Re: Header values when using HttpServletResponse.sendRedirect()
I inherited a clusterf*** of a mess disguised as a JSP/servlet-based MVC-ish app without the benefit of using Spring or Struts or any sort of framework. No web services, but lots of $.ajax() POST calls to servlet methods. I need to get this stabilized before I can redo everything using REST/Angular. On Thu, Sep 8, 2016 at 3:27 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > > For MVC, you'd have to know how the requests are being sent and > responses are being processed. You probably have to "listen" for the > response and grab the response headers from there. > > I'm interested... what kind of work are you doing, here? Do you have a > fat client with a web-services back end or something? > >
Re: Header values when using HttpServletResponse.sendRedirect()
FYI I'm using Tomcat v7.x. I guess I misunderstood what happens when I use sendRedirect() - it sends a new request, not a new response - but the effect is the same. That was what I came away with when I read this: http://javarevisited.blogspot.com/2011/09/sendredirect-forward-jsp-servlet.html In any case, I gave up on using the header to pass additional items from the server to the browser and ended up just using cookies. Unless someone shows me otherwise, everything I saw online showed how to use jQuery/xhr/your JS tool of the month to get header values from a GET/POST response; meanwhile I never figured out how to extract those values after a document was rendered in a traditional MVC app. On Thu, Sep 8, 2016 at 11:22 AM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Joe, > > On 9/6/16 3:36 PM, Joe Tseng wrote: > > I inherited a codebase that calls > > HttpServletResponse.sendRedirect() to another page after a user is > > successfully logged in. I want to be able to insert a header value > > before that redirection is executed. I tried to simply add a > > HttpServletResponse.addHeader()/.setHeader() to the response object > > before the redirect is called, but it seems a new response object > > is used and sent to the browser. Is that assessment correct? Is > > there any way for me to modify the redirect before it's sent or do > > I have to use .forward()? > > Tomcat version? > > This should work. Calling response.setHeader or response.addHeader and > then response.sendRedirect() should include your custom headers. What > makes you think that "a new response object is used"? > > - -chris > -BEGIN PGP SIGNATURE- > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIcBAEBCAAGBQJX0YIMAAoJEBzwKT+lPKRYq38QAKkGUiXnf0vDOvuedrjq8zry > Nrc/mVhqezWJq0usCubNKeFPqMtHrGO8BJL4eUdVl/w6FVX0Srf/2C34APrgUJZC > 9G0l4R8f8jatbnD2irqUo166Bq3TcjSjppdq3wYsGLb6vdRAkC9bMWqEr3piphBi > yVdKTPflDXo5FEmHcxFgKctwCGzVaqXMJ4tyAEXHZ2jN6azK2mBwCtyZnakoo+Qy > zFFbI6beczIAood49aohi6k0w/IGkH6KtbcYvWgbSuPoeRPrIUqZBb8VMZtrWF80 > oyyLa1+3gIGnxBv/4KCRUpLuz2iHdjJ/qwTBgiwNmpo68YZIoqN/ylm1VLR+A9Bx > AV7+ifTZaBQ6oIRWFgziw6ZDtw5l3WCYX2LlyCrSGdbPA7IQ9fYSFNSX0iJUq668 > TUesB+5WapCmW73kZSB1OFYpxLTlJAMY3l8KvZbWfhQ3ozLLd8yKKVFBJ2HlM1i5 > GbquzKQ7qMWTVG89OUoK9b7Ipf1mApEg9CfvXnajcImM7QKASlUc0LEdtF5ujkEc > mTSw4AYUs3M0jMOarMIE/sn1MMgsjJiDpQUWhxXcX0GjViI/AAyDGqMOuClGBOAw > IaBhqC8fbgOV31BwA81C3bUcEKRFcYdMASViZO8G1B/bn+s70FFnf+JBqLI96XfI > xhQuuThjTx2zCU7oLZb0 > =Izss > -END PGP SIGNATURE- > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Header values when using HttpServletResponse.sendRedirect()
All, I inherited a codebase that calls HttpServletResponse.sendRedirect() to another page after a user is successfully logged in. I want to be able to insert a header value before that redirection is executed. I tried to simply add a HttpServletResponse.addHeader()/.setHeader() to the response object before the redirect is called, but it seems a new response object is used and sent to the browser. Is that assessment correct? Is there any way for me to modify the redirect before it's sent or do I have to use .forward()? thx, - Joe
Re: Nonce-secured pages generate 403 errors
One thing I forgot to mention... In my servlet controller's auth method, when a user's login is approved, the controller redirects the browser to another page. I noticed looking in my browser's network tab the CSRF_NONCE token in the request URL changes value between the auth method and the eventual destination. Is this normal? I also recall reading Tomcat is supposed to cache the last five tokens for a given current session - the change in token values shouldn't affect usage, correct? On Fri, Sep 2, 2016 at 10:14 AM Joe Tseng <jts...@secure-innovations.net> wrote: > For my app I was *mostly* successful in securing it using Tomcat's > CsrfPreventionFilter tool. I can land on my unsecured login.jsp page and > get the app to still redirect based on login success. > > My problem is regardless of login success I'm getting a 403 error; I may > be implementing the token check incorrectly though. When I originally read > up on how to implement CSRF in a traditional MVC app I was under the > impression I had to provide the token in a hidden field in a POST form. My > initial effort was aimed at providing that value from the session's > CSRF_NONCE attribute but that kept on coming up null or of type lrucache. > > Other posts said all I had to do was pass my unaltered POST form action > URL through HttpServletResponse.encodeRedirectURL() and the resulting > CSRF_NONCE GET value would be automagically be handled by the filter (e.g. > https://help.hana.ondemand.com/help/e5be9994bb571014b575a785961062db.html). > Now I can produce CSRF_NONCE values all day long and be redirected to > action page, but that page is producing a 403. I put a print statement in > my action page, but my browser isn't getting that far, leading me to think > I need to do something additional in my filter configuration. > > As an aside, I currently use a custom class that extends > org.apache.catalina.filters.CsrfPreventionFilter so I can override > doFilter() and filter out any checks to CSS or JS files. That works for > excluding unsecured content but is that the right approach? Is that causing > my main issue? > > My web.xml is currently as follows: > > > CSRF > filter.CustomCSRFFilter > >entryPoints >/,/login.jsp,/JS/MIST.js > > > > CSRF > /* > > > Appreciative of any useful assistance... > > - Joe > >
Nonce-secured pages generate 403 errors
For my app I was *mostly* successful in securing it using Tomcat's CsrfPreventionFilter tool. I can land on my unsecured login.jsp page and get the app to still redirect based on login success. My problem is regardless of login success I'm getting a 403 error; I may be implementing the token check incorrectly though. When I originally read up on how to implement CSRF in a traditional MVC app I was under the impression I had to provide the token in a hidden field in a POST form. My initial effort was aimed at providing that value from the session's CSRF_NONCE attribute but that kept on coming up null or of type lrucache. Other posts said all I had to do was pass my unaltered POST form action URL through HttpServletResponse.encodeRedirectURL() and the resulting CSRF_NONCE GET value would be automagically be handled by the filter (e.g. https://help.hana.ondemand.com/help/e5be9994bb571014b575a785961062db.html). Now I can produce CSRF_NONCE values all day long and be redirected to action page, but that page is producing a 403. I put a print statement in my action page, but my browser isn't getting that far, leading me to think I need to do something additional in my filter configuration. As an aside, I currently use a custom class that extends org.apache.catalina.filters.CsrfPreventionFilter so I can override doFilter() and filter out any checks to CSS or JS files. That works for excluding unsecured content but is that the right approach? Is that causing my main issue? My web.xml is currently as follows: CSRF filter.CustomCSRFFilter entryPoints /,/login.jsp,/JS/MIST.js CSRF /* Appreciative of any useful assistance... - Joe
[CsrfPreventionFilter] Adding base app URL as an entryPoint
I want to have my landing page be accessible without using a nonce but right now I'm getting a 403. I do have a separate login page that works without a nonce. The pertinent section of my web.xml is as follows: entryPoints /, /login.jsp, /JS/MIST.js I also tried "/*" without success. I saw another config using just "/" but I don't know if that person's config was successful - at least I believe my line of thinking is similar to others. Appreciative of any useful help... - Joe
Trying to use CsrfPreventionFilter
Hello, I'm trying to use CsrfPreventionFilter with a POST form in a JSP page and my understanding of its use is I need to use a hidden value field with the value I've set to ${session['org.apache.catalina.filters.CSRF_NONCE']}. Right now when I load the page the value is simply blank. As far as I know the configuration is correct and my app restarts with no obvious issues. My /WEB-INF/web.xml is as follows: CSRF org.apache.catalina.filters.CsrfPreventionFilter entryPoints /MIST,/MIST/,/MIST/login.jsp CSRF MISTmanager MISTmanager servlets.MISTmanager And my field is as follows: Is that the right way to get the value for CSRF_NONCE? If not, am I close? Useful ideas appreciated! - Joe
RE: [PossibleSpam] Re: Tomcat Rewrite Valve
>Am 10.02.2016 um 15:23 schrieb Rémy Maucherat: >> 2016-02-10 15:06 GMT+01:00 Joe Aldrich <jaldr...@kimobility.com>: >> >>>> Am 29.01.2016 15:34, schrieb Joe Aldrich: >>>>> Hello, >>>>> >>>>> I am using Tomcat 8.0.28 on Windows 10 and am having a problem with >>>>> the Rewrite Value. I must include the escaped form of an ampersand >>>>> '%26' in the output URL. >>>>> >>>>> My rewrite.config has the following: >>>>> >>>>> RewriteCond %{QUERY_STRING} ^(.*&)?SCID=8(&.*)?$ RewriteRule >>>>> ^/(product|specs|avail-options|avail-category)\.php$ >>>>> /Product.action?select=Model+4+\%26+4C [R=301,L,NE] >>>>> >>>>> I am escaping the percent sign with a backslash, and I have tried >>>>> using the NE flag. However, Tomcat always is treating the percent >>>>> symbol as a back reference to the above RewriteCond. If I don't >>>>> have a second capture group, then I get a 500 error from a >>>>> NullPointerException. >>>> The current tomcat code does not allow escaping of percent or dollar sign. >>>> >>>> The parser just looks for percent (or dollar) and applies it either >>>> as a >>> backreference (when it is followed by a digit), or a map. >>>> I have not found any indication, that escaping is possible with httpd. >>>> Could you provide a link to the doc, that states it is possible? >>> In Apache mod_rewrite it is possible per this documentation: >>> https://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#quoting >> >> Ok, I added an item for that since the mod_rewrite behavior should be >> implemented: >> https://bz.apache.org/bugzilla/show_bug.cgi?id=58988 >The fix will be included in 9.0.0.M4 and 8.0.33. The syntax will be the same >as with httpd 2.2 using a backslash to quota a percent sign. > >@Joe, could you test the current trunk for 8 or 9? I tested the truck for Tomcat 8. Escaping '%' or '$' with '\' now works as expected according to the documentation. Thanks for all the help on this, Joe >Regards, > Felix >> Rémy >> >>> >>>> If you are willing to build tomcat yourself, you could try the >>>> attached >>> patch, which will allow escaping of percent signs by specifying them as %%. >>>> Your example would thus look like >>>> "/Product.action?select=Model+4+%%26+4C". >>>> >>>> Regards, >>>> Felix >>> I will look into applying the patch as I need to be able to redirect >>> to URLs that contain %26 in the query string. >>> Much thanks, >>> Joe >>> >>>>> I was working with the documentation on this page: >>>>> >>>>> http://tomcat.apache.org/tomcat-8.0-doc/rewrite.html >>>>> >>>>> The desired output URL would be: >>>>> >>>>> http://www.domain.com/Product.html?select=Model+4+%26+4C >>>>> >>>>> In the example given for the NE flag on the page reference above, >>>>> the percent sign is escaped by a backslash to prevent it from being >>>>> treated as a back-reference. This is not working for me. Instead I >>>>> get: >>>>> >>>>> http://www.domain.com/Product.action?select=Model+4+\null6+4C >>>>> >>>>> Where the "null" is due to an empty second back-reference. I >>>>> believe this is a bug in that it is not escaping the percent sign >>>>> (making it impossible to create the %26 in the redirect URL). Or am >>>>> I misunderstanding something here? >>>>> >>>>> As a side question, shouldn't an empty back-reference be blank >>>>> instead of adding 'null' to the URL? >>>>> >>>>> Joseph B Aldrich >>>>> >>>>> >>>>> --- >>>>> -- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>>>> For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: [PossibleSpam] Re: Tomcat Rewrite Valve
>Am 10.02.2016 um 15:23 schrieb Rémy Maucherat: >> 2016-02-10 15:06 GMT+01:00 Joe Aldrich <jaldr...@kimobility.com>: >> >>>> Am 29.01.2016 15:34, schrieb Joe Aldrich: >>>>> Hello, >>>>> >>>>> I am using Tomcat 8.0.28 on Windows 10 and am having a problem with >>>>> the Rewrite Value. I must include the escaped form of an ampersand >>>>> '%26' in the output URL. >>>>> >>>>> My rewrite.config has the following: >>>>> >>>>> RewriteCond %{QUERY_STRING} ^(.*&)?SCID=8(&.*)?$ RewriteRule >>>>> ^/(product|specs|avail-options|avail-category)\.php$ >>>>> /Product.action?select=Model+4+\%26+4C [R=301,L,NE] >>>>> >>>>> I am escaping the percent sign with a backslash, and I have tried >>>>> using the NE flag. However, Tomcat always is treating the percent >>>>> symbol as a back reference to the above RewriteCond. If I don't >>>>> have a second capture group, then I get a 500 error from a >>>>> NullPointerException. >>>> The current tomcat code does not allow escaping of percent or dollar sign. >>>> >>>> The parser just looks for percent (or dollar) and applies it either >>>> as a >>> backreference (when it is followed by a digit), or a map. >>>> I have not found any indication, that escaping is possible with httpd. >>>> Could you provide a link to the doc, that states it is possible? >>> In Apache mod_rewrite it is possible per this documentation: >>> https://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#quoting >> >> Ok, I added an item for that since the mod_rewrite behavior should be >> implemented: >> https://bz.apache.org/bugzilla/show_bug.cgi?id=58988 >The fix will be included in 9.0.0.M4 and 8.0.33. The syntax will be the same >as with httpd 2.2 using a backslash to quota a percent sign. > >@Joe, could you test the current trunk for 8 or 9? Yes, I will test it out as soon as I get the chance. Thanks again, Joe >Regards, > Felix >> Rémy >> >>> >>>> If you are willing to build tomcat yourself, you could try the >>>> attached >>> patch, which will allow escaping of percent signs by specifying them as %%. >>>> Your example would thus look like >>>> "/Product.action?select=Model+4+%%26+4C". >>>> >>>> Regards, >>>> Felix >>> I will look into applying the patch as I need to be able to redirect >>> to URLs that contain %26 in the query string. >>> Much thanks, >>> Joe >>> >>>>> I was working with the documentation on this page: >>>>> >>>>> http://tomcat.apache.org/tomcat-8.0-doc/rewrite.html >>>>> >>>>> The desired output URL would be: >>>>> >>>>> http://www.domain.com/Product.html?select=Model+4+%26+4C >>>>> >>>>> In the example given for the NE flag on the page reference above, >>>>> the percent sign is escaped by a backslash to prevent it from being >>>>> treated as a back-reference. This is not working for me. Instead I >>>>> get: >>>>> >>>>> http://www.domain.com/Product.action?select=Model+4+\null6+4C >>>>> >>>>> Where the "null" is due to an empty second back-reference. I >>>>> believe this is a bug in that it is not escaping the percent sign >>>>> (making it impossible to create the %26 in the redirect URL). Or am >>>>> I misunderstanding something here? >>>>> >>>>> As a side question, shouldn't an empty back-reference be blank >>>>> instead of adding 'null' to the URL? >>>>> >>>>> Joseph B Aldrich >>>>> >>>>> >>>>> --- >>>>> -- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>>>> For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: [PossibleSpam] Re: Tomcat Rewrite Valve
>Am 29.01.2016 15:34, schrieb Joe Aldrich: >> Hello, >> >> I am using Tomcat 8.0.28 on Windows 10 and am having a problem with >> the Rewrite Value. I must include the escaped form of an ampersand >> '%26' in the output URL. >> >> My rewrite.config has the following: >> >> RewriteCond %{QUERY_STRING} ^(.*&)?SCID=8(&.*)?$ RewriteRule >> ^/(product|specs|avail-options|avail-category)\.php$ >> /Product.action?select=Model+4+\%26+4C [R=301,L,NE] >> >> I am escaping the percent sign with a backslash, and I have tried >> using the NE flag. However, Tomcat always is treating the percent >> symbol as a back reference to the above RewriteCond. If I don't have a >> second capture group, then I get a 500 error from a >> NullPointerException. >The current tomcat code does not allow escaping of percent or dollar sign. > >The parser just looks for percent (or dollar) and applies it either as a >backreference (when it is followed by a digit), or a map. > >I have not found any indication, that escaping is possible with httpd. >Could you provide a link to the doc, that states it is possible? In Apache mod_rewrite it is possible per this documentation: https://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#quoting >If you are willing to build tomcat yourself, you could try the attached patch, >which will allow escaping of percent signs by specifying them as %%. > >Your example would thus look like >"/Product.action?select=Model+4+%%26+4C". > >Regards, > Felix I will look into applying the patch as I need to be able to redirect to URLs that contain %26 in the query string. Much thanks, Joe >> >> I was working with the documentation on this page: >> >> http://tomcat.apache.org/tomcat-8.0-doc/rewrite.html >> >> The desired output URL would be: >> >> http://www.domain.com/Product.html?select=Model+4+%26+4C >> >> In the example given for the NE flag on the page reference above, the >> percent sign is escaped by a backslash to prevent it from being >> treated as a back-reference. This is not working for me. Instead I >> get: >> >> http://www.domain.com/Product.action?select=Model+4+\null6+4C >> >> Where the "null" is due to an empty second back-reference. I believe >> this is a bug in that it is not escaping the percent sign (making it >> impossible to create the %26 in the redirect URL). Or am I >> misunderstanding something here? >> >> As a side question, shouldn't an empty back-reference be blank instead >> of adding 'null' to the URL? >> >> Joseph B Aldrich >> >> >> - >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org
FW: [PossibleSpam] Re: Tomcat Rewrite Valve
Hello, This is my first attempt at interaction with the Tomcat Users List. I haven't heard anything back on my response to the initial followup by Chris, and I was just checking if there was anything else needed from me on this. Thanks, Joe -Original Message- From: Joe Aldrich Sent: Friday, January 29, 2016 5:07 PM To: Tomcat Users List Subject: RE: [PossibleSpam] Re: Tomcat Rewrite Valve Hello, -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe, >On 1/29/16 9:34 AM, Joe Aldrich wrote: >> I am using Tomcat 8.0.28 on Windows 10 and am having a problem with >> the Rewrite Value. I must include the escaped form of an ampersand >> '%26' in the output URL. >> >> My rewrite.config has the following: >> >> RewriteCond %{QUERY_STRING} ^(.*&)?SCID=8(&.*)?$ RewriteRule >> ^/(product|specs|avail-options|avail-category)\.php$ >> /Product.action?select=Model+4+\%26+4C [R=301,L,NE] >> >> I am escaping the percent sign with a backslash, and I have tried >> using the NE flag. However, Tomcat always is treating the percent >> symbol as a back reference to the above RewriteCond. If I don't have >> a second capture group, then I get a 500 error from a >> NullPointerException. >Can you please post the stack trace from that? Here is what I get if I don’t specify a second capture group: HTTP Status 500 - No group 2 type Exception report message No group 2 description The server encountered an internal error that prevented it from fulfilling this request. exception java.lang.IndexOutOfBoundsException: No group 2 java.util.regex.Matcher.group(Unknown Source) org.apache.catalina.valves.rewrite.Substitution$RewriteCondBackReferenceElement.evaluate(Substitution.java:51) org.apache.catalina.valves.rewrite.Substitution.evaluate(Substitution.java:238) org.apache.catalina.valves.rewrite.RewriteRule.evaluate(RewriteRule.java:133) org.apache.catalina.valves.rewrite.RewriteValve.invoke(RewriteValve.java:292) org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616) org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518) org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091) org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673) org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500) org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456) java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) java.lang.Thread.run(Unknown Source) note The full stack trace of the root cause is available in the Apache Tomcat/8.0.28 logs. Apache Tomcat/8.0.28 >> I was working with the documentation on this page: >> >> http://tomcat.apache.org/tomcat-8.0-doc/rewrite.html >> >> The desired output URL would be: >> >> http://www.domain.com/Product.html?select=Model+4+%26+4C >Presumably, if you don't escape it at all, you get: > >http://www.domain.com/Product.html?select=Model+4+%2526+4C > >? If I do not use the backslash to escape the percent sign, then (with or without the [NE] flag) I get a back-reference resulting in a 500 error if there isn't a second capture group. If there is a second capture group I get: http://www.domain.com/Product.html?select=Model+4+null26+4C (where again, null represents there was nothing specified after the SCID=8 in the query string). If I omit the [NE] flag and keep the backslash to escape the percent sign, the escaping of the percent sign fails and I get similar results except for the presence of the backslash in the output URL as: http://www.domain.com/Product.html?select=Model+4+\null26+4C >> In the example given for the NE flag on the page reference above, the >> percent sign is escaped by a backslash to prevent it from being >> treated as a back-reference. This is not working for me. Instead I >> get: >> >> http://www.domain.com/Product.action?select=Model+4+\null6+4C >> >> Where the "null" is due to an empty second back-reference. I believe >> this is a bug in that it is not escaping the percent sign (making it >> impossible to create the %26 in the redirect URL). Or am I >> misunderstanding something here? >> >> As a side question, shouldn't an empty back-reference be blank >> instead of adding 'null' to the URL? >I agree that the "null"
