventually configured and working great, and I can access all of the
other data-driven services in my app with the network cable unplugged
and wireless turned off.

Here is the code in the poller servlet that is offensive.
ConnectionFactory is wrapping standard JNDI DBCP lookups:

-

MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
Set objs = mbs.queryNames(new ObjectName(
"*:type=Connector,*"),
Query.match(Query.attr("protocol"), Query.value("HTTP/1.1")));
String hostname = InetAddress.getLocalHost().getHostName();
InetAddress[] addresses = InetAddress.getAllByName(hostname);
HashMap me = null;
String host = "";
for (Iterator i = objs.iterator(); i.hasNext();)
{
ObjectName obj = i.next();
String scheme = mbs.getAttribute(obj, "scheme").toString();
if(!scheme.equals("http"))
{
log.warn("Invalid scheme encountered [" + scheme
+ "] looking for another connector.");
continue;
}
else
{
log.info("Found connector.");
}

String port = obj.getKeyProperty("port");
for (InetAddress addr : addresses)
{
// first in the list, will always be at least one
host = SMSSendBindIp + ":" + port;

scheduler = Executors.newSingleThreadScheduledExecutor();
scheduler.scheduleAtFixedRate(new HttpRequestTimer(
scheme + "://"
+ host + "/somecontexturlandparams"),
0, 5, TimeUnit.SECONDS);

log.info("Scheduling sms queue processor.");

try
{
connection = ConnectionFactory.getConnection();

-

Thanks and have a good one,

John



On Thu, Apr 19, 2018 at 1:13 PM, Mark Thomas  wrote:
> On 19/04/18 18:37, John Dale wrote:
>> Greetings;
>>
>> I have a 2006 era macbook pro with the latest osx.
>>
>> I run MySQL, which binds to localhost just fine when the network cable
>> is unplugged and wireless turned off.
>>
>> Tomcat makes it through most of its startup, but hangs before
>> completion
>
> If you take 3 thread dumps ~5 seconds apart you should be able to see
> where it is hanging. If you can tell us that we might be able to provide
> you with some ideas to fix it or additional debug options to try.
>
> For the record I have an OSX development laptop and I've never seen this
> issue. Admittedly the hardware is rather newer.
>
> Mark
>
>
>
>> and requests from the browser hang and eventually timeout.
>>
>> I've tried 127.0.0.1, 0.0.0.0, and omitted for the "address" attribute
>> of the connector.
>>
>> With no network, Tomcat successfully makes a connection to MySQL to
>> creates the connection pool, but hangs.  There are no errors.
>>
>> I am running debugging transport.
>>
>> My hosts file is stock, fine.
>>
>> As soon as I plug in a network cable or connect to wireless, the
>> server comes-up fine and I can access it on 127.0.0.1 or the static ip
>> assigned to either the wireless interface or the hard LAN.
>>
>> I. am.

Re: Question regarding running Tomcat 7.0.57 offline

2018-04-19 Thread Mark Thomas 
On 19/04/18 18:37, John Dale wrote:
> Greetings;
> 
> I have a 2006 era macbook pro with the latest osx.
> 
> I run MySQL, which binds to localhost just fine when the network cable
> is unplugged and wireless turned off.
> 
> Tomcat makes it through most of its startup, but hangs before
> completion

If you take 3 thread dumps ~5 seconds apart you should be able to see
where it is hanging. If you can tell us that we might be able to provide
you with some ideas to fix it or additional debug options to try.

For the record I have an OSX development laptop and I've never seen this
issue. Admittedly the hardware is rather newer.

Mark



> and requests from the browser hang and eventually timeout.
> 
> I've tried 127.0.0.1, 0.0.0.0, and omitted for the "address" attribute
> of the connector.
> 
> With no network, Tomcat successfully makes a connection to MySQL to
> creates the connection pool, but hangs.  There are no errors.
> 
> I am running debugging transport.
> 
> My hosts file is stock, fine.
> 
> As soon as I plug in a network cable or connect to wireless, the
> server comes-up fine and I can access it on 127.0.0.1 or the static ip
> assigned to either the wireless interface or the hard LAN.
> 
> I. am.  stumped.  Please help.  I need to be able to demo my project
> without being connected to the network.
> 
> :\
> 
> I've been dealing with this issue for awhile, and I'm finally fed-up with it.
> 
> We want offline and we want it .. NOW! ;)
> 
> Thanks folks.
> 
> Sincerely,
> 
> John from Spearfish, SD
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Training material is now on-line

