Class-Path-Manifest Entry
Hello List, I wonder, if the "Class-Path"-Entry of the Manifest in a web-application-ressource is interpreted by Tomcat. I saw this functionality in BEA WebLogic. I tried in tomcat, but it did not work. Is it implemented at all, or is it planned? (Using 4.1.29) Plug-and-play-installation of Webapps could be done with much smaller WARs. So I would consider it as a nice feature. Kind regards, Reinhard - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Errorpage for Servlets
Hi, Jean-Pierre Pelletier submitted this bug (already closed): http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25547 (default errorpage is displayed instead of the one forwarded to) I am also using the technique he describes. (In Tomcat 4.1) Seems like this will work no more in Tomcat 5 My question: Is there a portable way to use the same errorpage for servlets and JSPs? I can think of these solutions: 1. use another attribute instead of "javax.servlet.jsp.jspException" and get it back in the errorpage 2. Simply use "exception" as the attribute name. thanks in advance for some tips, Reinhard - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Suggestion: Many virtual hosts in Tomcat -> hosts-directory
Hi, thanks for the quick answer. Please see comments inline Am Montag, 23. Juni 2003 13:03 schrieb Remy Maucherat: > Reinhard Moosauer wrote: > > Hello List, > > > > Tomcat has a very nice feature, which allows dropping .xml in the > > wepapp-directory and automatic deployment of contexts defined therein. > > > > I would suggest the same approach for definitions. > > For a lot of installations it would _completely_ eliminate the need for > > changes in server.xml. > > I don't know, if such a mechanism is planned for tc5. > > In this case: could we consider a backport of this feature? > > > > I would volunteer for an extension to 4.1. But I would like to hear the > > opinion of the developers. > > > > Here is the to-do-list: > > - add a parameter to the -Tag: virtualHostDir="" > > (default: "hosts" for example) > > - (Alternative: the plugin-way: define a , which does this) > > - deploy all defined "hostxxx.xml" in the given dir on startup. > > - optional: add an "auto-deploy" feature like in webapps > > > > I don't know yet, how invasive the change would be. I am very grateful > > for any hints. > > > > I would like to contribute the extension, if it is well-integrated and > > riskless enough for the stable tree. Otherwise: maybe it works at least > > for me... > > > > Please do not hesitate to give any kind of comments! > > I'd considered it a lot lately, but decided against it, as it's not as > hassle free as you make it sound: the biggest problem is configuring the > DNS, so I don't see what the feature would add. > I caught a bit of your consideration, I think, but I missed the conclusion. Please give me a hint: what do you mean with "configuring the DNS"? I know that I need valid DNS-Entries for each virtual hosts, which can't obviously be done with Tomcat. Is there another thing with DNS in Tomcat I do not see? > With TC 5, you can dynamically add hosts with: > - JMX (using some agent) > - the admin webapp, like in TC 4.1.x > > I think that's good enough, and the extra complexity doesn't seem to add > something of real value. > Imaginably I can do the setup of a new virtual host on a server with a quite simple shellscript. I want to add the possibilty to configure the tomcat hosts also in turn. Patching it in server.xml is not nice. Not only because of the need to restart tomcat afterwards. Both are risky tasks when I want to do it unattended. > I'd vote -0 or -1 on the issue. If you don't mind I would like to clarify it a litte bit more. Again, thanks a lot for your comments Reinhard - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Suggestion: Many virtual hosts in Tomcat -> hosts-directory
Hello List, Tomcat has a very nice feature, which allows dropping .xml in the wepapp-directory and automatic deployment of contexts defined therein. I would suggest the same approach for definitions. For a lot of installations it would _completely_ eliminate the need for changes in server.xml. I don't know, if such a mechanism is planned for tc5. In this case: could we consider a backport of this feature? I would volunteer for an extension to 4.1. But I would like to hear the opinion of the developers. Here is the to-do-list: - add a parameter to the -Tag: virtualHostDir="" (default: "hosts" for example) - (Alternative: the plugin-way: define a , which does this) - deploy all defined "hostxxx.xml" in the given dir on startup. - optional: add an "auto-deploy" feature like in webapps I don't know yet, how invasive the change would be. I am very grateful for any hints. I would like to contribute the extension, if it is well-integrated and riskless enough for the stable tree. Otherwise: maybe it works at least for me... Please do not hesitate to give any kind of comments! regards, Reinhard - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat SSL mutual authentication: Nobody's got a clue?
