RE: Please help ... [MultiThreadedHttpConnectionManager cleanup]
Please let me know if anyone has seen this before. I bet whoever put that in as a feature is really glad for all the posts that followed. http://wiki.apache.org/tomcat/MemoryLeakProtection or a quick google will provide you with some explanation, but basically it's most likely your code ;o) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Starup Order [Filters -- Servlets -- Context]
Hi Guys, Am I correct in my assumption that servlet filters are started before servlets and that the context listeners are not fired until both the filters and servlets have been initialised? What I am trying to do is run some code before the context is started which is actually going to copy a mycontext.xml into another mysecondcontext.xml (using docBase=single_webapp_location). which would then get auto deployed into Tomcat creating the 2nd context. As part of this process I also need to copy some files from a 'location' into the docBase and suspect that this will cause Tomcat to reload both contexts. Is there any entry point during Tomcat startup where I can do some work before either contexts are started? Tomcat is 6.0.29 under JDK 1.6 Thanks for any assistance. Rob
RE: Starup Order [Filters -- Servlets -- Context]
Thanks Pid, see my comment below:- -Original Message- From: Pid [mailto:p...@pidster.com] Sent: 24 November 2010 17:05 To: Tomcat Users List Subject: Re: Starup Order [Filters -- Servlets -- Context] On 24/11/2010 15:38, Rob Gregory wrote: Hi Guys, Am I correct in my assumption that servlet filters are started before servlets and that the context listeners are not fired until both the filters and servlets have been initialised? ServletContextListeners first, before Filters Servlets. Ah, I was confusing the events being fired to the actual initialisation of the ServletContextListeners. What I am trying to do is run some code before the context is started which is actually going to copy a mycontext.xml into another mysecondcontext.xml (using docBase=single_webapp_location). which would then get auto deployed into Tomcat creating the 2nd context. I'm not sure that's such a good idea. Is there a specific reason why not? How is doing this any different to manually creating the two context.xml files if I can create them before the contexts are initialised? As part of this process I also need to copy some files from a 'location' into the docBase and suspect that this will cause Tomcat to reload both contexts. Depends how you're configured. It might. I have a number of watched resources so I think it will unless I can copy the files before the contexts are initialised. Is there any entry point during Tomcat startup where I can do some work before either contexts are started? LifecycleListener? Look for examples at the beginning of server.xml. Thanks for the pointer Pid. Most helpful. p Tomcat is 6.0.29 under JDK 1.6 Thanks for any assistance. Rob - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Dynamic GlobalNamingResources / Shared JDBC connection pools
Thanks Chris, After messing around with JNDI yesterday I came to the same conclusion that Tomcat is doing some isolation and I can understand why. I will look into the JMX approach you suggest as I am running out of options. If That doesn't provide a solution I think I will have to deploy our connection pool logic to the shared 'tomcat/lib' directory where static collections will be available to all contexts. Do you see any issues with deploying code within the lib directory? Many thanks for your help Rob -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: 17 November 2010 16:44 To: Tomcat Users List Subject: Re: Dynamic GlobalNamingResources / Shared JDBC connection pools -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rob, On 11/17/2010 7:07 AM, Rob Gregory wrote: Is it possible to just store my existing collection of datasources in some global context? I.e. initCtx = new InitialContext(); Context envCtx = (Context)initCtx.lookup(java:/comp/env); envCtx.bind(datasource_live, objLiveDatasource); envCtx.bind(datasource_test, objTestDatasource); or something along those lines? The above isn't going to work because Tomcat provides webapp isolation in the JNDI space. You should look into the documentation for Tomcat's JMX beans: I'm sure there is a way to use those to create on-the-fly DataSources (really DataSourceFactories I think) using the mbeans that Tomcat exposes. Running under a SecurityManager may complicate that effort. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkzkBlwACgkQ9CaO5/Lv0PAh5wCeKQssMRezSzwagZ9AmCZuZf/5 5gwAoMPy5pYlKYgyYM6UNh/nnH3DAZiI =jH6U -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Dynamic GlobalNamingResources / Shared JDBC connection pools
Thanks Pid, That’s two suggestions for me to try. Many thanks for your assistance. Rob -Original Message- From: Pid [mailto:p...@pidster.com] Sent: 18 November 2010 10:26 To: Tomcat Users List Subject: Re: Dynamic GlobalNamingResources / Shared JDBC connection pools On 18/11/2010 09:34, Rob Gregory wrote: Thanks Chris, After messing around with JNDI yesterday I came to the same conclusion that Tomcat is doing some isolation and I can understand why. I will look into the JMX approach you suggest as I am running out of options. If That doesn't provide a solution I think I will have to deploy our connection pool logic to the shared 'tomcat/lib' directory where static collections will be available to all contexts. Do you see any issues with deploying code within the lib directory? I'm not sure about static, but maybe you can use a LifecycleListener to configure the pool globally. Check out the Listeners defined at the start of server.xml for examples. p Many thanks for your help Rob -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: 17 November 2010 16:44 To: Tomcat Users List Subject: Re: Dynamic GlobalNamingResources / Shared JDBC connection pools Rob, On 11/17/2010 7:07 AM, Rob Gregory wrote: Is it possible to just store my existing collection of datasources in some global context? I.e. initCtx = new InitialContext(); Context envCtx = (Context)initCtx.lookup(java:/comp/env); envCtx.bind(datasource_live, objLiveDatasource); envCtx.bind(datasource_test, objTestDatasource); or something along those lines? The above isn't going to work because Tomcat provides webapp isolation in the JNDI space. You should look into the documentation for Tomcat's JMX beans: I'm sure there is a way to use those to create on-the-fly DataSources (really DataSourceFactories I think) using the mbeans that Tomcat exposes. Running under a SecurityManager may complicate that effort. -chris - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Dynamic GlobalNamingResources / Shared JDBC connection pools
Thanks Mark. I'm spoilt for choice now and have some serious reading to do. Between the three suggestions I must be able to come up with a solution to my problem. Thanks to all for the pointers, most helpful. Rob -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: 18 November 2010 10:30 To: Tomcat Users List Subject: Re: Dynamic GlobalNamingResources / Shared JDBC connection pools On 18/11/2010 09:34, Rob Gregory wrote: Thanks Chris, After messing around with JNDI yesterday I came to the same conclusion that Tomcat is doing some isolation Random thoughts that may or may not help. If you look in the DataSourceRealm you will see some code that lets a web-app use a DataSource from either webapp JNDI or global JNDI. That might give you some pointers. Also, I'm pretty sure there is some write protection applied to the global JNDI somewhere. That might also get in your way. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Dynamic GlobalNamingResources / Shared JDBC connection pools
Spot on Mark. I have been googling and playing around for over a day on this, Following your suggestion it boils down to a couple of lines of code:- StandardServer server = (StandardServer) ServerFactory.getServer(); Context context = server.getGlobalNamingContext(); context.bind(dataSourceName, datasource); Thanks again for the push in the right direction. Rob -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: 18 November 2010 10:30 To: Tomcat Users List Subject: Re: Dynamic GlobalNamingResources / Shared JDBC connection pools On 18/11/2010 09:34, Rob Gregory wrote: Thanks Chris, After messing around with JNDI yesterday I came to the same conclusion that Tomcat is doing some isolation Random thoughts that may or may not help. If you look in the DataSourceRealm you will see some code that lets a web-app use a DataSource from either webapp JNDI or global JNDI. That might give you some pointers. Also, I'm pretty sure there is some write protection applied to the global JNDI somewhere. That might also get in your way. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Dynamic GlobalNamingResources / Shared JDBC connection pools
Awww... Is there going to be a replacement for the ServerFactory? Also what sort out timescales are you looking at before a production release of Tomcat 7 is available? Thanks Again. Rob -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: 18 November 2010 16:59 To: Tomcat Users List Subject: Re: Dynamic GlobalNamingResources / Shared JDBC connection pools On 18/11/2010 16:54, Rob Gregory wrote: Spot on Mark. I have been googling and playing around for over a day on this, Following your suggestion it boils down to a couple of lines of code:- StandardServer server = (StandardServer) ServerFactory.getServer(); Context context = server.getGlobalNamingContext(); context.bind(dataSourceName, datasource); Thanks again for the push in the right direction. No problem. Just be aware ServerFactory is gone in 7.0.x. Mark Rob -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: 18 November 2010 10:30 To: Tomcat Users List Subject: Re: Dynamic GlobalNamingResources / Shared JDBC connection pools On 18/11/2010 09:34, Rob Gregory wrote: Thanks Chris, After messing around with JNDI yesterday I came to the same conclusion that Tomcat is doing some isolation Random thoughts that may or may not help. If you look in the DataSourceRealm you will see some code that lets a web-app use a DataSource from either webapp JNDI or global JNDI. That might give you some pointers. Also, I'm pretty sure there is some write protection applied to the global JNDI somewhere. That might also get in your way. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: the tomcat encoding
Thanks Chris, I originally did struggle with encoding so have probably gone over the top in an attempt to fix the issues I was having. I will review my code following your suggestions. Many Thanks Rob From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: 16 November 2010 19:19 To: Tomcat Users List Subject: Re: the tomcat encoding -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rob, On 11/16/2010 4:31 AM, Rob Gregory wrote: I also use a filter to set the following:- request.setCharacterEncoding(UTF-8); response.setContentType(text/html; charset=UTF-8); response.setCharacterEncoding(UTF-8); FWIW, you shouldn't override any character encoding sent by the client. If there is no encoding, feel free to default to UTF-8. Within the final html output I always include the following meta tag:- meta http-equiv=Content-Type content=text/xhtml; charset=utf-8/meta This only makes sense if the response is actually in UTF-8. I would recommend something like this: meta http-equiv=Content-Type content=text/xhtml; charset={response.characterEncoding} / http://wiki.apache.org/tomcat/FAQ/CharacterEncoding - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkzi2RQACgkQ9CaO5/Lv0PBlaQCeOMxcnhPuX4hV/TPHT94+tmaM oyMAoKR87o0U7voSaQ0OiUg9useP/aGJ =O2Sy -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Dynamic GlobalNamingResources / Shared JDBC connection pools
Tomcat Users, We are trying to migrate a web application from a single context containing multiple JDBC datasources to a web application deployed over multiple contexts but without duplicating the shared datasources. Reading the docs at http://tomcat.apache.org/tomcat-6.0-doc/jndi-datasource-examples-howto.h tml states that we should be using the GlobalNamingResources but I do not know how to create these dynamically as we do with the per-web-application JNDI contexts. The docs explain how to declare them within the xml files but I need to create them on the fly. Could anyone point me at some documentation or some hints at what I should be googling for. One approach I thought about was moving the datasource code into the shared location of Tomcat but following some posts this morning it doesn't sound like shared locations should be used by web apps. Sorry if my question is not clear and thanks for any assistance. Tomcat 6.0.29 under Java 1.5+ Regards Rob
RE: Dynamic GlobalNamingResources / Shared JDBC connection pools
Is it possible to just store my existing collection of datasources in some global context? I.e. initCtx = new InitialContext(); Context envCtx = (Context)initCtx.lookup(java:/comp/env); envCtx.bind(datasource_live, objLiveDatasource); envCtx.bind(datasource_test, objTestDatasource); or something along those lines? Thanks Rob -Original Message- From: Rob Gregory [mailto:rob.greg...@ibsolutions.com] Sent: 17 November 2010 11:09 To: Tomcat Users List Subject: Dynamic GlobalNamingResources / Shared JDBC connection pools Tomcat Users, We are trying to migrate a web application from a single context containing multiple JDBC datasources to a web application deployed over multiple contexts but without duplicating the shared datasources. Reading the docs at http://tomcat.apache.org/tomcat-6.0-doc/jndi-datasource-examples-howto.h tml states that we should be using the GlobalNamingResources but I do not know how to create these dynamically as we do with the per-web-application JNDI contexts. The docs explain how to declare them within the xml files but I need to create them on the fly. Could anyone point me at some documentation or some hints at what I should be googling for. One approach I thought about was moving the datasource code into the shared location of Tomcat but following some posts this morning it doesn't sound like shared locations should be used by web apps. Sorry if my question is not clear and thanks for any assistance. Tomcat 6.0.29 under Java 1.5+ Regards Rob - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: the tomcat encoding
Hi Xu, Encoding is/can be a real pain. You have to ensure it is consistent throughout the web application to stand any chance. Start with the server.xml with the following declaration:- Connector port=80 redirectPort=443 URIEncoding=UTF-8 useBodyEncodingForURI=true / I also use a filter to set the following:- request.setCharacterEncoding(UTF-8); response.setContentType(text/html; charset=UTF-8); response.setCharacterEncoding(UTF-8); Within the final html output I always include the following meta tag:- meta http-equiv=Content-Type content=text/xhtml; charset=utf-8/meta Not sure all steps are required but they work for me. Of course if you use a database this also needs to support UTF-8 or your chosen encoding. Hope this helps Rob -Original Message- From: xu cheng [mailto:xcheng@gmail.com] Sent: 16 November 2010 05:59 To: users@tomcat.apache.org Subject: the tomcat encoding hi all: I wrote an app and there are some chinese content, and there are some code like this str = new String(chineseContentString.getBytes(iso-8859-1), utf-8); the app runs pretty well in the tomcat of my pc. however ,when it was deployed in other machine. all the Chinese content becomes messy code. so ,does anyone know how to got to encoding of the tomcat. or it was just iso-8859-1 and cannot be changed? thanks by the way , the edition is 6.0.20 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Single webapp multiple contexts
Hello Tomcat Users, I am trying to create multiple 'dynamic' contexts using just a single code base. For example we currently deploy a webapps within a context of let's say 'A'. This listens quite happily for requests coming in the form of http://localhost/A/index.htm. What I need to be able to do is have this same code base also listen for requests in the form of http://localhost/B/index.htm. I have played with using 'fake' context.xml e.g. A.xml = Context useHttpOnly=true docBase=C:/0600/ieseries.war path=/A / B.xml = Context useHttpOnly=true docBase=C:/0600/ieseries.war path=/B / This seems to work but the war is expanded into both contexts and what I really need is a single code base preferably without the requirement of using a .war file. I have looked at virtual hosts but this seems to involve changing the host name which is also not what I am trying to achieve. Using Tomcat 6.0.29 under Java(TM) SE Runtime Environment (build 1.6.0_14-b08). CATALINA_HOME is C:/0600. Can anyone give me a gentle push in the right direction if this is at all possible. Thanks in advance. Rob
RE: Single webapp multiple contexts
Just to expand on this a little. I have previously had something working but that was on Tomcat 5.5.9, The same trick no longer seems to work under 6.0.29. I basically created a context like Context swallowOutput=false reloadable=false useHttpOnly=true path=/B docBase=${catalina.home}/webapps/myapp / which used an already deployed copy of our webapp. This did work under 5.5.9 but fails with the following error under 6.0.29. Has this functionality changed and if so is this sort of trick not a good idea? INFO: Deploying configuration descriptor A.xml 09-Nov-2010 16:37:21 org.apache.catalina.startup.HostConfig deployDescriptor WARNING: A docBase C:\intweb\0600\webapps\myapp inside the host appBase has be en specified, and will be ignored 09-Nov-2010 16:37:21 org.apache.catalina.core.StandardContext resourcesStart SEVERE: Error starting static Resources java.lang.IllegalArgumentException: Document base C:\intweb\0600\webapps\A does not exist or is not a readable directory at org.apache.naming.resources.FileDirContext.setDocBase(FileDirContext. java:142) at org.apache.catalina.core.StandardContext.resourcesStart(StandardConte xt.java:4249) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4 418) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase .java:791) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:77 1) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:546) at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.ja va:637) at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.j ava:563) at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:498 ) at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1277) at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java :321) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(Lifecycl eSupport.java:119) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053) at org.apache.catalina.core.StandardHost.start(StandardHost.java:785) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:445 ) at org.apache.catalina.core.StandardService.start(StandardService.java:5 19) at org.apache.catalina.core.StandardServer.start(StandardServer.java:710 ) at org.apache.catalina.startup.Catalina.start(Catalina.java:581) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414) 09-Nov-2010 16:37:21 org.apache.catalina.core.StandardContext start SEVERE: Error in resourceStart() 09-Nov-2010 16:37:21 org.apache.catalina.core.StandardContext start SEVERE: Error getConfigured 09-Nov-2010 16:37:21 org.apache.catalina.core.StandardContext start SEVERE: Context [/A] startup failed due to previous errors Thanks Rob From: Rob Gregory [mailto:rob.greg...@ibsolutions.com] Sent: 09 November 2010 16:22 To: Tomcat Users List Subject: Single webapp multiple contexts Hello Tomcat Users, I am trying to create multiple 'dynamic' contexts using just a single code base. For example we currently deploy a webapps within a context of let's say 'A'. This listens quite happily for requests coming in the form of http://localhost/A/index.htm. What I need to be able to do is have this same code base also listen for requests in the form of http://localhost/B/index.htm. I have played with using 'fake' context.xml e.g. A.xml = Context useHttpOnly=true docBase=C:/0600/ieseries.war path=/A / B.xml = Context useHttpOnly=true docBase=C:/0600/ieseries.war path=/B / This seems to work but the war is expanded into both contexts and what I really need is a single code base preferably without the requirement of using a .war file. I have looked at virtual hosts but this seems to involve changing the host name which is also not what I am trying to achieve. Using Tomcat 6.0.29 under Java(TM) SE Runtime Environment (build 1.6.0_14-b08). CATALINA_HOME is C:/0600. Can anyone give me a gentle push in the right direction if this is at all possible. Thanks in advance. Rob - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Single webapp multiple contexts