Tomcat Rewrite Valve
Hello, I am using Tomcat 8.0.28 on Windows 10 and am having a problem with the Rewrite Value. I must include the escaped form of an ampersand '%26' in the output URL. My rewrite.config has the following: RewriteCond %{QUERY_STRING} ^(.*&)?SCID=8(&.*)?$ RewriteRule ^/(product|specs|avail-options|avail-category)\.php$ /Product.action?select=Model+4+\%26+4C [R=301,L,NE] I am escaping the percent sign with a backslash, and I have tried using the NE flag. However, Tomcat always is treating the percent symbol as a back reference to the above RewriteCond. If I don't have a second capture group, then I get a 500 error from a NullPointerException. I was working with the documentation on this page: http://tomcat.apache.org/tomcat-8.0-doc/rewrite.html The desired output URL would be: http://www.domain.com/Product.html?select=Model+4+%26+4C In the example given for the NE flag on the page reference above, the percent sign is escaped by a backslash to prevent it from being treated as a back-reference. This is not working for me. Instead I get: http://www.domain.com/Product.action?select=Model+4+\null6+4C Where the "null" is due to an empty second back-reference. I believe this is a bug in that it is not escaping the percent sign (making it impossible to create the %26 in the redirect URL). Or am I misunderstanding something here? As a side question, shouldn't an empty back-reference be blank instead of adding 'null' to the URL? Joseph B Aldrich Junior Java Developer P: 800.981.1540 | F: 715.254.0996 4848 Industrial Park Rd. Stevens Point. 54481 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: [PossibleSpam] Re: Tomcat Rewrite Valve
Hello, -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe, >On 1/29/16 9:34 AM, Joe Aldrich wrote: >> I am using Tomcat 8.0.28 on Windows 10 and am having a problem with >> the Rewrite Value. I must include the escaped form of an ampersand >> '%26' in the output URL. >> >> My rewrite.config has the following: >> >> RewriteCond %{QUERY_STRING} ^(.*&)?SCID=8(&.*)?$ RewriteRule >> ^/(product|specs|avail-options|avail-category)\.php$ >> /Product.action?select=Model+4+\%26+4C [R=301,L,NE] >> >> I am escaping the percent sign with a backslash, and I have tried >> using the NE flag. However, Tomcat always is treating the percent >> symbol as a back reference to the above RewriteCond. If I don't have a >> second capture group, then I get a 500 error from a >> NullPointerException. >Can you please post the stack trace from that? Here is what I get if I don’t specify a second capture group: HTTP Status 500 - No group 2 type Exception report message No group 2 description The server encountered an internal error that prevented it from fulfilling this request. exception java.lang.IndexOutOfBoundsException: No group 2 java.util.regex.Matcher.group(Unknown Source) org.apache.catalina.valves.rewrite.Substitution$RewriteCondBackReferenceElement.evaluate(Substitution.java:51) org.apache.catalina.valves.rewrite.Substitution.evaluate(Substitution.java:238) org.apache.catalina.valves.rewrite.RewriteRule.evaluate(RewriteRule.java:133) org.apache.catalina.valves.rewrite.RewriteValve.invoke(RewriteValve.java:292) org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616) org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518) org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091) org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673) org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500) org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456) java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) java.lang.Thread.run(Unknown Source) note The full stack trace of the root cause is available in the Apache Tomcat/8.0.28 logs. Apache Tomcat/8.0.28 >> I was working with the documentation on this page: >> >> http://tomcat.apache.org/tomcat-8.0-doc/rewrite.html >> >> The desired output URL would be: >> >> http://www.domain.com/Product.html?select=Model+4+%26+4C >Presumably, if you don't escape it at all, you get: > >http://www.domain.com/Product.html?select=Model+4+%2526+4C > >? If I do not use the backslash to escape the percent sign, then (with or without the [NE] flag) I get a back-reference resulting in a 500 error if there isn't a second capture group. If there is a second capture group I get: http://www.domain.com/Product.html?select=Model+4+null26+4C (where again, null represents there was nothing specified after the SCID=8 in the query string). If I omit the [NE] flag and keep the backslash to escape the percent sign, the escaping of the percent sign fails and I get similar results except for the presence of the backslash in the output URL as: http://www.domain.com/Product.html?select=Model+4+\null26+4C >> In the example given for the NE flag on the page reference above, the >> percent sign is escaped by a backslash to prevent it from being >> treated as a back-reference. This is not working for me. Instead I >> get: >> >> http://www.domain.com/Product.action?select=Model+4+\null6+4C >> >> Where the "null" is due to an empty second back-reference. I believe >> this is a bug in that it is not escaping the percent sign (making it >> impossible to create the %26 in the redirect URL). Or am I >> misunderstanding something here? >> >> As a side question, shouldn't an empty back-reference be blank instead >> of adding 'null' to the URL? >I agree that the "null" is incorrect. That is almost certainly a bug. > >[NE] should be preventing escaping of the resulting URL, but that might break >if you had user-specified input being re-written, but then not escaped. > >I'm not entirely sure if backslash-escaping is expected to work for >back-references. It's certainly a reasonable expectation, especially if that's >the way that mod_rewrite >works (and
Apache Tomcat 7 on windows 2008: how to host mutiple domains
Hi there, I’m new to Apache Tomcat. I have been asked to point new domain name to the existing domain name. E.g. We have https://xyz.abc.com, we want new domain name http://123.abc.com to point to xyz.abc.com. The Apache Tomcat 7 server is installed Windows 2008 R2 server. We have created the DNS entry for 123.abc.com Can someone tell me how to do this? Do I need to create a virtual host and if so how. How do I restart tomcat server on windows 2008 R2? I read that if I modify server.xml then I need to restart Tomcat. How do I restart Tomcat? I have a following entry in config/server.xml file:Host name=localhost appBase=webapps unpackWARs=true autoDeploy=true Valve className=org.apache.catalina.valves.AccessLogValve directory=logs prefix=localhost_access_log. suffix=.txt pattern=%h %l %u %t quot;%rquot; %s %b / /Host Thanks Joe
Re: Our tomcat just crashed due to classnotfound, not sure how to investigate
pentesting going on? On Feb 16, 2015 10:44 AM, Mathias af Jochnick math...@lightlabs.se wrote: Christopher, thanks for responding. See my comments below. -- Mathias af Jochnick, +46703414084 On 16 February 2015 at 16:36:32, Christopher Schultz ( ch...@christopherschultz.net) wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mathias, On 2/16/15 5:43 AM, Mathias af Jochnick wrote: Our server has been in production for years without issues, but today it crashed out of the blue. Last in the logs: Exception in thread main java.lang.NoClassDefFoundError: aasxknsakadskdskdskdsakmxxads Caused by: java.lang.ClassNotFoundException: aasknsakadskdskdskdsakmads at java.net.URLClassLoader$1.run(URLClassLoader.java:217) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:205) at java.lang.ClassLoader.loadClass(ClassLoader.java:321) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:294) at java.lang.ClassLoader.loadClass(ClassLoader.java:266) Could not find the main class: aasxknsakadskdskdskdsakxxmads. Program will exit. Where do you see this? Which log file? Catalina.out When Java can't load a class, a ClassNotFoundException or NoClassDefFoundError is thrown, but it does not terminate the JVM. The message above says Could not find the main class, which indicates that a JVM was trying to launch with a new main class, not that an existing JVM (i.e. Tomcat running your web apps) was trying to load a class. Right, well as i said, it’s in catalina.out When I run my JVM with a bad main class, I don't get a stack trace: $ java -showversion foo java version 1.8.0_31 Java(TM) SE Runtime Environment (build 1.8.0_31-b13) Java HotSpot(TM) 64-Bit Server VM (build 25.31-b07, mixed mode) Error: Could not find or load main class foo Other versions of Java: $ java -showversion foo java version 1.7.0_76 Java(TM) SE Runtime Environment (build 1.7.0_76-b13) Java HotSpot(TM) 64-Bit Server VM (build 24.76-b04, mixed mode) Error: Could not find or load main class foo $ java -showversion foo java version 1.6.0_65 Java(TM) SE Runtime Environment (build 1.6.0_65-b14-466.1-11M4716) Java HotSpot(TM) 64-Bit Server VM (build 20.65-b04-466.1, mixed mode) Exception in thread main java.lang.NoClassDefFoundError: foo Caused by: java.lang.ClassNotFoundException: foo at java.net.URLClassLoader$1.run(URLClassLoader.java:202) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:306) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:247) So, I get the exception and stack trace, but no message about how the Program will exit. So... how is this being launched? Well, that’s what i’m wondering too. Our Tomcat process died, that was what was last in the logfile, the server had been up for a week. Nobody had logged in and done anything, unless we’re missing something. The server is at a hosting partner and i’m pretty confident they’re not complete tools if you see what i mean. While its obvious what caused the crash, i have no clue as to why. We have no new production code, nothing has changed as far as we know. I'm not sure how to investigate this, to me it seems like some sort of dynamic class-loading hack attempt? Can i look for some configured service to turn off? I'm at a loss so any pointers on how to investigate / prevent this would be extremely appreciated. Tomcat/6.0.28 No currently-supported version of Tomcat prints the message Program will exit.. I'm at a loss to explain why you would *ever* see this message, let alone what is causing it in your particular case. I would treat the server as suspicious and take appropriate steps. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJU4g4aAAoJEBzwKT+lPKRYdAUP/0ud2VoU5Ts5ztmHCHGBkeF4 bGAvY7/eKNWxOG7Zt7KlDvIl06dZa7yQarnD6EtpdAWtg1lP3YO5GM6HXlS8EN9g 14MrTxsC0rGJXji2+z7EHXwi2v1bosLqadufgaS6RXgbhiZ/YhoiHK2MWTEDgONX 5GLe8yjQQ2ADZeb8JaOO3fT0Tt1/ZQd/hRLsyCw2QFCUF/VP9puczMb7cQj6v2L/ xizSxJenSZsVljVSEnwC/XBv/JpIja/F9FD2qvB0da9hSa5Usuvg6GSPihegldMS nIXgbdYQcb8m3aFysF/LVTd2cRHp3RQfz/O10mNjSI0eDFkPOHXeEXOy0Sqdew8u VtrUm1haWrbo/sAUDBpgIvL5RP4L/YBH84CFcG2syXeff/kfCE1wkKH/HaOx9B31 S7wLVp/fk1RW1N2KHv3SdxWh1Ual7uvidyP3+Gmztk3278OwPX8Ji49tXB9aLc8R fzXi06laGkQ8T/mQggzeSvr70BW6rBmcK9gziFmNxUbOrCvOCP987h97YXd2NRZc qTXOWVdO+GkO09thdVCRCd3IPbvt+P7en+A0b+p7eJUQZjIYlFHA1pL9hoDxYLD1 C3Zfedk4tpig4ynDM+VHZ9n44zEJO8RSZlzknNiLiy0GE1pFMr0TJePTMsc4tCu0 zb/vU3pKvKrQNFIdydaE =jXyS -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional
Re: Tomcat v7 Embedded
Jesse Farinacci jieryn at gmail.com writes: Greetings, I am trying to embed Tomcat v7.0.11 into a self-contained, executable jar. The jar is created using Maven (assembly plugin) which packages the required Tomcat embedded classes and also an unpacked WAR archive. The listed Main-Class does a very simple creation of a Tomcat server and launches it. The unpacked WAR exploits Servlet 3.0 classpath scanning. Is there no way to point the docBase at the executable jar itself, again which contains the unpacked WAR, and have it auto-extract itself or otherwise be useful? Embedded Jetty provides this capability and it is exceptionally useful. So, right now Tomcat 7 is firing up and serving requests. I just can not figure out the magic incantation to get it to locate the embedded and unpacked WAR where it itself is executing from. Thanks in advance, -Jesse Have you tried pointing tomcat to expect the exploded war in a folder that is a sibling to the jar file? If you did this and then added logic to extract and explode the war to that folder as the first activity in your main class (using java's zip libraries) then forward on execution to tomcat, perhaps it would pick up the war? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat v7 Embedded
Jesse Farinacci jieryn at gmail.com writes: Greetings, I am trying to embed Tomcat v7.0.11 into a self-contained, executable jar. The jar is created using Maven (assembly plugin) which packages the required Tomcat embedded classes and also an unpacked WAR archive. The listed Main-Class does a very simple creation of a Tomcat server and launches it. The unpacked WAR exploits Servlet 3.0 classpath scanning. Is there no way to point the docBase at the executable jar itself, again which contains the unpacked WAR, and have it auto-extract itself or otherwise be useful? Embedded Jetty provides this capability and it is exceptionally useful. So, right now Tomcat 7 is firing up and serving requests. I just can not figure out the magic incantation to get it to locate the embedded and unpacked WAR where it itself is executing from. Thanks in advance, -Jesse Have you tried pointing tomcat to expect the exploded war in a folder that is a sibling to the jar file? If you did this and then added logic to extract and explode the war to that folder as the first activity in your main class (using java's zip libraries) then forward on execution to tomcat, perhaps it would pick up the war? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Apache + Tomcat + mod_jk ; Why wrong content type?
Hi Chris, Many thanks for your reply. I found out that mime_module wasn't enabled. So I added the following line LoadModule mime_module modules/mod_mime.so to httpd.conf file and everything's fine now. Thanks again! Joe On Wed, Oct 3, 2012 at 10:28 AM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe, On 10/3/12 1:47 AM, Joe Hansen wrote: We are using Apache 2.2 + Tomcat 7 + mod_jk (all 64-bit) on a RedHat box. I have configured the settings such that the static content like css and javascript are served by httpd rather than tomcat. However, when I do so, the css files are returned with a content type=text/plain rather than content type=text/css. Why is that so? Here are the snippets from the relevant files.. /* workers.properties */ worker.list=worker1 worker.worker1.type=ajp13 worker.worker1.host=localhost worker.worker1.port=8009 /* httpd-vhosts.conf */ DocumentRoot /hosts/example.com/webapps/ROOT JkUnMount /css/* worker1 JkUnMount /img/* worker1 JkUnMount /js/* worker1 JkMount /* worker1 What does a sample request look like (include full HTTP headers)? What does a sample response look like (include full HTTP headers)? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBsZ8cACgkQ9CaO5/Lv0PAQwQCfTp6OVO9Ln9Uak6j/RnD/EMyh oQgAnjkHpWaGoA3WRPvUfQtUmW+b09+B =8URJ -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Apache + Tomcat + mod_jk ; Why wrong content type?
Hi All, We are using Apache 2.2 + Tomcat 7 + mod_jk (all 64-bit) on a RedHat box. I have configured the settings such that the static content like css and javascript are served by httpd rather than tomcat. However, when I do so, the css files are returned with a content type=text/plain rather than content type=text/css. Why is that so? Here are the snippets from the relevant files.. /* workers.properties */ worker.list=worker1 worker.worker1.type=ajp13 worker.worker1.host=localhost worker.worker1.port=8009 /* httpd-vhosts.conf */ DocumentRoot /hosts/example.com/webapps/ROOT JkUnMount /css/* worker1 JkUnMount /img/* worker1 JkUnMount /js/* worker1 JkMount /* worker1 Thanks, Joe
Error while starting tomcat. Failed creating jvm.dll
Hi, I have installed Tomcat 6.0.29 on a machine running Windows 7 Professional (64bit) and JDK 1.5.0_22. When I start Tomcat, I see the following error message in the log file: [206 javajni.c] [error] %1 is not a valid Win32 application. [985 prunsrv.c] [error] Failed creating java C:\Program Files (x86)\Java\jdk1.5.0_22\jre\bin\server\jvm.dll When I googled the above error message, I was told that copying the msvcr71.dll file to either windows/System32 folder or Tomcat/bin folder will solve the problem. Unfortunately, it did not. Can someone please give me pointers on why the above error message occurs? I did not have any issues running Tomcat on a Windows XP 32 bit machine. However, that hasn't been the case with my Windows 7 machine. Please help! Thanks, Joe
Re: Error while starting tomcat. Failed creating jvm.dll
Thanks for the quick reply, Konstantin! I uninstalled Tomcat, then installed JDK 6 64-bit version and I do not get that error anymore. The problem happened because I was pointing Tomcat to a 32-bit JDK rather than 64-bit one. On Wed, Oct 19, 2011 at 12:59 AM, Konstantin Kolinko knst.koli...@gmail.com wrote: 2011/10/19 Joe Hansen joe.hansen...@gmail.com: Hi, I have installed Tomcat 6.0.29 on a machine running Windows 7 Professional (64bit) and JDK 1.5.0_22. Why not 6.0.33? When I start Tomcat, I see the following error message in the log file: [206 javajni.c] [error] %1 is not a valid Win32 application. [985 prunsrv.c] [error] Failed creating java C:\Program Files (x86)\Java\jdk1.5.0_22\jre\bin\server\jvm.dll 64-bit service and 32-bit dll? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
AJP Errors. Apache + Tomcat
Hi, I get the following AJP errors when I try to access a webpage after starting Apache and Tomcat. Both Apache web server and Tomcat start up fine but I get these errors in Apache logs and I get a 503 Service Temporarily Unavailable message in the browser. Apparently Tomcat isn't seeing the request. [error] (OS 10061) No connection could be made because the target machine actively refused it. : proxy: AJP: attempt to connect to 127.0.0.1:8009(localhost) failed [error] ap_proxy_connect_backend disabling worker for (localhost) [error] proxy: AJP: failed to make connection to backend: localhost Can you please help me find out where the problem lies. Thanks, Joe Environment: Apache 2.2, Tomcat 6.0.29, JDK 6, Windows 7 64-bit /* excerpt from httpd.conf */ LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_ajp_module modules/mod_proxy_ajp.so NameVirtualHost *:80 VirtualHost *:80 ServerAdmin a...@gmail.com ServerName abc.local ServerAlias www.abc.local ErrorLog logs/ajp.error.log RewriteEngine on RewriteCond %{HTTP_HOST} ^abc.local [nc] RewriteRule ^(.*)$ http://www.abclocal$1 [r=301,L] Proxy * AddDefaultCharset Off Order deny,allow Allow from all /Proxy ProxyPass / ajp://localhost:8009/ ProxyPassReverse / ajp://localhost:8009/ /VirtualHost /* excerpt from tomcat/conf/server.xml */ Connector port=8080 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=8443 / Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=false sslProtocol=TLS / Connector port=8009 protocol=AJP/1.3 redirectPort=443 / Host name=localhost appBase=webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false /Host Host name=abc.local appBase=c:/hosts/abc.local/webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false /Host
Re: Error while starting tomcat. Failed creating jvm.dll
Thanks for pointing that out, Konstantin. I have now uninstalled Tomcat 6.0.29 and installed 6.0.33 instead and it works flawlessly with the 32-bit JRE. If it weren't for you, I wouldn't have known about it. Thank you very much! :) Regards, Joe On Wed, Oct 19, 2011 at 2:03 AM, Konstantin Kolinko knst.koli...@gmail.comwrote: 2011/10/19 Joe Hansen joe.hansen...@gmail.com: Thanks for the quick reply, Konstantin! I uninstalled Tomcat, then installed JDK 6 64-bit version and I do not get that error anymore. The problem happened because I was pointing Tomcat to a 32-bit JDK rather than 64-bit one. Latest versions of 6.0.x installer (6.0.30+) can autoselect 32-bit service wrapper if they encounter a 32-bit JRE, but your old 6.0.29 one cannot. I have installed Tomcat 6.0.29 on a machine running Windows 7 Professional (64bit) and JDK 1.5.0_22. When I start Tomcat, I see the following error message in the log file: [206 javajni.c] [error] %1 is not a valid Win32 application. [985 prunsrv.c] [error] Failed creating java C:\Program Files (x86)\Java\jdk1.5.0_22\jre\bin\server\jvm.dll Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP Errors. Apache + Tomcat
I uninstalled Tomcat and installed a newer version (6.0.33) and the problem disappeared. It is strange because the config files are the same. On Wed, Oct 19, 2011 at 2:16 AM, j...@gniffelnieuws.net wrote: Hi I get the following AJP errors when I try to access a webpage after ztarting Apache and Tomcat. Both Apache web server and Tomcat start up fine but I get these errors in Apache logs and I get a 503 Service Temporarily Unavailable message in the browser. Apparently Tomcat isn't seeing the request. [error] (OS 10061) No connection could be made because the target machine actively refused it. : proxy: AJP: attempt to connect to 127.0.0.1:8009(localhost) failed [error] ap_proxy_connect_backend disabling worker for (localhost) [error] proxy: AJP: failed to make connection to backend: localhost Can you please help me find out where the problem lies. Have you checked the port is listening? (netstat -an) and the firewall permits the connection (telnet localhost 8009) John -- /(bb|[^b]{2})/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat 7.0.4 on MAC my app works on Windows get...
Someone here was passing it to tomcat on the startup along with a bunch of other jvm parameters, probably in hopes of trying increase the performance. On Thu, Jan 6, 2011 at 3:02 AM, Pid p...@pidster.com wrote: On 1/5/11 8:44 PM, Joe Greenawalt wrote: So i went to the appservers and sure enough it was there * -Xverify:none*, Out of interest in which config file was this set? It's not an attribute set as standard by Tomcat. p
Re: tomcat 7.0.4 on MAC my app works on Windows get...
