Re: tomcat6, bottleneck, concurrent requests, windows xp
Hi, Michael ! I suppose Connection Times (ms) table section actually describes individual requests? And Percentage of the requests served within a certain time (ms) as well? For me it seems that concurrency is hardly working at all, but threads are blocked (or waiting) somewhere outside of doGet Servlet's method, cause doGet performance doesn't not differ to that extend (although there is some waiting issues inside obviously) I made 3 new measurements for different concurrency levels (100, 10, 1) Servlet's doGet overall method execution time is counted this way static long overall doGet(request, response) { long start = System.currentTimeMillis(); // here goes logic … //synchronized{ overall += System.currentTimeMillis() - start; } } Concurrency = 100 === ab.exe - n 100 -c 100 {address} ab.exe execution time=7.641 seconds overall doGet servlet execution =8067 === Concurrency Level: 100 Time taken for tests: 8.234 seconds Complete requests: 100 Failed requests:0 Write errors: 0 Total transferred: 2770200 bytes HTML transferred: 2742700 bytes Requests per second:12.14 [#/sec] (mean) Time per request: 8234.375 [ms] (mean) Time per request: 82.344 [ms] (mean, across all concurrent requests) Transfer rate: 328.53 [Kbytes/sec] received Connection Times (ms) min mean[+/-sd] median max Connect: 16 70 33.3 63 172 Processing: 500 4097 2098.4 41417719 Waiting: 141 3700 2115.9 37197344 Total:547 4168 2097.3 42667734 Percentage of the requests served within a certain time (ms) 50% 4266 66% 5344 75% 5984 80% 6344 90% 7109 95% 7500 98% 7672 99% 7734 100% 7734 (longest request) Concurrency = 10 === ab.exe - n 100 -c 10 {address} ab.exe execution time=8.094 seconds overall doGet servlet execution =7206 === Concurrency Level: 10 Time taken for tests: 8.094 seconds Complete requests: 100 Failed requests:0 Write errors: 0 Total transferred: 2770200 bytes HTML transferred: 2742700 bytes Requests per second:12.36 [#/sec] (mean) Time per request: 809.375 [ms] (mean) Time per request: 80.938 [ms] (mean, across all concurrent requests) Transfer rate: 334.24 [Kbytes/sec] received Connection Times (ms) min mean[+/-sd] median max Connect: 31 75 29.0 78 141 Processing: 172 695 149.0734 891 Waiting: 109 344 143.7328 719 Total:250 770 156.38131000 Percentage of the requests served within a certain time (ms) 50%813 66%828 75%844 80%875 90%922 95%953 98% 1000 99% 1000 100% 1000 (longest request) Concurrency = 1 === ab.exe - n 100 -c 1 {address} ab.exe execution time=10.578 seconds overall doGet servlet execution=4672 === Concurrency Level: 1 Time taken for tests: 10.578 seconds Complete requests: 100 Failed requests:0 Write errors: 0 Total transferred: 2770200 bytes HTML transferred: 2742700 bytes Requests per second:9.45 [#/sec] (mean) Time per request: 105.781 [ms] (mean) Time per request: 105.781 [ms] (mean, across all concurrent requests) Transfer rate: 255.74 [Kbytes/sec] received Connection Times (ms) min mean[+/-sd] median max Connect: 16 24 8.1 31 47 Processing:63 81 8.8 78 109 Waiting: 63 67 7.6 63 94 Total: 94 105 9.0109 125 Percentage of the requests served within a certain time (ms) 50%109 66%109 75%109 80%109 90%109 95%125 98%125 99%125 100%125 (longest request) Michael Ludwig-6 wrote: kazukin6 schrieb am 13.12.2008 um 18:15:33 (-0800): 1) there is maxThreads=100 in context.xml 2) sending 100 simultaneous requests to one servlet, for example ab.exe -n 100 -c 100 {address} 3) in the servlet's own log for performance it shows around only 200-500 ms per request 4) in the ab.exe log it shows around 7 seconds(!) per request It doesn't, at least not in the log you're showing here. full log of ab.exe is Concurrency Level: 100 Time taken for tests: 16.656 seconds That's the time taken altogether. Complete requests: 100 Failed requests:0 Write errors: 0 Everything fine. Total transferred: 2770200 bytes
tomcat6, bottleneck, concurrent requests, windows xp