The following entries are within the Changelog so it looks like what I am trying to do is now invalid? Can anyone suggest an alternative way to achieve the same result of a single code base with multiple contexts? Change Logs:- Make context deployment error message for fixDocBase() more meaningful. (markt) 38570: When checking docBase against appBase, make sure we check for an exact match against the appBase. (markt) 39013: When testing for invalid docBase, test for an exact match with the appBase dir. (markt) 42678: Only ignore docBase if it really is a subdir of appBase. Patch provided by juergen. (markt) -Original Message- From: Rob Gregory [mailto:rob.greg...@ibsolutions.com] Sent: 09 November 2010 16:44 To: Tomcat Users List Subject: RE: Single webapp multiple contexts Just to expand on this a little. I have previously had something working but that was on Tomcat 5.5.9, The same trick no longer seems to work under 6.0.29. I basically created a context like Context swallowOutput=false reloadable=false useHttpOnly=true path=/B docBase=${catalina.home}/webapps/myapp / which used an already deployed copy of our webapp. This did work under 5.5.9 but fails with the following error under 6.0.29. Has this functionality changed and if so is this sort of trick not a good idea? INFO: Deploying configuration descriptor A.xml 09-Nov-2010 16:37:21 org.apache.catalina.startup.HostConfig deployDescriptor WARNING: A docBase C:\intweb\0600\webapps\myapp inside the host appBase has be en specified, and will be ignored 09-Nov-2010 16:37:21 org.apache.catalina.core.StandardContext resourcesStart SEVERE: Error starting static Resources java.lang.IllegalArgumentException: Document base C:\intweb\0600\webapps\A does not exist or is not a readable directory at org.apache.naming.resources.FileDirContext.setDocBase(FileDirContext. java:142) at org.apache.catalina.core.StandardContext.resourcesStart(StandardConte xt.java:4249) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4 418) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase .java:791) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:77 1) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:546) at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.ja va:637) at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.j ava:563) at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:498 ) at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1277) at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java :321) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(Lifecycl eSupport.java:119) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053) at org.apache.catalina.core.StandardHost.start(StandardHost.java:785) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:445 ) at org.apache.catalina.core.StandardService.start(StandardService.java:5 19) at org.apache.catalina.core.StandardServer.start(StandardServer.java:710 ) at org.apache.catalina.startup.Catalina.start(Catalina.java:581) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414) 09-Nov-2010 16:37:21 org.apache.catalina.core.StandardContext start SEVERE: Error in resourceStart() 09-Nov-2010 16:37:21 org.apache.catalina.core.StandardContext start SEVERE: Error getConfigured 09-Nov-2010 16:37:21 org.apache.catalina.core.StandardContext start SEVERE: Context [/A] startup failed due to previous errors Thanks Rob From: Rob Gregory [mailto:rob.greg...@ibsolutions.com] Sent: 09 November 2010 16:22 To: Tomcat Users List Subject: Single webapp multiple contexts Hello Tomcat Users, I am trying to create multiple 'dynamic' contexts using just a single code base. For example we currently deploy a webapps within a context of let's say 'A'. This listens quite happily for requests coming in the form of http://localhost/A/index.htm. What I need to be able to do is have this same code base also listen for requests in the form of http://localhost/B/index.htm. I have played with using 'fake' context.xml e.g. A.xml = Context useHttpOnly
RE: Single webapp multiple contexts
Hi Chuck and thanks for replying. I want a single webapp instance e.g. c:\tomcat\webapps\myapp which can listen for requests coming from http://localhost/A/index.htm and the same webapp to listen for requests coming from http://localhsot/B/index.htm, etc. Regards Rob -Original Message- From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Sent: 09 November 2010 17:19 To: Tomcat Users List Subject: RE: Single webapp multiple contexts From: Rob Gregory [mailto:rob.greg...@ibsolutions.com] Subject: Single webapp multiple contexts I am trying to create multiple 'dynamic' contexts using just a single code base. For example we currently deploy a webapps within a context of let's say 'A'. This listens quite happily for requests coming in the form of http://localhost/A/index.htm. What I need to be able to do is have this same code base also listen for requests in the form of http://localhost/B/index.htm. You don't say if you want a single webapp instance, or a separate instance for each URI path. Assuming the latter, the only safe way to do it is to have separate .war files or directories; anything else will cause timing problems. Just copy the .war file (or directory) as needed to the properly named location, and get rid of the Context elements from server.xml (almost always a bad place for them). - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Single webapp multiple contexts
Hi Mark, I presume you are the same Mark that has committed the fixes made in the changelog? I have tried what you suggest but the result is that each context defined in CATALINA_BASE/conf/enginename/hostname get deployed/expanded into webapps which results in much more disk space usage. Is there any way to achieve the same result as was previously possible within Tomcat 5.5.9 where I could have a context declared within CATALINA_BASE/conf/enginename/hostname but have that point/map to an already deployed webapp without it deploying another copy of the codebase or seeing the warning that is now output from Tomcat 6. Also using a .war file is a real pain for me because of how we deploy the different parts of our application. Many Thanks for your time. Rob -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: 09 November 2010 17:22 To: Tomcat Users List Subject: Re: Single webapp multiple contexts On 09/11/2010 17:18, Caldarale, Charles R wrote: From: Rob Gregory [mailto:rob.greg...@ibsolutions.com] Subject: Single webapp multiple contexts I am trying to create multiple 'dynamic' contexts using just a single code base. For example we currently deploy a webapps within a context of let's say 'A'. This listens quite happily for requests coming in the form of http://localhost/A/index.htm. What I need to be able to do is have this same code base also listen for requests in the form of http://localhost/B/index.htm. You don't say if you want a single webapp instance, or a separate instance for each URI path. Assuming the latter, the only safe way to do it is to have separate .war files or directories; anything else will cause timing problems. Just copy the .war file (or directory) as needed to the properly named location, and get rid of the Context elements from server.xml (almost always a bad place for them). Although if you want a single WAR but multiple deployments of that WAR, place it somewhere outside the appBase and create multiple references to it in CATALINA_BASE/conf/enginename/hostname Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: DBCP abandoned trace - unable to understand the leak
The code you posted looks fine but without the complete class it is hard to say 100% your class is fine. -Original Message- From: sasidhar prabhakar [mailto:sasidhar1...@gmail.com] Sent: 04 November 2010 11:36 To: Tomcat Users List Subject: Re: DBCP abandoned trace - unable to understand the leak On Thu, Nov 4, 2010 at 4:24 PM, Mark Thomas ma...@apache.org wrote: On 04/11/2010 05:01, sasidhar prabhakar wrote: Is abandoned trace really shows the code where the connection established and did not close it. Yes. The code I posted above is clean and properly closed all of resources. Is there any problem with the code shown above. anybody help me to solve this problem. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: DBCP abandoned trace - unable to understand the leak
The full class looks ok to me. Your issues must be elsewhere. -Original Message- From: sasidhar prabhakar [mailto:sasidhar1...@gmail.com] Sent: 04 November 2010 12:05 To: Tomcat Users List Subject: Re: DBCP abandoned trace - unable to understand the leak The complete class has only two methods. And class is import connection.ConnectionUtil; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; import java.util.Calendar; import javax.sql.DataSource; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; /** * * @author oracle */ public class SponserSummaryDAO { private Log log = LogFactory.getLog(SponserSummaryDAO.class); private static final String updateClicksQuery = update sponser_summary set sp_sum_clicks = sp_sum_clicks + 1 where sp_sum_sid = ? and sp_sum_date = trunc(sysdate); private static final String getCityIdQuery = select c_id from cities where lower(c_name) like lower(?); private static final String updateImpByCityQuery = update sponser_summ_by_cities set sp_sum_c_imp = sp_sum_c_imp + 1 where sp_sum_c_sid = ? and lower(sp_sum_c_city) = ?; private DataSource dataSource; public SponserSummaryDAO(){ log.info(^Cretion of SponserSummaryDAO : +Calendar.getInstance().getTime().toString()); dataSource = ConnectionUtil.getDataSource(); } public void updateClicks(int sid){ Connection connection = null; PreparedStatement pstmt = null; ResultSet rs = null; try{ connection = dataSource.getConnection(); pstmt = connection.prepareStatement(updateClicksQuery); pstmt.setInt(1, sid ); int updated = pstmt.executeUpdate(); log.info( sponser clicks updated val : +updated); }catch(Exception ex){ ex.printStackTrace(); log.error(ex.getMessage()); }finally{ try {if( pstmt != null)pstmt.close();} catch (SQLException ex) {ex.printStackTrace();} try {if( connection != null)connection.close();} catch (SQLException ex) {ex.printStackTrace();} connection = null; pstmt = null; } } public void updateImpByCity(int sid, String city){ Connection connection = null; PreparedStatement pstmt = null; ResultSet rs = null; try{ connection = dataSource.getConnection(); pstmt = connection.prepareStatement(updateImpByCityQuery); pstmt.setInt(1, sid ); pstmt.setString(2, city.toLowerCase()); int updated = pstmt.executeUpdate(); log.info( sponser imp by city updated val : +updated); }catch(Exception ex){ ex.printStackTrace(); log.error(ex.getMessage()); }finally{ try {if( pstmt != null)pstmt.close();} catch (SQLException ex) {ex.printStackTrace();} try {if( connection != null)connection.close();} catch (SQLException ex) {ex.printStackTrace();} connection = null; pstmt = null; } } public String getCityId(String city){ String cityID = null; Connection connection = null; PreparedStatement pstmt = null; ResultSet rs = null; try{ connection = dataSource.getConnection(); pstmt = connection.prepareStatement(getCityIdQuery); pstmt.setString(1, %+city+%); rs = pstmt.executeQuery(); if( rs.next() ){ cityID = rs.getString(1); }else{ cityID = -1; } log.info( city ID : +cityID); }catch(Exception ex){ ex.printStackTrace(); log.error(ex.getMessage()); }finally{ try{if( rs!=null)rs.close();}catch(SQLException ex){ex.printStackTrace();} try {if( pstmt != null)pstmt.close();} catch (SQLException ex) {ex.printStackTrace();} try {if( connection != null)connection.close();} catch (SQLException ex) {ex.printStackTrace();} connection = null; pstmt = null; rs = null; } return cityID; } public String getCountryName(long ipSum){ String name = null; Connection connection = null; PreparedStatement pstmt = null; ResultSet rs = null; try{ connection = dataSource.getConnection(); pstmt = connection.prepareStatement(select country_name from ip_to_geo where ? between ip_from and ip_to); pstmt.setString(1, +ipSum); rs = pstmt.executeQuery(); if( rs.next() ){ name = rs.getString(1); } }catch(Exception ex){ ex.printStackTrace(); }finally{ try{if( rs!=null)rs.close();}catch(SQLException ex){ex.printStackTrace();} try {if( pstmt != null)pstmt.close();} catch (SQLException ex) {ex.printStackTrace();} try {if( connection != null)connection.close();} catch (SQLException ex) {ex.printStackTrace();} connection = null; pstmt = null; rs = null; } return name; } protected void finalize() throws Throwable { log.info(^Finalize of SponserSummaryDAO : +Calendar.getInstance().getTime().toString()); } } - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: DBCP abandoned trace - unable to understand the leak
Are you sure it is running against the code you think it is running against. Try changing something that is output to the log files and make sure you see this change before the abandoned stack trace is thrown. -Original Message- From: sasidhar prabhakar [mailto:sasidhar1...@gmail.com] Sent: 04 November 2010 12:35 To: Tomcat Users List Subject: Re: DBCP abandoned trace - unable to understand the leak The class is fine but in log it is showing this one. Here everything closed fine. Then why it is showing like this DBCP object created 2010-11-04 11:07:59 by the following code was never closed: java.lang.Exception at org.apache.tomcat.dbcp.dbcp.AbandonedTrace.setStackTrace(AbandonedTrace. java:1 60) at org.apache.tomcat.dbcp.dbcp.AbandonedObjectPool.borrowObject(AbandonedOb jectPo ol.java:86) at org.apache.tomcat.dbcp.dbcp.PoolingDataSource.getConnection(PoolingDataS ource. java:96) at org.apache.tomcat.dbcp.dbcp.BasicDataSource.getConnection(BasicDataSourc e.java :880) *at SponserSummaryDAO.getCountryName(SponserSummaryDAO.java:304) at SponserSummaryBO.getCountryName(SponserSummaryBO.java:61) at SignUpAction.execute(SignUpAction.java:52)* at org.apache.struts.action.RequestProcessor.processActionPerform(RequestPr ocesso r.java:425) at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java: 228) at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913) at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:449) at javax.servlet.http.HttpServlet.service(HttpServlet.java:617) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica tionFi lterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt erChai n.java:206) at RedirectFilter.doFilter(RedirectFilter.java:56) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica tionFi lterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt erChai n.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv e.java :233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv e.java :191) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authenticator Base.j ava:433) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java :128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java :102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve. java:1 09) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:2 93) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:84 9) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process( Http11 Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454) at java.lang.Thread.run(Thread.java:595) If anything else, what are the possible connection leaks may occur in java. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: filter order question
What was the URL of your request? -Original Message- From: Aggarwal, Ajay [mailto:ajay.aggar...@stratus.com] Sent: 04 November 2010 16:09 To: Tomcat Users List Subject: filter order question From reading the doc, it seems the filters are invoked in the order in which they appear in filter-mapping in web.xml. However I have a situation where I have 2 filters one mapped using servlet-name and other one mapped using url-pattern and they are not being invoked in the right order. Below is how my filter mappings look !-- Filter Mappings -- filter-mapping filter-nameF1/filter-name servlet-nameMyServlet/servlet-name /filter-mapping filter-mapping filter-nameF2/filter-name url-pattern/foo/*/url-pattern /filter-mapping For my request, they both match and I would have expected the order as F1 -- F2. However they are being invoked in order F2 -- F1. What am I doing wrong? -Ajay - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Protecting static resources in IIS
Totally agree with Chuck, I would not recommend running a web server as a root/system user. -Original Message- From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Sent: 02 November 2010 18:48 To: Tomcat Users List Subject: RE: Protecting static resources in IIS From: Richard G Curry [mailto:rgcu...@jcpenney.com] Subject: RE: Protecting static resources in IIS From: Rob Gregory [mailto:rob.greg...@ibsolutions.com] Subject: RE: Protecting static resources in IIS Would that then result in having to run Tomcat/Apache/IIS as root/system rather than a restricted user? Yes. That sounds like a really bad idea. How so? What am I missing? Basic security philosophy, known as the principle of least privilege. Running as root/system is like walking around with a kick me sign; just wait till the hackers break into your IIS box running that way... - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Discover the Datasource connection pool maxSize.