RESOLUTION for those that come across this or are interested. so i added velocity and velocity-tools to the pom and took them out of the lib folder and it failed, just as it did before. After some research, i came across a 'similar' problem, where they mentioned the *-Xverify* jvm option. So i went to the appservers and sure enough it was there * -Xverify:none*, so i removed it and it came up without a problem. Not sure if this is a java/tomcat7-6/struts combination, but i don't know of any reason to have this so i simply removed it and i'm moving on. j On Wed, Dec 22, 2010 at 4:54 PM, Joe Greenawalt joe.greenaw...@gmail.comwrote: right, its definitely going in my pom, i just did that to get it to work, when i get back from vacation, im going to try and figure out the problem. thanks On Wed, Dec 22, 2010 at 3:55 PM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe, On 12/22/2010 1:57 PM, Joe Greenawalt wrote: interestingly its not - not located in either place (mac/windows tomcat) as a velocity-[version].jar I downloaded Velocity+V-Tools and added them to TOMCAT_HOME/lib folder and now it works. Don't do that: put them into your webapp's WEB-INF/lib directory instead. Otherwise, you'll get confused the /next/ time you have to move your webapp. Its not on my mac anywhere, that i can find in a self contained jar file. Plus we don't have the dependency directly in our pom, thats why i first assumed it was bundled with something or the problem wasn't what it was reporting. Yeah, you need to add that dep in your pom. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk0SZdkACgkQ9CaO5/Lv0PB9MgCeI8tcV1SS8S0J3pTL56mt+I4k 6mUAn0n6jT82xM+t/XIL5VsGgLquCgoF =Oyve -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Handling Comet Timeouts with CometProcessor
Is there a better way to do this? Should my application handle these timeouts, and use the comet.timeout as a longer safety net? That sounds like the way to do it to me. Mark Thanks. It would be great if the comet event pump gave me a PRE_TIMEOUT subevent, but at least I know what I need to do. Joe - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Handling Comet Timeouts with CometProcessor
Hello, I've been making great progress with CometProcessor on Tomcat 6.0.29. I have a question about handling timeouts (and I did review this thread: http://www.mail-archive.com/users@tomcat.apache.org/msg55616.html). I want my clients to connect and stay connected for a very long time, but I do need to have my server time the connections out periodically. When I request.setAttribute(org.apache.tomcat.comet.timeout, timeout), I do indeed receive a CometEvent.EventType.ERROR, but I can find no way to gracefully tell the client that everything is OK and I just want them to back off for a while then reconnect. When I do this: ... response.sendError(HttpServletResponse.SC_REQUEST_TIMEOUT, Timed out. Please reconnect); response.flushBuffer(); event.close(); ... the client does not receive the response. They only sense an unceremonious connection close - which, if through routers, may take quite some time to be detected. How can I hook into the timeout to send the client a short response before connection close? Is there a better way to do this? Should my application handle these timeouts, and use the comet.timeout as a longer safety net? Much appreciated. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat 7.0.4 on MAC my app works on Windows get...
interestingly its not - not located in either place (mac/windows tomcat) as a velocity-[version].jar I downloaded Velocity+V-Tools and added them to TOMCAT_HOME/lib folder and now it works. Its not on my mac anywhere, that i can find in a self contained jar file. Plus we don't have the dependency directly in our pom, thats why i first assumed it was bundled with something or the problem wasn't what it was reporting. On Tue, Dec 21, 2010 at 7:03 PM, Michael Ludwig mil...@gmx.de wrote: Joe Greenawalt schrieb am 21.12.2010 um 17:40 (-0500): interestingly its not Not what? (Lack of clarity and precision so typical of top-posting …) and when i add it to windows it works What do you mean when I add it? Weren't you saying that it worked on Windows even though there is no Velocity in the web app? So have you located the JAR on your Windows box now? (with some other things like velosity tools), but i still don't have it on my mac or in the app and it runs there. So i have a workaround, but still don't understand how. Guess i'll add it to the pom. Hmm? -- Michael Ludwig - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat 7.0.4 on MAC my app works on Windows get...
right, its definitely going in my pom, i just did that to get it to work, when i get back from vacation, im going to try and figure out the problem. thanks On Wed, Dec 22, 2010 at 3:55 PM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe, On 12/22/2010 1:57 PM, Joe Greenawalt wrote: interestingly its not - not located in either place (mac/windows tomcat) as a velocity-[version].jar I downloaded Velocity+V-Tools and added them to TOMCAT_HOME/lib folder and now it works. Don't do that: put them into your webapp's WEB-INF/lib directory instead. Otherwise, you'll get confused the /next/ time you have to move your webapp. Its not on my mac anywhere, that i can find in a self contained jar file. Plus we don't have the dependency directly in our pom, thats why i first assumed it was bundled with something or the problem wasn't what it was reporting. Yeah, you need to add that dep in your pom. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk0SZdkACgkQ9CaO5/Lv0PB9MgCeI8tcV1SS8S0J3pTL56mt+I4k 6mUAn0n6jT82xM+t/XIL5VsGgLquCgoF =Oyve -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
tomcat 7.0.4 on MAC my app works on Windows get...
tomcat 7.0.4 on MAC my app works on Windows get... SEVERE: Exception starting filter struts2 java.lang.NoClassDefFoundError: Lorg/apache/velocity/app/VelocityEngine; i have removed all other applications from the webapps and have restarted the box. Application is built with maven, and i used the exact same war file. Any ideas on what to try next? Thanks, Joe
Re: tomcat 7.0.4 on MAC my app works on Windows get...
Well since its the exact same war file placed in the exact same version of tomcat, the main variable being the OS (mac/windows) my thinking is that the class does exist, but its getting loaded differently or something else is causing the problem but this log error is getting reported. If it will help, i can try to find it in the jar files. On Tue, Dec 21, 2010 at 1:09 PM, Konstantin Kolinko knst.koli...@gmail.comwrote: 2010/12/21 Joe Greenawalt joe.greenaw...@gmail.com: Here is the lib Folder of the deployed app: activation-1.1.jar (...) slf4j-log4j12-1.5.2.jar and which one of the jars listed above belongs to Velocity? java.lang.NoClassDefFoundError: Lorg/apache/velocity/app/VelocityEngine; - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat 7.0.4 on MAC my app works on Windows get...
Good points, i'll start searching for them. Anyone have a OS X jar inspector recommendation? 'jarinspector' itself doesn't work on 10.6. Thanks for the feedback. Joe On Tue, Dec 21, 2010 at 3:18 PM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Micheal, On 12/21/2010 2:22 PM, Michael Ludwig wrote: Joe Greenawalt schrieb am 21.12.2010 um 13:26 (-0500): Well since its the exact same war file placed in the exact same version of tomcat, the main variable being the OS (mac/windows) Not necessarily. The Tomcats might well be configured differently. What's the contents of the %Tomcat_Home%\lib\ folder on Windows? Or anything in conf\catalina.properties? +1 What's likely is whoever set up your original system had the brilliant idea of pushing the libraries up to the upper-level class loaders. We've had a rash of questions over the last 7 days or so about this kind of thing, and we always tell people not to do it. This is a huge reason why not to do it. Same story for the JVM. Velocity in lib/ext/, who knows? Yikes! - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk0RC40ACgkQ9CaO5/Lv0PB2fgCgmb+6QqQfar4j8kTu+a5V5ZVL UH8An1ZjxYlwrqGqdcxPx5DGEHVUSMQt =QTfo -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat 7.0.4 on MAC my app works on Windows get...
interestingly its not, and when i add it to windows it works (with some other things like velosity tools), but i still don't have it on my mac or in the app and it runs there. So i have a workaround, but still don't understand how. Guess i'll add it to the pom. Thanks for the input and help. On Tue, Dec 21, 2010 at 4:37 PM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe, On 12/21/2010 3:43 PM, Michael Ludwig wrote: Joe Greenawalt schrieb am 21.12.2010 um 15:22 (-0500): Good points, i'll start searching for them. Anyone have a OS X jar inspector recommendation? 'jarinspector' itself doesn't work on 10.6. Searching? For starters, you should check the following: dir %TOMCAT_HOME%\lib type %TOMCAT_HOME%\conf\catalina.properties dir %java_home%\jre\lib\ext You're really just looking for velocity-[version].jar. It should be self-contained. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk0RHhoACgkQ9CaO5/Lv0PAfgACgk3ERA9Z7WNq47lWUMu/J2MK4 2OcAnAxPZA0pWPtXUaYL6HoDnbcYjh7g =BGs7 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Enabling CGIServlet causes SecurityException in Tomat 6
Hey All, We are using Tomcat 6 on a RedHat box. Today I installed AWStats and AWStats needs CGI. So I enabled the CGIServlet in the Tomcat's web.xml file. When I restarted Tomcat, I got the following error message: SEVERE: Error deploying web application directory docs java.lang.SecurityException: Servlet of class org.apache.catalina.servlets.CGIServlet is privileged and cannot be loaded by this web application How do I get around this issue? Please advise. Thanks for reading. Thank you, Joe Our Tomcat's server.xml file has two Virtual Hosts defined: Host name=localhost appBase=webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false /Host Host name=ourwebsite.com appBase=/home/hosts/ourwebsite/webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Aliaswww.ourwebsite.com/Alias /Host /home/hosts/ourwebsiet/webapps/ROOT/META-INF/context.xml file is as follows: ?xml version=1.0 encoding=UTF-8? Context privileged=true loader delegate=false / ResourceLink global=jdbc/MySQLDatabase name=jdbc/MySQLDatabase type=javax.sql.DataSource / /Context - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Enabling CGIServlet causes SecurityException in Tomat 6
I moved the CGI servlet mapping from tomcat/conf/web.xml to /home/hosts/ourwebsite/webapps/ROOT/WEB-INF/web.xml and that did the trick! I figured that the privileged=true in Context.xml applies only to that particular web application and hence I need to move the Servlet Mapping to the webapplication's web.xml file. Thanks, Joe On Wed, Jun 2, 2010 at 5:07 PM, Joe Hansen joe.hansen...@gmail.com wrote: Hey All, We are using Tomcat 6 on a RedHat box. Today I installed AWStats and AWStats needs CGI. So I enabled the CGIServlet in the Tomcat's web.xml file. When I restarted Tomcat, I got the following error message: SEVERE: Error deploying web application directory docs java.lang.SecurityException: Servlet of class org.apache.catalina.servlets.CGIServlet is privileged and cannot be loaded by this web application How do I get around this issue? Please advise. Thanks for reading. Thank you, Joe Our Tomcat's server.xml file has two Virtual Hosts defined: Host name=localhost appBase=webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false /Host Host name=ourwebsite.com appBase=/home/hosts/ourwebsite/webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Aliaswww.ourwebsite.com/Alias /Host /home/hosts/ourwebsiet/webapps/ROOT/META-INF/context.xml file is as follows: ?xml version=1.0 encoding=UTF-8? Context privileged=true loader delegate=false / ResourceLink global=jdbc/MySQLDatabase name=jdbc/MySQLDatabase type=javax.sql.DataSource / /Context - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Log4j logging doesn't work when a web application is moved outside Tomcat/webapps directory
Mark, Chuck, Andre, and Charles, You guys rock! Mark, I followed your recommendations and 1. I copied the virtual host webapps directories outside Tomcat. c:/hosts/abc.local/webapps c:/hosts/xyz.local/webapps 2. Copied the manager.xml to Tomcat/conf/Catalina/abc.local and Tomcat/conf/Catalina/xyz.local. Also copied the manager web application to c:/hosts/abc.local/webapps and c:/hosts/xyz.local/webapps 3. I commented the following segment from abc.local/ROOT/WEB-INF/web.xml file !-- listener listener-classorg.springframework.web.util.Log4jConfigListener/listener-class /listener context-param param-namelog4jConfigLocation/param-name param-value/WEB-INF/classes/log4j.properties/param-value /context-param context-param param-namelog4jExposeWebAppRoot/param-name param-valuefalse/param-value /context-param -- 4. Removed log4j.jar from Tomcat/lib directory and copied it to abc.local/webapps/ROOT/WEB-INF/lib and xyz.local/webapps/ROOT/WEB-INF/lib I then restarted Tomcat. This DID NOT solve the issue complete though. The MOST IMPORTANT step was to move all jar files EXCEPT THE FOLLOWING jar files to WEB-INF/lib directory from Tomcat/lib directory: annotations-api.jar catalina.jar catalina-*.jar commons-dbcp.jar commons-pool.jar el-api.jar jasper*.jar jsp-api.jar mail.jar servlet-api.jar tomcat*.jar DATABASE-DRIVERS.jar As previously thought, the Quartz jobs (that run every one hour) were not part of the problem! I could not have resolved this issue without your contribution! I am very grateful for your kind help. :) Thank you all! - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Log4j logging doesn't work when a web application is moved outside Tomcat/webapps directory
Hey all, We are using Tomcat 6 on a Windows XP box. We have a web application named abc. It was initially in the c:\Tomcat\webapps directory. I then moved the c:\Tomcat\webapps\abc directory to c:\Tomcat\abc. I then changed the Tomcat/conf/server.xml file to reflect this change... Host name=abc.local appBase=abc unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Context path= docBase= ResourceLink global=jdbc/MySqlDatabase name=jdbc/MySqlDatabase type=javax.sql.DataSource / /Context /Host Though the web application itself works fine, the web application logging no longer works after this change! How do I get the log4j logging to work again? Please advice! Thank you, Joe log4j-1.2.15.jar file is in c:\Tomcat\lib directory log4j.properties file is in c:\Tomcat\abc\WEB-INF\classes directory /* Here's the c:\Tomcat\abc\WEB-INF\classes\log4j.properties directory */ log4j.rootLogger=INFO, A2 log4j.appender.A2=org.apache.log4j.RollingFileAppender log4j.appender.A2.layout=org.apache.log4j.PatternLayout log4j.appender.A2.layout.ConversionPattern=%d{ MMM dd / HH:mm:ss} %-5p - [%c] : %m %n log4j.appender.A2.File=c:/Tomcat6/logs/abc.log log4j.appender.A2.MaxFileSize=100KB log4j.appender.A2.MaxBackupIndex=4 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Log4j logging doesn't work when a web application is moved outside Tomcat/webapps directory
Thank you for the super quick reply Mark! We are using Java Spring. The reason for moving the web application out of the webapps directory was that the Spring Context Loader was loading twice. First because its in the webapps directory. Secondly, because it is being referred to by the Host entry in the server.xml file. So how do I keep the web application out of Tomcat/webapps directory make the docBase different from the appBase? Or is there a way to keep the web application in the Tomcat/webapps directory and NOT have Spring Context Loader load twice. Please advice. Thanks, Joe On Tue, May 4, 2010 at 10:36 AM, Mark Thomas ma...@apache.org wrote: On 04/05/2010 17:32, Joe Hansen wrote: Hey all, We are using Tomcat 6 on a Windows XP box. We have a web application named abc. It was initially in the c:\Tomcat\webapps directory. I then moved the c:\Tomcat\webapps\abc directory to c:\Tomcat\abc. I then changed the Tomcat/conf/server.xml file to reflect this change... Host name=abc.local appBase=abc unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Context path= docBase= ResourceLink global=jdbc/MySqlDatabase name=jdbc/MySqlDatabase type=javax.sql.DataSource / /Context /Host Though the web application itself works fine, the web application logging no longer works after this change! How do I get the log4j logging to work again? Please advice! Put the web application back where it belongs. docBase==appBase is *not* a valid configuration. As you have seen, things break if you do that. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Log4j logging doesn't work when a web application is moved outside Tomcat/webapps directory
Mark, Here's the server.xml before moving abc out of the webapps directory: ?xml version='1.0' encoding='utf-8'? Server port=8005 shutdown=SHUTDOWN Listener className=org.apache.catalina.core.AprLifecycleListener SSLEngine=on / Listener className=org.apache.catalina.core.JasperListener / Listener className=org.apache.catalina.mbeans.ServerLifecycleListener / Listener className=org.apache.catalina.mbeans.GlobalResourcesLifecycleListener / GlobalNamingResources Resource name=UserDatabase auth=Container type=org.apache.catalina.UserDatabase description=User database that can be updated and saved factory=org.apache.catalina.users.MemoryUserDatabaseFactory pathname=conf/tomcat-users.xml / /GlobalNamingResources Service name=Catalina Connector port=8080 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=8443 / Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=false sslProtocol=TLS / Connector port=8009 protocol=AJP/1.3 redirectPort=443 / Engine name=Catalina defaultHost=localhost Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ Host name=localhost appBase=webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false /Host Host name=abc.local appBase=webapps/abc unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Context path= docBase= /Context /Host /Engine /Service /Server On Tue, May 4, 2010 at 10:53 AM, Mark Thomas ma...@apache.org wrote: On 04/05/2010 17:43, Joe Hansen wrote: Thank you for the super quick reply Mark! We are using Java Spring. The reason for moving the web application out of the webapps directory was that the Spring Context Loader was loading twice. First because its in the webapps directory. Secondly, because it is being referred to by the Host entry in the server.xml file. So how do I keep the web application out of Tomcat/webapps directory make the docBase different from the appBase? Or is there a way to keep the web application in the Tomcat/webapps directory and NOT have Spring Context Loader load twice. What was your server.xml before you moved it? Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Log4j logging doesn't work when a web application is moved outside Tomcat/webapps directory
Thanks for the reply, Mark. You made me understand the mess I have created. I have written two web applications abc and xyz. I have mapped abc.local and xyz.local to my machine's IP Address in my Windows HOST file. So when I visit http://abc.local, I would want the abc web application to be accessed. When I visit http://xyz.local, I would want the xyz web application to be accessed. This is what I have been trying to achieve. Apparently I have been doing this the wrong way. Looks like I have some reading to do! Will post back after I read some Tomcat documentation. Thanks again! Joe On Tue, May 4, 2010 at 11:13 AM, Mark Thomas ma...@apache.org wrote: On 04/05/2010 17:59, Joe Hansen wrote: Mark, Here's the server.xml before moving abc out of the webapps directory: Host name=abc.local appBase=webapps/abc unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Context path= docBase= /Context /Host And therein lies the problem. docBase= is not valid. Currently, your app is deployed once under localhost with context path /abc and is partially deployed under abc.local with context path . Additionally, every directory under webapps/abc will be deployed as a web application under abc.local Quite a mess. What is it you are trying to achieve? Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Log4j logging doesn't work when a web application is moved outside Tomcat/webapps directory
Many Thanks for the link Chuck! Here's what I did. 1. Created a directory named c:\Tomcat\abc\ROOT. 2. Moved the previous contents of c:\Tomcat\webapps\abc to c:\Tomcat\abc\ROOT directory. 3. Created c:\Tomcat\abc\ROOT\META-INF\context.xml. Here's that file. ?xml version=1.0 encoding=UTF-8? Context ResourceLink global=jdbc/ProgressDatabase name=jdbc/ProgressDatabase type=javax.sql.DataSource / /Context 4. Changed c:\Tomcat\conf\server.xml to Host name=localhost appBase=webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false /Host Host name=abc.local appBase=abc unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false /Host End Result is: 1. Spring Context loader is loaded only once (Great!). 2. But the web application logging is working wierdly.The log entries are written to c:\Tomcat\logs\xyz.log (i.e. the xyz web application's log) instead of writing to c:\Tomcat\logs\abc.log. . Here's the c:\Tomcat\abc\ROOT\WEB-INF\classes\log4j.properties file. log4j.rootLogger=INFO, A2 log4j.appender.A2=org.apache.log4j.RollingFileAppender log4j.appender.A2.layout=org.apache.log4j.PatternLayout log4j.appender.A2.layout.ConversionPattern=%d{ MMM dd / HH:mm:ss} %-5p - [%c] : %m %n log4j.appender.A2.File=c:/Tomcat6/logs/trestlewood.log log4j.appender.A2.MaxFileSize=100KB log4j.appender.A2.MaxBackupIndex=4 Please advise! Thank you! Joe On Tue, May 4, 2010 at 11:30 AM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Joe Hansen [mailto:joe.hansen...@gmail.com] Subject: RE: Log4j logging doesn't work when a web application is moved outside Tomcat/webapps directory Looks like I have some reading to do! Will post back after I read some Tomcat documentation. Start here: http://tomcat.apache.org/tomcat-6.0-doc/virtual-hosting-howto.html - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Log4j logging doesn't work when a web application is moved outside Tomcat/webapps directory
Thanks Andre and Chuck. Andre, I renamed Tomcat/abc/ to Tomcat/webapps-abc/ to keep the naming consistent. The directory structure that you've advocated is exactly the same as the one Chuck told me. And I have implemented that. However, logging is still an issue. One webapp's log4j seems to stomp over other webapp's log files. What could I be doing wrong? Here are the log4j configuration files: /* c:\Tomcat\webapps-abc\ROOT\WEB-INF\classes\log4j.properties */ log4j.rootLogger=INFO, A1 log4j.appender.A1=org.apache.log4j.RollingFileAppender log4j.appender.A1.layout=org.apache.log4j.PatternLayout log4j.appender.A1.layout.ConversionPattern=%d{ MMM dd / HH:mm:ss} %-5p - [%c] : %m %n log4j.appender.A1.File=c:/Tomcat/logs/abc.log log4j.appender.A1.MaxFileSize=100KB log4j.appender.A1.MaxBackupIndex=4 /* c:\Tomcat\webapps-xyz\ROOT\WEB-INF\classes\log4j.properties */ log4j.rootLogger=INFO, A2 log4j.appender.A2=org.apache.log4j.RollingFileAppender log4j.appender.A2.layout=org.apache.log4j.PatternLayout log4j.appender.A2.layout.ConversionPattern=%d{ MMM dd / HH:mm:ss} %-5p - [%c] : %m %n log4j.appender.A2.File=c:/Tomcat/logs/xyz.log log4j.appender.A2.MaxFileSize=100KB log4j.appender.A2.MaxBackupIndex=4 According to the following link, http://stackoverflow.com/questions/217929/problem-with-commons-logging-log4j-setup-in-spring-webapp-with-tomcat-6 If you have multiple webapps on the server, then you'll need discipline that each webapp's log initialization does not stomp on the initialization of other webapps. Each webapp will need to use unique Logger IDs, which can be accomplished with unique package names. Thank you! Joe - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Log4j logging doesn't work when a web application is moved outside Tomcat/webapps directory