2018-04-19 Thread Mark Thomas 
On 19/04/18 19:44, Berneburg, Cris J. - US wrote:
> Thanks Mark for making that available!  My questions below.
> 
> -Original Message-
> From: Mark Thomas [mailto:ma...@apache.org] 
> Sent: Wednesday, April 11, 2018 6:32 PM
> To: Tomcat Users List 
> Subject: Training material is now on-line
> 
>> Hi all,
>>
>> Thanks to the magic of GitHub pages, the Tomcat training
>> material that was used for the recent training session is
>> now available on-line here:
>>
>> https://apache.github.io/tomcat-training/
> 
> I especially liked the TLS material, as I am still very much a novice in that 
> area.  The presentation demystified the handshake to understandability.  ;-)
> 
> However (here is comes), one thing that confused me in the TLS Handshake 
> section made sense if I changed a word:
> 
> Step 12: ChangeCipherSpec
 Client<<< decrypts PMS
> Server creates MS
> - Rc + Rs + PMS
> 
> Should "Client" actually be "Server" in Step 12: ChangeCipherSpec?  Or did 
> you already know about that?

It should and I didn't. I've just committed the fix. It should be live
in a few minutes.

Thanks for spotting that and pointing it out.

> Also, are the demonstrations (marked by the placeholders in the presentation) 
> part of the recorded sessions from previous Tomcat conventions?

It depends on the module. For those that are heavily based on previous
talks, yes. For the new modules, no.

The aim is to record each module off-line (rather than at a training
course where there is rather too much other stuff to do) and post it on
YouTube. There aren't any fixed timescales for this though.

Mark

> 
>> The source code is here:
>>
>> https://github.com/apache/tomcat-training
>>
>> We plan to add more modules and courses over time. All contributions large 
>> and small welcome.
>>
>> Enjoy.
>>
>> Mark
> 
> --
> Cris Berneburg
> CACI Lead Software Engineer
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Connection closed error and certificateVerification="required"

2018-04-19 Thread Mark Thomas 
On 19/04/18 16:50, Peter@Kreuser-Online wrote:



> Do you mind to share more about the root cause? I’ve followed this mail 
> communication from the start and am  curious. 

Sure.

Tomcat was configured to require CLIENT-CERT auth and the main client
was configured to use this. Occasionally, the main client would see
connection problems when using 8.5.x or later with NIO and the OpenSSL
TLS implementation.

There was a second client the performed health checks on the server.
This client did not use a certificate. The requests it made always
failed but did so with a predictable error message that the health check
looked for.

OpenSSL error states are stored per thread.

Each Java thread is mapped 1-to-1 to an OS thread.

The sequence of events that cause the problem was as follows:

- Health check ran
- TLS connection failed because no client certificate was provided
- OpenSSL set an error state that - depending on the timing of the
  socket closure - was not always cleaned up
- Standard request was received and was handled by the thread that
  previously experienced the error
- Because the error had not been cleaned up, this new connection thought
  the error was meant for it and closed the connection

The fix was to ensure that, whenever the Tomcat code made a call to
OpenSSL that looked like this:
- Do something via the OpenSSL API
- Check the OpenSSL error state

the code was changed so it looked like this:
- Clear the OpenSSL error state
- Do something via the OpenSSL API
- Check the OpenSSL error state

I also added a TODO for the arguably more complete fix which is to check
the OpenSSL error state after every call to the OpenSSL API.

> Let me tell you that your endurance on all the tricky issues here is 
> admirable! 
> 
> Thank you for that!

Thank you.

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Training material is now on-line

2018-04-19 Thread Berneburg, Cris J. - US 
Thanks Mark for making that available!  My questions below.

-Original Message-
From: Mark Thomas [mailto:ma...@apache.org] 
Sent: Wednesday, April 11, 2018 6:32 PM
To: Tomcat Users List 
Subject: Training material is now on-line

> Hi all,
>
> Thanks to the magic of GitHub pages, the Tomcat training
> material that was used for the recent training session is
> now available on-line here:
>
> https://apache.github.io/tomcat-training/

I especially liked the TLS material, as I am still very much a novice in that 
area.  The presentation demystified the handshake to understandability.  ;-)

However (here is comes), one thing that confused me in the TLS Handshake 
section made sense if I changed a word:

Step 12: ChangeCipherSpec
>>>Client<<< decrypts PMS
Server creates MS
- Rc + Rs + PMS

Should "Client" actually be "Server" in Step 12: ChangeCipherSpec?  Or did you 
already know about that?