The following code fragment is used to auto create the datasource pool and you can then use tds.getMaxWait etc. not sure if this is going to help you with a tomcat specified connection pool but might give you some pointers... DriverAdapterCPDS cpds = new DriverAdapterCPDS(); ConnectionDetails objDetails = new ConnectionDetails(datasource); try { cpds.setDriver(objDetails.getDriver()); // org.gjt.mm.mysql.Driver } catch (ClassNotFoundException e) { log.error(e.getMessage()); log.debug(StackTrace : , e); } cpds.setUrl(objDetails.getUrl()); // jdbc:mysql://localhost:3306/bookstore cpds.setUser(objDetails.getUsername()); cpds.setPassword(objDetails.getPassword()); SharedPoolDataSource tds = new SharedPoolDataSource(); tds.setConnectionPoolDataSource(cpds); tds.setMaxActive(Config.getParamAsInt(pool.max.active)); tds.setMaxWait(Config.getParamAsInt(pool.max.wait)); tds.setMaxIdle(Config.getParamAsInt(pool.max.idle)); tds.setTestOnBorrow(Config.getParamAsBoolean(pool.test.on.borrow)); tds.setTestOnReturn(Config.getParamAsBoolean(pool.test.on.return)); tds.setTestWhileIdle(Config.getParamAsBoolean(pool.test.while.idle)); -Original Message- From: GF [mailto:gan...@gmail.com] Sent: 03 November 2010 11:16 To: Tomcat Users List Subject: Discover the Datasource connection pool maxSize. Hello. i've not access to Tomcat's server.xml where the sysadmins defined a resource: Resource driverClassName=oracle.jdbc.driver.OracleDriver maxActive=65 maxIdle=30 maxWait=5 name=myDatasource type=javax.sql.DataSource url=jdbc:. / I wish to discover from a web appplication deployed on that Tomcat what's the configuration maxActive for myDatasource. Is there a way to discover it? Thank you. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Protecting static resources in IIS
While this is not a forum nor is the mailing list about IIS a quick suggestion and one we implement is to place a blank (or custom) index.html file into every directory within the site. This will then be served up when requests for resources are received. Hope that helps Rob -Original Message- From: Siva prakash I V [mailto:sivaprakash...@gmail.com] Sent: 02 November 2010 14:08 To: users@tomcat.apache.org Subject: Protecting static resources in IIS Hi, Though I know that this forum is not for IIS related questions, It will be great if someone can help me out with the following problem. I need to protect the end user's access (thru a url) to the static resources like images directory in IIS but still allowing my app jsps in Tomcat ROOT. Thanks, Siva Prakash - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Protecting static resources in IIS
Hi Siva, The only way I know of protecting an 'actual' request for a specific resource is to remove the resource from the web server. I Can't see why you would want to stop access to something when it is actually requested otherwise what would be the point of deploying it (if nothing can access it). Sorry if I misunderstand the question. -Original Message- From: Siva prakash I V [mailto:sivaprakash...@gmail.com] Sent: 02 November 2010 14:44 To: Tomcat Users List Subject: Re: Protecting static resources in IIS Firstly, Thanks for the info. I've done what you've said. Consider my directory structure as below in IIS. IISROOT/images/TestDir/A.gif IISROOT/images/TestDir/index.html (newly introduced one) If I hit the following url, it shows the index.html https://hostname/images/TestDir/ https://%3chostname%3e/images/TestDir/ but if I hit the following url, it shows the image A.gif which needs to be restricted its access. https://hostname/images/TestDir/A.gifhttps://%3chostname%3e/images/Te stDir/ A.gif Please let me know if this can be resolved. Thanks, Siva Prakash On Tue, Nov 2, 2010 at 7:49 PM, Rob Gregory rob.greg...@ibsolutions.comwrote: While this is not a forum nor is the mailing list about IIS a quick suggestion and one we implement is to place a blank (or custom) index.html file into every directory within the site. This will then be served up when requests for resources are received. Hope that helps Rob -Original Message- From: Siva prakash I V [mailto:sivaprakash...@gmail.com] Sent: 02 November 2010 14:08 To: users@tomcat.apache.org Subject: Protecting static resources in IIS Hi, Though I know that this forum is not for IIS related questions, It will be great if someone can help me out with the following problem. I need to protect the end user's access (thru a url) to the static resources like images directory in IIS but still allowing my app jsps in Tomcat ROOT. Thanks, Siva Prakash - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Protecting static resources in IIS
Are you trying to implement some form of Capatcha to stop automated attacks against a logon screen or something similar? If so there is a nice opensource one @ http://jcaptcha.sourceforge.net/ and an alternative from Google http://www.captcha.net/ which support audio (but requires an internet connection and an account). I implemented both so that when the required credentials are available it uses the google one and degrades to the JCaptcha one which works very nice. Otherwise it sounds like you need a security filter within tomcat and let Tomcat serve up these images. Tomcat in my opinion is just as good at serving static content as Apache or IIS is. Regards Rob -Original Message- From: Siva prakash I V [mailto:sivaprakash...@gmail.com] Sent: 02 November 2010 15:48 To: Tomcat Users List Subject: Re: Protecting static resources in IIS Hi Rob, My app contains a sequence of images like for eg. A/11.gif, A/12.gif, A/19.gif, B/21.gif... etc. These images are used to identify a valid user of my app. As these images are easily guessable, it may be easy for anyone to download all possible images and may lead to phishing attack. Having said that I can't place my images in Tomcat and get it served by a servlet( a performance penalty ) and neither I can change my image names to ones which are not easily guessable. My tomcat app jsps should continue using the existing images. On Tue, Nov 2, 2010 at 8:22 PM, Rob Gregory rob.greg...@ibsolutions.comwrote: Hi Siva, The only way I know of protecting an 'actual' request for a specific resource is to remove the resource from the web server. I Can't see why you would want to stop access to something when it is actually requested otherwise what would be the point of deploying it (if nothing can access it). Sorry if I misunderstand the question. -Original Message- From: Siva prakash I V [mailto:sivaprakash...@gmail.com] Sent: 02 November 2010 14:44 To: Tomcat Users List Subject: Re: Protecting static resources in IIS Firstly, Thanks for the info. I've done what you've said. Consider my directory structure as below in IIS. IISROOT/images/TestDir/A.gif IISROOT/images/TestDir/index.html (newly introduced one) If I hit the following url, it shows the index.html https://hostname/images/TestDir/ https://%3chostname%3e/images/TestDir/ but if I hit the following url, it shows the image A.gif which needs to be restricted its access. https://hostname/images/TestDir/A.gifhttps://%3chostname%3e/images/Te stDir/ A.gif Please let me know if this can be resolved. Thanks, Siva Prakash On Tue, Nov 2, 2010 at 7:49 PM, Rob Gregory rob.greg...@ibsolutions.comwrote: While this is not a forum nor is the mailing list about IIS a quick suggestion and one we implement is to place a blank (or custom) index.html file into every directory within the site. This will then be served up when requests for resources are received. Hope that helps Rob -Original Message- From: Siva prakash I V [mailto:sivaprakash...@gmail.com] Sent: 02 November 2010 14:08 To: users@tomcat.apache.org Subject: Protecting static resources in IIS Hi, Though I know that this forum is not for IIS related questions, It will be great if someone can help me out with the following problem. I need to protect the end user's access (thru a url) to the static resources like images directory in IIS but still allowing my app jsps in Tomcat ROOT. Thanks, Siva Prakash - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Protecting static resources in IIS
Would that then result in having to run Tomcat/Apache/IIS as root/system rather than a restricted user? -Original Message- From: Richard G Curry [mailto:rgcu...@jcpenney.com] Sent: 02 November 2010 17:43 To: Tomcat Users List Subject: RE: Protecting static resources in IIS What if you put your images into a sub-directory of your app directory -- something like images -- and set the access rights on that directory to be only accessible by the SYSTEM account. __ _ «¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤» __ _ Rick Curry Common Services - Software Development E2 - 066, MS 5210 972-431-9178 (Voice) 972-585-7585 (Pager) To send a (short) Text Message to my Pager: 9725857...@page.metrocall.com -Original Message- From: Pid * [mailto:p...@pidster.com] Sent: Tuesday, November 02, 2010 11:42 AM To: Tomcat Users List Subject: Re: Protecting static resources in IIS On 2 Nov 2010, at 15:48, Siva prakash I V sivaprakash...@gmail.com wrote: Hi Rob, My app contains a sequence of images like for eg. A/11.gif, A/12.gif, A/19.gif, B/21.gif... etc. These images are used to identify a valid user of my app. As these images are easily guessable, it may be easy for anyone to download all possible images and may lead to phishing attack. Having said that I can't place my images in Tomcat and get it served by a servlet( a performance penalty ) You've presumably conducted some performance tests which led you to this conclusion? In this case a Servlet Filter which checks the request against the current user's credentials and returns a 403 for unauthorised access would be a low cost option. p and neither I can change my image names to ones which are not easily guessable. My tomcat app jsps should continue using the existing images. On Tue, Nov 2, 2010 at 8:22 PM, Rob Gregory rob.greg...@ibsolutions.comwrote: Hi Siva, The only way I know of protecting an 'actual' request for a specific resource is to remove the resource from the web server. I Can't see why you would want to stop access to something when it is actually requested otherwise what would be the point of deploying it (if nothing can access it). Sorry if I misunderstand the question. -Original Message- From: Siva prakash I V [mailto:sivaprakash...@gmail.com] Sent: 02 November 2010 14:44 To: Tomcat Users List Subject: Re: Protecting static resources in IIS Firstly, Thanks for the info. I've done what you've said. Consider my directory structure as below in IIS. IISROOT/images/TestDir/A.gif IISROOT/images/TestDir/index.html (newly introduced one) If I hit the following url, it shows the index.html https://hostname/images/TestDir/ https://%3chostname%3e/images/TestDir/ but if I hit the following url, it shows the image A.gif which needs to be restricted its access. https://hostname/images/TestDir/A.gifhttps://%3chostname%3e/images /Te stDir/ A.gif Please let me know if this can be resolved. Thanks, Siva Prakash On Tue, Nov 2, 2010 at 7:49 PM, Rob Gregory rob.greg...@ibsolutions.comwrote: While this is not a forum nor is the mailing list about IIS a quick suggestion and one we implement is to place a blank (or custom) index.html file into every directory within the site. This will then be served up when requests for resources are received. Hope that helps Rob -Original Message- From: Siva prakash I V [mailto:sivaprakash...@gmail.com] Sent: 02 November 2010 14:08 To: users@tomcat.apache.org Subject: Protecting static resources in IIS Hi, Though I know that this forum is not for IIS related questions, It will be great if someone can help me out with the following problem. I need to protect the end user's access (thru a url) to the static resources like images directory in IIS but still allowing my app jsps in Tomcat ROOT. Thanks, Siva Prakash - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If the reader
RE: Tomcat Re-direct
It doesn't need to be a .jsp file, just place a static index.html file into the root webapp with the following content:- !doctype html public -//w3c//dtd html 4.0 transitional//en http://www.w3.org/TR/REC-html40/strict.dtd; html head meta http-equiv=Content-Type content=text/html; charset=iso-8859-1 titleeSeries/title scriptwindow.location.replace(/idm);/script /head bodyPlease Wait.../body /html No configuration required. Regards, Rob -Original Message- From: Richard da Silva [mailto:roman_s...@yahoo.com] Sent: 18 October 2010 09:39 To: Tomcat Users List Cc: karl.sangabr...@gmail.com Subject: Re: Tomcat Re-direct Thanks for your reply Where is that wt.jsp file? Also, my web-xml file looks like this : web-app xmlns=http://java.sun.com/xml/ns/javaee;   xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;   xsi:schemaLocation=http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd;   version=2.5  display-nameWelcome to Tomcat/display-name  description Welcome to Tomcat  /description /web-app Where exactly should I insert the code you gave me? Thanks Richard da Silva --- On Mon, 10/18/10, Karl San Gabriel karl.sangabr...@gmail.com wrote: From: Karl San Gabriel karl.sangabr...@gmail.com Subject: Re: Tomcat Re-direct To: Tomcat Users List users@tomcat.apache.org Date: Monday, October 18, 2010, 11:20 AM and put a javascript code in wt.jsp to redirect to https://idm.my.org/idm. On 10/18/10, Karl San Gabriel karl.sangabr...@gmail.com wrote: How about changing TOMCAT_HOME\webapps\ROOT\WEB-INF\web.xml? ===    description    Welcome to Tomcat    /description !-- JSPC servlet mappings start --     servlet       servlet-nameorg.apache.jsp.index_jsp/servlet-name       !--servlet-classorg.apache.jsp.index_jsp/servlet-class--       jsp-file/wt/wt.jsp/jsp-file     /servlet     servlet-mapping       servlet-nameorg.apache.jsp.index_jsp/servlet-name       url-pattern/index.jsp/url-pattern     /servlet-mapping Regards, Karl On 10/18/10, Richard da Silva roman_s...@yahoo.com wrote: Hi all, I have an IDM (Identity Manager) instance running on an Apache Tomcat Server. My Tomact version is : 6.0.18 The http address which activates my IDM application is in the format : https://idm.my.org/idm The thing is : if the address is accidentally written as follows --- https://idm.my.org then the Apache Tomcat Main Page is displayed. Normally, this means nothing, and would not bother me. Except that, there might be some security concerns involved in directing using to the Server Main Menu. My question is : how can I configure the Tomcat to automatically RE-DIRECT to the appropriate webpage ? In other words : if someone enters https://idm.my.org;, they will be auto-directed to https://idm.my.org/idm; Thanks Richard da Silva - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: upgrading apache tomcat on windows 2003
