Re: blank screen shown under tomcat9 when I attempt to run my app
I deleted my web\index.html file from my new app, copied over the web\index.html file from my old app and then I rebuilt my new app and installed it. Now my new app is working as expected ! Now I can proceed with the work on my new app. I will look into this strange issue at a future date. Thanks for your assistance. On Sun, Apr 12, 2020 at 1:07 PM calder wrote: > On Sun, Apr 12, 2020, 11:58 Barry Kimelman > wrote: > > > my system is a windows 10 64 bit laptop. > > I am running tomcat 9 > > Here is the directory of my Java environment > > > > Directory of C:\Program Files\Java > > > > Sat Jan 25, 2020 06:03 AM . > > Sat Jan 25, 2020 06:03 AM .. > > Tue Jan 01, 2019 03:47 PM jdk1.8.0_191 > > Sat Jan 25, 2020 06:02 AM jre1.8.0_241 > > > > I can successfully run my old app which I wrote some time ago. However > when > > I try to run my new app > > > What's the difference between "old" and "new"? > > Also, were you running the app on a previous version of Tomcat and / or > Java? > > I just get a blank screen. > > When I check the tomcat log it shows a HTTP status code of 421 > > > > Can you paste the complete stack trace (including any "caused by" > statements) > > > which means > > "misdirected request" (i have never seen this code before while running > my > > tomcat server) > > > > My new app is structured just like my old app. There is an index.html > file > > which automatically redirects to a JSP page. > > > > 1 > > 2 > > > > > > 3 QWLC Data Management/title> > > > > > Missing the left brace for the "title" closing tag > > > 4 > > 5 > > 6 > > 7 > > 8 If you are looking for the entrance for the qwlc data management, > > you are very close. > > 9 Click here to enter the qwlc data > management > > 10 > > 11 > > 12 YOU WILL BE REDIRECTED IN 3 SECONDS - If the redirect does not > > work, > > 13 please click on the link above. > > 14 > > 15 > > 16 > > > > This error occurs no matter which browser I use. When I type "CTRL-U" in > my > > browser to see the HTML code I see the code from my index.html file. I am > > wondering why the redirect did not work for this new app. > > > > One minor difference with what I see from CTRL-U as compared to my old > app. > > In the CTRL-U output in my old app the "enter.jsp" is underlined. > > > > Any ideas as to where I can look for the problem ? > > > > > -- == Barry Kimelman Winnipeg, Manitoba, Canada
Re: java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986
Please don't hijack an existing thread. Start a new message for a new topic. (Replying to an existing message and changing the header is not sufficient.) Mark On 09/04/2020 21:05, Manuel Dominguez Sarmiento wrote: > Hi, we're reviewing our logs, are we are ocasionally getting the > following stack traces: > > 09-Apr-2020 11:29:19.489 INFO [tomcat-http-81] > org.apache.coyote.http11.Http11Processor.service Error parsing HTTP > request header > Note: further occurrences of HTTP request parsing errors will be logged > at DEBUG level. > java.lang.IllegalArgumentException: Invalid character found in > the request target. The valid characters are defined in RFC 7230 and RFC > 3986 > at > org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:488) > > at > org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:260) > at > org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) > > at > org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) > > at > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1594) > > at > org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) > > at > java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130) > > at > java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630) > > at > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) > > > We understand this is a consequence of malformed requests, but we cannot > seem to pinpoint the cause. It seems these are clients outside of our > control (our servers are public-facing). The AccessLogValve does not log > these requests, so we cannot figure out what the request line is. Is > there any way logging could be improved in order to find out what is > causing this? > > BTW, we're on Tomcat 9.0.33 > > *Manuel Dominguez Sarmiento* > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: blank screen shown under tomcat9 when I attempt to run my app