- 1) there is maxThreads=100 in context.xml 2) sending 100 simultaneous requests to one servlet, for example ab.exe -n 100 -c 100 {address} 3) in the servlet's own log for performance it shows around only 200-500 ms per request 4) in the ab.exe log it shows around 7 seconds(!) per request - So the question is- is it a some sort of socket level bottleneck? In JProfiler there is no thread locks shown. How to resolve it? full log of ab.exe is Concurrency Level: 100 Time taken for tests: 16.656 seconds Complete requests: 100 Failed requests:0 Write errors: 0 Total transferred: 2770200 bytes HTML transferred: 2742700 bytes Requests per second:6.00 [#/sec] (mean) Time per request: 16656.250 [ms] (mean) Time per request: 166.563 [ms] (mean, across all concurrent requests) Transfer rate: 162.42 [Kbytes/sec] received Connection Times (ms) min mean[+/-sd] median max Connect: 31 146 208.01091922 Processing: 1328 8015 4329.2 7797 16250 Waiting: 578 7109 4323.0 6734 15281 Total: 1438 8161 4350.1 7875 16281 Percentage of the requests served within a certain time (ms) 50% 7875 66% 9969 75% 10969 80% 11609 90% 15547 95% 16141 98% 16219 99% 16281 100% 16281 (longest request) -- View this message in context: http://www.nabble.com/tomcat6%2C-bottleneck%2C-concurrent-requests%2C-windows-xp-tp20996642p20996642.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Question is answered. See Bill Barker-2 answer (update)
Hi Chris! They can upload them using javascript file manager Totally rejecting scripting seems to be more robust solution Christopher Schultz-2 wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Kazukin, kazukin6 wrote: And yes, for us it' not possible to give users to change only parts of jsp's and deny execution of these parts based on some credential assessments executed during some if checkAccess tags How do your users submit updated JSP files? Do you have the opportunity to scan them before installation? If so, why not simply reject anything containing [EMAIL PROTECTED]? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkjQJV4ACgkQ9CaO5/Lv0PCNOACgu+CaPCGqYX+0t1jhPJhDRZ/K b88An1s5lPVnO1xiU2WiBljlYbTC+tZd =AN9/ -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/Disable-java-code-execution-%3C-blabla-%3E-in-jsp%2C-but-permits-tags-tp19415053p19527565.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Disable java code execution %blabla% in jsp, but permits tags
We want them to be able to customize information they get from our system by using custom tags H. Hall wrote: kazukin6 wrote: Plz Help !! Is it possible to disable all java code execution within jsp page (by security manager or something) but allow custom tags to be executed? The problem is that the users can change jsp files, and due to security reasons we can allow them to use only tags Why are users allowed to change jsp files? HH -- H. Hall ReedyRiver Group LLC http://www.reedyriver.com - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/Disable-java-code-execution-%3C-blabla-%3E-in-jsp%2C-but-permits-tags-tp19415053p19471795.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Question is answered. See Bill Barker-2 answer
Hi, Martin Thanks for the answer I see, what you mean, but the problem is slightly different The matter is that our users can change jsp files whatever they like via administrative interface, so we want to restrict the use of scriplets in these jsp's because of possible abuses Bill Barker-2 provided the comprehensive answer to this problem mgainty wrote: use ths struts if tag to conditionally disable the code %@ taglib prefix=s uri=/struts-tags% s:if test=%{false} divWill Not Be Executed/div /s:if http://struts.apache.org/2.0.11.2/docs/if.html datorită struts Martin __ Disclaimer and confidentiality note Everything in this e-mail and any attachments relates to the official business of Sender. This transmission is of a confidential nature and Sender does not endorse distribution to any party other than intended recipient. Sender does not necessarily endorse content contained within this transmission. Date: Sat, 13 Sep 2008 08:58:59 -0700 From: [EMAIL PROTECTED] To: users@tomcat.apache.org Subject: Re: Disable java code execution %blabla% in jsp, but permits tags We want them to be able to customize information they get from our system by using custom tags H. Hall wrote: kazukin6 wrote: Plz Help !! Is it possible to disable all java code execution within jsp page (by security manager or something) but allow custom tags to be executed? The problem is that the users can change jsp files, and due to security reasons we can allow them to use only tags Why are users allowed to change jsp files? HH -- H. Hall ReedyRiver Group LLC http://www.reedyriver.com - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/Disable-java-code-execution-%3C-blabla-%3E-in-jsp%2C-but-permits-tags-tp19415053p19471795.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get more out of the Web. Learn 10 hidden secrets of Windows Live. http://windowslive.com/connect/post/jamiethomson.spaces.live.com-Blog-cns!550F681DAD532637!5295.entry?ocid=TXT_TAGLM_WL_domore_092008 -- View this message in context: http://www.nabble.com/Disable-java-code-execution-%3C-blabla-%3E-in-jsp%2C-but-permits-tags-tp19415053p19476209.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Question is answered. See Bill Barker-2 answer