Can you not just manually remove the existing service i.e. from a cmd prompt:- sc delete nameOfService You can determine the name of the service from the services option within control panel but guessing it is called Tomcat. Rob -Original Message- From: Paul Primeau [mailto:paul.prim...@tpsgc-pwgsc.gc.ca] Sent: 14 October 2010 14:20 To: users@tomcat.apache.org Subject: upgrading apache tomcat on windows 2003 Good Morning, I am trying to upgrade from apache tomcat version 5.5.20 to 5.5.31 on a windows 2003 system. I downloaded the apache-tomcat-5.5.31.exe to my server and started the install. I stopped the existing tomcat-apache service. I noticed that there is no upgrade option so I continued with the install option. everything was ok until a hit the following error-- Failed to install Tomcat5 service. Check you settings and permissions. Ignore and continue anyway (not recommended) So my question is how to upgrade from one version to another. Do I have to un-install and re-install the latest version. Thanks Paul Primeau CGI Engineering Technical Support ETS Midrange Service Line PWGSC - ITSB - SMD mailto:paul.prim...@pwgsc.gc.ca - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: upgrading apache tomcat on windows 2003
Is the install actually failing or is it just failing to add the service? If the 2nd is the case then removing the service should allow the installation to go through without errors. -Original Message- From: Paul Primeau [mailto:paul.prim...@tpsgc-pwgsc.gc.ca] Sent: 14 October 2010 14:42 To: Tomcat Users List Subject: RE: upgrading apache tomcat on windows 2003 Thanks for the quick response Rob, So it is possible to use the installer to upgrade. I don't have to uninstall and then re-install. You suggest removing the service and continuing with the install. I would like to find procedures that detail the steps to do when upgrading from one version to another on a windows system. I have tried looking for upgrade documentation on the net and I can't find any. Thanks again, Paul Primeau CGI Engineering Technical Support ETS Midrange Service Line PWGSC - ITSB - SMD mailto:paul.prim...@pwgsc.gc.ca -Original Message- From: Rob Gregory [mailto:rob.greg...@ibsolutions.com] Sent: Thursday, October 14, 2010 9:26 AM To: Tomcat Users List Subject: RE: upgrading apache tomcat on windows 2003 Can you not just manually remove the existing service i.e. from a cmd prompt:- sc delete nameOfService You can determine the name of the service from the services option within control panel but guessing it is called Tomcat. Rob -Original Message- From: Paul Primeau [mailto:paul.prim...@tpsgc-pwgsc.gc.ca] Sent: 14 October 2010 14:20 To: users@tomcat.apache.org Subject: upgrading apache tomcat on windows 2003 Good Morning, I am trying to upgrade from apache tomcat version 5.5.20 to 5.5.31 on a windows 2003 system. I downloaded the apache-tomcat-5.5.31.exe to my server and started the install. I stopped the existing tomcat-apache service. I noticed that there is no upgrade option so I continued with the install option. everything was ok until a hit the following error-- Failed to install Tomcat5 service. Check you settings and permissions. Ignore and continue anyway (not recommended) So my question is how to upgrade from one version to another. Do I have to un-install and re-install the latest version. Thanks Paul Primeau CGI Engineering Technical Support ETS Midrange Service Line PWGSC - ITSB - SMD mailto:paul.prim...@pwgsc.gc.ca - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Apache Reverse Proxy required or not?
Hi All, Quick question on what people's views are with regard to using Tomcat to host external/internet facing sites. A quick Google search recommends that these should be 'fronted' by Apache running reverse proxy. Is Tomcat classed as insecure and as such requires this proxy in front or is this due to the fact that Tomcat cannot reverse proxy on its own. Cheers Rob
RE: JSESSIONID weakness Severity in Tomcat 6.0.29?
As far as I know Tomcat will always generate a new id for each session it generates. As for how they have detected that your application is vulnerable to session fixation issues etc. try having a look at Burp Suite http://portswigger.net/burp/ which detects a great deal of web application flaws. Rob -Original Message- From: Brian [mailto:bbprefix-m...@yahoo.com] Sent: 11 October 2010 17:06 To: 'Tomcat Users List' Subject: RE: JSESSIONID weakness Severity in Tomcat 6.0.29? Hi Mark, Well, it seems that www.securitymetrics.com got crazy! They already told me that they made some changes in their system, and now they are having problems (bugs). I was just asking myself: How can their automatized procedure know if I am vulnerable to the session fixation problem, if it doesnt know a valid user+password, so it is not being able to actually login to my system? Anyway, something good came from this: I realized that actually my system was not safe to session fixation. After the login process, it was not invalidating the session and creating a new one. Now it is. I just had to program the system to save the attributes, invalidadte the current session, create a new one, and recreate the attributes. Fortunately, Tomcat generates a new session ID for the new session. It seems that it was not happening in the previous versions of Tomcat and in other containers (according to what I have read in some forums), but now it is. Thanks for all your help! -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: Sunday, October 10, 2010 03:09 PM To: Tomcat Users List Subject: Re: JSESSIONID weakness Severity in Tomcat 6.0.29? On 10/10/2010 20:59, Brian wrote: Hi Mark, Do you understand exactly what vulnerability are they talking about? No. It doesn't make much sense to me at the minute. I'd ask for more specific information. For some reason, they have determined that I have it, even though I'm not using Jrun but they wrongly assume I am. Looks like it so far. It all depends how they are detecting the vulnerability. It could be a false positive but there isn't enough information to tell. What do you mean exactly with app managing its own authentication? Sorry if it is a dumb question. If you use Tomcat's authentication (BASIC, FORM, etc) then Tomcat will change the session ID on authentication and therefore protect against session fixation. If the app has its own authentication mechanism it is possible that the session ID will not be changed on authentication creating the possibility for a session fixation attack. I found this on Google, and now that I read it I realize they are quoting you! :-) http://www.developer.com/java/web/article.php/3904871/Top-7-Features-i n-Tomc at-7-The-New-and-the-Improved.htm Is this the same subject? Yep, although that is looking at Tomcat 7. The session fixation protection (along with a handle of other things originally developed for Tomcat 7) got back-ported to Tomcat 6. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Starting/Stopping Tomcat from Java program
I call the scripts via code to both stop and start Tomcat. There is a problem with even calling these scripts via Unix unless you change (cd) into the bin directory before running startup.sh as the log paths are generated relative to the startup.sh location. String strCatalinaBin = System.getenv(CATALINA_HOME) + \\bin\\; File objDir = new File(strCatalinaBin); r = Runtime.getRuntime(); p = r.exec(new String[] { cmd.exe, /C, start, strCatalinaBin + catalina.bat, start }, null, objDir); p.waitFor(); p.destroy(); Hope this helps. Rob -Original Message- From: Karthik Nanjangude [mailto:karthik.nanjang...@xius-bcgi.com] Sent: 11 October 2010 13:26 To: Tomcat Users List Subject: RE: Starting/Stopping Tomcat from Java program Hi Probably u may need to use Embedded version of TOMCAT to do this activity... With regards karthik -Original Message- From: kshitij chandrasen [mailto:kshtjchnd...@gmail.com] Sent: Monday, October 11, 2010 2:49 PM To: users@tomcat.apache.org Subject: Starting/Stopping Tomcat from Java program Hi, I've to write methods on calling which i'd be able to start and stop the tomcat app server. I tried this - I'm using Tomcat 6.0.26. String[] command = new String[4]; command[0] = cmd; command[1] = /C; command[2] = startup.bat; command[3] = C:\\; String x[] = {PATH=C:\\Program Files\\Apache Software Foundation\\Apache Tomcat 6.0.26\\bin,CATALINA_HOME=C:\\Program Files\\Apache Software Foundation\\Apache Tomcat 6.0.26,JAVA_HOME=C:\\Program Files\\Java\\jdk1.6.0_21,JRE_HOME=C:\\Program Files\\Java\\jre6}; Process p = Runtime.getRuntime().exec(command,x); This gives me a strange windows error saying - The system cannot find the file -Djava.util.logging.config.file=C:\Program Files\Apache Software Foundation\Apache Tomcat 6.0.26\conf\logging.properties, while it actually exists. If instead of setting the path, I give the absolute path of startup.bat in command[3], it works fine - Process p = Runtime.getRuntime().exec(cmd /C start C:\\broadway\\bat\\startup.bat); //I copied the startup.bat to a folder and ran it from there, it worked fine. Please give me pointers to the right direction! -- Kshitij Chandrasen Engineer, Software Engineering, Cisco Systems, CBSBU Engineering. -- Kshitij Chandrasen Engineer, Software Engineering, Cisco Systems, CBSBU Engineering. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Deploy Dynamic Contexts
Hi Tomcat Community, Does anyone know if it is possible to dynamically create contexts on demand. I have a requirement to be able to ship a single application.war file and create multiple contexts from this without manually using the manager application etc. Tomcat is the latest version 6.0.29. Dare I ask if it is possible to extend the manager servlet to achieve this deployment task? Thanks in advance Rob
RE: Deploy Dynamic Contexts
Thanks Chuck, After thinking about it some more I realise the servlet approach is the wrong time to tackle this issue. I will copy the contexts at installation time as we use installshield/install anywhere deployment and this makes much more sense. Regards, Rob I have a requirement to be able to ship a single application.war file and create multiple contexts from this without manually using the manager application So use the manager app automatically. Whatever you choose as the trigger for deployment can call the non-GUI version of the manager app, or use any other mechanism to copy and rename the .war file of interest. No servlets need to be extended. http://tomcat.apache.org/tomcat-6.0-doc/deployer-howto.html http://tomcat.apache.org/tomcat-6.0-doc/manager-howto.html - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tabbed browsers sharing session - work around.
Hi Chris, Is there any way to dynamically create these contexts or do they require a live.xml, test.xml, etc within conf/Catalina/localhost. The multiple contexts would be my preferred approach although I would like to achieve this with a single code base if this is possible. The multiple environments are driven purely by the backend database connection, i.e. the code is the same with the only difference being where the data is being saved to. Hence the requirement to stop the browser sharing the same session when in different database connections. I'm surprised that other people are not having the same issues since the browser manufacturers decided to make this crazy change to session management between tabs/instances and suddenly share the same session. In I.E.6 two browser instances would be two separate sessions. I.E.7 they are the same session! Thanks for your input. Kind Regards, Rob. -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ronald, On 10/4/2010 6:11 AM, Ronald Klop wrote: You can run your test environment on another hostname. live.example.com test.example.com train.example.com Or under another context: http://www.example.com/live http://www.example.com/test http://www.example.com/train The real question is why there's any confusion: your hostnames and/or URLs ought to be unique enough already. Otherwise, this sort of foolishness can affect your real users and you'll leak data all over the place. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyqDDQACgkQ9CaO5/Lv0PDWRACgrlgU+jY+n8nMCZ2WTO63UHDh 10UAoJdyNWqu0nlRGcWbJ6Mcc7zbsGy+ =JP4k -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tabbed browsers sharing session - work around.
