from:"Brian Hand"

disabling SessionListener Logging

2012-03-17 Thread Brian Hand


Hello

I am currently running Apache Tomcat 7.0.25 in a two server clustered 
configuration.  Everything is working fine in this regard.  I have 
confirmed that sessions and session variables are being updated on each 
server instance.  To get things working, I had marked the provided 
examples web application as distributable in the applications web.xml on 
both servers.  I am just using the examples web application as a stop 
gap till my real web applications are coded.


However, now that I have the session replication working correctly, is 
there a way to disable these types of entries in the catalina.err log file?


Mar 17, 2012 2:02:57 AM org.apache.catalina.core.ApplicationContext log
INFO: SessionListener: sessionCreated('01801736B95337518C93E617280684CF')
Mar 17, 2012 2:02:58 AM org.apache.catalina.core.ApplicationContext log
INFO: SessionListener: 
attributeAdded('01801736B95337518C93E617280684CF', 'foo', 'bar')


I tried some educated guesses in changing the Logging.properties file 
under the conf directory to no avail.  I have since reverted to my 
original version.  Bottom line, I am at a complete loss as changing the 
logging.properties file seems to have no effect on the problem.


Is there a good way ahead to get these INFO level SessionListener 
Messages ( and only the SessionListener messages ) to be silent ?


If there is needed configuration info required, I will be more than 
happy to provide it.  However, other than changing server.xml ( to run 
on port 80 and enable SSL on port 443  ) I haven't done much above and 
beyond that.


Thanks in advance
Brian

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: disabling SessionListener Logging

2012-03-17 Thread Brian Hand


Thanks for the quick response.

It doesn't appear to be the case.   The example servlet doesn't seem to 
have any logger calls and is just pipeling output to a PrintWriter for 
the response back to the browser.


I suspect these are coming from the server itself and not the 
application due to this being in the log output.


org.apache.catalina.core.ApplicationContext

which isn't a part of the example web app.

I am open to any other ideas.

Thanks
Brian

On 3/17/2012 2:23 AM, Pid * wrote:

On 17 Mar 2012, at 07:21, Brian Handhandbri...@gmail.com  wrote:


Hello

I am currently running Apache Tomcat 7.0.25 in a two server clustered 
configuration.  Everything is working fine in this regard.  I have confirmed 
that sessions and session variables are being updated on each server instance.  
To get things working, I had marked the provided examples web application as 
distributable in the applications web.xml on both servers.  I am just using the 
examples web application as a stop gap till my real web applications are coded.

However, now that I have the session replication working correctly, is there a 
way to disable these types of entries in the catalina.err log file?

Check the code of the example app to see if it's something the app is
doing rather th



Mar 17, 2012 2:02:57 AM org.apache.catalina.core.ApplicationContext log
INFO: SessionListener: sessionCreated('01801736B95337518C93E617280684CF')
Mar 17, 2012 2:02:58 AM org.apache.catalina.core.ApplicationContext log
INFO: SessionListener: attributeAdded('01801736B95337518C93E617280684CF', 
'foo', 'bar')

I tried some educated guesses in changing the Logging.properties file under the 
conf directory to no avail.  I have since reverted to my original version.  
Bottom line, I am at a complete loss as changing the logging.properties file 
seems to have no effect on the problem.

Is there a good way ahead to get these INFO level SessionListener Messages ( 
and only the SessionListener messages ) to be silent ?

If there is needed configuration info required, I will be more than happy to 
provide it.  However, other than changing server.xml ( to run on port 80 and 
enable SSL on port 443  ) I haven't done much above and beyond that.

Thanks in advance
Brian

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: disabling SessionListener Logging

2012-03-17 Thread Brian Hand

I see what you mean.  There are a bunch of overriden methods that do the 
logging.  Specific to the examples application.


I was looking at it from the wrong direction, I made the erroneous 
assumption that


org.apache.catalina.core.ApplicationContext was the culprint, when in fact that 
was not the case.

Thanks for the prompt assistance
Brian


On 3/17/2012 2:39 AM, Pid * wrote:

On 17 Mar 2012, at 07:31, Brian Handhandbri...@gmail.com  wrote:


Thanks for the quick response.

It doesn't appear to be the case.   The example servlet doesn't seem to have 
any logger calls and is just pipeling output to a PrintWriter for the response 
back to the browser.

Need to look for SessionListener.java - it's that calling ServletContext.log().

Probably in WEB-INF/listeners.


p



I suspect these are coming from the server itself and not the application due 
to this being in the log output.

org.apache.catalina.core.ApplicationContext

which isn't a part of the example web app.

I am open to any other ideas.