Martin, thanks for a guide! I took a look at the Jetspeed (and portlet specifications too) and it seems pretty intresting. I'll definetely study it. The only thing that scares me that spec-s (http://www.jcp.org/aboutJava/communityprocess/review/jsr168/) wasnt updated since 2003 And yes, you really got it. Our system indeed is a portal and CMS and something else too. And it somehow resembles the functions the Portal API has. At this moment we're developing CRM part based on it. We already have a whole bunch of portal functionality (it doesnt have any XML config cause it's highly dynamic and config is stored in DB) and very specific security system, tuned to our specific features, and at this point I'm not sure we'll be able to seamlessly integrate any second-party solution into this architecture. mgainty wrote: that was a 30 second solution amongst 100 different solutionsBR so maybe you want to categorise the jsps and then enable / disable view/update/delete of the resourcesBR in those categories depending on the authenticated credentials of the userBR for this scenario you might want to look at portals and or content-management systemsBR i would start hereBR http://portals.apache.org/jetspeed-1/fusion.htmlBR MartinBR __ BR Disclaimer and confidentiality note Everything in this e-mail and any attachments relates to the official business of Sender. This transmission is of a confidential nature and Sender does not endorse distribution to any party other than intended recipient. Sender does not necessarily endorse content contained within this transmission. Date: Sat, 13 Sep 2008 17:32:29 -0700 From: [EMAIL PROTECTED] To: users@tomcat.apache.org Subject: Question is answered. See Bill Barker-2 answer Hi, Martin Thanks for the answer I see, what you mean, but the problem is slightly different The matter is that our users can change jsp files whatever they like via administrative interface, so we want to restrict the use of scriplets in these jsp's because of possible abuses Bill Barker-2 provided the comprehensive answer to this problem mgainty wrote: use ths struts if tag to conditionally disable the code %@ taglib prefix=s uri=/struts-tags% s:if test=%{false} divWill Not Be Executed/div /s:if http://struts.apache.org/2.0.11.2/docs/if.html datorită struts Martin __ Disclaimer and confidentiality note Everything in this e-mail and any attachments relates to the official business of Sender. This transmission is of a confidential nature and Sender does not endorse distribution to any party other than intended recipient. Sender does not necessarily endorse content contained within this transmission. Date: Sat, 13 Sep 2008 08:58:59 -0700 From: [EMAIL PROTECTED] To: users@tomcat.apache.org Subject: Re: Disable java code execution %blabla% in jsp, but permits tags We want them to be able to customize information they get from our system by using custom tags H. Hall wrote: kazukin6 wrote: Plz Help !! Is it possible to disable all java code execution within jsp page (by security manager or something) but allow custom tags to be executed? The problem is that the users can change jsp files, and due to security reasons we can allow them to use only tags Why are users allowed to change jsp files? HH -- H. Hall ReedyRiver Group LLC http://www.reedyriver.com - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/Disable-java-code-execution-%3C-blabla-%3E-in-jsp%2C-but-permits-tags-tp19415053p19471795.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get more out of the Web. Learn 10 hidden secrets of Windows Live. http://windowslive.com/connect/post/jamiethomson.spaces.live.com-Blog-cns!550F681DAD532637!5295.entry?ocid=TXT_TAGLM_WL_domore_092008 -- View this message in context: http://www.nabble.com/Disable-java-code-execution-%3C-blabla-%3E-in-jsp%2C-but-permits-tags-tp19415053p19476209.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED
RE: Question is answered. See Bill Barker-2 answer (update)