Chris, See comments below:- Rob, On 10/4/2010 7:27 AM, Rob Gregory wrote: Using the hostname doesn't really guarantee a unique session for example if I click new tab and paste the URL into the new window I suspect the browser will see the same session from the first tab. Note that you haven't changed the hostname in this case: you've just cloned a browser window (or tab if you prefer to call it that). In our application the user can then change the environment with disastrous consequences when updating the database. Sounds like you need to be pretty careful. Is it possible you've built a fragile application? Some legacy parts of the application became fragile when the browsers started sharing sessions and this fix has been implemented to work around that fact. Did you implement anything to stop the session sharing at this level. What I did was to use the window.name attribute to allow tracking of browser instances and compare this when doing the session timeout checking and this way I am able to redirect any further browser opens into new sessions. That's pretty fragile: relying on client-side javascript for anything security-related is very foolish. I do not rely on javascript for security, it is used to provide a means of tracking open browser sessions. The worst a client could do would be to remove the window.name which would result in a new session being generated. With the exception of WEB-INF (which was due to tomcat no longer seeing that as a WEB-INF call because I have my unique-id in the path) do you see any security faults in what I am doing? Many: disabling javascript on the client side will break your security. An attacker overriding the javascript will break your security. The application has been security audited and after fixing a few issues is now very much secure. Disabling javascript wouldn't break the security model but we do require javascript to be enabled for correct functionality. To clarify I do not rely on javascript for anything security related and purely use this as a means of detecting the user has an existing browser window open. The window.name property is the only way to determine unique browser instances at the moment and even this is flawed if the browser is opened by a hyperlink containing a named target! I think browser manufacturers need to address this issue and provide some unique identification between browser requests. Until then I have no choice but to work-around this session sharing. Thanks again for your input, Rob - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyqDOQACgkQ9CaO5/Lv0PBbSACfVhscYMSd4q13ivnaz4k6LdeQ ZmgAoKSUg6VkjFxyFr47j1260++fjhre =ct/x -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tabbed browsers sharing session - work around.
Hi Ronald, Yes I was aware of that behaviour... Just for reference Firefox and Google Chrome also share session logic so I am surprised this hasn't been a problem for a lot more people. I am happy that my work around solves the session sharing problem but would still prefer to go down the dynamic context approach if this is at all possible? I am a bit tied up with some other development at the moment but will check the tomcat source code (unless someone can advise and save me the effort) when I get a chance. Thanks very much for your assistance Ronald. Kind Regards, Rob Rob, IE 6 is even more confusing. If you open a new window with ctrl-N you have the same session sharing as with tabs. Only if you click the IE6-icon to start a new instance of the process it will not share them. Opening a new tab in IE7 is like using ctrl-n to open a new window in IE6. Ronald. Op dinsdag, 5 oktober 2010 10:26 schreef Rob Gregory rob.greg...@ibsolutions.com: Hi Chris, Is there any way to dynamically create these contexts or do they require a live.xml, test.xml, etc within conf/Catalina/localhost. The multiple contexts would be my preferred approach although I would like to achieve this with a single code base if this is possible. The multiple environments are driven purely by the backend database connection, i.e. the code is the same with the only difference being where the data is being saved to. Hence the requirement to stop the browser sharing the same session when in different database connections. I'm surprised that other people are not having the same issues since the browser manufacturers decided to make this crazy change to session management between tabs/instances and suddenly share the same session. In I.E.6 two browser instances would be two separate sessions. I.E.7 they are the same session! Thanks for your input. Kind Regards, Rob. -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ronald, On 10/4/2010 6:11 AM, Ronald Klop wrote: You can run your test environment on another hostname. live.example.com test.example.com train.example.com Or under another context: http://www.example.com/live http://www.example.com/test http://www.example.com/train The real question is why there's any confusion: your hostnames and/or URLs ought to be unique enough already. Otherwise, this sort of foolishness can affect your real users and you'll leak data all over the place. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyqDDQACgkQ9CaO5/Lv0PDWRACgrlgU+jY+n8nMCZ2WTO63UHDh 10UAoJdyNWqu0nlRGcWbJ6Mcc7zbsGy+ =JP4k -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tabbed browsers sharing session - work around.
Hi Stephen, The approach we use was described in my original post. If you need more information then I can explain further if it helps. Note, our approach does require a bespoke tomcat request class (to change the session cookie path) and this has not been without teething problems. Are you also using the window.name to store this unique id? I worry that this may not persist across browser requests in the future but see no other way to identify a browser instance? Ideally the browser vendors should identify somehow on the request a unique id but then again we would still need to support older browser so would have to fall back to the window.name attribute anyway. What fun it is being a web developer and having to deal with the quirks of different browsers and the stateless request/response cycle ;o) Regards, Rob Rob, The way you describe session sharing is indeed a problem. The way we deal with this is to use a separate database table to keep track of window ids. A unique value is assigned when a window is opened and maintained until the window is closed. Although the session may be the same for all open windows (tabs), the window id is unique. Significant values are posted to the window table and retrieved based on the window id. If there is another method using a Tomcat centric approach, I would love to hear about it. Stephen On Oct 5, 2010, at 9:01 AM, Ronald Klop wrote: Rob, IE 6 is even more confusing. If you open a new window with ctrl-N you have the same session sharing as with tabs. Only if you click the IE6-icon to start a new instance of the process it will not share them. Opening a new tab in IE7 is like using ctrl-n to open a new window in IE6. Ronald. Op dinsdag, 5 oktober 2010 10:26 schreef Rob Gregory rob.greg...@ibsolutions.com: Hi Chris, Is there any way to dynamically create these contexts or do they require a live.xml, test.xml, etc within conf/Catalina/localhost. The multiple contexts would be my preferred approach although I would like to achieve this with a single code base if this is possible. The multiple environments are driven purely by the backend database connection, i.e. the code is the same with the only difference being where the data is being saved to. Hence the requirement to stop the browser sharing the same session when in different database connections. I'm surprised that other people are not having the same issues since the browser manufacturers decided to make this crazy change to session management between tabs/instances and suddenly share the same session. In I.E.6 two browser instances would be two separate sessions. I.E.7 they are the same session! Thanks for your input. Kind Regards, Rob. -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ronald, On 10/4/2010 6:11 AM, Ronald Klop wrote: You can run your test environment on another hostname. live.example.com test.example.com train.example.com Or under another context: http://www.example.com/live http://www.example.com/test http://www.example.com/train The real question is why there's any confusion: your hostnames and/or URLs ought to be unique enough already. Otherwise, this sort of foolishness can affect your real users and you'll leak data all over the place. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyqDDQACgkQ9CaO5/Lv0PDWRACgrlgU+jY+n8nMCZ2WTO63UHDh 10UAoJdyNWqu0nlRGcWbJ6Mcc7zbsGy+ =JP4k -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tabbed browsers sharing session - work around.
Hi Chuck, It wouldn't be live test and train, normally it's test train together with live being a separate install altogether. Unfortunately, this is a requirement I cannot avoid and was fine until the browsers changed to share sessions. I presume they have changed to support navigating the same site using multiple tabs etc. but it certainly is a pain especially as you have no idea the requests are coming from multiple sources. Regards, Rob -Original Message- From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Sent: 05 October 2010 14:40 To: Tomcat Users List Subject: RE: Tabbed browsers sharing session - work around. From: Rob Gregory [mailto:rob.greg...@ibsolutions.com] Subject: RE: Tabbed browsers sharing session - work around. I am surprised this hasn't been a problem for a lot more people. It's not a problem for most because most don't try to run live, test, and training inside a single Context on a single Host. Attempting to do so is extremely scary. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tabbed browsers sharing session - work around.
Hi Jeffrey, Yes, the cookie can and is tied to the context. I just take this another level and tied it against a virtual context so as far as the browser is concerned they are different sites and as such, different sessions. Regards, Rob. -Original Message- From: Jeffrey Janner [mailto:jeffrey.jan...@polydyne.com] Sent: 05 October 2010 15:26 To: Tomcat Users List Subject: RE: Tabbed browsers sharing session - work around. I agree, this is a very scary app to support. At a minimum, multiple contexts, each with its own database resource definition would avoid a lot of the OP's problems, wouldn't it? I'm not a developer, but from an SA standpoint, this gives me the willys. Q: Can the cookie be tied to hostname/context? -Original Message- From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Sent: Tuesday, October 05, 2010 8:40 AM To: Tomcat Users List Subject: RE: Tabbed browsers sharing session - work around. From: Rob Gregory [mailto:rob.greg...@ibsolutions.com] Subject: RE: Tabbed browsers sharing session - work around. I am surprised this hasn't been a problem for a lot more people. It's not a problem for most because most don't try to run live, test, and training inside a single Context on a single Host. Attempting to do so is extremely scary. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org __ Confidentiality Notice: This Transmission (including any attachments) may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this transmission in error, please immediately reply to the sender or telephone (512) 343-9100 and delete this transmission from your system. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tabbed browsers sharing session - work around.
Hi Chris, In Internet Explorer 5.5,6.0 if you opened up two separate browser instances they would have two 'un-connected' sessions. As stated by Ronald they would share the session if the 2nd was opened using ctrl-n but otherwise the sessions would be unique. Cookies may have always worked as they do now but the browser would store them within each instance. They seem to have changed to now share the sessions/cookies and this was introduced at the same time as tabbed browsers IE7+. Regards, Rob -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rob, On 10/5/2010 5:03 AM, Rob Gregory wrote: Sounds like you need to be pretty careful. Is it possible you've built a fragile application? Some legacy parts of the application became fragile when the browsers started sharing sessions and this fix has been implemented to work around that fact. I'm not sure anything changed recently with web browsers: cookies have always worked this way, tabs or not. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyrOnIACgkQ9CaO5/Lv0PAjZACfVpeZ5GcmtKXgt/UmmO34Xw4R 1OwAoIRt03dpZFoBbuRnyzvzGgsxS5jB =JiSB -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tabbed browsers sharing session - work around.
Hi Maximilian, Basically we are stuck with some legacy application parts that while these are scheduled to be replaced we have to support them until they have been. Using filters would not solve the issue as the 'Hack' as you put it is done at a cookie path level. We do use filters to implement security, ntlmv2 authentication, caching anti-caching, etc so I am fully aware of the power of filters. I agree hacking away at a part of Tomcat is not the best solution but it was the only one currently available to resolve the issue. And was my original reasoning behind posting to this group to see if anyone could suggest a better solution. Thanks for your input. Rob -Original Message- From: Maximilian Stocker [mailto:m...@talentoyster.com] Sent: 05 October 2010 16:03 To: 'Tomcat Users List' Subject: RE: Tabbed browsers sharing session - work around. This application (or mess of applications munged together) is a big mistake, the source of all your problems and should be the only thing that you address. That's why nobody else has this problem. This problem is a sign of serious misconceptions in design and development. And if you really must not fix the real problem why in the world did you hack away at tomcat? Why not filters? You can do a lot with filters that would be much preferable to what you have done including the fact that it would just run without having to modify the servlet container. -Original Message- From: Rob Gregory [mailto:rob.greg...@ibsolutions.com] Sent: Tuesday, October 05, 2010 10:51 AM To: Tomcat Users List Subject: RE: Tabbed browsers sharing session - work around. Hi Chris, In Internet Explorer 5.5,6.0 if you opened up two separate browser instances they would have two 'un-connected' sessions. As stated by Ronald they would share the session if the 2nd was opened using ctrl-n but otherwise the sessions would be unique. Cookies may have always worked as they do now but the browser would store them within each instance. They seem to have changed to now share the sessions/cookies and this was introduced at the same time as tabbed browsers IE7+. Regards, Rob -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rob, On 10/5/2010 5:03 AM, Rob Gregory wrote: Sounds like you need to be pretty careful. Is it possible you've built a fragile application? Some legacy parts of the application became fragile when the browsers started sharing sessions and this fix has been implemented to work around that fact. I'm not sure anything changed recently with web browsers: cookies have always worked this way, tabs or not. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyrOnIACgkQ9CaO5/Lv0PAjZACfVpeZ5GcmtKXgt/UmmO34Xw4R 1OwAoIRt03dpZFoBbuRnyzvzGgsxS5jB =JiSB -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tabbed browsers sharing session - work around.
Hi Ronald, Thanks for the prompt response but I am not sure I fully understand your suggestion. Would that approach require knowing the available environments before hand and registering these somehow so that the names get resolved to the machine. If so this is not really an option as our application dynamically creates these environments. The application is not internet facing if that makes a difference. Regards Rob -Original Message- From: Ronald Klop [mailto:ronald-mailingl...@base.nl] Sent: 04 October 2010 11:12 To: Tomcat Users List Subject: Re: Tabbed browsers sharing session - work around. You can run your test environment on another hostname. live.example.com test.example.com train.example.com Maybe use a login.example.com to redirect you to the right url after login. Ronald. Op maandag, 4 oktober 2010 11:03 schreef Rob Gregory rob.greg...@ibsolutions.com: Hi Tomcat community, I'm after advice on some session frigging I have recently bespoke'd into Tomcat (version 6.0.29) to resolve an issue with the recent changes in tabbed browsers where they now share the same session across multiple browser tabs/instances. I have googled the issue and the following post seems to be asking the same question, and suggestions come very close to what I have implemented:- http://old.nabble.com/Want-to-customise-the-tomcat's-session-logic-td261 61430.html The problem:- I have a web application that supports multiple environments (database) such as live, test, train, etc. from a single code base/web application. Example scenario is as follows:- * User Bob logs into the application and selects the TEST environment and starts entering some data. * Bob then opens up another browser or tab and logs into the LIVE environment. * Behind the scenes the browser has shared the session and has in fact switched the first browser from TEST into the LIVE environment without Bob being aware. * Bob hits save within what he thinks is the TEST environment and the LIVE environment is actually updated. The solution:- I have introduced what is basically a sub context into our url's and changed the path of the jsession cookie to limit each generated session to the 'virtual' context it was issued within. E.g. cookie.setPath(contextPath + / + unique-id); where unique-id is just a unique generated number. The Implementation:- I have bespoked the org.apache.catalina.connector.Request class to include a unique id as the context to the cookie path and prior to creating the session I redirect the user to this context e.g. http://localhost/webapp/unique-id/page.jsp. The unique-id is then removed by the Request class before returning the path from getServletPath() and getRequestURI() so the actual web application is unaware of this context switching. The Question:- While this seems to be working well and the multiple browser tabs/instances do indeed have unique sessions I would like to ask if anyone can see any potential issues with what I have done or how I have implemented it. I did have one serious issue where I could type in http://localhost/webapp/unique-id/WEB-INF/lib/application.jar and it bypassed Tomcat built in security and actually downloaded the .jar but this was quickly resolved. Any input or criticisms would be greatly appreciated if you can see a flaw in this design or know of a better approach to bypass this shared session behaviour of recent browsers. Many thanks for your time. Rob Gregory - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tabbed browsers sharing session - work around.
