Re: Tomcat on AIX, IBM's JVM. Was Re: [OT] AIX filtering Explorer?
[EMAIL PROTECTED] wrote on 04/07/2006 01:28:42 PM: Tremal Naik [EMAIL PROTECTED] wrote on 04/07/2006 09:48:53 AM: 2006/4/4, Tremal Naik [EMAIL PROTECTED]: I have no problem with Firefox, while IE looks as if it get lost. The secure request does not arrive on the tomcat server. Where did it go? from the Tomcat SSL howto: http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html sslProtocol - It is reported that IBM's 1.4.1 implementation of the TLS protocol is not compatible with some popular browsers. In this case, use the value SSL. Now it works. Alternatively, you can leave the default settings but enable the TLS protocol in IE using Tools - Internet Options - Security Hi, I'm glad you brought this up. We are using Tomcat on AIX with IBM's JVM. We have setup the Connector in the server.xml file, changing the algorithm and sslProtocol as the SSL How-to instructed. At first it worked, but now it doesn't. We have not changed the configuration of Tomcat, nor have we changed the JDK. When we connect, we get a notice about the certificate, but it does not display the pages: IE tells us that it can't find any pages, and Firefox just shows us blank pages. Here is the Connector configuration: Connector className=org.apache.coyote.tomcat5.CoyoteConnector port=8443 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true acceptCount=100 debug=0 scheme=https secure=true clientAuth=false sslProtocol=SSL algorithm=IbmX509/ We don't need a secure connection now, but we will when we install the system for the client. I was hoping to avoid the installation of Apache on our clients' systems. Does anyone know how this could happen? Thanks, Tim S FWIW, I thought I had solved this problem yesterday, because I could connect on 8080 and 8443, all hunky-dory. When I started today, however, things were still hunky on 8080, but nothing dorey on 8443. At that point I thought it had as much to do with the phases of the moon as anyting else, but with debug=99, catalina.out showed this: WARNING: Error registering contexts java.util.ConcurrentModificationException at java.util.HashMap$HashIterator.nextEntry(HashMap.java(Compiled Code)) at java.util.HashMap$EntryIterator.next(HashMap.java(Compiled Code)) at java.util.HashMap.putAllForCreate(HashMap.java(Compiled Code)) at java.util.HashMap.clone(HashMap.java:811) at mx4j.server.DefaultMBeanRepository.clone(DefaultMBeanRepository.java(Inlined Compiled Code)) at mx4j.server.MBeanServerImpl.findMBeansByPattern(MBeanServerImpl.java(Compiled Code)) at mx4j.server.MBeanServerImpl.queryObjectNames(MBeanServerImpl.java:1568) at mx4j.server.MBeanServerImpl.queryMBeans(MBeanServerImpl.java:1512) at org.apache.coyote.tomcat5.MapperListener.init(MapperListener.java:115) at org.apache.coyote.tomcat5.CoyoteConnector.start(CoyoteConnector.java:1537) at org.apache.catalina.core.StandardService.start(StandardService.java:489) at org.apache.catalina.core.StandardServer.start(StandardServer.java:2313) at org.apache.catalina.startup.Catalina.start(Catalina.java:556) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java(Compiled Code)) at java.lang.reflect.Method.invoke(Method.java(Compiled Code)) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:287) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:425) I had two connectors: were these conflicting? Commenting out the connector on 8080 relieved the conflict, and I can now connect on 8443---dory, but no hunky. For now. Is this a known problem? I had a redirect on the 8080 port too but eliminating that didn't help; only disabling one enables the other. Tim S. __ This email has been scanned by the MessageLabs Email Security System. Our company accepts no liability for the content of this email, or for the consequences of any actions taken on the basis of the information provided, unless that information is subsequently confirmed in writing. Any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this
Re: [OT] AIX filtering Explorer?
2006/4/4, Tremal Naik [EMAIL PROTECTED]: I have no problem with Firefox, while IE looks as if it get lost. The secure request does not arrive on the tomcat server. Where did it go? from the Tomcat SSL howto: http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html sslProtocol - It is reported that IBM's 1.4.1 implementation of the TLS protocol is not compatible with some popular browsers. In this case, use the value SSL. Now it works. Alternatively, you can leave the default settings but enable the TLS protocol in IE using Tools - Internet Options - Security bye -- TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat on AIX, IBM's JVM. Was Re: [OT] AIX filtering Explorer?
Tremal Naik [EMAIL PROTECTED] wrote on 04/07/2006 09:48:53 AM: 2006/4/4, Tremal Naik [EMAIL PROTECTED]: I have no problem with Firefox, while IE looks as if it get lost. The secure request does not arrive on the tomcat server. Where did it go? from the Tomcat SSL howto: http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html sslProtocol - It is reported that IBM's 1.4.1 implementation of the TLS protocol is not compatible with some popular browsers. In this case, use the value SSL. Now it works. Alternatively, you can leave the default settings but enable the TLS protocol in IE using Tools - Internet Options - Security Hi, I'm glad you brought this up. We are using Tomcat on AIX with IBM's JVM. We have setup the Connector in the server.xml file, changing the algorithm and sslProtocol as the SSL How-to instructed. At first it worked, but now it doesn't. We have not changed the configuration of Tomcat, nor have we changed the JDK. When we connect, we get a notice about the certificate, but it does not display the pages: IE tells us that it can't find any pages, and Firefox just shows us blank pages. Here is the Connector configuration: Connector className=org.apache.coyote.tomcat5.CoyoteConnector port=8443 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true acceptCount=100 debug=0 scheme=https secure=true clientAuth=false sslProtocol=SSL algorithm=IbmX509/ We don't need a secure connection now, but we will when we install the system for the client. I was hoping to avoid the installation of Apache on our clients' systems. Does anyone know how this could happen? Thanks, Tim S -- Nor can his mind be thought to be in tune, whose words do jarre, Nor his reason in frame, whose sentence is preposterous. __ This email has been scanned by the MessageLabs Email Security System. Our company accepts no liability for the content of this email, or for the consequences of any actions taken on the basis of the information provided, unless that information is subsequently confirmed in writing. Any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. 11/29/2003 ACE Software, LLC - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] AIX filtering Explorer?