Chuck, Initially I placed log4j-1.2.15.jar in the c:\Tomcat\lib directory only. This resulted in abc webapp logging in the c:\Tomcat\logs\xyz.log file. When I copied the log4j-1.2.15.jar to c:\Tomcat\webapps-abc\ROOT\WEB-INF\lib and c:\Tomcat\webapps-xyz\ROOT\WEB-INF\lib directories, it created empty abc.log and xyz.log files. When I delete c:\Tomcat\lib\log4j-1.2.15.jar, I get Tomcat startup errors (NoClassDefFoundError: org/apache/log4j/Category). Also empty abc.log and xyz.log files are created. Joe On Tue, May 4, 2010 at 3:20 PM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Joe Hansen [mailto:joe.hansen...@gmail.com] Subject: Re: Log4j logging doesn't work when a web application is moved outside Tomcat/webapps directory However, logging is still an issue. One webapp's log4j seems to stomp over other webapp's log files. What could I be doing wrong? Where is your log4j.jar located? You should have one copy in each webapp's WEB-INF/lib directory. If you've placed log4j.jar in a common location, I think it will use the properties of the first webapp that references it for all the webapps. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Log4j logging doesn't work when a web application is moved outside Tomcat/webapps directory
Chuck, There are common classes in Tomcat/lib/ but they don't attempt to do any logging. However, the abc Spring Web application does initialize a Quartz object which runs once every hour and does some logging. I don't know if that has any implications. Thanks, Joe Here's the stack trace from catalina.log file... INFO: Initializing log4j from [C:\Tomcat6\webapps-abc\ROOT\WEB-INF\classes\log4j.properties] May 4, 2010 4:06:53 PM org.apache.catalina.core.StandardContext listenerStart SEVERE: Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener java.lang.ExceptionInInitializerError at org.springframework.web.context.ContextLoaderListener.createContextLoader(ContextLoaderListener.java:53) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:44) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3934) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4429) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:526) at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:630) at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:556) at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:491) at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1206) at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:314) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053) at org.apache.catalina.core.StandardHost.start(StandardHost.java:722) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443) at org.apache.catalina.core.StandardService.start(StandardService.java:516) at org.apache.catalina.core.StandardServer.start(StandardServer.java:710) at org.apache.catalina.startup.Catalina.start(Catalina.java:583) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413) Caused by: org.apache.commons.logging.LogConfigurationException: org.apache.commons.logging.LogConfigurationException: No suitable Log constructor [Ljava.lang.Class;@20f443 for org.apache.commons.logging.impl.Log4JLogger (Caused by java.lang.NoClassDefFoundError: org/apache/log4j/Category) (Caused by org.apache.commons.logging.LogConfigurationException: No suitable Log constructor [Ljava.lang.Class;@20f443 for org.apache.commons.logging.impl.Log4JLogger (Caused by java.lang.NoClassDefFoundError: org/apache/log4j/Category)) at org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:543) at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:235) at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:209) at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:351) at org.springframework.web.context.ContextLoader.clinit(ContextLoader.java:146) ... 26 more Caused by: org.apache.commons.logging.LogConfigurationException: No suitable Log constructor [Ljava.lang.Class;@20f443 for org.apache.commons.logging.impl.Log4JLogger (Caused by java.lang.NoClassDefFoundError: org/apache/log4j/Category) at org.apache.commons.logging.impl.LogFactoryImpl.getLogConstructor(LogFactoryImpl.java:413) at org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:529) ... 30 more Caused by: java.lang.NoClassDefFoundError: org/apache/log4j/Category at java.lang.Class.getDeclaredConstructors0(Native Method) at java.lang.Class.privateGetDeclaredConstructors(Unknown Source) at java.lang.Class.getConstructor0(Unknown Source) at java.lang.Class.getConstructor(Unknown Source) at org.apache.commons.logging.impl.LogFactoryImpl.getLogConstructor(LogFactoryImpl.java:410) ... 31 more Here's the stack trace from localhost.log file... INFO: Initializing log4j from [C:\Tomcat6\webapps-xyz\ROOT\WEB-INF\classes\log4j.properties] May 4, 2010 4:06:54 PM org.apache.catalina.core.StandardContext listenerStart SEVERE: Exception
Re: Log4j logging doesn't work when a web application is moved outside Tomcat/webapps directory
Thanks for the reply, Charles! When commons-logging.jar is present in Tomcat/lib and WEB-INF/lib directories, I get the following error : Invalid class loader hierarchy. You have more than one version of 'org.apache.commons.logging.Log' visible, which is not allowed. Here's the complete stack trace: 2010 May 04 / 16:28:34 ERROR - [org.springframework.web.context.ContextLoader] : Context initialization failed org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.scheduling.quartz.SchedulerFactoryBean#0' defined in ServletContext resource [/WEB-INF/abc-jdbc.xml]: Invocation of init method failed; nested exception is org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [org.quartz.impl.StdSchedulerFactory]: Constructor threw exception; nested exception is org.apache.commons.logging.LogConfigurationException: org.apache.commons.logging.LogConfigurationException: org.apache.commons.logging.LogConfigurationException: Invalid class loader hierarchy. You have more than one version of 'org.apache.commons.logging.Log' visible, which is not allowed. (Caused by org.apache.commons.logging.LogConfigurationException: Invalid class loader hierarchy. You have more than one version of 'org.apache.commons.logging.Log' visible, which is not allowed.) (Caused by org.apache.commons.logging.LogConfigurationException: org.apache.commons.logging.LogConfigurationException: Invalid class loader hierarchy. You have more than one version of 'org.apache.commons.logging.Log' visible, which is not allowed. (Caused by org.apache.commons.logging.LogConfigurationException: Invalid class loader hierarchy. You have more than one version of 'org.apache.commons.logging.Log' visible, which is not allowed.)) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1338) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:473) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409) at java.security.AccessController.doPrivileged(Native Method) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164) at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:423) at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:728) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:380) at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:255) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:199) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:45) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3934) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4429) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:526) at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:630) at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:556) at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:491) at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1206) at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:314) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053) at org.apache.catalina.core.StandardHost.start(StandardHost.java:722) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045) at
Re: Log4j logging doesn't work when a web application is moved outside Tomcat/webapps directory
Chuck, please note that when commons-logging.jar is present only in the WEB-INF/lib directory, I get the following error: java.lang.NoClassDefFoundError: org/apache/commons/logging/LogFactory So, either I get a) Invalid class loader hierarchy. You have more than one version of 'org.apache.commons.logging.Log' visible, which is not allowed. or b) java.lang.NoClassDefFoundError: org/apache/commons/logging/LogFactory I am really stumped. I even tried the following: Context loader delegate=“false”/ /Context which the following link recommends. http://www.richardrauser.com/index.php/2009/09/02/log4j-multiple-web-apps-common-lib-logging/ But that doesn't solve my issue. Thanks, Joe On Tue, May 4, 2010 at 4:58 PM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Joe Hansen [mailto:joe.hansen...@gmail.com] Subject: Re: Log4j logging doesn't work when a web application is moved outside Tomcat/webapps directory When commons-logging.jar is present in Tomcat/lib and WEB-INF/lib directories, I get the following error : As you should. As Chris said, put everything (including the spring jars) in each webapp's WEB-INF/lib directory, and as little as possible (preferably nothing) in Tomcat's lib directory. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Log4j logging doesn't work when a web application is moved outside Tomcat/webapps directory
This thread has grown too long. For anyone following this thread, here's the summary: Two web applications, each with a Virtual Host entry in server.xml file. Tomcat/webapps-abc Tomcat/webapps-xyz These two web applications have different log4j.properties files. These log4j property files log to different log files (Tomcat/logs/abc.log and Tomcat/logs/xyz.log). Tomcat/webapps-abc/ROOT/WEB-INF/classes/log4j.properties Tomcat/webapps-xyz/ROOT/WEB-INF/classes/log4j.properties The web applications abc and xyz using Java Commons Logging API (Log and LogFactory classes) to perform logging. Scenario 1: log4j.jar is in Tomcat/lib directory log4j.jar is NOT in WEB-INF/lib directories Result: abc webapp's log entries are written to xyz.log file Scenario 2: log4j.jar is NOT in Tomcat/lib directory log4j.jar is in WEB-INF/lib directories Result: ClassNotFoundError in Tomcat/logs/catalina.log files Scenario 3: log4j.jar is in Tomcat/lib directory log4j.jar is in WEB-INF/lib directories Result: Empty abc.log and xyz.log files. Here's the relevant portion of the webapps-abc/ROOT/WEB-INF/web.xml file: listener listener-classorg.springframework.web.util.Log4jConfigListener/listener-class /listener context-param param-namelog4jConfigLocation/param-name param-value/WEB-INF/classes/log4j.properties/param-value /context-param context-param param-namelog4jExposeWebAppRoot/param-name param-valuefalse/param-value /context-param listener listener-classorg.springframework.web.context.ContextLoaderListener/listener-class /listener webapps-xyz/ROOT/WEB-INF/web.xml file looks just the same /* webapps-abc/ROOT/WEB-INF/classes/log4j.properties */ log4j.rootLogger=INFO, A2 log4j.appender.A2=org.apache.log4j.RollingFileAppender log4j.appender.A2.layout=org.apache.log4j.PatternLayout log4j.appender.A2.layout.ConversionPattern=%d{ MMM dd / HH:mm:ss} %-5p - [%c] : %m %n log4j.appender.A2.File=c:/Tomcat6/logs/abc.log log4j.appender.A2.MaxFileSize=100KB log4j.appender.A2.MaxBackupIndex=4 /* webapps-xyz/ROOT/WEB-INF/classes/log4j.properties */ log4j.rootLogger=INFO, A1 log4j.appender.A1=org.apache.log4j.RollingFileAppender log4j.appender.A1.layout=org.apache.log4j.PatternLayout log4j.appender.A1.layout.ConversionPattern=%d{ MMM dd / HH:mm:ss} %-5p - [%c] : %m %n log4j.appender.A1.File=c:/Tomcat6/logs/xyz.log log4j.appender.A1.MaxFileSize=100KB log4j.appender.A1.MaxBackupIndex=4 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Re-deploying a war file - RESOLVED
-Original Message- After reading the Tomcat 6.0 User Guide, Section 4, Deployer -Deploying on a running war Tomcat I expected to be able to just drop the updated war file into the web apps folder, overwriting the old war file of the same name and it would automatically replace the previously exploded war with the new. The document says, 'If the Host autoDeploy attribute is true, the Host will attempt to deploy and update web applications dynamically, as needed, for example if a new .WAR is dropped into the appBase. For this to work, the Host needs to have background processing enabled which is the default configuration'. I could not get this to happen. The new war would not re-deploy while Tomcat was running and would not re-deploy after restarting Tomcat. I needed to set the Host attribute autoDeploy=true in the server.xml Setting the Context attribute reloadable=true also works but is Not recommended for use on deployed production applications Context reloadable=true antiJARLocking=true unpackWARs=true Realm appName=xxWeb className=org.apache.catalina.realm.JAASRealm debug=99 userClassNames=Webxx.LoginPrincipal allRolesMode=strictAuthOnly / /Context Tomcat Configuration Reference, Context section link to Automatic Application Deployment where I read the following, 'If you redeploy an updated WAR file, be sure to delete the expanded directory when restarting Tomcat, so that the updated WAR file will be re-expanded (note that the auto deployer, if enabled, will automatically expand the updated WAR file once the previously expanded directory is removed).' This also works Joe - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Re-deploying a war file
From \conf\Catalina\localhost appName.xml Context reload=true antiJARLocking=true unpackWARs=true Realm appName=xxWeb className=org.apache.catalina.realm.JAASRealm debug=99 userClassNames=Webxx.LoginPrincipal allRolesMode=strictAuthOnly / /Context From \conf server.xml Service name=Catalina !--The connectors can use a shared executor, you can define one or more named thread pools-- !-- Executor name=tomcatThreadPool namePrefix=catalina-exec- maxThreads=150 minSpareThreads=4/ -- !-- A Connector represents an endpoint by which requests are received and responses are returned. Documentation at : Java HTTP Connector: /docs/config/http.html (blocking non-blocking) Java AJP Connector: /docs/config/ajp.html APR (HTTP/AJP) Connector: /docs/apr.html Define a non-SSL HTTP/1.1 Connector on port 8080 -- Connector port=8102 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=443 / !-- A Connector using the shared thread pool-- !-- Connector executor=tomcatThreadPool port=8080 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=8443 / -- !-- Define a SSL HTTP/1.1 Connector on port 8443 This connector uses the JSSE configuration, when using APR, the connector should be using the OpenSSL style configuration described in the APR documentation -- !-- Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=false sslProtocol=TLS / -- !-- Define an AJP 1.3 Connector on port -- Connector port=8109 protocol=AJP/1.3 redirectPort=443 / !-- An Engine represents the entry point (within Catalina) that processes every request. The Engine implementation for Tomcat stand alone analyzes the HTTP headers included with the request, and passes them on to the appropriate Host (virtual host). Documentation at /docs/config/engine.html -- !-- You should set jvmRoute to support load-balancing via AJP ie : Engine name=Catalina defaultHost=localhost jvmRoute=jvm1 -- Engine name=Catalina defaultHost=localhost !--For clustering, please take a look at documentation at: /docs/cluster-howto.html (simple how to) /docs/config/cluster.html (reference documentation) -- !-- Cluster className=org.apache.catalina.ha.tcp.SimpleTcpCluster/ -- !-- The request dumper valve dumps useful debugging information about the request and response data received and sent by Tomcat. Documentation at: /docs/config/valve.html -- !-- Valve className=org.apache.catalina.valves.RequestDumperValve/ -- !-- This Realm uses the UserDatabase configured in the global JNDI resources under the key UserDatabase. Any edits that are performed against this UserDatabase are immediately available for use by the Realm. -- Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ !-- Define the default virtual host Note: XML Schema validation will not work with Xerces 2.2. -- Host name=localhost appBase=webapps unpackWARs=true xmlValidation=false xmlNamespaceAware=false !-- SingleSignOn valve, share authentication between web applications Documentation at: /docs/config/valve.html -- !-- Valve className=org.apache.catalina.authenticator.SingleSignOn / -- !-- Access log processes all example. Documentation at: /docs/config/valve.html -- !-- Valve className=org.apache.catalina.valves.AccessLogValve directory=logs prefix=localhost_access_log. suffix=.txt pattern=common resolveHosts=false/ -- /Host /Engine /Service -Original Message- From: Pid [mailto:p...@pidster.com] Sent: Thursday, February 11, 2010 5:17 PM To: Tomcat Users List Subject: Re: Re-deploying a war file On 10/02/2010 16:31, Joe Wallace wrote: I have been working with Tomcat 6.0.20 running as a windows service for about a year. I update the application war file every few months. OK. After reading the Tomcat 6.0 User Guide, Section 4, Deployer -Deploying on a running war Tomcat I expected to be able to just drop the updated war file into the web apps folder, overwriting the old war file of the same name and it would automatically replace the previously exploded war with the new. Yep. The document says, 'If the Host autoDeploy attribute is true, the Host will attempt to deploy and update web applications dynamically, as needed, for example if a new .WAR is dropped into the appBase. For this to work, the Host needs to have
Re-deploying a war file
I have been working with Tomcat 6.0.20 running as a windows service for about a year. I update the application war file every few months. After reading the Tomcat 6.0 User Guide, Section 4, Deployer -Deploying on a running war Tomcat I expected to be able to just drop the updated war file into the web apps folder, overwriting the old war file of the same name and it would automatically replace the previously exploded war with the new. The document says, 'If the Host autoDeploy attribute is true, the Host will attempt to deploy and update web applications dynamically, as needed, for example if a new .WAR is dropped into the appBase. For this to work, the Host needs to have background processing enabled which is the default configuration'. I could not get this to happen. The new war would not re-deploy while Tomcat was running and would not re-deploy after restarting Tomcat. I then read the Tomcat Configuration Reference, Context section and followed the link to Automatic Application Deployment where I read the following, 'If you redeploy an updated WAR file, be sure to delete the expanded directory when restarting Tomcat, so that the updated WAR file will be re-expanded (note that the auto deployer, if enabled, will automatically expand the updated WAR file once the previously expanded directory is removed).' I tried this and it does exactly what I wanted, so that is what I have been doing. Can someone enlighten me on my confusion between the two sets of instructions. Joe
Help with security-constraint in web.xml
Hey all, We are using Tomcat 6.0 / Apache 2.2. We would like the user to login over HTTPS rather than plain HTTP. So, I have defined the following security-constraint in the web.xml file of our web application: security-constraint display-nameLogin/display-name web-resource-collection web-resource-nameLogin/web-resource-name url-pattern/spring_security_login/url-pattern http-methodGET/http-method http-methodPOST/http-method /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint When a user clicks on the login link a href=/spring_security_loginLogin/a, he/she is redirected to the following URL and the browser shows an Unable to connect error: https://ourwebsite.com:8443/spring_security_login What do I need to do so that the user is directed to https://ourwebsite.com/spring_security_login instead (which, displays the login page correctly). i.e. I do not want a port number in the URL. Please advise. Thank you! Joe - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Help with security-constraint in web.xml
Thanks for the super quick reply, Chuck! Here's what I did. I changed the redirectPort on the following two Connector elements. From 8443 to 443. And that did the trick. /* Previously */ Connector port=8080 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=8443 / Connector port=8009 protocol=AJP/1.3 redirectPort=8443 / /* Currently */ Connector port=8080 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=443 / Connector port=8009 protocol=AJP/1.3 redirectPort=443 / You were saying that I should handle the forced HTTPS redirection of certain pages on the httpd end, right? Can you please elaborate on how to do it or give me pointers on how it could be done? Thank you!! Joe On Mon, Jan 4, 2010 at 2:57 PM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Joe Hansen [mailto:joe.hansen...@gmail.com] Subject: Help with security-constraint in web.xml What do I need to do so that the user is directed to https://ourwebsite.com/spring_security_login instead Fix the redirectPort attribute in your Connector elements in conf/server.xml. BTW, since you are front-ending Tomcat with httpd, it would be more efficient to have httpd handle the SSL stuff, and let Tomcat see the requests in plain text - assuming you have a secure connection between httpd and Tomcat. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Help with security-constraint in web.xml
Changing the redirectPort to 443 on both the Connectors (HTTP/1.1 and AP/1.3) did redirect /spring_security_login to https://mywebsite.com/spring_security_login. However, when I enter the login credentials and submit the form, nothing happens. Somehow changing the redirectPort seems to have broken the login form. I'm sure there must be a simple explanation. Chuck, please help me out!! Thank you, Joe On Mon, Jan 4, 2010 at 3:25 PM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Joe Hansen [mailto:joe.hansen...@gmail.com] Subject: Re: Help with security-constraint in web.xml Only a couple of pages need to be served on HTTPS on our website. All the remaining pages could be accessed using just HTTP. Then I'd use what you've got and not try to optimize what isn't a bottleneck. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Help with security-constraint in web.xml