Thanks
Brian

On 3/17/2012 2:23 AM, Pid * wrote:

On 17 Mar 2012, at 07:21, Brian Handhandbri...@gmail.com   wrote:


Hello

I am currently running Apache Tomcat 7.0.25 in a two server clustered 
configuration.  Everything is working fine in this regard.  I have confirmed 
that sessions and session variables are being updated on each server instance.  
To get things working, I had marked the provided examples web application as 
distributable in the applications web.xml on both servers.  I am just using the 
examples web application as a stop gap till my real web applications are coded.

However, now that I have the session replication working correctly, is there a 
way to disable these types of entries in the catalina.err log file?

Check the code of the example app to see if it's something the app is
doing rather th



Mar 17, 2012 2:02:57 AM org.apache.catalina.core.ApplicationContext log
INFO: SessionListener: sessionCreated('01801736B95337518C93E617280684CF')
Mar 17, 2012 2:02:58 AM org.apache.catalina.core.ApplicationContext log
INFO: SessionListener: attributeAdded('01801736B95337518C93E617280684CF', 
'foo', 'bar')

I tried some educated guesses in changing the Logging.properties file under the 
conf directory to no avail.  I have since reverted to my original version.  
Bottom line, I am at a complete loss as changing the logging.properties file 
seems to have no effect on the problem.

Is there a good way ahead to get these INFO level SessionListener Messages ( 
and only the SessionListener messages ) to be silent ?

If there is needed configuration info required, I will be more than happy to 
provide it.  However, other than changing server.xml ( to run on port 80 and 
enable SSL on port 443  ) I haven't done much above and beyond that.

Thanks in advance
Brian

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Trying to suppress keystore and truststore password in Cent OS process listings.

2012-03-24 Thread Brian Hand


Hello all

I been working with getting JMX working with SSL with client side 
authentication working on tomcat.  All is working well in this regard.  
However, I noticed that if I do a ps -ef | grep jsvc on the Cent OS 
linux server.  I get the below output ( yes the password has been 
changed ).  My question is simply, is there a way to pass in the 
keystore password and truststore password through jsvc in such a manner 
where it isn't in clear text on a process list output?  Or more to the 
point, am I being overly paranoid that the keystore and truststore 
passwords are in the clear if you do a process listing on the server?  I 
have taken steps to ensure that only the tomcat user is able to read 
from both the keystore and truststore files and the tomcat user is not 
allowed direct logins on to the machine.  The only way you can become a 
tomcat user is via su - tomcat from another user.


I tried setting the parameters via the CATALINA_OPTS environment 
variable, however it seems that the jsvc process doesn't evaluate it 
unless I include it as part of my startup command line.  However if I do 
this, I get the process table output below.


Is there any way to not show these passwords in the clear and support 
the SSL configuration capabilities that are setup?


Thanks in advance
Brian

ps -ef | grep jsvc

root 14973 1  0 23:51 ?00:00:00 jsvc.exec -pidfile 
/var/run/jsvc.pid -cp 
/usr/local/apache/bin/bootstrap.jar:/usr/local/apache/bin/tomcat-juli.jar -user 
tomcat -Xmx512m -Xms512m -outfile /usr/local/apache/logs/catalina.out 
-errfile /usr/local/apache/logs/catalina.err 
-Dcom.sun.management.jmxremote.password.file=/usr/local/apache/conf/jmxremote.password 
-Dcom.sun.management.jmxremote.access.file=/usr/local/apache/conf/jmxremote.access 
-Dcom.sun.management.jmxremote.authenticate=true 
-Dcom.sun.management.jmxremote.ssl=true 
-Dcom.sun.management.jmxremote.registry.ssl=true 
-Djavax.net.ssl.keyStore=/usr/local/apache/conf/jmxkeystore 
-Djavax.net.ssl.keyStorePassword=secret 
-Dcom.sun.management.jmxremote.ssl.need.client.auth=true 
-Djavax.net.ssl.trustStore=/usr/local/apache/conf/jmxtruststore 
-Djavax.net.ssl.trustStorePassword=secret 
org.apache.catalina.startup.Bootstrap
tomcat   14974 14973 42 23:51 ?00:00:02 jsvc.exec -pidfile 
/var/run/jsvc.pid -cp 
/usr/local/apache/bin/bootstrap.jar:/usr/local/apache/bin/tomcat-juli.jar -user 
tomcat -Xmx512m -Xms512m -outfile /usr/local/apache/logs/catalina.out 
-errfile /usr/local/apache/logs/catalina.err 
-Dcom.sun.management.jmxremote.password.file=/usr/local/apache/conf/jmxremote.password 
-Dcom.sun.management.jmxremote.access.file=/usr/local/apache/conf/jmxremote.access 
-Dcom.sun.management.jmxremote.authenticate=true 
-Dcom.sun.management.jmxremote.ssl=true 
-Dcom.sun.management.jmxremote.registry.ssl=true 
-Djavax.net.ssl.keyStore=/usr/local/apache/conf/jmxkeystore 
-Djavax.net.ssl.keyStorePassword=secret 
-Dcom.sun.management.jmxremote.ssl.need.client.auth=true 
-Djavax.net.ssl.trustStore=/usr/local/apache/conf/jmxtruststore 
-Djavax.net.ssl.trustStorePassword=secret 
org.apache.catalina.startup.Bootstrap



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Trying to suppress keystore and truststore password in Cent OS process listings.