Hi Ronald, Using the hostname doesn't really guarantee a unique session for example if I click new tab and paste the URL into the new window I suspect the browser will see the same session from the first tab. In our application the user can then change the environment with disastrous consequences when updating the database. Did you implement anything to stop the session sharing at this level. What I did was to use the window.name attribute to allow tracking of browser instances and compare this when doing the session timeout checking and this way I am able to redirect any further browser opens into new sessions. With the exception of WEB-INF (which was due to tomcat no longer seeing that as a WEB-INF call because I have my unique-id in the path) do you see any security faults in what I am doing? Again thanks for the suggestion and I will look into maybe using the host over a virtual context as part of the final solution. Kind Regards, Rob -Original Message- From: Ronald Klop [mailto:ronald-mailingl...@base.nl] Sent: 04 October 2010 12:15 To: Tomcat Users List Subject: RE: Tabbed browsers sharing session - work around. Hi, Ok. I didn't understand that somebody chooses an environment dynamicly. The JSESSION cookie is tight to a hostname. So if you make unique hostnames for every login you have unique sessions. For our helpdesk I made a wildcard DNS entry *.example.com IN CNAME tomcat.example.com and a button which redirects you to timestamp.example.com, so a login goes to something like 1286190607.example.com and the next user will go to 1286190608.example.com and has its own session. It is about the same as you do with your virtual context, but you don't have to do tricks to org.apache.catalina.connector.Request and it keeps all the safety of WEB-INF, etc. Ronald. Op maandag, 4 oktober 2010 12:58 schreef Rob Gregory rob.greg...@ibsolutions.com: Hi Ronald, Thanks for the prompt response but I am not sure I fully understand your suggestion. Would that approach require knowing the available environments before hand and registering these somehow so that the names get resolved to the machine. If so this is not really an option as our application dynamically creates these environments. The application is not internet facing if that makes a difference. Regards Rob -Original Message- From: Ronald Klop [mailto:ronald-mailingl...@base.nl] Sent: 04 October 2010 11:12 To: Tomcat Users List Subject: Re: Tabbed browsers sharing session - work around. You can run your test environment on another hostname. live.example.com test.example.com train.example.com Maybe use a login.example.com to redirect you to the right url after login. Ronald. Op maandag, 4 oktober 2010 11:03 schreef Rob Gregory rob.greg...@ibsolutions.com: Hi Tomcat community, I'm after advice on some session frigging I have recently bespoke'd into Tomcat (version 6.0.29) to resolve an issue with the recent changes in tabbed browsers where they now share the same session across multiple browser tabs/instances. I have googled the issue and the following post seems to be asking the same question, and suggestions come very close to what I have implemented:- http://old.nabble.com/Want-to-customise-the-tomcat's-session-logic-td261 61430.html The problem:- I have a web application that supports multiple environments (database) such as live, test, train, etc. from a single code base/web application. Example scenario is as follows:- * User Bob logs into the application and selects the TEST environment and starts entering some data. * Bob then opens up another browser or tab and logs into the LIVE environment. * Behind the scenes the browser has shared the session and has in fact switched the first browser from TEST into the LIVE environment without Bob being aware. * Bob hits save within what he thinks is the TEST environment and the LIVE environment is actually updated. The solution:- I have introduced what is basically a sub context into our url's and changed the path of the jsession cookie to limit each generated session to the 'virtual' context it was issued within. E.g. cookie.setPath(contextPath + / + unique-id); where unique-id is just a unique generated number. The Implementation:- I have bespoked the org.apache.catalina.connector.Request class to include a unique id as the context to the cookie path and prior to creating the session I redirect the user to this context e.g. http://localhost/webapp/unique-id/page.jsp. The unique-id is then removed by the Request class before returning the path from getServletPath() and getRequestURI() so the actual web application is unaware of this context switching. The Question:- While this seems
Tabbed browsers sharing session - work around.
Hi Tomcat community, I'm after advice on some session frigging I have recently bespoke'd into Tomcat (version 6.0.29) to resolve an issue with the recent changes in tabbed browsers where they now share the same session across multiple browser tabs/instances. I have googled the issue and the following post seems to be asking the same question, and suggestions come very close to what I have implemented:- http://old.nabble.com/Want-to-customise-the-tomcat's-session-logic-td261 61430.html The problem:- I have a web application that supports multiple environments (database) such as live, test, train, etc. from a single code base/web application. Example scenario is as follows:- * User Bob logs into the application and selects the TEST environment and starts entering some data. * Bob then opens up another browser or tab and logs into the LIVE environment. * Behind the scenes the browser has shared the session and has in fact switched the first browser from TEST into the LIVE environment without Bob being aware. * Bob hits save within what he thinks is the TEST environment and the LIVE environment is actually updated. The solution:- I have introduced what is basically a sub context into our url's and changed the path of the jsession cookie to limit each generated session to the 'virtual' context it was issued within. E.g. cookie.setPath(contextPath + / + unique-id); where unique-id is just a unique generated number. The Implementation:- I have bespoked the org.apache.catalina.connector.Request class to include a unique id as the context to the cookie path and prior to creating the session I redirect the user to this context e.g. http://localhost/webapp/unique-id/page.jsp. The unique-id is then removed by the Request class before returning the path from getServletPath() and getRequestURI() so the actual web application is unaware of this context switching. The Question:- While this seems to be working well and the multiple browser tabs/instances do indeed have unique sessions I would like to ask if anyone can see any potential issues with what I have done or how I have implemented it. I did have one serious issue where I could type in http://localhost/webapp/unique-id/WEB-INF/lib/application.jar and it bypassed Tomcat built in security and actually downloaded the .jar but this was quickly resolved. Any input or criticisms would be greatly appreciated if you can see a flaw in this design or know of a better approach to bypass this shared session behaviour of recent browsers. Many thanks for your time. Rob Gregory
RE: [HELP] Forcing Context Reload (watched resource) via Java Code
Thanks Glen, A new area for me to investigate. I appreciate this is not a common design but I am writing out the datasource configuration details dynamically (which is working fine) and I need to reload Tomcat for these datasources to be setup as it's too late by the time I have written them out. They only get re-written if any details such as password has changed. Thanks Again Rob -Original Message- From: Glen Mazza [mailto:[EMAIL PROTECTED] Sent: 25 February 2006 17:49 To: Tomcat Users List Subject: Re: [HELP] Forcing Context Reload (watched resource) via Java Code Rob Gregory wrote: Thanks Glen for the suggestion. I was hoping for a more integrated approach without the need for additional jars or external commands. Could I not just deploy may webapp with manager privileges and call the reload internally? Would this be feasibly? I think JMX / MBeans would be the technology you are looking for here, which Tomcat supports, but this is beyond my scope of knowledge. As for a webapp being able to programatically reload itself, I am unsure, but such a design is probably rather uncommon. Glen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [HELP] Forcing Context Reload (watched resource) via Java Code
I would be looking for a Tomcat only resolution as I don't want to introduce any more dependencies. I'm pretty sure this is possible with just Tomcat as the html manager webapp is already doing the reloads. Thanks anyway Rob -Original Message- From: Martin Gainty [mailto:[EMAIL PROTECTED] Sent: 26 February 2006 13:38 To: Tomcat Users List Subject: Re: [HELP] Forcing Context Reload (watched resource) via Java Code Good Morning Rob- Message Beans, Session Beans and Business Entity Beans need a J2EE container take a look at Oracle App Server .. a good headsup is available at http://www.oracle.com/oramag/oracle/02-jan/o12industry.html The J2ee authors work for Sun and have posted a very well written summary of uses for J2EE containe thru SunOne AppServer at http://java.sun.com/blueprints/guidelines/designing_enterprise_applications_ 2e/deployment/deployment2.html Keep us apprised, Martin- - Original Message - From: Rob Gregory [EMAIL PROTECTED] To: 'Tomcat Users List' users@tomcat.apache.org Sent: Sunday, February 26, 2006 7:37 AM Subject: RE: [HELP] Forcing Context Reload (watched resource) via Java Code Thanks Glen, A new area for me to investigate. I appreciate this is not a common design but I am writing out the datasource configuration details dynamically (which is working fine) and I need to reload Tomcat for these datasources to be setup as it's too late by the time I have written them out. They only get re-written if any details such as password has changed. Thanks Again Rob -Original Message- From: Glen Mazza [mailto:[EMAIL PROTECTED] Sent: 25 February 2006 17:49 To: Tomcat Users List Subject: Re: [HELP] Forcing Context Reload (watched resource) via Java Code Rob Gregory wrote: Thanks Glen for the suggestion. I was hoping for a more integrated approach without the need for additional jars or external commands. Could I not just deploy may webapp with manager privileges and call the reload internally? Would this be feasibly? I think JMX / MBeans would be the technology you are looking for here, which Tomcat supports, but this is beyond my scope of knowledge. As for a webapp being able to programatically reload itself, I am unsure, but such a design is probably rather uncommon. Glen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [HELP] Forcing Context Reload (watched resource) via Java Code
Hi Chuck The manager/html application has the options to reload itself disabled (i.e. they are not links). Calling the manager/reload?path=/manager returns the following:- FAIL - The manager can not reload, undeploy, stop or undeploy itself Which is pretty much as expected. Does this indicate that contexts are unable to reload (signal a reload) on it's self? Thank for the help Rob -Original Message- From: Caldarale, Charles R [mailto:[EMAIL PROTECTED] Sent: 26 February 2006 15:53 To: Tomcat Users List Subject: RE: [HELP] Forcing Context Reload (watched resource) via Java Code From: Rob Gregory [mailto:[EMAIL PROTECTED] Subject: RE: [HELP] Forcing Context Reload (watched resource) via Java Code I'm pretty sure this is possible with just Tomcat as the html manager webapp is already doing the reloads. For experimentation purposes, what happens if you ask the manager app to reload itself? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [HELP] Forcing Context Reload (watched resource) via Java Code
A bit messy as the code doing the http request to the manager app would be reloaded before getting the response 'OK' or 'FAIL'. Perhaps a look at the manager source code may give me some pointers Thanks Again Rob -Original Message- From: Caldarale, Charles R [mailto:[EMAIL PROTECTED] Sent: 26 February 2006 16:09 To: Tomcat Users List Subject: RE: [HELP] Forcing Context Reload (watched resource) via Java Code From: Rob Gregory [mailto:[EMAIL PROTECTED] Subject: RE: [HELP] Forcing Context Reload (watched resource) via Java Code Does this indicate that contexts are unable to reload (signal a reload) on it's self? I suspect it's an area the Tomcat developers didn't want to get into - it would be very tricky, at best. Can you just generate an HTTP request for the html manager to do the reload? That would make it asynchronous to the operation of the app being reloaded. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [HELP] Forcing Context Reload (watched resource) via Java Code
Thanks Glen for the suggestion. I was hoping for a more integrated approach without the need for additional jars or external commands. Could I not just deploy may webapp with manager privileges and call the reload internally? Would this be feasibly? Thanks Again Rob -Original Message- From: Glen Mazza [mailto:[EMAIL PROTECTED] Sent: 25 February 2006 03:01 To: Tomcat Users List Subject: Re: [HELP] Forcing Context Reload (watched resource) via Java Code Rob Gregory escribió: Hi All I'm using Tomcat 5.5.9 on Java 1.5.under mixed OS's. The question is one of forcing a context/webapp reload via java code - is this possible? I know adding a watched resource or adding a new lib triggers a reload (so hopefully to trigger this via code is possible). Could the Ant manager commands be an option (they have deploy, undeploy, etc., tasks) for you? http://tomcat.apache.org/tomcat-5.5-doc/manager-howto.html#Executing%20Manag er%20Commands%20With%20Ant Glen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: tomcat catalina.out getting bombed with debug messages on maven-proxy deploy
Please post your log4j.properties file - it sounds like your root logger is too general. Rob -Original Message- From: Brad O'Hearne [mailto:[EMAIL PROTECTED] Sent: 24 February 2006 19:35 To: Tomcat Users List Subject: tomcat catalina.out getting bombed with debug messages on maven-proxy deploy I have a vanilla installation of Tomcat 5.5 (with logging added, and log4j.properties rootLogger set to level INFO), which starts up cleanly, and writes maybe 15 lines to catalina.out -- no more. I then deploy the maven-proxy-webapp.war, and catalina.out gets immediately bombed with DEBUG level messages. It appears that most of the messages are coming from the commons.digester and digester packages. Does this problem lie in Tomcat, or in the web app? How do I filter the LOG level for this information? Thanks! Brad - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Setting up connection pools on the fly...