Chuck, I just forgot to enable the HTTPS Connector! Login form is working now over https. Connector port=8080 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=8443 / Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=false sslProtocol=TLS / Connector port=8009 protocol=AJP/1.3 redirectPort=443 / Many thanks for your help. You saved my day. Thanks, Joe On Mon, Jan 4, 2010 at 4:06 PM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Joe Hansen [mailto:joe.hansen...@gmail.com] Subject: Re: Help with security-constraint in web.xml However, when I enter the login credentials and submit the form, nothing happens. Somehow changing the redirectPort seems to have broken the login form. Turn on the AccessLogValve to see what's reaching Tomcat. Are you using httpd for anything useful? If all it's doing is forwarding requests to Tomcat, get rid of httpd and let Tomcat handle everything directly. If you are using httpd for something else (e.g., PHP), it's possible the routing is not configured properly. That's outside my experience, so someone else will need to help. Start by posting your httpd config and server.xml in a new thread so a new set of eyes can look at it. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SessionID cookie not secure over SSL
From Firefox Live HTTP Headers Set-Cookie: JSESSIONID=B4F06784FE4EAA0A7C9830BBF86D85B4; Path=/inetwork; Secure Location: https://216.94.100.154/inetwork/Start.jsp H. That looks like it is secure My filter is getting this. Cookie0 name= JSESSIONID Cookie0 value= B4F06784FE4EAA0A7C9830BBF86D85B4 Cookie0 isSecure = false Filter code HttpServletRequest httpReq = (HttpServletRequest)req; HttpServletResponse httpResp = (HttpServletResponse)res; System.out.println (http request is secure = + httpReq.isSecure()); Cookie[] c ; c = httpReq.getCookies(); if(c != null) { for (int i = 0; i c.length; i++) { System.out.println( Cookie + i + name= + c[i].getName()); System.out.println( Cookie + i + value= + c[i].getValue()); System.out.println( Cookie + i + isSecure= + c[i].getSecure()); } } JW -Original Message- From: Pid [mailto:p...@pidster.com] Sent: Wednesday, October 28, 2009 9:52 AM To: Tomcat Users List Subject: Re: SessionID cookie not secure over SSL On 27/10/2009 22:31, Joe Wallace wrote: André Warnier wrote: Am I mistaken then to think that since the connection B from IIS to Tomcat is not over HTTPS but over AJP, Tomcat has no idea that HTTPS is being used ? Whatever consequences this has in the context (and which are beyond my expertise). Andre, I guess that is the question. The filter I have in Tomcat calls request.isSecure(). This returns true. (All requests have been using https) What steps are you taking to ensure this is the case? How are you enforcing HTTPS, are you using a transport-guaranteeCONFIDENTIAL/transport-guarantee? Under the general category of asking the obvious, can you clear all existing cookies and then use Firebug/LiveHTTPHeaders in Firefox (or the browser of your choice) to see exactly when the first Set-Cookie header occurs? p If when tomcat does this. if(request.isSecure()) cookie.setSecure(true); A call to cookie.getSecure should return true. But the same filter that returns true for request.isSecure() calls Cookie.getSecure() and it returns false. Joe -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Tuesday, October 27, 2009 5:11 PM To: Tomcat Users List Subject: Re: SessionID cookie not secure over SSL Joe Wallace wrote: -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Tuesday, October 27, 2009 4:48 PM To: Tomcat Users List Subject: Re: SessionID cookie not secure over SSL Joe Wallace wrote: I am using session cookies to track sessions. I am used to Jrun where you would specifically set the cookie to be sent only over SSL or https. This was not thedefault setting. I want users to connect to my web site using https then they might click a link on one of my web pages whose protocal is not secure. What is thebehavior of the JSESSIONID cookie in this situation. Joe, 1) assuming your setup is browsers-- IIS-- Tomcat A B which portion(s) is(/are) using HTTPS ? A ? B ? both ? 2) secure is an attribute of a cookie, written inside of the cookie by the server creating the cookie in the first place. If set, it has as consequence that a browser will only send it back to the original server with subsequent requests, if these subsequent requests happen over a HTTPS connection. In other words, if you set the secure attribute on the JSESSIONID cookie, because for instance your initial request happens over HTTPS, then you switch to a non-HTTPS part of the site, the browser is probably no longer going to send this cookie back to the server. In other words, you will, for practical purposes, lose your session. Not so, gurus ? Portion A is using IIS. IIS holds the SSL cert. I am using AJP 1.3 connector for IIS It is defined in the Tomcat Server.xml !-- Define an AJP 1.3 Connector on port -- Connector port=8109 protocol=AJP/1.3 redirectPort=443 / Am I mistaken then to think that since the connection B from IIS to Tomcat is not over HTTPS but over AJP, Tomcat has no idea that HTTPS is being used ? Whatever consequences this has in the context (and which are beyond my expertise). - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SessionID cookie not secure over SSL
OK. Thanks to all. Joe -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Wednesday, October 28, 2009 12:40 PM To: Tomcat Users List Cc: p...@pidster.com Subject: Re: SessionID cookie not secure over SSL -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe, On 10/28/2009 11:55 AM, Joe Wallace wrote: From Firefox Live HTTP Headers Set-Cookie: JSESSIONID=B4F06784FE4EAA0A7C9830BBF86D85B4; Path=/inetwork; Secure Location: https://216.94.100.154/inetwork/Start.jsp H. That looks like it is secure Yup. My filter is getting this. Cookie0 name= JSESSIONID Cookie0 value= B4F06784FE4EAA0A7C9830BBF86D85B4 Cookie0 isSecure = false Aah, I see the problem: the cookie /is/ secure, but the browser doesn't provide the secure flag when making a request, so the server has no idea whether the cookie is in secure mode or not. Rest assured that the browser will only send this cookie when using HTTPS. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkroc8YACgkQ9CaO5/Lv0PBDwwCff52b5PurVJoC36Tikz+0THoa y/sAmQHuRxFS3CWFPTFiNxjwYrejYq0E =UOKF -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
SessionID cookie not secure over SSL
Is there a setting in Tomcat 6.0.2 to make the SessionID cookie secure when created over https when using AJP 1.3 connector for IIS? JW
RE: SessionID cookie not secure over SSL
I have a filter that calls Cookie.getName and Cookie.getSecure JSESSIONID returns false even when the connection is always https. Tomcat version is 6.0.20. JW -Original Message- From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Sent: Tuesday, October 27, 2009 3:04 PM To: Tomcat Users List Subject: RE: SessionID cookie not secure over SSL From: Joe Wallace [mailto:j...@andar360.com] Subject: SessionID cookie not secure over SSL Is there a setting in Tomcat 6.0.2 Are you really using a version of Tomcat that old (Nov 2006)? to make the SessionID cookie secure when created over https when using AJP 1.3 connector for IIS? What makes you think the cookie isn't being encrypted along with everything else sent over HTTPS? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SessionID cookie not secure over SSL
I am using session cookies to track sessions. I am used to Jrun where you would specifically set the cookie to be sent only over SSL or https. This was not the default setting. I want users to connect to my web site using https then they might click a link on one of my web pages whose protocal is not secure. What is the behavior of the JSESSIONID cookie in this situation. JW -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Tuesday, October 27, 2009 3:42 PM To: Tomcat Users List Subject: Re: SessionID cookie not secure over SSL -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe, (Can you fix your emailer to include thread-ids when replying to the list? Your replies are not properly threaded, here.) On 10/27/2009 4:12 PM, Joe Wallace wrote: I have a filter that calls Cookie.getName and Cookie.getSecure JSESSIONID returns false even when the connection is always https. Tomcat version is 6.0.20. If your cookie was created in HTTP mode, then the 'secure' flag will be set to 'false' on that cookie. Are you sure you are always in HTTP mode? Please double-check, and remember that /all JSPs will create a session unless session=false in the @page directive/. To answer your original question: there is no setting in Tomcat to get secure=true on your cookies in SSL mode. Tomcat should /always/ use a secure cookie when the cookie is created in SSL mode. You may have to re-check your Connector attributes for the AJP connector. Make sure that secure=true among others. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrnTQ8ACgkQ9CaO5/Lv0PA/GQCgnPYgzFkWNPP0Ol57BxVg4uX5 YQsAnjGCZMrB4svfzI/S/TL9mhNtjfiv =GZXQ -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SessionID cookie not secure over SSL
Hi Chris, You wrote: Tomcat will create its JSESSIONID cookie like this in all cases: Cookie cookie = new Cookie(JSESSIONID, sessionId); if(request.isSecure()) cookie.setSecure(true); My filter calls HttpServletRequest.isSecure() which returns true It then calls Cookie.getSecure() for the JSESSIONID cookie which returns false. I am expecting this to return true since all connections have been over https. Or should I be looking elswhere? JW -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Tuesday, October 27, 2009 4:07 PM To: Tomcat Users List Subject: Re: SessionID cookie not secure over SSL -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe, On 10/27/2009 5:00 PM, Joe Wallace wrote: I am using session cookies to track sessions. I am used to Jrun where you would specifically set the cookie to be sent only over SSL or https. This was not the default setting. I want users to connect to my web site using https then they might click a link on one of my web pages whose protocal is not secure. What is the behavior of the JSESSIONID cookie in this situation. Tomcat will create its JSESSIONID cookie like this in all cases: Cookie cookie = new Cookie(JSESSIONID, sessionId); if(request.isSecure()) cookie.setSecure(true); (Note that the code might not look exactly like this, but it behaves in this way). So, if your session was created during a non-secure request, you'll get a non-secure cookie. The solution? Make all your requests HTTPS. If you have non-secure pages, you'll need to make sure they don't call request.getSession(true) either explicitly or implicitly (say, by forgetting to set session=false for a JSP). - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrnUvIACgkQ9CaO5/Lv0PCVjACfdqIQS8CFhelJtjgOWaoHtBhc 6gAAoIrWzROh0PTIOUYe4Aobnm3YWVtp =mlkD -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SessionID cookie not secure over SSL
-Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Tuesday, October 27, 2009 4:48 PM To: Tomcat Users List Subject: Re: SessionID cookie not secure over SSL Joe Wallace wrote: I am using session cookies to track sessions. I am used to Jrun where you would specifically set the cookie to be sent only over SSL or https. This was not the default setting. I want users to connect to my web site using https then they might click a link on one of my web pages whose protocal is not secure. What is the behavior of the JSESSIONID cookie in this situation. Joe, 1) assuming your setup is browsers -- IIS -- Tomcat A B which portion(s) is(/are) using HTTPS ? A ? B ? both ? 2) secure is an attribute of a cookie, written inside of the cookie by the server creating the cookie in the first place. If set, it has as consequence that a browser will only send it back to the original server with subsequent requests, if these subsequent requests happen over a HTTPS connection. In other words, if you set the secure attribute on the JSESSIONID cookie, because for instance your initial request happens over HTTPS, then you switch to a non-HTTPS part of the site, the browser is probably no longer going to send this cookie back to the server. In other words, you will, for practical purposes, lose your session. Not so, gurus ? Portion A is using IIS. IIS holds the SSL cert. I am using AJP 1.3 connector for IIS It is defined in the Tomcat Server.xml !-- Define an AJP 1.3 Connector on port -- Connector port=8109 protocol=AJP/1.3 redirectPort=443 / Joe - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SessionID cookie not secure over SSL
André Warnier wrote: Am I mistaken then to think that since the connection B from IIS to Tomcat is not over HTTPS but over AJP, Tomcat has no idea that HTTPS is being used ? Whatever consequences this has in the context (and which are beyond my expertise). Andre, I guess that is the question. The filter I have in Tomcat calls request.isSecure(). This returns true. (All requests have been using https) If when tomcat does this. if(request.isSecure()) cookie.setSecure(true); A call to cookie.getSecure should return true. But the same filter that returns true for request.isSecure() calls Cookie.getSecure() and it returns false. Joe -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Tuesday, October 27, 2009 5:11 PM To: Tomcat Users List Subject: Re: SessionID cookie not secure over SSL Joe Wallace wrote: -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Tuesday, October 27, 2009 4:48 PM To: Tomcat Users List Subject: Re: SessionID cookie not secure over SSL Joe Wallace wrote: I am using session cookies to track sessions. I am used to Jrun where you would specifically set the cookie to be sent only over SSL or https. This was not the default setting. I want users to connect to my web site using https then they might click a link on one of my web pages whose protocal is not secure. What is the behavior of the JSESSIONID cookie in this situation. Joe, 1) assuming your setup is browsers -- IIS -- Tomcat A B which portion(s) is(/are) using HTTPS ? A ? B ? both ? 2) secure is an attribute of a cookie, written inside of the cookie by the server creating the cookie in the first place. If set, it has as consequence that a browser will only send it back to the original server with subsequent requests, if these subsequent requests happen over a HTTPS connection. In other words, if you set the secure attribute on the JSESSIONID cookie, because for instance your initial request happens over HTTPS, then you switch to a non-HTTPS part of the site, the browser is probably no longer going to send this cookie back to the server. In other words, you will, for practical purposes, lose your session. Not so, gurus ? Portion A is using IIS. IIS holds the SSL cert. I am using AJP 1.3 connector for IIS It is defined in the Tomcat Server.xml !-- Define an AJP 1.3 Connector on port -- Connector port=8109 protocol=AJP/1.3 redirectPort=443 / Am I mistaken then to think that since the connection B from IIS to Tomcat is not over HTTPS but over AJP, Tomcat has no idea that HTTPS is being used ? Whatever consequences this has in the context (and which are beyond my expertise). - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.OutOfMemoryError: Java heap space
Yup, it looks like you have more of your application objects taking up memory than the tickets you were worried about. So True! We are right now designing and developing our next generation of websites and this experience will surely come handy. I will now think twice before I store anything in the session and will make sure I remove no longer used objects from the HTTP Session. You can couple session-object expiration with lazy instantiation/fetch for a solution that can keep your sessions lightweight yet allow insanely long session timeouts. Chris, can you please elaborate what you mean by coupling session-object expiration with lazy fetch? Is it an absolute requirement that these objects be stored in the session at all? If so, then maybe the caching strategy can be tweaked a bit to allow both requirements to peacefully coexist. The code is 3 years old and it does not use a caching strategy at all. However, I am planning to use ehcache when we developer our future websites. There are even techniques that will allow your session objects to expire when memory gets tight (which is super cool IMO). I did not know that something like that existed. Thanks for letting me know, Chris! Thanks for telling me about SoftReference, Charles. Looks like SoftReference existed since JDK 1.2 and I never knew about it! Is the use of SoftReference popular? Thanks guys! Joe - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.OutOfMemoryError: Java heap space
WoW! jmap was a great command to learn Chris! Thank you so much! I generated a histogram of the Objects in the java heap (while things were stable) and here's what I got: Object Histogram: SizeCount Class description --- 149989048 3496198 char[] 847084323529518 java.lang.String 58308016560654 tw.beans.TWFotoBean 35620304179282 byte[] 2328687230767 int[] 18220184142094 * ConstMethodKlass 14932056622169 java.sql.Date 10235120142094 * MethodKlass 1016478490757 tw.beans.TWFotoSetBean 8878248 134561 java.lang.Object[] 7949144 16190 * ConstantPoolKlass 6147768 16190 * InstanceKlassKlass 4590176 13997 * ConstantPoolCacheKlass ... ... As you've pointed out, most of the data is taken by character arrays, Strings, integer arrays, byte arrays, Foto and FotoSet beans! There were just 67 Ticket entries (related to CAS) and the size of the Ticket objects wasn't huge either. Seeing the histogram results was an eye opener. I am wondering if Rainer was right all along. Is it just the application data (FotoBean and FotoSetBean) that's inundating the java heap? I had changed the session-timeout in server.xml from 30 minutes to 240 minutes. That means an HTTP Session would now last 8 times longer. Since the Garbage Collector runs only when the session expires, the application's memory needs are probably increased 8 fold (Am I right?). And I am storing the FotoBeans and FotoSetBeans in each user's HTTP Session. As I mentioned before, previously the java heap was set to the default, 64MB, and it used to be sufficient. From the time I changed the session-timeout, even 512MB (= 64 X 8) is insufficient. Should I just decrease the session-timeout to 2 hours and see if 512MB is sufficient? Any other thoughts/ideas guys? Thanks again Chris, Joe Here are all the Ticket entries in the heap: 96 4 org.jasig.cas.util.DefaultUniqueTicketIdGenerator 72 3 org.jasig.cas.util.DefaultUniqueTicketIdGenerator 72 3 org.jasig.cas.util.DefaultUniqueTicketIdGenerator 72 3 org.jasig.cas.util.DefaultUniqueTicketIdGenerator 72 3 org.jasig.cas.util.DefaultUniqueTicketIdGenerator 72 3 org.jasig.cas.util.DefaultUniqueTicketIdGenerator 24 1 org.jasig.cas.web.flow.SendTicketGrantingTicketAction 24 1 org.jasig.cas.web.flow.SendTicketGrantingTicketAction 24 1 org.jasig.cas.web.flow.SendTicketGrantingTicketAction 24 1 org.jasig.cas.web.flow.SendTicketGrantingTicketAction 24 1 org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator 24 1 org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator 24 1 org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator 24 1 org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator 24 1 org.jasig.cas.web.flow.SendTicketGrantingTicketAction 24 1 org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator 24 1 org.jasig.cas.web.flow.SendTicketGrantingTicketAction 24 1 org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator 16 1 org.jasig.cas.util.SamlCompliantUniqueTicketIdGenerator 16 1 org.jasig.cas.ticket.registry.DefaultTicketRegistry 16 1 org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner 16 1 org.jasig.cas.util.SamlCompliantUniqueTicketIdGenerator 16 1 org.jasig.cas.ticket.registry.DefaultTicketRegistry 16 1 org.acegisecurity.providers.cas.proxy.RejectProxyTickets 16 1 org.jasig.cas.web.flow.GenerateServiceTicketAction 16 1 org.jasig.cas.ticket.registry.DefaultTicketRegistry 16 1 org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner 16 1 org.acegisecurity.providers.cas.proxy.RejectProxyTickets 16 1 org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner 16 1 org.jasig.cas.web.flow.GenerateServiceTicketAction 16 1 org.jasig.cas.util.SamlCompliantUniqueTicketIdGenerator 16 1 org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache 16 1 org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache 16 1 org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner 16 1 org.jasig.cas.util.SamlCompliantUniqueTicketIdGenerator 16 1 org.jasig.cas.web.flow.GenerateServiceTicketAction 16 1 org.acegisecurity.providers.cas.proxy.RejectProxyTickets 16 1 org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner 16 1 org.jasig.cas.web.flow.GenerateServiceTicketAction 16 1 org.acegisecurity.providers.cas.proxy.RejectProxyTickets 16 1 org.jasig.cas.ticket.registry.DefaultTicketRegistry 16
Re: java.lang.OutOfMemoryError: Java heap space
Rainer, Thanks for looking at those long thread dumps for me!! I am sorry. I did NOT take these dumps at the right time (i.e. when Tomcat was inundated with requests and couldn't cope with the load). After I increased the heap size to 512MB (from 64MB default), I am not getting the OutOfMemoryError(s) anymore. After I set KeepAlive On (Thanks Andre!), the number httpd processes isn't increasing either. The number of httpd processes increased from 8 to 21 and stayed there for more than 16 hours now. If the number of httpd processes gets out of control again, I will definitely take thread dumps once again. However, I doubt the issue is fixed because I should have seen this issue long time ago (since I haven't changed any code nor the traffic to our websites increased in a long while). Should I just wait and see or are there any tests that I can do? Your contribution to this forum is amazing, Rainer. I am grateful to you and Andre for your efforts. Thank you! Regards, Joe On Tue, Oct 6, 2009 at 7:25 AM, Rainer Jung rainer.j...@kippdata.de wrote: On 05.10.2009 18:58, Joe Hansen wrote: Thank you so much for your tips, Rainer! The websites went down yet again. Increasing the java heap size took care of the OutOfMemoryError, but the number of httpd processes keep increasing until the websites crash. I haven't added any new code in the past few months, hence I am surprised why the requests are getting stuck. Here's a link to the tomcat thread dumps: http://pastebin.com/m17eea139 Please let me know if you cannot view it and I will email the relevant portion of the catalina.out file to you. Is there an easy way to find out what code is causing the requests to get stuck? The dump file contains three thread dumps. The things all dumps have in common: - 60 threads for the quartz scheduler, all idle - 13 threads in the AJP connection pool, connected to Apache, but idle waiting for the next request to be send (the same threads in all three dumps) - 6 store plus 6 expiry threads of the EHCache, seems idle - 1 AJP + 1 HTTP(S) thread (port 8443) waiting to accept the next new connection to come in - 2 AJP + 3 HTTP(S) threads (port 8443) sitting idle the pool, waiting for work - a couple of other normal threads not directly related to request handling So the time you took the three dumps, this Tomcat was completely idle and did not have a single request to handle. If you are completely sure, you took the dumps while there was a storm of requests and your system couldn't cope the load, something has prevented the requests to ever reach Tomcat. I don't have your Tomcat version at hand at the moment, but for some time very special OutOfMemory errors (could not create native thread) lead to a situation, where Tomcat simply wouldn't accept any new connections. Although you report OutOfMemory errors, I'm not directly suggesting that that is your problem here. There might still be a relation though. Are you sure, that you took the dumps for the right Tomcat at the right time? Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.OutOfMemoryError: Java heap space