Also, are the demonstrations (marked by the placeholders in the presentation) 
part of the recorded sessions from previous Tomcat conventions?

> The source code is here:
>
> https://github.com/apache/tomcat-training
>
> We plan to add more modules and courses over time. All contributions large 
> and small welcome.
>
> Enjoy.
>
> Mark

--
Cris Berneburg
CACI Lead Software Engineer


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Question regarding running Tomcat 7.0.57 offline

2018-04-19 Thread Chris P. 
Hi John,
I'm not overly familiar with OSX, but does ifconfig show a loopback device
when you're not connected? Can you not create a dummy NIC and statically
assign some 10.0.0.10 address or something, then let tomcat bind to that?
You may have to add something to the hosts file for it to work, perhaps
it's hanging on DNS resolution.

Cheers,
Chris

On Thu, Apr 19, 2018 at 1:38 PM John Dale  wrote:

> Greetings;
>
> I have a 2006 era macbook pro with the latest osx.
>
> I run MySQL, which binds to localhost just fine when the network cable
> is unplugged and wireless turned off.
>
> Tomcat makes it through most of its startup, but hangs before
> completion and requests from the browser hang and eventually timeout.
>
> I've tried 127.0.0.1, 0.0.0.0, and omitted for the "address" attribute
> of the connector.
>
> With no network, Tomcat successfully makes a connection to MySQL to
> creates the connection pool, but hangs.  There are no errors.
>
> I am running debugging transport.
>
> My hosts file is stock, fine.
>
> As soon as I plug in a network cable or connect to wireless, the
> server comes-up fine and I can access it on 127.0.0.1 or the static ip
> assigned to either the wireless interface or the hard LAN.
>
> I. am.  stumped.  Please help.  I need to be able to demo my project
> without being connected to the network.
>
> :\
>
> I've been dealing with this issue for awhile, and I'm finally fed-up with
> it.
>
> We want offline and we want it .. NOW! ;)
>
> Thanks folks.
>
> Sincerely,
>
> John from Spearfish, SD
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Re: Is LDAP connection failing?

2018-04-19 Thread Suvendu Sekhar Mondal 
On Wed, Apr 11, 2018, 3:00 PM Felix Schumacher <
felix.schumac...@internetallee.de> wrote:

> Am 05.04.2018 15:32, schrieb Suvendu Sekhar Mondal:
> > Hello Everyone,
> >
> > Recently in one of our environments I am seeing following log in
> > Catalina.out. It seems that LDAP connection is failing. This issue is
> > sporadic and goes away with Tomcat recycle.
> >
> > One interesting thing is "localhost:389" part. I could not find out
> > any configuration related to that. It could happen that I am not
> > looking at the correct place.
> >
> > We have 200+ JVMs out there which were starting up simultaneously but
> > this happens for some of them sporadically. I suspect that some race
> > condition might be causing this failure but could not found any
> > evidence so far. Can someone please suggest how can I identify what is
> > failing? and why it is failing?
>
> It would be nice to include the version of tomcat you are using.
> (I am guessing it is something like 7.0.55 as the source code matches
> the line
> numbers in the stacktrace)
>

Felix,

Sorry, I should have given that info upfront. You are correct. I'm using
7.0.55.

If it is this version, then the message will be generated, when your
> ldap server
> configured by connectionURL is not reachable on startup. Tomcat will try
> to
> connect to the ldap server configured by alternateURL. It seems to me,
> that
> you have not configured one (again guessing, as you didn't give
> configuration
> details). In that case the jre is using localhost:389 and as there is no
> LDAP server listening you get the exception.
>

You are right. We don't have any alternate URL configured. So, work around
we are using is to start those JVMs in batches. We are working on to tune
LDAP as well as to get alternate URL.

Thank you for the lead. Appreciate it! :)