2006/4/4, Sheets, Jerald [EMAIL PROTECTED]: Do you have a web proxy in your environment? That would be transparent, or hand-configured. We don't use a proxy to connect to the Tomcat, normally. I've configured it only to inspect the request headers that are sent by the browsers. An example of a MSIE GET request followed by a CONNECT is: 1144165210.106 42 10.0.2.210 TCP_MISS/302 452 GET http://rsaixtest.cicciopasticcio.com:8080/cicciastar/ - DIRECT/10.0.2.202 text/html [Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, application/x-shockwave-flash, */*\r\nAccept-Language: en-gb\r\nCookie: JSESSIONID=9F008108B1A0C248DE6357F135FF7CD4\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)\r\nHost: rsaixtest.cicciopasticcio.com:8080\r\nProxy-Connection: Keep-Alive\r\n] [HTTP/1.1 302 Moved Temporarily\r\nServer: Apache-Coyote/1.1\r\nPragma: No-cache\r\nCache-Control: no-cache\r\nExpires: Thu, 01 Jan 1970 01:00:00 GMT\r\nLocation: https://rsaixtest.cicciopasticcio.com:8443/cicciastar/WEB-INF/jsp/logon/logon.jsp\r\nContent-Type: text/html;charset=iso-8859-1\r\nContent-Length: 0\r\nDate: Tue, 04 Apr 2006 15:42:07 GMT\r\nConnection: keep-alive\r\n\r] 1144165210.113 3 10.0.2.210 TCP_MISS/200 124 CONNECT rsaixtest.cicciopasticcio.com:8443 - DIRECT/10.0.2.202 - [User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)\r\nHost: rsaixtest.cicciopasticcio.com:8443\r\nContent-Length: 0\r\nProxy-Connection: Keep-Alive\r\nPragma: no-cache\r\n] [] While Firefox says: 1144225430.516 78 10.0.2.210 TCP_MISS/302 517 GET http://rsaixtest.cicciopasticcio.com:8080/cicciastar/ - DIRECT/10.0.2.202 text/html [Host: rsaixtest.cicciopasticcio.com:8080\r\nUser-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1\r\nAccept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\r\nAccept-Language: en-us,en;q=0.5\r\nAccept-Encoding: gzip,deflate\r\nAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\nKeep-Alive: 300\r\nProxy-Connection: keep-alive\r\n] [HTTP/1.1 302 Moved Temporarily\r\nServer: Apache-Coyote/1.1\r\nPragma: No-cache\r\nCache-Control: no-cache\r\nExpires: Thu, 01 Jan 1970 01:00:00 GMT\r\nSet-Cookie: JSESSIONID=BC2376254AD401F328599C5148E41032; Path=/\r\nLocation: https://rsaixtest.cicciopasticcio.com:8443/cicciastar/WEB-INF/jsp/logon/logon.jsp\r\nContent-Type: text/html;charset=iso-8859-1\r\nContent-Length: 0\r\nDate: Wed, 05 Apr 2006 08:25:49 GMT\r\nConnection: keep-alive\r\n\r] 1144225494.522 63999 10.0.2.210 TCP_MISS/200 24904 CONNECT rsaixtest.cicciopasticcio.com:8443 - DIRECT/10.0.2.202 - [User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1\r\nProxy-Connection: keep-alive\r\nHost: rsaixtest.cicciopasticcio.com:8443\r\n] [] I'm checking if this has nothing to do with the different byte order of the AIX operating system, but at the moment I'm only guessing TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[OT] AIX filtering Explorer?
Hi everybody, I marked this message as OT because it may not pertain to Tomcat, even if I presume so. I have a problem with a Jboss/Tomcat 5.5 installed on an IBM AIX machine. The application redirects user requests to an encrypted channel at login: 1) The browser sends an unsecure request. 2) the request is redirected to a secure channel I have no problem with Firefox, while IE looks as if it get lost. The secure request does not arrive on the tomcat server. Where did it go? I've put a proxy in the middle so I'm pretty sure the connect request is made on the correct URL. The application works fine on a windows environment. Did anyone experience anything similar? -- TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [OT] AIX filtering Explorer?
Do you have a web proxy in your environment? That would be transparent, or hand-configured. Jerald Sheets Systems Administrator The Weather Channel Interactive -Original Message- From: Tremal Naik [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 04, 2006 12:40 PM To: Tomcat Users List Subject: [OT] AIX filtering Explorer? Hi everybody, I marked this message as OT because it may not pertain to Tomcat, even if I presume so. I have a problem with a Jboss/Tomcat 5.5 installed on an IBM AIX machine. The application redirects user requests to an encrypted channel at login: 1) The browser sends an unsecure request. 2) the request is redirected to a secure channel I have no problem with Firefox, while IE looks as if it get lost. The secure request does not arrive on the tomcat server. Where did it go? I've put a proxy in the middle so I'm pretty sure the connect request is made on the correct URL. The application works fine on a windows environment. Did anyone experience anything similar? -- TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]