Rainer, I spoke to soon! As I suspected, the problem isn't fixed yet and the websites crashed again. This time I took three thread dumps at the time tomcat was down. Here they are: http://pastebin.com/m2a7e1198 I will learn from your previous analysis of the thread dumps and I try to understand what's happening. Thanks, Joe On Tue, Oct 6, 2009 at 10:23 AM, Joe Hansen joe.hansen...@gmail.com wrote: Rainer, Thanks for looking at those long thread dumps for me!! I am sorry. I did NOT take these dumps at the right time (i.e. when Tomcat was inundated with requests and couldn't cope with the load). After I increased the heap size to 512MB (from 64MB default), I am not getting the OutOfMemoryError(s) anymore. After I set KeepAlive On (Thanks Andre!), the number httpd processes isn't increasing either. The number of httpd processes increased from 8 to 21 and stayed there for more than 16 hours now. If the number of httpd processes gets out of control again, I will definitely take thread dumps once again. However, I doubt the issue is fixed because I should have seen this issue long time ago (since I haven't changed any code nor the traffic to our websites increased in a long while). Should I just wait and see or are there any tests that I can do? Your contribution to this forum is amazing, Rainer. I am grateful to you and Andre for your efforts. Thank you! Regards, Joe On Tue, Oct 6, 2009 at 7:25 AM, Rainer Jung rainer.j...@kippdata.de wrote: On 05.10.2009 18:58, Joe Hansen wrote: Thank you so much for your tips, Rainer! The websites went down yet again. Increasing the java heap size took care of the OutOfMemoryError, but the number of httpd processes keep increasing until the websites crash. I haven't added any new code in the past few months, hence I am surprised why the requests are getting stuck. Here's a link to the tomcat thread dumps: http://pastebin.com/m17eea139 Please let me know if you cannot view it and I will email the relevant portion of the catalina.out file to you. Is there an easy way to find out what code is causing the requests to get stuck? The dump file contains three thread dumps. The things all dumps have in common: - 60 threads for the quartz scheduler, all idle - 13 threads in the AJP connection pool, connected to Apache, but idle waiting for the next request to be send (the same threads in all three dumps) - 6 store plus 6 expiry threads of the EHCache, seems idle - 1 AJP + 1 HTTP(S) thread (port 8443) waiting to accept the next new connection to come in - 2 AJP + 3 HTTP(S) threads (port 8443) sitting idle the pool, waiting for work - a couple of other normal threads not directly related to request handling So the time you took the three dumps, this Tomcat was completely idle and did not have a single request to handle. If you are completely sure, you took the dumps while there was a storm of requests and your system couldn't cope the load, something has prevented the requests to ever reach Tomcat. I don't have your Tomcat version at hand at the moment, but for some time very special OutOfMemory errors (could not create native thread) lead to a situation, where Tomcat simply wouldn't accept any new connections. Although you report OutOfMemory errors, I'm not directly suggesting that that is your problem here. There might still be a relation though. Are you sure, that you took the dumps for the right Tomcat at the right time? Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.OutOfMemoryError: Java heap space
There were 29 httpd processes running when the websites crashed. One thing that was clear from the thread dumps was there were lots of entries for org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner: Starting cleaning of expired tickets from ticket registry at ... Does that indicate that there is something wrong with my CAS configuration? Here's the thread count from the first thread dump: DefaultQuartzScheduler_QuartzSchedulerThread 4 sleeping + 2 waiting on condition = 6 Total DefaultQuartzScheduler_Worker 60 waiting = 60 Total Store ticketCache Expiry Thread (ehcache) 6 waiting on condition = 6 Total Store ticketCache Spool Thread (ehcache) 6 waiting on condition = 6 Total TP-ProcessorXY daemon runnable 20 runnable (mod_jk?) + 3 waiting = 23 Total Java2D Disposer daemon 1 waiting = 1 Total http-8443-Monitor 1 waiting = 1 Total http-8443-Processor 3 waiting + 1 runnable = 4 Total ContainerBackgroundProcessor 1 waiting on condition = 1 Total Low Memory Detector 1 runnable = 1 Total CompilerThread 2 waiting on condition = 2 Total AdapterThread 1 waiting on condition = 1 Total Signal Dispatcher 1 runnable = 1 Total Finalizer 1 waiting = 1 Total Reference Handler 1 waiting = 1 Total org.apache.catalina.startup.Bootstrap.main 1 runnable = 1 Total VM Thread 1 runnable = 1 Total GC task thread 1 runnable = 1 Total VM Periodic Task Thread 1 waiting on condition = 1 Total Thanks, Joe On Tue, Oct 6, 2009 at 11:44 AM, Joe Hansen joe.hansen...@gmail.com wrote: Rainer, I spoke to soon! As I suspected, the problem isn't fixed yet and the websites crashed again. This time I took three thread dumps at the time tomcat was down. Here they are: http://pastebin.com/m2a7e1198 I will learn from your previous analysis of the thread dumps and I try to understand what's happening. Thanks, Joe On Tue, Oct 6, 2009 at 10:23 AM, Joe Hansen joe.hansen...@gmail.com wrote: Rainer, Thanks for looking at those long thread dumps for me!! I am sorry. I did NOT take these dumps at the right time (i.e. when Tomcat was inundated with requests and couldn't cope with the load). After I increased the heap size to 512MB (from 64MB default), I am not getting the OutOfMemoryError(s) anymore. After I set KeepAlive On (Thanks Andre!), the number httpd processes isn't increasing either. The number of httpd processes increased from 8 to 21 and stayed there for more than 16 hours now. If the number of httpd processes gets out of control again, I will definitely take thread dumps once again. However, I doubt the issue is fixed because I should have seen this issue long time ago (since I haven't changed any code nor the traffic to our websites increased in a long while). Should I just wait and see or are there any tests that I can do? Your contribution to this forum is amazing, Rainer. I am grateful to you and Andre for your efforts. Thank you! Regards, Joe On Tue, Oct 6, 2009 at 7:25 AM, Rainer Jung rainer.j...@kippdata.de wrote: On 05.10.2009 18:58, Joe Hansen wrote: Thank you so much for your tips, Rainer! The websites went down yet again. Increasing the java heap size took care of the OutOfMemoryError, but the number of httpd processes keep increasing until the websites crash. I haven't added any new code in the past few months, hence I am surprised why the requests are getting stuck. Here's a link to the tomcat thread dumps: http://pastebin.com/m17eea139 Please let me know if you cannot view it and I will email the relevant portion of the catalina.out file to you. Is there an easy way to find out what code is causing the requests to get stuck? The dump file contains three thread dumps. The things all dumps have in common: - 60 threads for the quartz scheduler, all idle - 13 threads in the AJP connection pool, connected to Apache, but idle waiting for the next request to be send (the same threads in all three dumps) - 6 store plus 6 expiry threads of the EHCache, seems idle - 1 AJP + 1 HTTP(S) thread (port 8443) waiting to accept the next new connection to come in - 2 AJP + 3 HTTP(S) threads (port 8443) sitting idle the pool, waiting for work - a couple of other normal threads not directly related to request handling So the time you took the three dumps, this Tomcat was completely idle and did not have a single request to handle. If you are completely sure, you took the dumps while there was a storm of requests and your system couldn't cope the load, something has prevented the requests to ever reach Tomcat. I don't have your Tomcat version at hand at the moment, but for some time very special OutOfMemory errors (could not create native thread) lead to a situation, where Tomcat simply wouldn't accept any new connections. Although you report OutOfMemory errors, I'm not directly suggesting that that is your problem here. There might still be a relation though. Are you sure, that you took the dumps for the right Tomcat at the right
Re: java.lang.OutOfMemoryError: Java heap space
Thanks for your feedback, Rainer. The DAO objects/methods that you've mentioned are used for almost every page on our website. So I am not surprised to find them in the thread dumps. However, as you pointed out, the parameters to these methods change depending on the page they are on and if the user is logged in or not. I did not check the CPU usage when the issue happened. I just checked the web application logs and found that first there was an OutOfMemoryError, followed by MySQL errors when TWFotoSetListDAO.getAllFotosets tried to get a database connection. I am *guessing* : I changed the session timeout to 4 hours for the Jasig CAS Single-Signon web application. This stores a ton of tickets in memory. During a 4 hour period when there are more http requests, the 512MB of Java Heap space is not sufficient to store all these tickets. During that time OutOfMemoryError happens and all hell breaks loose subsequently. I probably should decrease the session-timeout to 1 hour or so and see if that changes things. Would you agree, Rainer? Thanks, Joe 2009 Oct 06 / 10:48:43 ERROR - [org.apache.catalina.core.ContainerBase] : Exception invoking periodic operation: java.lang.OutOfMemoryError: Java heap space 2009 Oct 06 / 10:48:43 FATAL - [tw.conn.TWConnectionManager] : com.mysql.jdbc.CommunicationsException: Communications link failure due to underlying exception: ** BEGIN NESTED EXCEPTION ** java.io.EOFException STACKTRACE: java.io.EOFException at com.mysql.jdbc.MysqlIO.readFully(MysqlIO.java:1905) at com.mysql.jdbc.MysqlIO.reuseAndReadPacket(MysqlIO.java:2351) at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:2862) at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:771) at com.mysql.jdbc.MysqlIO.secureAuth411(MysqlIO.java:3649) at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1176) at com.mysql.jdbc.Connection.createNewIO(Connection.java:2558) at com.mysql.jdbc.Connection.init(Connection.java:1485) at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266) at org.apache.tomcat.dbcp.dbcp.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:37) at org.apache.tomcat.dbcp.dbcp.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:290) at org.apache.tomcat.dbcp.pool.impl.GenericObjectPool.borrowObject(GenericObjectPool.java:771) at org.apache.tomcat.dbcp.dbcp.AbandonedObjectPool.borrowObject(AbandonedObjectPool.java:74) at org.apache.tomcat.dbcp.dbcp.PoolingDataSource.getConnection(PoolingDataSource.java:95) at org.apache.tomcat.dbcp.dbcp.BasicDataSource.getConnection(BasicDataSource.java:540) at tw.conn.TWConnectionManager.getConnection(Unknown Source) at tw.beans.TWFotoSetListDAO.getAllFotosets(Unknown Source) at tw.beans.TWViewBean.getAllFotosets(Unknown Source) at tw.servlet.TWQueryServlet.doPost(Unknown Source) at tw.servlet.TWQueryServlet.doGet(Unknown Source) at javax.servlet.http.HttpServlet.service(HttpServlet.java:689) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672) at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:463) at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:398) at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301) at org.apache.jsp.groupby_005fitems_jsp._jspService(groupby_005fitems_jsp.java:152) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:332) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126
Re: java.lang.OutOfMemoryError: Java heap space
I changed the session-timeout for the CAS webapp to 1 hour and restarted Apache/Tomcat to see if that changes anything. If the issue manifests again, I will surely check the memory and cpu usage using the top command. Rainer, I somewhat doubt that getAllFotosets() is causing the problem. Because I have an administrator account on the website and I can view more photosets than any other user. And when I login and view the photosets nothing alarming seems to be happening. I am not ruling out the possibility altogether though. Andre, you are right. Memory is cheap. However, the machine has 8GB of memory already. I am thinking that it should be sufficient. Here's the output of the free command: [r...@csiweb bin]# free -m totalused free Mem: 8113 7557 555 -/+ buffers/cache:861 7252 Swap:9012 33 8979 Its amazing how you and Andre are able to identify issues with others' Tomcat installations just by looking at their logs and settings. It speaks volumes of your experience with Tomcat. Thank you, Joe On Tue, Oct 6, 2009 at 2:00 PM, Rainer Jung rainer.j...@kippdata.de wrote: On 06.10.2009 21:44, Joe Hansen wrote: Thanks for your feedback, Rainer. The DAO objects/methods that you've mentioned are used for almost every page on our website. So I am not surprised to find them in the thread dumps. However, as you pointed out, the parameters to these methods change depending on the page they are on and if the user is logged in or not. I did not check the CPU usage when the issue happened. I just checked the web application logs and found that first there was an OutOfMemoryError, followed by MySQL errors when TWFotoSetListDAO.getAllFotosets tried to get a database connection. I am *guessing* : I changed the session timeout to 4 hours for the Jasig CAS Single-Signon web application. This stores a ton of tickets in memory. During a 4 hour period when there are more http requests, the 512MB of Java Heap space is not sufficient to store all these tickets. During that time OutOfMemoryError happens and all hell breaks loose subsequently. I probably should decrease the session-timeout to 1 hour or so and see if that changes things. Would you agree, Rainer? Could be. But it could also be, that getAllFotosets() is able to slurp in huge amounts of data to memory and that this is the reason for the OOME. Once you run into an OOME on heap, there's no good relief than restarting the whole JVM. After an OOME you can't prove the correctness of your app any more. Random objects might be missing, resulting in largely undefined behaviour in your webapp or even Tomcat. I'm a bit insisting on the getAllFotosets(), because I once was involved in troubleshooting for a social website and part of their problem was special users having extremely large social data. So once they hit the server it went OOME. Thanks, Joe Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.OutOfMemoryError: Java heap space
Thank you so much for your tips, Rainer! The websites went down yet again. Increasing the java heap size took care of the OutOfMemoryError, but the number of httpd processes keep increasing until the websites crash. I haven't added any new code in the past few months, hence I am surprised why the requests are getting stuck. Here's a link to the tomcat thread dumps: http://pastebin.com/m17eea139 Please let me know if you cannot view it and I will email the relevant portion of the catalina.out file to you. Is there an easy way to find out what code is causing the requests to get stuck? Thank you! Joe On Sun, Oct 4, 2009 at 2:36 PM, Rainer Jung rainer.j...@kippdata.de wrote: Hi Joe, On 04.10.2009 21:45, Joe Hansen wrote: Rainer, Thank you so much for your kind reply! I have increased the java heap size to 512MB (-Xms512m -Xmx512m). I am hoping that would fix the issue. I had configured our webserver to use Jasig's Central Authentication System (CAS). Recently I increased the session timeout from 30 minutes to 4 hours. I am guessing that must have had an impact on the number of tickets that the CAS could store in the Java's memory space. I did run the kill -QUIT command against the tomcat process. It did generate a huge output in the catalina.out file. I am unable to decipher it. I do not want to post it to the mailing list because its very long. Would you be able to please tell me what should I be looking for within this long thread dump? Can you put it somewhere on the web, so we can look at it, or are you afraid there is something private in there? You could use pastebin or something similar in case you do not have a public web server yourself. If you don't want to post in public, you can also mail it to me, I will post the result, in case I find something relevant. Regards, Rainer On Sat, Oct 3, 2009 at 12:24 PM, Rainer Jung rainer.j...@kippdata.de wrote: On 03.10.2009 20:07, Joe Hansen wrote: Hey All, I get this error (java.lang.OutOfMemoryError: Java heap space) after my Apache 2.0/Tomcat 5.5/mod_jk installation has been up and running for a few hours. This problem started just since two days. Never had this issue before! I have also noticed that as soon as I startup the server, 9 httpd processes start. Number of httpd processes keep on increasing until I get the OutOfMemoryError. $ps -aef | grep httpd root 31984 1 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31987 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31988 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31989 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31990 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31991 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31992 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31993 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31994 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd Sounds like requests get stuck or responses are only returned very slowly. I would take thread dumps during the time requests pile up (e.g. httpd process count increases). Thread dumps are generated by kil -QUIT against the Tomcat process. Result is written to catalina.out. Always take afew thread dumps shortly after each other, e.g. 3 dumps each 3 seconds apart from the previous one, so that you can find out, if a status in a dump is pure coincidence or lasts for somewhat longer. $ps -aef | grep tomcat root 31949 1 43 11:23 pts/0 00:00:58 /usr/java/jdk/bin/java -Djava.u il.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.co fig.file=/usr/lib/apache-tomcat/conf/logging.properties -Djava.endorsed.dirs=/u r/lib/apache-tomcat/common/endorsed -classpath :/usr/lib/apache-tomcat/bin/boot trap.jar:/usr/lib/apache-tomcat/bin/commons-logging-api.jar -Dcatalina.base=/us /lib/apache-tomcat -Dcatalina.home=/usr/lib/apache-tomcat -Djava.io.tmpdir=/usr lib/apache-tomcat/temp org.apache.catalina.startup.Bootstrap start There is no Java memory configuration included above (i.e. al defaults). It might well be, that you have to explicitely set heap size, perm size and if you like also eden and semi spaces. Can someone on this list please help me resolve this issue. Thanks you, Joe Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.OutOfMemoryError: Java heap space
Rainer, Here are the KeepAlive values in httpd.conf: KeepAlive Off MaxKeepAliveRequests 100 KeepAliveTimout 15 Thanks, Joe What are your KeepAlive* settings ? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.OutOfMemoryError: Java heap space
Thank you for the reply, Andre. I now understand how setting KeepAlive to On would improve the performance of a website (The Apache manual says that a 50% increase in throughput could be expected). So I changed the KeepAlive to On and restarted the server. I however wonder if this will fix the issue. The reason being, I haven't changed the website code at all the past few months and there hasn't been any increase in the website traffic too. Hence I am unable to understand why we are suddenly seeing an increase in the number of httpd processes. The only thing I changed is the session-timeout value from 30 minutes to 240 minutes. Thanks, Joe On Mon, Oct 5, 2009 at 1:04 PM, André Warnier a...@ice-sa.com wrote: Joe Hansen wrote: Rainer, Here are the KeepAlive values in httpd.conf: KeepAlive Off MaxKeepAliveRequests 100 KeepAliveTimout 15 Well, since you have KeepAlive Off, the other 2 do not matter. But as such, it means that each request of each browser is going to create a new connection to the webserver, just for that one request. So if there is a page with 10 img links inside, you will end up establishing (and tearing down) a total of 11 TCP connections (one for the main page, one each for each img). That may or may not have a bearing on the situation you are seeing. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.OutOfMemoryError: Java heap space