Cheers Tim, Not had a chance to look at your suggested code (will be doing so soon for further pointers) to be honest the question is looking more like one of JNDI rather than a connection pool/tomat/cocoon issue. Can anyone suggest a good JNDI user group (hopefully focused on both Tomcat and Cocoon as I need the final solution to be available to both) Thanks All for the pointers, I'm getting closer... Just wish I had someone at work more interested in the technology they use daily... Rob -Original Message- From: Tim Lucia [mailto:[EMAIL PROTECTED] Sent: 23 January 2006 12:57 To: 'Tomcat Users List' Subject: RE: Setting up connection pools on the fly... Got it. If you only need connections, you can write your own provider class which returns connections (or DataSources) based on a name-to-database mapping of your chosing. Or, if you really must provide each connection as a JNDI DataSource, I would investigate writing your own JNDI provider that operates on the single, manual connection, and returns DataSources based on the information found via that connection. You can borrow some code from javaranch.com's jrunittesthelper, a package which provides JNDI lookups for JUnit test cases. Tim -Original Message- From: Rob Gregory [mailto:[EMAIL PROTECTED] Sent: Monday, January 23, 2006 4:28 AM To: Tomcat Users List Subject: RE: Setting up connection pools on the fly... Hi Tim, Thanks for the assistance. Our basic requirement is during tomcat load/start-up to query the database (with a single manual connection) and read the available database environments that have been pre-configured. Then create these dynamically so they are available as if they had been configured within conf/../context.xml etc. I managed to get this kind of working buy rewriting the config details during start-up but it seems at this time it's too late for Tomcat to use these (i.e. the connection pools are already set up). They would become available the next time tomcat was restarted... I then tried adding the config files as a 'watched' resource but this lead to some strange behaviour. While in most cases we don't change servers as such - we do provide our own tools to manage the database details such as username, password etc and these need to updated without modifying the config files directly. Hopes this clarifies the problem a little (shout if you need further or alternative explanations). Thanks again for your help. Rob -Original Message- From: Tim Lucia [mailto:[EMAIL PROTECTED] Sent: 22 January 2006 23:42 To: 'Tomcat Users List' Subject: RE: Setting up connection pools on the fly... How often do you change servers? What you describe below can be handled by editing the appropriate context / resource and restarting Tomcat. Perhaps more detail on the business requirement, rather then stating I must define them on the fly would enable us to give you a better solution. -Original Message- From: Rob Gregory [mailto:[EMAIL PROTECTED] Sent: Sunday, January 22, 2006 5:41 PM To: 'Tomcat Users List' Subject: RE: Setting up connection pools on the fly... One doesn't typically add new database servers on the fly, and this option would require defining a new JNDI datasource for a new server That's exactly what I need to be able to do... Is this possible on Tomcat start-up as it doesn't have to strictly on the fly just on start-up. I mainly need to remove the configuration details from the context.xml file and read these from the database before tomcat starts and creates the pools. Any help much appreciated. Rob -Original Message- From: Tim Lucia [mailto:[EMAIL PROTECTED] Sent: 22 January 2006 14:21 To: 'Tomcat Users List' Subject: RE: Setting up connection pools on the fly... The point of connection pooling is to eliminate the overhead of setting up and tearing down a (TCP, database, AAA) connection for every database transaction (typically, the web request in a web app.) This can add 100s or 1000s of milliseconds to every request, and is quite expensive. If you can architect your application so that there is a JNDI data source for each server (database server, instance, etc.) with its own pool of connections, you can always call setCatalog (http://java.sun.com/j2se/1.5.0/docs/api/java/sql/Connection.html#setCat alog (java.lang.String)) on the connection returned from the pool. One doesn't typically add new database servers on the fly, and this option would require defining a new JNDI datasource for a new server. Of course all catalogs processed in this way must be accesible to the user specified in the connnection pool properties. I would suggest setting the defaultCatalog property as well, so that you are not accidentally connected to the last-used catalog from the previous borrower of the connection. Tim -Original Message- From: Rob Gregory [mailto:[EMAIL PROTECTED] Sent: Sunday, January 22, 2006 8:23 AM To: 'Tomcat Users List' Subject: RE
RE: Setting up connection pools on the fly...
I also have the same requirement (to provide connection pools on the fly) but also need these pools available to Cocoon (so need them to map to the standard jdbc/mypool jndi location. Tomcat declares it's initial context as being readonly so I have no idea how to go about binding the pools I have created dynamically. Any pointers would be a great help. Thanks in advance Rob -Original Message- From: Alex Turner [mailto:[EMAIL PROTECTED] Sent: 20 January 2006 22:50 To: Tomcat Users List Subject: Re: Setting up connection pools on the fly... Maybe you don't even want a connection pool, rather a simple non-pooling datasource. If you generate a pool of connections for each and every database, you may end up with a great many open connections to your database server that hardly ever get used. I don't know too much about MySQL, but in most other databases, each connection has certain allocated resources, and the database typically limits the max connections. I have a similar situation, but I use a simple datasource, and a servlet to create a new datasource for each database on initialization based on a database entries. You can easily create a datasource on the fly in a servlet. I don't know if this is the 'right' answer, but it works for me. Alex On 1/20/06, Warrick Wilson [EMAIL PROTECTED] wrote: I've got a project where there's a basic interface, with some basic database access. However, when someone signs up, then a new MySQL database will be allocated for them. There's security associated with it, and the user will have to log in to identify himself. How can I create a new connection pool for that new database for my web app? My current pool is set up in context.xml - do I modify that on the fly from my web app? What I'm doing currently is figuring out who the user is and which database he's associated with, and when I do any database work, the first statement is USE databasename to get the proper database. Is there a better approach? More like a proper approach? (Says he who isn't sure he fully understands connection pools yet) -- Warrick Wilson [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Setting up connection pools on the fly...
One doesn't typically add new database servers on the fly, and this option would require defining a new JNDI datasource for a new server That's exactly what I need to be able to do... Is this possible on Tomcat start-up as it doesn't have to strictly on the fly just on start-up. I mainly need to remove the configuration details from the context.xml file and read these from the database before tomcat starts and creates the pools. Any help much appreciated. Rob -Original Message- From: Tim Lucia [mailto:[EMAIL PROTECTED] Sent: 22 January 2006 14:21 To: 'Tomcat Users List' Subject: RE: Setting up connection pools on the fly... The point of connection pooling is to eliminate the overhead of setting up and tearing down a (TCP, database, AAA) connection for every database transaction (typically, the web request in a web app.) This can add 100s or 1000s of milliseconds to every request, and is quite expensive. If you can architect your application so that there is a JNDI data source for each server (database server, instance, etc.) with its own pool of connections, you can always call setCatalog (http://java.sun.com/j2se/1.5.0/docs/api/java/sql/Connection.html#setCatalog (java.lang.String)) on the connection returned from the pool. One doesn't typically add new database servers on the fly, and this option would require defining a new JNDI datasource for a new server. Of course all catalogs processed in this way must be accesible to the user specified in the connnection pool properties. I would suggest setting the defaultCatalog property as well, so that you are not accidentally connected to the last-used catalog from the previous borrower of the connection. Tim -Original Message- From: Rob Gregory [mailto:[EMAIL PROTECTED] Sent: Sunday, January 22, 2006 8:23 AM To: 'Tomcat Users List' Subject: RE: Setting up connection pools on the fly... I also have the same requirement (to provide connection pools on the fly) but also need these pools available to Cocoon (so need them to map to the standard jdbc/mypool jndi location. Tomcat declares it's initial context as being readonly so I have no idea how to go about binding the pools I have created dynamically. Any pointers would be a great help. Thanks in advance Rob -Original Message- From: Alex Turner [mailto:[EMAIL PROTECTED] Sent: 20 January 2006 22:50 To: Tomcat Users List Subject: Re: Setting up connection pools on the fly... Maybe you don't even want a connection pool, rather a simple non-pooling datasource. If you generate a pool of connections for each and every database, you may end up with a great many open connections to your database server that hardly ever get used. I don't know too much about MySQL, but in most other databases, each connection has certain allocated resources, and the database typically limits the max connections. I have a similar situation, but I use a simple datasource, and a servlet to create a new datasource for each database on initialization based on a database entries. You can easily create a datasource on the fly in a servlet. I don't know if this is the 'right' answer, but it works for me. Alex On 1/20/06, Warrick Wilson [EMAIL PROTECTED] wrote: I've got a project where there's a basic interface, with some basic database access. However, when someone signs up, then a new MySQL database will be allocated for them. There's security associated with it, and the user will have to log in to identify himself. How can I create a new connection pool for that new database for my web app? My current pool is set up in context.xml - do I modify that on the fly from my web app? What I'm doing currently is figuring out who the user is and which database he's associated with, and when I do any database work, the first statement is USE databasename to get the proper database. Is there a better approach? More like a proper approach? (Says he who isn't sure he fully understands connection pools yet) -- Warrick Wilson [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Images caching
You are more than welcome mate. I learnt from you guys on the lists and the Net and we should all try and give back to the community. Rob Gregory -Original Message- From: Bello Martinez Sergio [mailto:[EMAIL PROTECTED] Sent: 18 January 2006 07:43 To: Tomcat Users List Subject: RE: Images caching Thanks a lot, of course it has helped -Mensaje original- De: Rob Gregory [SMTP:[EMAIL PROTECTED] Enviado el: martes, 17 de enero de 2006 19:39 Para: 'Tomcat Users List' Asunto: RE: Images caching Code as requested, Hope this helps mate:- package com.my.filters; /** * pTitle: CacheFilter/p * pDescription: This filter sets headers for all requests directed via the * filter mappings. This allows the browser to be forced to use * the cached version of the file. /p * * Most of the work required by this filter is done via the configuration parameters * within the web.xml deployment descriptor as follows:- * * filter * filter-nameBrowserCache/filter-name * filter-class com.my.filters.CacheFilter/filter-class * init-param *param-nameCache-Control/param-name *param-valueprivate,max-age=3600/param-value * /init-param * init-param *param-namePragma/param-name *param-valuecache/param-value * /init-param * /filter * * filter-mapping * filter-nameBrowserCache/filter-name * url-pattern*.gif/url-pattern * /filter-mapping * filter-mapping * filter-nameBrowserCache/filter-name * url-pattern*.css/url-pattern * /filter-mapping * filter-mapping * filter-nameBrowserCache/filter-name * url-pattern*.js/url-pattern * /filter-mapping * * @see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.42 ** ** */ import com.ieseries.core.Constants; import java.io.IOException; import java.util.Enumeration; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletResponse; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; /** * Project Core */ public class CacheFilter implements Filter { FilterConfig objFilterConfig; // Create a log attribute to allow access to log files private static final Log log = LogFactory.getLog(CacheFilter.class); private static final String VERSION_STRING = CacheFilter.class.getName() + '/' + Constants.VERSION_NUMBER; /** * init * @param filterConfig the filter configuration object */ public void init(FilterConfig filterConfig) { this.objFilterConfig = filterConfig; } /** * doFilter * @param req the ServletRequest object * @param res the ServletResponse object * @param filterChain the FilterChain * @throws IOException * @throws ServletException */ public void doFilter(ServletRequest req, ServletResponse res, FilterChain filterChain) throws IOException, ServletException { if (log.isDebugEnabled()) log.debug(Doing Filter Cache); HttpServletResponse response = (HttpServletResponse) res; // set the provided HTTP response parameters Enumeration enu = objFilterConfig.getInitParameterNames(); while ( enu.hasMoreElements() ) { String headerName = (String) enu.nextElement(); // response.setHeader(headerName, objFilterConfig.getInitParameter(headerName)); // RG : use addHeader not setHeader so multiple headers can be added... if (log.isDebugEnabled()) log.debug(Setting Header : + objFilterConfig.getInitParameter(headerName)); response.addHeader(headerName, objFilterConfig.getInitParameter(headerName)); } // pass the request/response on to the rest of the filters filterChain.doFilter(req, response); } /** * toString * @return string containing the version information */ public String toString() { return VERSION_STRING; } /** * destroy */ public void destroy() { if (log.isDebugEnabled()) log.debug(Destroy Cache Filter); this.objFilterConfig = null; } } -Original Message- From: Bello Martinez Sergio [mailto:[EMAIL PROTECTED] Sent: 17 January 2006 07:12 To: Tomcat Users List Subject: RE: Images caching Hi Rob Gregory, I would thank a lot those code examples about setting headers with filters. I've read a lot about this problem yesterday and I've discovered that there are a problem with IE6 images caching, so I'm very interested in the workaround you've suggested. Thanks a lot (thanks to Alex Hyde, too) -Mensaje original- De: Rob
RE: Images caching