>
> Regards,
>   Felix
> >
> > Thanks!
> > Suvendu
> >
> > Stack trace:
> > 2018-04-02 20:34:27,293 INFO org.apache.catalina.startup.HostConfig -
> > Deploying web application directory D:\xxx\webapps\ROOT
> > 2018-04-02 20:34:33,341 SEVERE org.apache.catalina.realm.CombinedRealm
> > - Failed to start "org.apache.catalina.realm.JNDIRealm/1.0" realm
> > org.apache.catalina.LifecycleException: Failed to start component
> > [Realm[JNDIRealm]]
> >  at
> > org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:154)
> >  at
> >
> org.apache.catalina.realm.CombinedRealm.startInternal(CombinedRealm.java:201)
> >  at
> > org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
> >  at
> >
> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5373)
> >  at
> > org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
> >  at
> >
> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901)
> >  at
> > org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877)
> >  at
> > org.apache.catalina.core.StandardHost.addChild(StandardHost.java:649)
> >  at
> >
> org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:1247)
> >  at
> >
> org.apache.catalina.startup.HostConfig$DeployDirectory.run(HostConfig.java:1898)
> >  at
> > java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
> >  at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> >  at
> >
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> >  at
> >
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> >  at java.lang.Thread.run(Thread.java:745)
> > Caused by: org.apache.catalina.LifecycleException: Exception opening
> > directory server connection
> >  at
> > org.apache.catalina.realm.JNDIRealm.startInternal(JNDIRealm.java:2191)
> >  at
> > org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
> >  ... 14 more
> > Caused by: javax.naming.CommunicationException: localhost:389 [Root
> > exception is java.net.ConnectException: Connection refused: connect]
> >  at com.sun.jndi.ldap.Connection.(Connection.java:216)
> >  at com.sun.jndi.ldap.LdapClient.(LdapClient.java:137)
> >  at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1614)
> >  at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2746)
> >  at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:319)
> >  at
> >
> com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:70)
> >  at
> > javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
> >  at
> > javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
> >  at javax.naming.InitialContext.init(InitialContext.java:244)
> >  at javax.naming.InitialContext.(InitialContext.java:216)
> >  at
> >
> javax.naming.directory.InitialDirContext.(InitialDirContext.java:101)
> >  at org.apache.catalina.realm.JNDIRealm.open(JNDIRealm.java:2108)
> >  at
> >

Question regarding running Tomcat 7.0.57 offline

2018-04-19 Thread John Dale 
Greetings;

I have a 2006 era macbook pro with the latest osx.

I run MySQL, which binds to localhost just fine when the network cable
is unplugged and wireless turned off.

Tomcat makes it through most of its startup, but hangs before
completion and requests from the browser hang and eventually timeout.

I've tried 127.0.0.1, 0.0.0.0, and omitted for the "address" attribute
of the connector.

With no network, Tomcat successfully makes a connection to MySQL to
creates the connection pool, but hangs.  There are no errors.

I am running debugging transport.

My hosts file is stock, fine.

As soon as I plug in a network cable or connect to wireless, the
server comes-up fine and I can access it on 127.0.0.1 or the static ip
assigned to either the wireless interface or the hard LAN.

I. am.  stumped.  Please help.  I need to be able to demo my project
without being connected to the network.

:\

I've been dealing with this issue for awhile, and I'm finally fed-up with it.

We want offline and we want it .. NOW! ;)

Thanks folks.

Sincerely,

John from Spearfish, SD

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Connection closed error and certificateVerification="required"

2018-04-19 Thread Peter@Kreuser-Online 
Mark,

>> Am 18.04.2018 um 11:55 schrieb Mark Thomas :
>> 
>> On 18/04/18 10:36, Richard Tearle wrote:
>> On 17 April 2018 at 16:45, Richard Tearle
>>  wrote:
>>> On 17 April 2018 at 14:54, Mark Thomas  wrote:
> On 17/04/18 11:36, Mark Thomas wrote:
> On 17/04/18 10:14, Richard Tearle wrote:
 
 
 
> Now all we need to to do is to figure out how to fix this. With the
> understanding of what is (probably) going wrong, the problem can be
> produced with a clean build and the certs we use for unit tests which
> makes things a lot easier. I hope to make progress on this today.
 
 I believe this is fixed in trunk for both 9.0.x and 8.5.x.
 
 Are you able to build either of those from source and test? If not, I
 can provide a snapshot build for you to test with.
 
 Cheers,
 
 Mark
>>> 
>>> I've built from source, re-enabled the health check, and so
>>> far so good - it's been running an hour without an error.
>>> 
>>> Once this run has finished, I'll run it overnight, and let you
>>> know tomorrow morning.
>>> 
>>> Many thanks for your help on this.
>>> 
>>> --
>>> Richard
>> 
>> Just a quick follow up - I've run our test for 8 hours, without the
>> connection closed error.
> 
> Excellent. That is really good news.
> 
>> Again, many thanks.
> 
> No problem. Happy to help. Thanks for your assistance with this issue.
> Your test case and debug logs were invaluable. I couldn't have fixed
> this without them.
> 
> Mark
> 
Do you mind to share more about the root cause? I’ve followed this mail 
communication from the start and am  curious. 

Let me tell you that your endurance on all the tricky issues here is admirable! 

Thank you for that!

Peter

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org