Andre, Thanks for pointing out the high KeepAliveTimeout value in the config file. I have read the docs and have changed it to 5 seconds (which is the default). I am hoping that Rainer could find out from the thread dump where the requests are getting stuck, so that I can put this issue to bed. Thanks, Joe On Mon, Oct 5, 2009 at 1:53 PM, André Warnier a...@ice-sa.com wrote: Joe Hansen wrote: Thank you for the reply, Andre. I now understand how setting KeepAlive to On would improve the performance of a website (The Apache manual says that a 50% increase in throughput could be expected). So I changed the KeepAlive to On and restarted the server. Now wait. You should probably then lower your setting for KeepAliveTimeout (to 3 e.g.), otherwise you may make the problem much worse. Read conscienciously the relevant Apache doc page : http://httpd.apache.org/docs/2.2/mod/core.html#keepalive The point with KeepAlive is : - the browser makes a connection and issues a first request - the webserver dedicates a child (or thread) to this connection, and passes it the first request - the child/thread responds to the first request, and then waits for more - the browser, in the response page, finds more links. Over the same TCP connection, it sends the next request - the same child/thread - which was waiting on that connection - receives the new request, and responds to it. Then it waits again for the next one. - etc.. - until at some point, the browser does not issue any additional requests on the connection. Then, *after the KeepAliveTimeout has expired*, the child/thread gives up, closesthe connection, and returns to the pool available for other requests from other browsers So the point is, if the KeepAliveTimeout is long (like 15 seconds), it means that a child/thread may be kept waiting, for nothing, up to that many seconds, although there is nothing coming anymore. I however wonder if this will fix the issue. The reason being, I haven't changed the website code at all the past few months and there hasn't been any increase in the website traffic too. Hence I am unable to understand why we are suddenly seeing an increase in the number of httpd processes. The only thing I changed is the session-timeout value from 30 minutes to 240 minutes. I guess that this is the Tomcat session timeout. That should have nothing to do with the above. I don't think that for Tomcat, a session is linked to a connection. It is more of a set of data saved somewhere, linked to the Tomcat session-id (the JSESSIONID cookie for instance). Tomcar retrieves it whenever a request comes in with the same session-id number. But it should not matter whether it is on the same TCP connection or not. What may be linked together however, is that one request to httpd results in one child/thread busy with it at the Apache httpd level. If that request is being forwarded to Tomcat by mod_jk, then it also holds onto one mod_jk/Tomcat connection. This connection then holds on to one thread in Tomcat, until the Tomcat thread (+webapp) has supplied the full response. All the while, this whole chain is unavailable for other requests. Thus, if there are many such requests under way, many Apache children/threads are busy, and Apache httpd will start additional ones (up to its limit) to service new requests that come in. So if for some reason, your Tomcat requests now take longer to be serviced, that should also, by retro-effect, increase the number of httpd children/threads being started. The bottleneck would be in Tomcat, but it would show up at the httpd level. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.OutOfMemoryError: Java heap space
Rainer, Thank you so much for your kind reply! I have increased the java heap size to 512MB (-Xms512m -Xmx512m). I am hoping that would fix the issue. I had configured our webserver to use Jasig's Central Authentication System (CAS). Recently I increased the session timeout from 30 minutes to 4 hours. I am guessing that must have had an impact on the number of tickets that the CAS could store in the Java's memory space. I did run the kill -QUIT command against the tomcat process. It did generate a huge output in the catalina.out file. I am unable to decipher it. I do not want to post it to the mailing list because its very long. Would you be able to please tell me what should I be looking for within this long thread dump? Thanks again, Rainer :) Joe On Sat, Oct 3, 2009 at 12:24 PM, Rainer Jung rainer.j...@kippdata.de wrote: On 03.10.2009 20:07, Joe Hansen wrote: Hey All, I get this error (java.lang.OutOfMemoryError: Java heap space) after my Apache 2.0/Tomcat 5.5/mod_jk installation has been up and running for a few hours. This problem started just since two days. Never had this issue before! I have also noticed that as soon as I startup the server, 9 httpd processes start. Number of httpd processes keep on increasing until I get the OutOfMemoryError. $ps -aef | grep httpd root 31984 1 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31987 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31988 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31989 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31990 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31991 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31992 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31993 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31994 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd Sounds like requests get stuck or responses are only returned very slowly. I would take thread dumps during the time requests pile up (e.g. httpd process count increases). Thread dumps are generated by kil -QUIT against the Tomcat process. Result is written to catalina.out. Always take afew thread dumps shortly after each other, e.g. 3 dumps each 3 seconds apart from the previous one, so that you can find out, if a status in a dump is pure coincidence or lasts for somewhat longer. $ps -aef | grep tomcat root 31949 1 43 11:23 pts/0 00:00:58 /usr/java/jdk/bin/java -Djava.u il.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.co fig.file=/usr/lib/apache-tomcat/conf/logging.properties -Djava.endorsed.dirs=/u r/lib/apache-tomcat/common/endorsed -classpath :/usr/lib/apache-tomcat/bin/boot trap.jar:/usr/lib/apache-tomcat/bin/commons-logging-api.jar -Dcatalina.base=/us /lib/apache-tomcat -Dcatalina.home=/usr/lib/apache-tomcat -Djava.io.tmpdir=/usr lib/apache-tomcat/temp org.apache.catalina.startup.Bootstrap start There is no Java memory configuration included above (i.e. al defaults). It might well be, that you have to explicitely set heap size, perm size and if you like also eden and semi spaces. Can someone on this list please help me resolve this issue. Thanks you, Joe Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.lang.OutOfMemoryError: Java heap space
I found the following error message in the Apache logs: [Sat Oct 03 04:10:49 2009] [error] server reached MaxClients setting, consider raising the MaxClients setting Here's a snippet from the httpd.conf, which deals with MaxClients. IfModule prefork.c StartServers 8 MinSpareServers5 MaxSpareServers 20 ServerLimit 256 MaxClients 256 MaxRequestsPerChild 4000 /IfModule IfModule worker.c StartServers 2 MaxClients 150 MinSpareThreads 25 MaxSpareThreads 75 ThreadsPerChild 25 MaxRequestsPerChild 0 /IfModule I will watch out for the increase in the number of httpd processes. I am wondering if I should raise the MaxClients value in prefork.c and worker.c modules. Can anyone on this forum please explain why new httpd processes are spawned and why aren't the old processes terminated? Thanks, Joe On Sun, Oct 4, 2009 at 1:45 PM, Joe Hansen joe.hansen...@gmail.com wrote: Rainer, Thank you so much for your kind reply! I have increased the java heap size to 512MB (-Xms512m -Xmx512m). I am hoping that would fix the issue. I had configured our webserver to use Jasig's Central Authentication System (CAS). Recently I increased the session timeout from 30 minutes to 4 hours. I am guessing that must have had an impact on the number of tickets that the CAS could store in the Java's memory space. I did run the kill -QUIT command against the tomcat process. It did generate a huge output in the catalina.out file. I am unable to decipher it. I do not want to post it to the mailing list because its very long. Would you be able to please tell me what should I be looking for within this long thread dump? Thanks again, Rainer :) Joe On Sat, Oct 3, 2009 at 12:24 PM, Rainer Jung rainer.j...@kippdata.de wrote: On 03.10.2009 20:07, Joe Hansen wrote: Hey All, I get this error (java.lang.OutOfMemoryError: Java heap space) after my Apache 2.0/Tomcat 5.5/mod_jk installation has been up and running for a few hours. This problem started just since two days. Never had this issue before! I have also noticed that as soon as I startup the server, 9 httpd processes start. Number of httpd processes keep on increasing until I get the OutOfMemoryError. $ps -aef | grep httpd root 31984 1 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31987 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31988 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31989 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31990 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31991 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31992 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31993 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd apache 31994 31984 0 11:23 ? 00:00:00 /usr/sbin/httpd Sounds like requests get stuck or responses are only returned very slowly. I would take thread dumps during the time requests pile up (e.g. httpd process count increases). Thread dumps are generated by kil -QUIT against the Tomcat process. Result is written to catalina.out. Always take afew thread dumps shortly after each other, e.g. 3 dumps each 3 seconds apart from the previous one, so that you can find out, if a status in a dump is pure coincidence or lasts for somewhat longer. $ps -aef | grep tomcat root 31949 1 43 11:23 pts/0 00:00:58 /usr/java/jdk/bin/java -Djava.u il.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.co fig.file=/usr/lib/apache-tomcat/conf/logging.properties -Djava.endorsed.dirs=/u r/lib/apache-tomcat/common/endorsed -classpath :/usr/lib/apache-tomcat/bin/boot trap.jar:/usr/lib/apache-tomcat/bin/commons-logging-api.jar -Dcatalina.base=/us /lib/apache-tomcat -Dcatalina.home=/usr/lib/apache-tomcat -Djava.io.tmpdir=/usr lib/apache-tomcat/temp org.apache.catalina.startup.Bootstrap start There is no Java memory configuration included above (i.e. al defaults). It might well be, that you have to explicitely set heap size, perm size and if you like also eden and semi spaces. Can someone on this list please help me resolve this issue. Thanks you, Joe Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
java.lang.OutOfMemoryError: Java heap space
Hey All, I get this error (java.lang.OutOfMemoryError: Java heap space) after my Apache 2.0/Tomcat 5.5/mod_jk installation has been up and running for a few hours. This problem started just since two days. Never had this issue before! I have also noticed that as soon as I startup the server, 9 httpd processes start. Number of httpd processes keep on increasing until I get the OutOfMemoryError. $ps -aef | grep httpd root 31984 1 0 11:23 ?00:00:00 /usr/sbin/httpd apache 31987 31984 0 11:23 ?00:00:00 /usr/sbin/httpd apache 31988 31984 0 11:23 ?00:00:00 /usr/sbin/httpd apache 31989 31984 0 11:23 ?00:00:00 /usr/sbin/httpd apache 31990 31984 0 11:23 ?00:00:00 /usr/sbin/httpd apache 31991 31984 0 11:23 ?00:00:00 /usr/sbin/httpd apache 31992 31984 0 11:23 ?00:00:00 /usr/sbin/httpd apache 31993 31984 0 11:23 ?00:00:00 /usr/sbin/httpd apache 31994 31984 0 11:23 ?00:00:00 /usr/sbin/httpd $ps -aef | grep tomcat root 31949 1 43 11:23 pts/000:00:58 /usr/java/jdk/bin/java -Djava.u il.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.co fig.file=/usr/lib/apache-tomcat/conf/logging.properties -Djava.endorsed.dirs=/u r/lib/apache-tomcat/common/endorsed -classpath :/usr/lib/apache-tomcat/bin/boot trap.jar:/usr/lib/apache-tomcat/bin/commons-logging-api.jar -Dcatalina.base=/us /lib/apache-tomcat -Dcatalina.home=/usr/lib/apache-tomcat -Djava.io.tmpdir=/usr lib/apache-tomcat/temp org.apache.catalina.startup.Bootstrap start Can someone on this list please help me resolve this issue. Thanks you, Joe - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled
Hey all, Apache 2.0/Tomcat 5.5/mod_jk installed on RedHat Enterprise Linux ES 4.0. Our web server has been up and running smoothly for more than 2 years now. This morning I noticed that the websites were down. When I checked the logs, I found the following message: java.io.FileNotFoundException: The file /root/.keystore is not available Sure enough, the /root/.keystore file was missing. I have no clue how that file got deleted in first place. So, I created the keystore file using the following commands: Added the certificate chain file to the keystore (When prompted for the password, I entered 'changeit') : $JAVA_HOME/bin/keytool -import -alias root -trustcacerts -file /etc/httpd/conf/ssl.crt/gd_intermediate_bundle.crt Added the certificate file to the keystore (When prompted for the password, I entered 'changeit'): $JAVA_HOME/bin/keytool -import -alias tomcat -trustcacerts -file /etc/httpd/conf/ssl.crt/_joesdomain.com.crt The above two commands created the /root/.keystore file. I then added the keystoreFile and keystorePass attributes to Tomcat's server.xml file's connector element as follows Connector className=org.apache.coyote.tomcat5.Coyote-Connector port=8443 miniProcessors=5 maxProcessors=75 enableLookups=true disableUploadTimeout=true acceptCount=100 debug=0 scheme=https secure=true clientAuth=false sslProtocol=TLS keystoreFile=/root/.keystore keystorePass=changeit / Now, when I restart the web server, the websites seem to be working fine, but the tomcat logs are inundated with the following error message: 2009 Oct 02 / 15:18:29 ERROR - [org.apache.tomcat.util.net.PoolTcpEndpoint] : Endpoint [SSL: ServerSocket[addr=0.0.0.0/0.0.0.0,port=0,localport=8443]] ignored exception: java.net.SocketException: SSL handshake error javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled. Can a Tomcat/SSL guru please guide me in solving this issue. Thank you! Joe - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled
I think I just solved my issue. I followed the instructions on GoDaddy to get this done. To install the GoDaddy Certificates: Create a keystore file openssl pkcs12 -export -chain -CAfile /etc/httpd/conf/ssl.crt/gd_intermediate_bundle.crt -in /etc/httpd/conf/ssl.crt/_.joesdomain.com.crt -inkey /etc/httpd/conf/ssl.key/joesdomain.key -out /etc/httpd/conf/ssl.crt/keystore.tomcat -name tomcat -passout pass:changeit To list the certificates in the keystore file: $JAVA_HOME/bin/keytool -list -v -storetype pkcs12 -keystore /etc/httpd/conf/ssl.crt/keystore.tomcat /* server.xml */ Connector className=org.apache.coyote.tomcat5.Coyote-Connector port=8443 miniProcessors=5 maxProcessors=75 enableLookups=true disableUploadTimeout=true acceptCount=100 debug=0 scheme=https secure=true clientAuth=false sslProtocol=TLS keystoreFile=/etc/httpd/conf/ssl.crt/keystore.tomcat keystorePass=changeit keystoreType=PKCS12 / -Joe On Fri, Oct 2, 2009 at 4:17 PM, Joe Hansen joe.hansen...@gmail.com wrote: Hey all, Apache 2.0/Tomcat 5.5/mod_jk installed on RedHat Enterprise Linux ES 4.0. Our web server has been up and running smoothly for more than 2 years now. This morning I noticed that the websites were down. When I checked the logs, I found the following message: java.io.FileNotFoundException: The file /root/.keystore is not available Sure enough, the /root/.keystore file was missing. I have no clue how that file got deleted in first place. So, I created the keystore file using the following commands: Added the certificate chain file to the keystore (When prompted for the password, I entered 'changeit') : $JAVA_HOME/bin/keytool -import -alias root -trustcacerts -file /etc/httpd/conf/ssl.crt/gd_intermediate_bundle.crt Added the certificate file to the keystore (When prompted for the password, I entered 'changeit'): $JAVA_HOME/bin/keytool -import -alias tomcat -trustcacerts -file /etc/httpd/conf/ssl.crt/_joesdomain.com.crt The above two commands created the /root/.keystore file. I then added the keystoreFile and keystorePass attributes to Tomcat's server.xml file's connector element as follows Connector className=org.apache.coyote.tomcat5.Coyote-Connector port=8443 miniProcessors=5 maxProcessors=75 enableLookups=true disableUploadTimeout=true acceptCount=100 debug=0 scheme=https secure=true clientAuth=false sslProtocol=TLS keystoreFile=/root/.keystore keystorePass=changeit / Now, when I restart the web server, the websites seem to be working fine, but the tomcat logs are inundated with the following error message: 2009 Oct 02 / 15:18:29 ERROR - [org.apache.tomcat.util.net.PoolTcpEndpoint] : Endpoint [SSL: ServerSocket[addr=0.0.0.0/0.0.0.0,port=0,localport=8443]] ignored exception: java.net.SocketException: SSL handshake error javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled. Can a Tomcat/SSL guru please guide me in solving this issue. Thank you! Joe - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
null and zero issue
I wrote a web service component using JAX-WS API and deployed on JBoss 5.0.1 application server. And also, wrote a Soap client which sends a valid soap request to server and server executes corresponding method and returns soap response back to client but what ever parameters I included in soap, it considers it as null for string datatype and zero for int data type. Appreciate if you could help me to resolve this problem. Joe
override context defined in server.xml doesn't work !?!
the tomcat is v5.5 I'm trying to override the Context in server.xml (coz cpanel creates a default blank context for new vhost in server.xml, and we shouldn't edit the server.xml coz cpanel will update it whenever it wants) I created conf/Catalina/serverName/ROOT.xml with Context override=true but it doesn't work. the ROOT.xml should be fine. because when I remove the new vhost's Context in server.xml. it works. I wonder how does the override=true works ??? Please help. thanks Joe -- View this message in context: http://www.nabble.com/override-context-defined-in-server.xml-doesn%27t-work-%21-%21-tp24086230p24086230.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Run multiple web applications in Tomcat each as an independent windows service question
We will have to rethink our reasons for wanting multiple windows services other than we have it that way with Jrun now. It may be more of a mindset problem. My initial problems in Tomcat were file locking (when starting and stopping each web app with the Tomcat Manager) and then thinking there may be issues in sharing a single jvm. The information from this mailing list has been very helpful. Joe -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Tuesday, March 10, 2009 11:29 AM To: Tomcat Users List Subject: Re: Run multiple web applications in Tomcat each as an independent windows service question -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Gregor, On 3/10/2009 11:17 AM, Gregor Schneider wrote: On Tue, Mar 10, 2009 at 3:35 PM, Christopher Schultz ch...@christopherschultz.net wrote: because it makes your deployment easier. Hm, I guess I'll have to disagree here: No, we're in agreement: one TC is easier than many. I just didn't read his sentence properly. Nobody bothered to answer his question in the first place, so I went ahead and did so. My post was not very well laid-out. I had intended to say something like your deployment will be easier with a single Tomcat but, if you insist, you can do the following to get multiple TC instances as services Hope that clears things up. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkm2h1cACgkQ9CaO5/Lv0PClOQCguIJP/EvCfZjmIeOZs6r0OGGS utkAnA8J3TOP2xHV7cclw3hmb2d54k73 =5Oqg -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Run multiple web applications in Tomcat each as an independent windows service question
The setup is like this. http://host1/app0:8080 http://host1/app1:8081 http://host1/app2:8082 App0,1,2 all being the same web app deployed with a different name, and with different url. The concept being each web app serves a specific set of users with each set of users having their own separate database. Same web app different data. Joe Wallace -Original Message- From: Gregor Schneider [mailto:rc4...@googlemail.com] Sent: Saturday, March 07, 2009 9:18 AM To: Tomcat Users List Subject: Re: Run multiple web applications in Tomcat each as an independent windows service question sound slike a very crude design to me, however... On Fri, Mar 6, 2009 at 9:36 PM, Joe Wallace j...@andar360.com wrote: I essentially will be running the same web app installed multiple times. Each web app will connect to its own unique database. Since I don't want them sharing static variables in the jvm I need to keep them completely separate. This is a well developed application being ported from Jrun where this was possible. do I understand it correctly that the urls of your apps then are http://host1/crudeapp http://host2/crudeapp http://host3/crudeapp or ist it http://host1/crudeapp:8080 http://host1/crudeapp:8081 http://host1/crudeapp:8082 ??? Still, I do not see any way how you could have loaded our app multiple times in different instances of Tomcat without having different urls. Having this in mind, I'd just deploy our app with different names on the same host. The only thing you have to do is to copy the app-war in ${appbase} Chuck pointed out your mis-assumption regarding static variables already. Rgds Gregor -- just because your paranoid, doesn't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Run multiple web applications in Tomcat each as an independent windows service question
You hit the nail on the head. Performance being equal I see no reason to use separate jvm/tomcat instances. Thanks, Joe Wallace -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Monday, March 09, 2009 12:47 PM To: Tomcat Users List Subject: Re: Run multiple web applications in Tomcat each as an independent windows service question Joe Wallace wrote: The setup is like this. http://host1/app0:8080 http://host1/app1:8081 http://host1/app2:8082 App0,1,2 all being the same web app deployed with a different name, and with different url. The concept being each web app serves a specific set of users with each set of users having their own separate database. Same web app different data. Joe Wallace Hi. Let's summarise and restart from the beginning, building on what Chick and Gregor already wrote. You are under Windows, and you want to run Tomcat as a Windows Service. You have 3 webapps with independent sets of data and users. Whether they are the same webapp (renamed) or not makes no difference. You /can/ run 3 instances of Tomcat (in fact, 3 instances of a JVM running Tomcat), each one listening on a separate port, but from the above description this is not necessary. You could run a single instance of Tomcat, with all 3 webapps, provided they have different names. Each webapp will have its own set of static variables, as Chuck explained. Using a single instance of Tomcat, listening on a single port (say 8080) would be easier : - the users of your 3 webapps would access them by the URLs http://host1:8080/app1 http://host1:8080/app2 http://host1:8080/app3 and your layout would be (CATALINA_HOME)/webapps/app1/* (CATALINA_HOME)/webapps/app2/* (CATALINA_HOME)/webapps/app3/* (where CATALINA_HOME is the top directory where you installed your Windows Tomcat) and you would have a single Tomcat Service. The (possible) inconvenient I can see is that if one webapp crashes the server, it will crash the whole Tomcat with the 3 webapps. But that does not happen very often. You can start/stop/reload/redeploy each webapp independently using, for instance, the Tomcat Manager application. Now if you absolutely want 3 separate ports, and/or 3 separate JVM/Tomcat instances, and/or running 3 independent Windows Services, any or all of that is also possible, but the setup is more complicated. So, do you have a compelling reason to do that ? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
tomcat 6 cluster deploy
According to the apache site the tomcat Cluster Deployer object does not work in version 6. Is this accurate? If so has anyone heard of a fix for this in the near future?