On Sun, Apr 12, 2020, 11:58 Barry Kimelman wrote: > my system is a windows 10 64 bit laptop. > I am running tomcat 9 > Here is the directory of my Java environment > > Directory of C:\Program Files\Java > > Sat Jan 25, 2020 06:03 AM . > Sat Jan 25, 2020 06:03 AM .. > Tue Jan 01, 2019 03:47 PM jdk1.8.0_191 > Sat Jan 25, 2020 06:02 AM jre1.8.0_241 > > I can successfully run my old app which I wrote some time ago. However when > I try to run my new app What's the difference between "old" and "new"? Also, were you running the app on a previous version of Tomcat and / or Java? I just get a blank screen. > When I check the tomcat log it shows a HTTP status code of 421 Can you paste the complete stack trace (including any "caused by" statements) which means > "misdirected request" (i have never seen this code before while running my > tomcat server) > > My new app is structured just like my old app. There is an index.html file > which automatically redirects to a JSP page. > > 1 > 2 > 3 QWLC Data Management/title> > Missing the left brace for the "title" closing tag 4 > 5 > 6 > 7 > 8 If you are looking for the entrance for the qwlc data management, > you are very close. > 9 Click here to enter the qwlc data management > 10 > 11 > 12 YOU WILL BE REDIRECTED IN 3 SECONDS - If the redirect does not > work, > 13 please click on the link above. > 14 > 15 > 16 > > This error occurs no matter which browser I use. When I type "CTRL-U" in my > browser to see the HTML code I see the code from my index.html file. I am > wondering why the redirect did not work for this new app. > > One minor difference with what I see from CTRL-U as compared to my old app. > In the CTRL-U output in my old app the "enter.jsp" is underlined. > > Any ideas as to where I can look for the problem ? > >
Re: javax.servlet.ServletContainerInitializer defined in jar not loading on Tomcat 8.5.51 and above
On 08/04/2020 20:36, Mark Thomas wrote: > Hi, > > Thanks for the test case. I've been able to figure out what is going wrong. > > I'll be able to fix this for the May releases (due about a month from > now). I'm just thinking about the best way to fix this from the various > options. > > I have a couple of questions: > > 1. Would a configuration based work-around be for interest? > > 2. Would the configuration based approach be a viable long term > alternative for you? Fixed in: - master for 10.0.0-M5 onwards - 9.0.x for 9.0.35 onwards - 8.5.x for 8.5.55 onwards - 7.0.x for 7.0.104 onwards Mark > > Mark > > > On 08/04/2020 10:47, Jackson Ong wrote: >> Hello Mark, >> >> I have tested on 8.5.54, still not able to load >> javax.servlet.ServletContainerInitializer. I have created sample code to >> recreate the issue. >> https://github.com/salvatore-clong/tomcatSCI >> >> We use custom webapp class loader to load jar from common path, for this >> case I put the jar in this path (tomcatSCI/WebContent/WEB-INF/commonLib). >> Custom webapp class loader will load the jar in this path. ( >> https://github.com/salvatore-clong/tomcat-custom-class-loader) >> >> 1) copy and place custom-classloader-tomcat-8.5.jar in tomcat lib folder >> 2) Run tomcatSCI project on tomcat 8.5 >> 3) check console if this appear INFO: jar addedtomcatSCI.jar (this is >> printed from custom webapp class loader) >> 4) check console if this appear ABC. (this is printed from >> ServletContainerInitializer onStartup) >> >> On Tue, Apr 7, 2020 at 4:55 PM Mark Thomas wrote: >> >>> On 07/04/2020 08:09, Jackson Ong wrote: Hi, I have tested 8.5.51 and 8.5.53, both doesn't work. The current version that works for me is tomcat 8.5.50 The recent changed on SCI was tomcat 7.0.103 ( https://tomcat.apache.org/tomcat-7.0-doc/changelog.html) Previously we have issue with tomcat 7.0.100 to 102, tested it works in 7.0.103. >>> >>> Can you test with the 8.5.54 release candidate please? Details on how to >>> obtain it are on the dev@ list. >>> >>> If you still see an issue, please create the simplest possible test case >>> that recreates the issue and provide the steps necessary to recreate the >>> issue from a clean 8.5.54 install. >>> >>> Thanks, >>> >>> Mark >>> >>> Jackson On Tue, Apr 7, 2020 at 2:51 PM Martin Grigorov >>> wrote: > Hi, > > On Tue, Apr 7, 2020 at 9:01 AM Jackson Ong <83cl...@gmail.com> wrote: > >> We have an webapp running fine on Tomcat 8.5.50 and below and we used a >> custom WebappClassLoader to load jars (common path for jars), but it > failed >> to load on Tomcat 8.5.51 and above. Upon checking, we noticed that >> > > Which versions of "above" you have tried ? > Because there was a regression with SCI recently that have been fixed in > 8.5.53 (I think. Better check the changelogs). > 8.5.54 is being tested at the moment and if no issues are found it will >>> be > released in the next few days. > > Martin > > >> javax.servlet.ServletContainerInitializer that we defined in the jar is > not >> being loaded. >> >> From org.apache.catalina.startup.WebappServiceLoader source code of > Tomcat >> 8.5.51, the classLoader was changed from >>> servletContext.getClassloader() >> (Tomcat 8.5.50 line 97) to context.getParentClassLoader() (Tomcat >>> 8.5.51 >> line 144) >> >> However placing the jar at WEB-INF/lib it was able to load >> javax.servlet.ServletContainerInitializer. The problem is when the jar >>> is >> outside of WEB-INF/lib or common path (/opt/client/libraries/test.jar). >> >> Thanks >> > >>> >>> >>> - >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >>> >> > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