2012-03-25 Thread Brian Hand


Pid

Worked like a champ.  Thank you once again.

Brian

On 3/25/2012 2:40 AM, Pid * wrote:

On 25 Mar 2012, at 06:25, Brian Handhandbri...@gmail.com  wrote:


Hello all

I been working with getting JMX working with SSL with client side authentication working 
on tomcat.  All is working well in this regard.  However, I noticed that if I do a 
ps -ef | grep jsvc on the Cent OS linux server.  I get the below output ( yes 
the password has been changed ).  My question is simply, is there a way to pass in the 
keystore password and truststore password through jsvc in such a manner where it isn't in 
clear text on a process list output?  Or more to the point, am I being overly paranoid 
that the keystore and truststore passwords are in the clear if you do a process listing 
on the server?  I have taken steps to ensure that only the tomcat user is able to read 
from both the keystore and truststore files and the tomcat user is not allowed direct 
logins on to the machine.  The only way you can become a tomcat user is via su - tomcat 
from another user.

I tried setting the parameters via the CATALINA_OPTS environment variable, 
however it seems that the jsvc process doesn't evaluate it unless I include it 
as part of my startup command line.  However if I do this, I get the process 
table output below.

The jsvc wrapper launches Tomcat itself, ignoring the tomcat/bin scripts.



Is there any way to not show these passwords in the clear and support the SSL 
configuration capabilities that are setup?

Yes.

1. Add all of those properties to the end of catalina.properties.

2. Download the catalina-jmx-remote.jar and configure the listener it
contains in server.xml.


p



Thanks in advance
Brian

ps -ef | grep jsvc

root 14973 1  0 23:51 ?00:00:00 jsvc.exec -pidfile 
/var/run/jsvc.pid -cp 
/usr/local/apache/bin/bootstrap.jar:/usr/local/apache/bin/tomcat-juli.jar -user 
tomcat -Xmx512m -Xms512m -outfile /usr/local/apache/logs/catalina.out -errfile 
/usr/local/apache/logs/catalina.err 
-Dcom.sun.management.jmxremote.password.file=/usr/local/apache/conf/jmxremote.password
 
-Dcom.sun.management.jmxremote.access.file=/usr/local/apache/conf/jmxremote.access
 -Dcom.sun.management.jmxremote.authenticate=true 
-Dcom.sun.management.jmxremote.ssl=true 
-Dcom.sun.management.jmxremote.registry.ssl=true 
-Djavax.net.ssl.keyStore=/usr/local/apache/conf/jmxkeystore 
-Djavax.net.ssl.keyStorePassword=secret 
-Dcom.sun.management.jmxremote.ssl.need.client.auth=true 
-Djavax.net.ssl.trustStore=/usr/local/apache/conf/jmxtruststore 
-Djavax.net.ssl.trustStorePassword=secret org.apache.catalina.startup.Bootstrap
tomcat   14974 14973 42 23:51 ?00:00:02 jsvc.exec -pidfile 
/var/run/jsvc.pid -cp 
/usr/local/apache/bin/bootstrap.jar:/usr/local/apache/bin/tomcat-juli.jar -user 
tomcat -Xmx512m -Xms512m -outfile /usr/local/apache/logs/catalina.out -errfile 
/usr/local/apache/logs/catalina.err 
-Dcom.sun.management.jmxremote.password.file=/usr/local/apache/conf/jmxremote.password
 
-Dcom.sun.management.jmxremote.access.file=/usr/local/apache/conf/jmxremote.access
 -Dcom.sun.management.jmxremote.authenticate=true 
-Dcom.sun.management.jmxremote.ssl=true 
-Dcom.sun.management.jmxremote.registry.ssl=true 
-Djavax.net.ssl.keyStore=/usr/local/apache/conf/jmxkeystore 
-Djavax.net.ssl.keyStorePassword=secret 
-Dcom.sun.management.jmxremote.ssl.need.client.auth=true 
-Djavax.net.ssl.trustStore=/usr/local/apache/conf/jmxtruststore 
-Djavax.net.ssl.trustStorePassword=secret org.apache.catalina.startup.Bootstrap


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

disabling SessionListener Logging

Re: disabling SessionListener Logging

Re: disabling SessionListener Logging

Trying to suppress keystore and truststore password in Cent OS process listings.

Re: Trying to suppress keystore and truststore password in Cent OS process listings.

5 matches

Site Navigation

Mail list logo

Footer information