Re: tomcat-users.xml file becomes unusable
jakarta-tomcat-5.5.4-6 I don't have a copy of the changed file. Here is the original, passwords removed. As soon as we see this again I'll post the changed one. permission on the original file are 0600. owner is apache, group is an internal name. Thanks, Joe On Fri, Nov 14, 2008 at 4:53 PM, Caldarale, Charles R [EMAIL PROTECTED] wrote: From: Joe Bolin [mailto:[EMAIL PROTECTED] Subject: tomcat-users.xml file becomes unusable We are seeing a sporadic issue where the tomcat-users.xml file changes in some way. The file command repots the type as 'data' rather than XML. What version of Tomcat are you using? What are the contents of the changed file? Can you post it here (obfuscate the passwords, of course)? Tomcat does rewrite the tomcat-users.xml file during startup, unless you specify the readonly=true attribute for the UserDatabase Resource. However, I've never known it to rewrite it with anything but correct XML. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ?xml version='1.0' encoding='utf-8'? tomcat-users role rolename=tomcat/ role rolename=standard/ role rolename=manager/ role rolename=admin/ user username=mon password= roles=manager/ user username=tomcat password= roles=tomcat/ /tomcat-users - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
tomcat-users.xml file becomes unusable
We are seeing a sporadic issue where the tomcat-users.xml file changes in some way. The file command repots the type as 'data' rather than XML. The byte size doesn't change. Once it changes, tomcat process still runs but is inaccessible via web and no logging appears to be happening. This is on a SLES(SUSE) 9 system. Thanks, Joe
Re: executor does not work with AJP connector
I upgraded to Tomcat 6.0.18 and am now getting a warning instead of an NPE: org.apache.catalina.startup.ConnectorCreateRule _setExecutor WARNING: Connector [EMAIL PROTECTED] does not support external executors. Method setExecutor(java.util.concurrent.Executor) not found. So it looks like external executors won't work with the AJP connector. The problem I'm having is on highly loaded members of an app tier. They end up with a bunch of stuck AJP threads. I wanted to use the maxIdleTime property of the Executor to kill them off. How should I deal with stuck/idle AJP threads? I'm load balancing with Apache 2.2 and mod_jk. Thanks, Joe On Sun, Oct 26, 2008 at 9:42 PM, Joe Reger, Jr. [EMAIL PROTECTED] wrote: Kinda late to this party but I've gotten the same NPE issue when adding an Executor to an AJP Connector on 6.0.14 (Win2000Server). But, I've also gotten it to work on 6.0.14 on a different machine (Windows XP)... same server.xml. Experimenting with the problem server I found that I could keep the Executor defined but simply not reference it from the Connector and the server started up (probably not much news there.) Questions: 1) Could this have something to do with a native OS feature somewhere in Tomcat? 2) You mentioned that it worked on 6.0.16... anybody know if there was a fix or if it's just an intermittent issue? 3) Should the Executor work with AJP? I saw a post from earlier last year that said Executors don't support AJP. Thanks all! Joe On Wed, Feb 27, 2008 at 10:23 AM, Filip Hanik - Dev Lists [EMAIL PROTECTED] wrote: just tried that with 6.0.16, and it worked Filip nitin dubey wrote: Nope.. here is the top portion of server.xml = Service name=Catalina !--The connectors can use a shared executor, you can define one or more named thread pools-- Executor name=tomcatThreadPool namePrefix=catalina-exec- maxThreads=150 minSpareThreads=4/ !-- A Connector represents an endpoint by which requests are received and responses are returned. Documentation at : Java HTTP Connector: /docs/config/http.html (blocking non-blocking) Java AJP Connector: /docs/config/ajp.html APR (HTTP/AJP) Connector: /docs/apr.html Define a non-SSL HTTP/1.1 Connector on port 8080 -- Connector port=8080 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=8443 / !-- A Connector using the shared thread pool-- !-- Connector executor=tomcatThreadPool port=8080 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=8443 / -- !-- Define a SSL HTTP/1.1 Connector on port 8443 This connector uses the JSSE configuration, when using APR, the connector should be using the OpenSSL style configuration described in the APR documentation -- !-- Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=false sslProtocol=TLS / -- !-- Define an AJP 1.3 Connector on port 8009 -- Connector port=8009 protocol=AJP/1.3 redirectPort=8443 allowTrace=falseexecutor=tomcatThreadPool connectionTimeout=2 / = --- On Wed, 27/2/08, Filip Hanik - Dev Lists [EMAIL PROTECTED] wrote: From: Filip Hanik - Dev Lists [EMAIL PROTECTED] Subject: Re: executor does not work with AJP connector To: Tomcat Users List users@tomcat.apache.org Date: Wednesday, 27 February, 2008, 5:00 AM you might have forgotten to uncomment or configure that actual executor, hence the NPE Filip nitin dubey wrote: Hi, I tried configuring executor in tomcat 6.0.14 for AJP Connector like following: !-- Define an AJP 1.3 Connector on port 8009 -- Connector port=8009 protocol=AJP/1.3 redirectPort=8443 allowTrace=false executor=tomcatThreadPool connectionTimeout=2 / While starting tomcat it gives this error. Any problem with the configuration OR this is a bug? Feb 26, 2008 1:42:36 PM org.apache.tomcat.util.digester.Digester startElement SEVERE: Begin event threw exception java.lang.NullPointerException at org.apache.catalina.startup.ConnectorCreateRule._setExecutor(ConnectorCreateRule.java:61) at org.apache.catalina.startup.ConnectorCreateRule.begin(ConnectorCreateRule.java:54) at org.apache.tomcat.util.digester.Rule.begin(Rule.java:153) at org.apache.tomcat.util.digester.Digester.startElement(Digester.java:1276) at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.startElement(AbstractSAXParser.java:533) at com.sun.org.apache.xerces.internal.parsers.AbstractXMLDocumentParser.emptyElement(AbstractXMLDocumentParser.java:220
Re: executor does not work with AJP connector
Kinda late to this party but I've gotten the same NPE issue when adding an Executor to an AJP Connector on 6.0.14 (Win2000Server). But, I've also gotten it to work on 6.0.14 on a different machine (Windows XP)... same server.xml. Experimenting with the problem server I found that I could keep the Executor defined but simply not reference it from the Connector and the server started up (probably not much news there.) Questions: 1) Could this have something to do with a native OS feature somewhere in Tomcat? 2) You mentioned that it worked on 6.0.16... anybody know if there was a fix or if it's just an intermittent issue? 3) Should the Executor work with AJP? I saw a post from earlier last year that said Executors don't support AJP. Thanks all! Joe On Wed, Feb 27, 2008 at 10:23 AM, Filip Hanik - Dev Lists [EMAIL PROTECTED] wrote: just tried that with 6.0.16, and it worked Filip nitin dubey wrote: Nope.. here is the top portion of server.xml = Service name=Catalina !--The connectors can use a shared executor, you can define one or more named thread pools-- Executor name=tomcatThreadPool namePrefix=catalina-exec- maxThreads=150 minSpareThreads=4/ !-- A Connector represents an endpoint by which requests are received and responses are returned. Documentation at : Java HTTP Connector: /docs/config/http.html (blocking non-blocking) Java AJP Connector: /docs/config/ajp.html APR (HTTP/AJP) Connector: /docs/apr.html Define a non-SSL HTTP/1.1 Connector on port 8080 -- Connector port=8080 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=8443 / !-- A Connector using the shared thread pool-- !-- Connector executor=tomcatThreadPool port=8080 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=8443 / -- !-- Define a SSL HTTP/1.1 Connector on port 8443 This connector uses the JSSE configuration, when using APR, the connector should be using the OpenSSL style configuration described in the APR documentation -- !-- Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=false sslProtocol=TLS / -- !-- Define an AJP 1.3 Connector on port 8009 -- Connector port=8009 protocol=AJP/1.3 redirectPort=8443 allowTrace=falseexecutor=tomcatThreadPool connectionTimeout=2 / = --- On Wed, 27/2/08, Filip Hanik - Dev Lists [EMAIL PROTECTED] wrote: From: Filip Hanik - Dev Lists [EMAIL PROTECTED] Subject: Re: executor does not work with AJP connector To: Tomcat Users List users@tomcat.apache.org Date: Wednesday, 27 February, 2008, 5:00 AM you might have forgotten to uncomment or configure that actual executor, hence the NPE Filip nitin dubey wrote: Hi, I tried configuring executor in tomcat 6.0.14 for AJP Connector like following: !-- Define an AJP 1.3 Connector on port 8009 -- Connector port=8009 protocol=AJP/1.3 redirectPort=8443 allowTrace=false executor=tomcatThreadPool connectionTimeout=2 / While starting tomcat it gives this error. Any problem with the configuration OR this is a bug? Feb 26, 2008 1:42:36 PM org.apache.tomcat.util.digester.Digester startElement SEVERE: Begin event threw exception java.lang.NullPointerException at org.apache.catalina.startup.ConnectorCreateRule._setExecutor(ConnectorCreateRule.java:61) at org.apache.catalina.startup.ConnectorCreateRule.begin(ConnectorCreateRule.java:54) at org.apache.tomcat.util.digester.Rule.begin(Rule.java:153) at org.apache.tomcat.util.digester.Digester.startElement(Digester.java:1276) at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.startElement(AbstractSAXParser.java:533) at com.sun.org.apache.xerces.internal.parsers.AbstractXMLDocumentParser.emptyElement(AbstractXMLDocumentParser.java:220) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanStartElement(XMLDocumentFragmentScannerImpl.java:872) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(XMLDocumentFragmentScannerImpl.java:1693) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:368) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:834) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:764) at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:148
Problem with AJP connector
We are running IIS6 and Tomcat 6, with the AJP connector forwarding traffic from IIS to Tomcat. Everything has been working well until we started running some load tests. When we ramp up our testing we start to see the following errors in the connector log. [Wed Sep 24 14:28:42 2008] [3456:1504] [error] jk_ajp_common.c (1879): (IppsClaimsWorker) Connecting to tomcat failed. Tomcat is probably not started or is listening on the wrong port [Wed Sep 24 14:28:42 2008] [3456:1504] [error] jk_isapi_plugin.c (1082): service() failed What could be causing this issue? Any help or troubleshooting tips would be appreciated. Thanks- Joe This e-mail is confidential. If you are not the intended recipient, you must not disclose or use the information contained in it. If you have received this e-mail in error, please tell us immediately by return e-mail to [EMAIL PROTECTED] and delete the document. E-mails containing unprofessional, discourteous or offensive remarks violate Sentry policy. You may report employee violations by forwarding the message to [EMAIL PROTECTED] No recipient may use the information in this e-mail in violation of any civil or criminal statute. Sentry disclaims all liability for any unauthorized uses of this e-mail or its contents. This e-mail constitutes neither an offer nor an acceptance of any offer. No contract may be entered into by a Sentry employee without express approval from an authorized Sentry manager. Warning: Computer viruses can be transmitted via e-mail. Sentry accepts no liability or responsibility for any damage caused by any virus transmitted with this e-mail.
Re: [OT] question about realm auth and digest attribute
is it really that hard to reply to a question without coming off as a pompous ass? On Mon, Sep 22, 2008 at 4:23 PM, André Warnier [EMAIL PROTECTED] wrote: Mark Thomas wrote: [...] It took me less than a minute to find the JavaDoc for java.security.MessageDigest It's by saying things like that that you provoke this kind of question.. It takes us mere mortals ages to find anything there. :-) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: question about realm auth and digest attribute
i'm talking about this part of configuration: http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html On Thu, Sep 18, 2008 at 3:18 PM, Christopher Schultz [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe, Joe A wrote: if i'm going to be using sha-1 for the encryption, do i just specify digest=SHA, digest=SHA1, digest=SHA-1? I'm not sure you have a choice... I think it's MD5 by default with no other options. http://en.wikipedia.org/wiki/Digest_access_authentication Note that MSIE 5.0+ apparently doesn't do things right, and will therefore not work (2002 report). Note sure if it has been fixed in later versions. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkjSt5kACgkQ9CaO5/Lv0PBlVwCgkXSaxKshMhTO9Ri5mziOQNOF ROEAnRX0WFPrkz/F4oRN98d9xjjnEoU3 =icKO -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: question about realm auth and digest attribute
i'm talking about the part of configuration that lets you choose specify how the passwords are stored in the users table. On Mon, Sep 22, 2008 at 2:27 PM, Christopher Schultz [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe, Joe A wrote: i'm talking about this part of configuration: http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html Sorry, I should have been more clear. Although Tomcat allows you to pick the hashing algorithm for DIGEST auth, there is no way for the server to communicate to the client what type of hashing function is being used. I believe all current HTTP clients will use MD5 since they have no way to decide to use something else. Definitely let me know if this is not the case. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkjX8YQACgkQ9CaO5/Lv0PCbUQCgwdb8IFsxxszP1N/bN8EAS0ag 95wAnRaCQCf1ZNE7Q4bd1uf+ei4TwOYv =PQy0 -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: question about realm auth and digest attribute
in the docs it says The value for this attribute must be one of the digest algorithms supported by the java.security.MessageDigest class (SHA, MD2, or MD5). so if i encrypt using the sha1 algorithm, do you know if i should specify sha1 or sha-1 or sha? thanks, joe On Mon, Sep 22, 2008 at 3:06 PM, Mark Thomas [EMAIL PROTECTED] wrote: Joe A wrote: i'm talking about the part of configuration that lets you choose specify how the passwords are stored in the users table. To repeat my previous answer, any digest that is supported by the JVM you are using is fine for this. Mark - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
question about realm auth and digest attribute
if i'm going to be using sha-1 for the encryption, do i just specify digest=SHA, digest=SHA1, digest=SHA-1? thanks, joe
Re: CometProcessor and DWR
Thanks for the help Philip. So I was hoping to use the normal Servlet processing for all requests, and then do something special to drop a thread when doing comet. My event method looks like this: public void event(CometEvent event) throws IOException, ServletException { if (event.getEventType() == CometEvent.EventType.BEGIN) { event.getHttpServletRequest().setAttribute(ATTRIBUTE_EVENT, event); } else if (event.getEventType() == CometEvent.EventType.ERROR) { event.close(); } else if (event.getEventType() == CometEvent.EventType.END) { event.close(); } else if (event.getEventType() == CometEvent.EventType.READ) { // Does this handle blocking reads if we just carry on reading? service(event.getHttpServletRequest(), event.getHttpServletResponse()); } } The effect that I'm seeing is a call to event() with event.getEventType() == CometEvent.EventType.BEGIN as expected, but I'm expecting some READ events, but nothing until an ERROR(TIMEOUT) event a bit later. When Tomcat starts it says: Jul 17, 2008 10:35:31 AM org.apache.catalina.core.AprLifecycleListener init INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: .:/Library/Java/Extensions:/System/Library/Java/Extensions:/usr/lib/java Jul 17, 2008 10:35:35 AM org.apache.coyote.http11.Http11NioProtocol init INFO: Initializing Coyote HTTP/1.1 on http-8080 Jul 17, 2008 10:35:35 AM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 8828 ms Jul 17, 2008 10:35:35 AM org.apache.catalina.core.StandardService start INFO: Starting service Catalina Jul 17, 2008 10:35:35 AM org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/6.0.14 Do I need to fire up a C compiler to get this to work? Joe. On Thu, Jul 17, 2008 at 4:04 AM, Filip Hanik - Dev Lists [EMAIL PROTECTED] wrote: for your connector element you must have protocol=org.apache.coyote.http11.Http11NioProtocol or protocol=org.apache.coyote.http11.Http11AprProtocol (and the APR and tcnative libraries in your PATH/LD_LIBRARY_PATH) Filip Joe Walker wrote: Hi, It looks like servlet spec 3 is wy off. So I'm creating a implementation of CometProcessor in DWR. I've created a new CometProcessor like this: public class DwrCometProcessor extends DwrServlet implements CometProcessor But the event() method is not called. It just leaps straight to service(). Is there anything else I need to be doing (clearly I've changed web.xml to point at the new 'servlet' using servlet-class org.directwebremoting.servers.tomcat.DwrCometProcessor/servlet-class)? Joe. No virus found in this incoming message. Checked by AVG. Version: 7.5.526 / Virus Database: 270.4.11/1554 - Release Date: 7/15/2008 6:03 PM - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: CometProcessor and DWR
Just noticed: s/Philip/Filip/g ;-) Joe. On Thu, Jul 17, 2008 at 10:39 AM, Joe Walker [EMAIL PROTECTED] wrote: Thanks for the help Philip. So I was hoping to use the normal Servlet processing for all requests, and then do something special to drop a thread when doing comet. My event method looks like this: public void event(CometEvent event) throws IOException, ServletException { if (event.getEventType() == CometEvent.EventType.BEGIN) { event.getHttpServletRequest().setAttribute(ATTRIBUTE_EVENT, event); } else if (event.getEventType() == CometEvent.EventType.ERROR) { event.close(); } else if (event.getEventType() == CometEvent.EventType.END) { event.close(); } else if (event.getEventType() == CometEvent.EventType.READ) { // Does this handle blocking reads if we just carry on reading? service(event.getHttpServletRequest(), event.getHttpServletResponse()); } } The effect that I'm seeing is a call to event() with event.getEventType() == CometEvent.EventType.BEGIN as expected, but I'm expecting some READ events, but nothing until an ERROR(TIMEOUT) event a bit later. When Tomcat starts it says: Jul 17, 2008 10:35:31 AM org.apache.catalina.core.AprLifecycleListener init INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: .:/Library/Java/Extensions:/System/Library/Java/Extensions:/usr/lib/java Jul 17, 2008 10:35:35 AM org.apache.coyote.http11.Http11NioProtocol init INFO: Initializing Coyote HTTP/1.1 on http-8080 Jul 17, 2008 10:35:35 AM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 8828 ms Jul 17, 2008 10:35:35 AM org.apache.catalina.core.StandardService start INFO: Starting service Catalina Jul 17, 2008 10:35:35 AM org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/6.0.14 Do I need to fire up a C compiler to get this to work? Joe. On Thu, Jul 17, 2008 at 4:04 AM, Filip Hanik - Dev Lists [EMAIL PROTECTED] wrote: for your connector element you must have protocol=org.apache.coyote.http11.Http11NioProtocol or protocol=org.apache.coyote.http11.Http11AprProtocol (and the APR and tcnative libraries in your PATH/LD_LIBRARY_PATH) Filip Joe Walker wrote: Hi, It looks like servlet spec 3 is wy off. So I'm creating a implementation of CometProcessor in DWR. I've created a new CometProcessor like this: public class DwrCometProcessor extends DwrServlet implements CometProcessor But the event() method is not called. It just leaps straight to service(). Is there anything else I need to be doing (clearly I've changed web.xml to point at the new 'servlet' using servlet-class org.directwebremoting.servers.tomcat.DwrCometProcessor/servlet-class)? Joe. No virus found in this incoming message. Checked by AVG. Version: 7.5.526 / Virus Database: 270.4.11/1554 - Release Date: 7/15/2008 6:03 PM - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: CometProcessor and DWR
I guess I misread the docs. From: http://tomcat.apache.org/tomcat-6.0-doc/aio.html While talking about EventType.READ: It is not allowed to attempt reading data from the request object outside of the execution of this method. Would it be correct to say - Use EventType.READ if you're worried about blocking. EventType.BEGIN generally acts in the same way as the Servlet.service method in the way it blocks. Pseudo code for what we're doing now: public void event(CometEvent event) { if (event.getEventType() == BEGIN) { // stash the event as a request attribute // act like nothing is different service(request, response); // sleep is set by the guts of DWR if (!sleep) { event.close(); } } else if (event.getEventType() == ERROR || event.getEventType() == END) { event.close(); } } And then we set sleep == true in the guts of DWR when we want to sleep, having set sleep, we call event.close() when we're done. Everything appears to be working OK now. Many thanks, Joe. On Thu, Jul 17, 2008 at 2:34 PM, Filip Hanik - Dev Lists [EMAIL PROTECTED] wrote: what does your HTTP request look like, it would need to have a body for the READ event to be called. currently READ doesn't get invoked when you are using a x-www-form-urlencoded this was fixed in trunk yesterday, http://svn.apache.org/viewvc?rev=677473view=rev also, in your begin event, you can call event.setTimeout if you need a custom timeout Filip Joe Walker wrote: Thanks for the help Philip. So I was hoping to use the normal Servlet processing for all requests, and then do something special to drop a thread when doing comet. My event method looks like this: public void event(CometEvent event) throws IOException, ServletException { if (event.getEventType() == CometEvent.EventType.BEGIN) { event.getHttpServletRequest().setAttribute(ATTRIBUTE_EVENT, event); } else if (event.getEventType() == CometEvent.EventType.ERROR) { event.close(); } else if (event.getEventType() == CometEvent.EventType.END) { event.close(); } else if (event.getEventType() == CometEvent.EventType.READ) { // Does this handle blocking reads if we just carry on reading? service(event.getHttpServletRequest(), event.getHttpServletResponse()); } } The effect that I'm seeing is a call to event() with event.getEventType() == CometEvent.EventType.BEGIN as expected, but I'm expecting some READ events, but nothing until an ERROR(TIMEOUT) event a bit later. When Tomcat starts it says: Jul 17, 2008 10:35:31 AM org.apache.catalina.core.AprLifecycleListener init INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: .:/Library/Java/Extensions:/System/Library/Java/Extensions:/usr/lib/java Jul 17, 2008 10:35:35 AM org.apache.coyote.http11.Http11NioProtocol init INFO: Initializing Coyote HTTP/1.1 on http-8080 Jul 17, 2008 10:35:35 AM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 8828 ms Jul 17, 2008 10:35:35 AM org.apache.catalina.core.StandardService start INFO: Starting service Catalina Jul 17, 2008 10:35:35 AM org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/6.0.14 Do I need to fire up a C compiler to get this to work? Joe. On Thu, Jul 17, 2008 at 4:04 AM, Filip Hanik - Dev Lists [EMAIL PROTECTED] wrote: for your connector element you must have protocol=org.apache.coyote.http11.Http11NioProtocol or protocol=org.apache.coyote.http11.Http11AprProtocol (and the APR and tcnative libraries in your PATH/LD_LIBRARY_PATH) Filip Joe Walker wrote: Hi, It looks like servlet spec 3 is wy off. So I'm creating a implementation of CometProcessor in DWR. I've created a new CometProcessor like this: public class DwrCometProcessor extends DwrServlet implements CometProcessor But the event() method is not called. It just leaps straight to service(). Is there anything else I need to be doing (clearly I've changed web.xml to point at the new 'servlet' using servlet-class org.directwebremoting.servers.tomcat.DwrCometProcessor/servlet-class)? Joe. No virus found in this incoming message. Checked by AVG. Version: 7.5.526 / Virus Database: 270.4.11/1554 - Release Date: 7/15/2008 6:03 PM - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] No virus found in this incoming message. Checked by AVG. Version: 7.5.526 / Virus Database: 270.5.0/1556 - Release Date: 7/16/2008 4:56 PM
Re: Embedded Tomcat
Thanks for the reply - I've been doing some digging into where the NPE happens, and while I'm sure it has something to do with my Embedded setup (it works just fine when I point a full Tomcat at the war file using a Context file), there are other things I need to look at, which are nothing to do with Embedding - I'll start another thread on CometProcessor, and maybe come back to this once I'm sure that comet isn't to blame. Thanks, Joe. On Tue, Jul 15, 2008 at 6:00 PM, Radcliffe, William H. [EMAIL PROTECTED] wrote: Joe wrote: I'm not getting any exceptions on startup, and the exact war file that I'm pointing is found because it's serving HTML and even my servlet just fine. But when I get a ServletContext, it's null. I've got a set of tomcat jars in the classpath (catalina, annorations-api, tomcat-coyote, tomcat-juli, servlet-api) I don't know if you are crossing contexts or not, but it doesn't look like you setCrossContext(true) on the context you created. Should you? The API only says the following for setCrossContext(boolean crossContext): Set the allow crossing servlet contexts flag. However, the Tomcat configuration reference seems to state that all calls to getContext will return null unless you set the context's crossContext parameter to true. When the parameter is true, the configuration reference specifically states that other contexts will have access through the ServletContext.getContext() method. When it is set to false, the reference no longer mentions other contexts, it states that getContext() will always return null. I'm assuming that the setCrossContext method and crossContext parameter have the same effect. I don't know if any of this applies in your case. From http://tomcat.apache.org/tomcat-6.0-doc/api/index.html: setCrossContext public void setCrossContext(boolean crossContext)Set the allow crossing servlet contexts flag. Specified by: setCrossContext in interface Context Parameters: crossContext - The new cross contexts flag From http://tomcat.apache.org/tomcat-6.0-doc/config/context.html: crossContex: Set to true if you want calls within this application to ServletContext.getContext() to successfully return a request dispatcher for other web applications running on this virtual host. Set to false (the default) in security conscious environments, to make getContext() always return null. Bill -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joe Walker Sent: Tuesday, July 15, 2008 10:59 AM To: users@tomcat.apache.org Subject: Embedded Tomcat Maybe I missed some docs somewhere, but my embedded Tomcat isn't working properly. I doing essentially this: Embedded embedded = new Embedded(); embedded.setCatalinaBase(.); Engine engine = embedded.createEngine(); Host host = embedded.createHost(localhost, .); engine.addChild(host); Context context = embedded.createContext(/dwr, target/ant/web/demo); host.addChild(context); embedded.addEngine(engine); Connector connector = embedded.createConnector(localhost, 8080, false); embedded.addConnector(connector); embedded.start(); And my web-app starts OK, however the ServletContext seems to be null, so the web-app fails. I'm not getting any exceptions on startup, and the exact war file that I'm pointing is found because it's serving HTML and even my servlet just fine. But when I get a ServletContext, it's null. I've got a set of tomcat jars in the classpath (catalina, annorations-api, tomcat-coyote, tomcat-juli, servlet-api) Any clues where to look? Joe. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
CometProcessor and DWR
Hi, It looks like servlet spec 3 is wy off. So I'm creating a implementation of CometProcessor in DWR. I've created a new CometProcessor like this: public class DwrCometProcessor extends DwrServlet implements CometProcessor But the event() method is not called. It just leaps straight to service(). Is there anything else I need to be doing (clearly I've changed web.xml to point at the new 'servlet' using servlet-class org.directwebremoting.servers.tomcat.DwrCometProcessor/servlet-class)? Joe.