blank screen shown under tomcat9 when I attempt to run my app
my system is a windows 10 64 bit laptop. I am running tomcat 9 Here is the directory of my Java environment Volume in drive C is TI10673200G Volume Serial Number is 5E9D-3D3F Directory of C:\Program Files\Java Sat Jan 25, 2020 06:03 AM . Sat Jan 25, 2020 06:03 AM .. Tue Jan 01, 2019 03:47 PM jdk1.8.0_191 Sat Jan 25, 2020 06:02 AM jre1.8.0_241 0 File(s) 0 bytes 4 Dir(s) 559,190,065,152 bytes free I can successfully run my old app which I wrote some time ago. However when I try to run my new app I just get a blank screen. When I check the tomcat log it shows a HTTP status code of 421 which means "misdirected request" (i have never seen this code before while running my tomcat server) My new app is structured just like my old app. There is an index.html file which automatically redirects to a JSP page. 1 2 3 QWLC Data Management/title> 4 5 6 7 8 If you are looking for the entrance for the qwlc data management, you are very close. 9 Click here to enter the qwlc data management 10 11 12 YOU WILL BE REDIRECTED IN 3 SECONDS - If the redirect does not work, 13 please click on the link above. 14 15 16 This error occurs no matter which browser I use. When I type "CTRL-U" in my browser to see the HTML code I see the code from my index.html file. I am wondering why the redirect did not work for this new app. One minor difference with what I see from CTRL-U as compared to my old app. In the CTRL-U output in my old app the "enter.jsp" is underlined. Any ideas as to where I can look for the problem ? Thanks. == Barry Kimelman Winnipeg, Manitoba, Canada
Re: Alternatives for AJP
It is possible to replace AJP with normal HTTP or HTTPs. AJP has an advantage, it needs less bandwidth. But it shouldn't make too much difference with today's computer networks. If you need the bandwidth advantage, you can certainly use the module ModSecurity for Apache HTTPD to protect your application server. But an advanced solution would be to protect AJP with the IPTables firewall. AJP is mostly used in conjunction with HTTPD and if you only allow access to these, it should be pretty secure. Am Freitag, den 10.04.2020, 15:45 + schrieb David Cleary: > Some of our customers are currently using the AJP connector. Given > the vulnerability and breaking change to address it, now may be a > good time to prompt them look at alternatives. One requirement is > HTTPS support. What are the alternatives when hosting Tomcat behind > Apache httpd, nginx, or IIS? I do remember a presentation I thought > was pretty good at Apachecon in Miami on connectors a few years ago. > Has there been anything new that has come out since then? Are there > any recommendations on what is best to replace AJP13? > > Thanks > Dave - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat7 does not log x-forwarded-for
hello all,
unfortunately, I haven't been able to find a clue as to what I'm doing
wrong. Currently, logging works with the direct entry of the HTTP
header. Unfortunately the automatic switching does not work yet. This
means that in case of direct requests, I have a minus sign at this
position.
Do you have another idea? Thanks in advance.
Am Freitag, den 03.04.2020, 13:38 +0200 schrieb Frank Tornack:
> Hello Mark,
>
> I could test the change today, unfortunately only with moderate
> success. The change to %a or %h, unfortunately did not work, but the
> readout with the header value per %{X-Forwarded-For}i worked. The log
> doesn't look nice, but we get the value. Nevertheless I am still
> looking for a nicer solution. I was really hoping on %a that we would
> only see the IP of the load balancer if no header is set, but still
> always see an IP.
>
> Do you have any more ideas what to watch?
> PS:For a Tomcat update I have to ask other contacts if it is easy to
> do.
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Alternatives for AJP
Hi Which vulnerability are you mentioning ? Thanks Envoyé par BlueMail Le 10 avr. 2020 à 17:45, à 17:45, David Cleary a écrit: >Some of our customers are currently using the AJP connector. Given the >vulnerability and breaking change to address it, now may be a good time >to prompt them look at alternatives. One requirement is HTTPS support. >What are the alternatives when hosting Tomcat behind Apache httpd, >nginx, or IIS? I do remember a presentation I thought was pretty good >at Apachecon in Miami on connectors a few years ago. Has there been >anything new that has come out since then? Are there any >recommendations on what is best to replace AJP13? > >Thanks >Dave