Code as requested, Hope this helps mate:- package com.my.filters; /** * pTitle: CacheFilter/p * pDescription: This filter sets headers for all requests directed via the * filter mappings. This allows the browser to be forced to use * the cached version of the file. /p * * Most of the work required by this filter is done via the configuration parameters * within the web.xml deployment descriptor as follows:- * * filter * filter-nameBrowserCache/filter-name * filter-class com.my.filters.CacheFilter/filter-class * init-param *param-nameCache-Control/param-name *param-valueprivate,max-age=3600/param-value * /init-param * init-param *param-namePragma/param-name *param-valuecache/param-value * /init-param * /filter * * filter-mapping * filter-nameBrowserCache/filter-name * url-pattern*.gif/url-pattern * /filter-mapping * filter-mapping * filter-nameBrowserCache/filter-name * url-pattern*.css/url-pattern * /filter-mapping * filter-mapping * filter-nameBrowserCache/filter-name * url-pattern*.js/url-pattern * /filter-mapping * * @see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.42 */ import com.ieseries.core.Constants; import java.io.IOException; import java.util.Enumeration; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletResponse; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; /** * Project Core */ public class CacheFilter implements Filter { FilterConfig objFilterConfig; // Create a log attribute to allow access to log files private static final Log log = LogFactory.getLog(CacheFilter.class); private static final String VERSION_STRING = CacheFilter.class.getName() + '/' + Constants.VERSION_NUMBER; /** * init * @param filterConfig the filter configuration object */ public void init(FilterConfig filterConfig) { this.objFilterConfig = filterConfig; } /** * doFilter * @param req the ServletRequest object * @param res the ServletResponse object * @param filterChain the FilterChain * @throws IOException * @throws ServletException */ public void doFilter(ServletRequest req, ServletResponse res, FilterChain filterChain) throws IOException, ServletException { if (log.isDebugEnabled()) log.debug(Doing Filter Cache); HttpServletResponse response = (HttpServletResponse) res; // set the provided HTTP response parameters Enumeration enu = objFilterConfig.getInitParameterNames(); while ( enu.hasMoreElements() ) { String headerName = (String) enu.nextElement(); // response.setHeader(headerName, objFilterConfig.getInitParameter(headerName)); // RG : use addHeader not setHeader so multiple headers can be added... if (log.isDebugEnabled()) log.debug(Setting Header : + objFilterConfig.getInitParameter(headerName)); response.addHeader(headerName, objFilterConfig.getInitParameter(headerName)); } // pass the request/response on to the rest of the filters filterChain.doFilter(req, response); } /** * toString * @return string containing the version information */ public String toString() { return VERSION_STRING; } /** * destroy */ public void destroy() { if (log.isDebugEnabled()) log.debug(Destroy Cache Filter); this.objFilterConfig = null; } } -Original Message- From: Bello Martinez Sergio [mailto:[EMAIL PROTECTED] Sent: 17 January 2006 07:12 To: Tomcat Users List Subject: RE: Images caching Hi Rob Gregory, I would thank a lot those code examples about setting headers with filters. I've read a lot about this problem yesterday and I've discovered that there are a problem with IE6 images caching, so I'm very interested in the workaround you've suggested. Thanks a lot (thanks to Alex Hyde, too) -Mensaje original- De: Rob Gregory [SMTP:[EMAIL PROTECTED] Enviado el: martes, 17 de enero de 2006 1:12 Para: 'Tomcat Users List' Asunto: RE: Images caching Hey Guys, We had the exact same issue when last tested for performance and even thou the image had not changed the webapp made a request back to the server to check... I resolved this by setting headers on the images when they were originally served up by Tomcat (using a servlet filter). I can post code examples if needed. Hope this helps. Rob Gregory -Original Message- From: ALEX HYDE [mailto:[EMAIL PROTECTED] Sent: 16 January 2006 23:38 To: Tomcat Users List Subject: Re: Images caching Hey Bello, I'm fairly new
RE: Dynamic Datasource Configuration - JNDI read only context
Thanks David, I appreciate you confirming the read-only status of the Tomcat context. Is there a reason for this being readonly as I ideally need to bind The dynamic source to the standard context (i.e. literally replace any defined within the context.xml file) as the datasource is used by my own classes AND xsp's provided by Cocoon and I'm not sure Cocoon can be configured to obtain connections from the ServletContext. At least I have something else to 'Google' during my lack of life ;o) Cheers Rob -Original Message- From: David Smith [mailto:[EMAIL PROTECTED] Sent: 17 January 2006 14:09 To: Tomcat Users List Subject: Re: Dynamic Datasource Configuration - JNDI read only context Your results are correct. The JNDI provided by tomcat is read-only. You'll need to put your DataSource object into your own JNDI context or store the DataSource in your ServletContext. Personally I like the idea of putting the javax.sql.DataSource object in the ServletContext and using it from there as needed. --David Rob Gregory wrote: Hi Guys and thanks in advance for any pointers. I am running Tomcat 5.5.9 and would like to remove the need to specify database configuration details within the context.xml file e.g. Resource name=jdbc/one type=javax.sql.DataSource username=user password=pass driverClassName=oracle.jdbc.driver.OracleDriver maxIdle=2 maxWait=5000 maxActive=50 validationQuery=SELECT count(*) FROM dual url=jdbc:oracle:thin:@server:1521:sid / I need to provide (apache commons db) datasources 'on the fly' and after trying every thing I can think of such as trying to register the details against JNDI as follows:- //Hashtable env = new Hashtable(); //env.put(Context.INITIAL_CONTEXT_FACTORY, org.apache.naming.java.javaURLContextFactory); //env.put(Context.URL_PKG_PREFIXES, org.apache.naming); //System.setProperty(Context.INITIAL_CONTEXT_FACTORY,com.sun.jndi.fscontex t .RefFSContextFactory); //System.setProperty(Context.INITIAL_CONTEXT_FACTORY,org.apache.naming.jav a .javaURLContextFactory); //System.setProperty(Context.PROVIDER_URL, file:///\\tmp file:///tmp); //InitialContext ic = null; Context ic = null; try { //ic = new InitialContext(env); ic = new InitialContext(); if (log.isDebugEnabled()) log.debug(Creating logindb references); // Construct DriverAdapterCPDS reference Reference cpdsRef = new Reference(org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, null); cpdsRef.add(new StringRefAddr(driver, strDriver)); cpdsRef.add(new StringRefAddr(url, strUrl)); cpdsRef.add(new StringRefAddr(user, objLoginDB.getUsername())); cpdsRef.add(new StringRefAddr(password, objLoginDB.getPassword())); //ic.rebind(java:comp/env/jdbc/cpdslogindb, cpdsRef); ic.bind(java:/comp/env/jdbc/cpdslogindb, cpdsRef); if (log.isDebugEnabled()) log.debug(Creating connection pool); // Construct PerUserPoolDataSource reference Reference ref = new Reference(org.apache.commons.dbcp.datasources.PerUserPoolDataSource, org.apache.commons.dbcp.datasources.PerUserPoolDataSourceFactory, null); ref.add(new StringRefAddr(dataSourceName, java:/comp/env/jdbc/cpdslogindb)); ref.add(new StringRefAddr(defaultMaxActive, Config.getParam(pool.max.active))); ref.add(new StringRefAddr(defaultMaxIdle, Config.getParam(pool.max.idle))); ref.add(new StringRefAddr(defaultMaxWait, Config.getParam(pool.max.wait))); //ic.rebind(jdbc/ + logindb, ref); //ic.bind(logindb, ref); ic.bind(java:/comp/env/jdbc/logindb, ref); } catch (NamingException ne) { log.error(Failed while doing JNDI on connection logindb); log.debug(ne.getMessage(), ne); } The results of this indicate that the Tomcat Initial Context seems to be 'READ-ONLY' ?? Any pointers into what I am doing wrong are greatly appreciated. Thanks Rob - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Encrypting/Protecting JSP/Struts source code (UNCLASSIFIED)
Good comments, but how would you encrypt the config files when Struts needs these to run out code (hence before I can decrypt). While I personally prefer Cocoon over struts these are pretty much 'Sister' projects so the same solution would help me also. Discussion appreciated. Rob -Original Message- From: Nikola Milutinovic [mailto:[EMAIL PROTECTED] Sent: 17 January 2006 21:28 To: Tomcat Users List Subject: Re: Encrypting/Protecting JSP/Struts source code (UNCLASSIFIED) Samara, Fadi N Mr ACSIM/ASPEX wrote: Classification: UNCLASSIFIED Caveats: NONE -Original Message- From: Tom Burke [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 17, 2006 10:19 AM To: Tomcat Users List Subject: Encrypting/Protecting JSP/Struts source code My company is has developed and is now marketing/selling a line-of-business TSP/Tomcat application which we sell to corporate customers to runs on their servers in their intranets. It's suddenly become clear to my company that when we deploy a WAR on a customers' site, the source code is completely visible to anyone who has access to the server's drives, and this is belatedly causing some concern. Obviously there are clauses in our license that formally protect our intellectual property and at a corporate level we are relaxed, but my boss is quite concerned about the delinquent administrator who simply downloads walks away with the code. Is there any way in which the deployed WAR file, and all the files that explode out of it, can be hidden/encrypted/protected on the server, while still allowing them to be executed by Tomcat? The app is almost completely JSP/Struts, there is hardly any HTML at all (if any in fact). There is some nonsense here, so let us clear it out. First of all, Java classes are compiled binary entities, no source there. Sure, there are tools for reverse engineering, decompilers. You can make life harder for them by using obfuscators, I believe Jakarta has a good one. Next, for JSPs, well, yes they are source, but in Struts applications, they should have a limited role. Even so, there are JSP precompilers, Ant has a task for that. Couple it with an obfuscator and your source is unreadable. The only thing that remains are the config files. You could theoretically encrypt them, keeping the key inside your code, which will get obfuscated, anyway. Does that satisfy you? Nix. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Classloaders for 'shared' and 'common' cannot load class-data from server?
Obvious question but have you tried placing your required jar in common/endorsed? Regards Rob -Original Message- From: Ken Johanson [mailto:[EMAIL PROTECTED] Sent: 16 January 2006 22:59 To: Tomcat Users List Subject: Classloaders for 'shared' and 'common' cannot load class-data from server? Hello, I'm building some utility wrappers for Tomcat (using 5.0.30 in this case). Since they need to be accessed by all webapps, I'm placing their jars in shared/lib (I also even tried common/lib to resolve the problem below). These jars reference classes in org.apache.catalina.* ('ServerFactory' and 'Realm' among others). When I exec call the methods from JSPs (for example), I get a NoClassDefFoundError: org/apache/catalina/ServerFactory.. I *was* originally able to execute the same code that's now contained in the shared/lib jars, from directly inside JSPs, using the prescribed 'privileged=true' Server/Service/Engine/Host/Context attribute... however it's the classloader for shared/lib jars thats seems to need a similar 'privileged' attribute.. Should I place this same (or another attrib) in some other web.xml element? Or is there another lib directory I should use? Thanks in advance, ken - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Dynamic Datasource Configuration - JNDI read only context
Hi Guys and thanks in advance for any pointers. I am running Tomcat 5.5.9 and would like to remove the need to specify database configuration details within the context.xml file e.g. Resource name=jdbc/one type=javax.sql.DataSource username=user password=pass driverClassName=oracle.jdbc.driver.OracleDriver maxIdle=2 maxWait=5000 maxActive=50 validationQuery=SELECT count(*) FROM dual url=jdbc:oracle:thin:@server:1521:sid / I need to provide (apache commons db) datasources 'on the fly' and after trying every thing I can think of such as trying to register the details against JNDI as follows:- //Hashtable env = new Hashtable(); //env.put(Context.INITIAL_CONTEXT_FACTORY, org.apache.naming.java.javaURLContextFactory); //env.put(Context.URL_PKG_PREFIXES, org.apache.naming); //System.setProperty(Context.INITIAL_CONTEXT_FACTORY,com.sun.jndi.fscontext .RefFSContextFactory); //System.setProperty(Context.INITIAL_CONTEXT_FACTORY,org.apache.naming.java .javaURLContextFactory); //System.setProperty(Context.PROVIDER_URL, file:///\\tmp file:///tmp); //InitialContext ic = null; Context ic = null; try { //ic = new InitialContext(env); ic = new InitialContext(); if (log.isDebugEnabled()) log.debug(Creating logindb references); // Construct DriverAdapterCPDS reference Reference cpdsRef = new Reference(org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, null); cpdsRef.add(new StringRefAddr(driver, strDriver)); cpdsRef.add(new StringRefAddr(url, strUrl)); cpdsRef.add(new StringRefAddr(user, objLoginDB.getUsername())); cpdsRef.add(new StringRefAddr(password, objLoginDB.getPassword())); //ic.rebind(java:comp/env/jdbc/cpdslogindb, cpdsRef); ic.bind(java:/comp/env/jdbc/cpdslogindb, cpdsRef); if (log.isDebugEnabled()) log.debug(Creating connection pool); // Construct PerUserPoolDataSource reference Reference ref = new Reference(org.apache.commons.dbcp.datasources.PerUserPoolDataSource, org.apache.commons.dbcp.datasources.PerUserPoolDataSourceFactory, null); ref.add(new StringRefAddr(dataSourceName, java:/comp/env/jdbc/cpdslogindb)); ref.add(new StringRefAddr(defaultMaxActive, Config.getParam(pool.max.active))); ref.add(new StringRefAddr(defaultMaxIdle, Config.getParam(pool.max.idle))); ref.add(new StringRefAddr(defaultMaxWait, Config.getParam(pool.max.wait))); //ic.rebind(jdbc/ + logindb, ref); //ic.bind(logindb, ref); ic.bind(java:/comp/env/jdbc/logindb, ref); } catch (NamingException ne) { log.error(Failed while doing JNDI on connection logindb); log.debug(ne.getMessage(), ne); } The results of this indicate that the Tomcat Initial Context seems to be 'READ-ONLY' ?? Any pointers into what I am doing wrong are greatly appreciated. Thanks Rob
RE: Images caching
Hey Guys, We had the exact same issue when last tested for performance and even thou the image had not changed the webapp made a request back to the server to check... I resolved this by setting headers on the images when they were originally served up by Tomcat (using a servlet filter). I can post code examples if needed. Hope this helps. Rob Gregory -Original Message- From: ALEX HYDE [mailto:[EMAIL PROTECTED] Sent: 16 January 2006 23:38 To: Tomcat Users List Subject: Re: Images caching Hey Bello, I'm fairly new to this but don't mind putting my two pence worth in. I'm not that sure about the client side but I've heard mention of something called Squid which can cache static content quite well and would sit as a proxy in front of Tomcat. Gluck --- Bello Martinez Sergio [EMAIL PROTECTED] wrote: Hi all, I have a web application in Tomcat 5.0 (standalone) that does image swapping for some mouse events. My problem is that IE does a GET request everytime I change an image's src atribute. No matter if I preload all document images with imgX=new Image(); imgX.src = '...', the browser always request the image from the server when I put the mouse over an image. I've tried to change browser cache settings, too. Does anybody know how can I do to avoid this? I've read resin lets you define things like 'cache-mapping url-pattern=*.gif expires=60D/' Is there a way to do this with Tomcat? I would like to avoid using Apache for the moment. Thanks a lot, Sergio - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ___ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Hibernate debugging problem in Tomcat 5.5.12
What is your development environment? I use Eclipse (EXCELLENT bit of software on par with Tomcat) and this allows me to even debug Tomcat code when required. Rob -Original Message- From: Behrang Saeedzadeh [mailto:[EMAIL PROTECTED] Sent: 16 January 2006 23:50 To: Tomcat Users List Subject: Hibernate debugging problem in Tomcat 5.5.12 Hi all, When I want to debug my Hibernate 3.1/WebWork 2.1.7 Web app (which is deployed into Tomcat) with IDEA, when I add Hibernate related classes to the watches, I cannot inspect them and instead I see a red message reading: Debug info unavailable... Does anybody know what's possibly causing this? BTW - I can debug my DAO outside Tomcat with no problem. -- Science is a differential equation. Religion is a boundary limit - Alan Turing Behrang Saeedzadeh http://www.jroller.com/page/behrangsa http://my.opera.com/behrangsa - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]