And yes, for us it' not possible to give users to change only parts of jsp's and deny execution of these parts based on some credential assessments executed during some if checkAccess tags kazukin6 wrote: Martin, thanks for a guide! I took a look at the Jetspeed (and portlet specifications too) and it seems pretty intresting. I'll definetely study it. The only thing that scares me that spec-s (http://www.jcp.org/aboutJava/communityprocess/review/jsr168/) wasnt updated since 2003 And yes, you really got it. Our system indeed is a portal and CMS and something else too. And it somehow resembles the functions the Portal API has. At this moment we're developing CRM part based on it. We already have a whole bunch of portal functionality (it doesnt have any XML config cause it's highly dynamic and config is stored in DB) and very specific security system, tuned to our specific features, and at this point I'm not sure we'll be able to seamlessly integrate any second-party solution into this architecture. mgainty wrote: that was a 30 second solution amongst 100 different solutionsBR so maybe you want to categorise the jsps and then enable / disable view/update/delete of the resourcesBR in those categories depending on the authenticated credentials of the userBR for this scenario you might want to look at portals and or content-management systemsBR i would start hereBR http://portals.apache.org/jetspeed-1/fusion.htmlBR MartinBR __ BR Disclaimer and confidentiality note Everything in this e-mail and any attachments relates to the official business of Sender. This transmission is of a confidential nature and Sender does not endorse distribution to any party other than intended recipient. Sender does not necessarily endorse content contained within this transmission. Date: Sat, 13 Sep 2008 17:32:29 -0700 From: [EMAIL PROTECTED] To: users@tomcat.apache.org Subject: Question is answered. See Bill Barker-2 answer Hi, Martin Thanks for the answer I see, what you mean, but the problem is slightly different The matter is that our users can change jsp files whatever they like via administrative interface, so we want to restrict the use of scriplets in these jsp's because of possible abuses Bill Barker-2 provided the comprehensive answer to this problem mgainty wrote: use ths struts if tag to conditionally disable the code %@ taglib prefix=s uri=/struts-tags% s:if test=%{false} divWill Not Be Executed/div /s:if http://struts.apache.org/2.0.11.2/docs/if.html datorită struts Martin __ Disclaimer and confidentiality note Everything in this e-mail and any attachments relates to the official business of Sender. This transmission is of a confidential nature and Sender does not endorse distribution to any party other than intended recipient. Sender does not necessarily endorse content contained within this transmission. Date: Sat, 13 Sep 2008 08:58:59 -0700 From: [EMAIL PROTECTED] To: users@tomcat.apache.org Subject: Re: Disable java code execution %blabla% in jsp, but permits tags We want them to be able to customize information they get from our system by using custom tags H. Hall wrote: kazukin6 wrote: Plz Help !! Is it possible to disable all java code execution within jsp page (by security manager or something) but allow custom tags to be executed? The problem is that the users can change jsp files, and due to security reasons we can allow them to use only tags Why are users allowed to change jsp files? HH -- H. Hall ReedyRiver Group LLC http://www.reedyriver.com - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/Disable-java-code-execution-%3C-blabla-%3E-in-jsp%2C-but-permits-tags-tp19415053p19471795.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get more out of the Web. Learn 10 hidden secrets of Windows Live. http://windowslive.com/connect/post/jamiethomson.spaces.live.com-Blog-cns!550F681DAD532637!5295.entry?ocid=TXT_TAGLM_WL_domore_092008 -- View this message in context: http://www.nabble.com/Disable-java-code-execution-%3C-blabla-%3E-in-jsp%2C-but-permits-tags-tp19415053p19476209.html Sent from
Re: Disable java code execution %blabla% in jsp, but permits tags
Hi, Bill!! Thank you a lot!! It seems, it's exactly what I need Bill Barker-2 wrote: kazukin6 [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Plz Help !! Is it possible to disable all java code execution within jsp page (by security manager or something) but allow custom tags to be executed? There isn't anything that can't be worked around. But putting: jsp-config jsp-property-group url-pattern*.jsp/url-pattern scripting-invalidtrue/scripting-invalid /jsp-property-group /jsp-config in $CATALINA_HOME/conf/web.xml means that you can prove that they went out of their way to break the rules. This is section 3.3.3 of the JSP-2.1 spec. If they put the corresponding fragment in their webapp's web.xml but with scripting-invalidfalse/scripting-invalid then Tomcat will allow scripting (user web.xml overrides global web.xml). Also, since it is a translation-time error, it won't work if they deploy pre-compiled JSP pages. Using a SecurityManager just limits what they can do (e.g. % System.exit(0); % throws an exception). The problem is that the users can change jsp files, and due to security reasons we can allow them to use only tags -- View this message in context: http://www.nabble.com/Disable-java-code-execution-%3C-blabla-%3E-in-jsp%2C-but-permits-tags-tp19415053p19415053.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/Disable-java-code-execution-%3C-blabla-%3E-in-jsp%2C-but-permits-tags-tp19415053p19433882.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Disable java code execution %blabla% in jsp, but permits tags
Hi Juha! Yes, I did, but it's kinda hard for me to estimate all possible threats and the Tomcat's ability to provide the defence I suppose it should be 1) No thread creation 2) No IO operations 3) No any direct System API invokations, only JAVA API -(cause it can lead to undesired consequences), and what about changing some crutial standard java properties, like system encoding? 4) No any fake operations to load the processor, like while(true){do something useless} 5) -? 2) and maybe 3) are implementable, I suppose, but I'm not sure about 1) 4) and 5) Juha Laiho wrote: kazukin6 wrote: Is it possible to disable all java code execution within jsp page (by security manager or something) but allow custom tags to be executed? The problem is that the users can change jsp files, and due to security reasons we can allow them to use only tags Unfortunately I don't have an idea on how to prevent Java snippets in JSPs, but have you considered whether using Java security manager would be enough to defend you against the estimated threats? -- ..Juha - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/Disable-java-code-execution-%3C-blabla-%3E-in-jsp%2C-but-permits-tags-tp19415053p19434137.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Disable java code execution %blabla% in jsp, but permits tags
Plz Help !! Is it possible to disable all java code execution within jsp page (by security manager or something) but allow custom tags to be executed? The problem is that the users can change jsp files, and due to security reasons we can allow them to use only tags -- View this message in context: http://www.nabble.com/Disable-java-code-execution-%3C-blabla-%3E-in-jsp%2C-but-permits-tags-tp19415053p19415053.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat6 map subdomain to particular directory under web root
server.xml Host name=localhost appBase=webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Aliasw1.localhost/Alias /Host Using alias w1.localhost maps subdomain to web root directory Is there any trick to map w1.localhost to localhost/w1 directory? -- View this message in context: http://www.nabble.com/Tomcat6-map-subdomain-to-particular-directory-under-web-root-tp18531402p18531402.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat6 map subdomain to particular directory under web root
Caldarale, Charles R wrote: You can use Tuckey's URL rewrite filter (http://tuckey.org/urlrewrite/) or you could use virtual hosts: instead of the Alias, define a second Host with an appBase pointing to the desired directory. - Chuck Chuck, thanks a lot! 1) I didnt manage to get the second host working, tomcat just won't find any pages/resources and returns empty pages. Adding context element Context path= docBase=\ROOT\w1 reloadable=true/ seems to fix that problem, but in this case it looks like it's working in separate context (none of the java classes from WEB-INF/classes can be used) 2) Tuckey's URL rewrite does work! But I'm not sure about performance overheads, compared to using Apache WebServer with Virtual Hosts. For those who concern, here is the sample rule (from urlrewrite.xml) rule note subdomains redirect /note condition name=w1.localhost operator=equal type=server-namew1.localhost/condition condition name=admin operator=notequal type=request-uri/admin/(.*)/condition condition name=w1 cyclic redirection operator=notequal type=request-uri/w1/(.*)/condition from^/(.*)/from to/w1/$1/to /rule -- View this message in context: http://www.nabble.com/Tomcat6-map-subdomain-to-particular-directory-under-web-root-tp18531402p18536559.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]