Hi, when Internet Explorer prompts you with the list of certificates to send to the server, it checks KeyUsage of the certs in you keystore. If the list is empty, it means you have no usable cert. How do you generate your certs? If you use openssl, please consult openssl.txt in the docs. KeyUsage is explained there. The behavior is dependent of version of ie and windows. Certs from a trustcenter are very restricted in respect of usage. A email cert may be usable only for email, and nothing more. Same for file encryption (EFS), code signature and authentication, ... Non-Repudiation could be the KeyUsage you need. But don't know Take care: the KeyUsage of the CA-cert is sometimes also checked. Not talking about CRLs. With a Win2000 CA you have to chose the right profile when requesting the cert. This is definitely the wrong list to get deeper insight with certificates. But I am also not sure what the right place would be... openssl could be a good idea. With this program you can generate test certs for any usage: http://sourceforge.net/projects/myca (Usable with Linux and cygwin. It's based on openssl) Sometimes it is useful to test it with another browser. hope that helps, Reinhard Am Dienstag, 25. März 2003 23:53 schrieb [EMAIL PROTECTED]: > Thanks, but I have read that documentation many times. > > That documentations tells us how to run Tomcat in SSL mode. And as I > mentioned in the previous message, I know how to do that. > > What I want is mutual authentication, that is, > > 1. The Web server authenticates itself by sending its certificate to the > client. (This is what the doc talks about) > > 2. The client authenticates itself by sending its certificate to the Web > server. (This is not mentioned in that documentation, and is what I want > to do) > > "Bill Barker" <[EMAIL PROTECTED]> wrote: > >http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl-howto.html > > > >- Original Message - > > From: <[EMAIL PROTECTED]> > > >To: ""Tomcat Developers List"" <[EMAIL PROTECTED]> > >Sent: Tuesday, March 25, 2003 1:44 PM > >Subject: Tomcat SSL mutual authentication: Nobody's got a clue? > > > >> I want configure Tomcat SSL for mutual authentication. And I've been > > > >exploring this for a while. > > > >> If tomcat-users don't know this, tomcat-developers also get no clue? > >> > >> __ > >> Try AOL and get 1045 hours FREE for 45 days! > >> http://free.aol.com/tryaolfree/index.adp?375380 > >> > >> Get AOL Instant Messenger 5.1 for FREE! Download Now! > >> http://aim.aol.com/aimnew/Aim/register.adp?promos=380455 > >> > >> - > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > > > >- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > __ > Try AOL and get 1045 hours FREE for 45 days! > http://free.aol.com/tryaolfree/index.adp?375380 > > Get AOL Instant Messenger 5.1 for FREE! Download Now! > http://aim.aol.com/aimnew/Aim/register.adp?promos=380455 > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JK2 not working with virtual hosts
Hi, yes. But where to get a binary for 2.0.2 and apache13? (I should have asked earlier this time) Reinhard Am Mittwoch, 12. März 2003 20:58 schrieb Mladen Turk: > > -Original Message- > > From: Reinhard Moosauer [mailto:[EMAIL PROTECTED] > > > > Additional information: > > Without virtual host I got the request mapped. But no answer > > but a "segmentation fault .. child .. " in apache's error_log > > > > > I tried the binary "mod_jk2-1.3-eapi.so" from > > >http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk > > 2/release/ > > >v2.0 > >.0/ with apache 1.3 and virtual hosts. > > Could you try with 2.0.2. The 2.0.0 and (partially) 2.0.1 versions has > some problems with the Virtual host, > so you should use the 2.0.2. > > MT. > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JK2 not working with virtual hosts
Hello, Am Mittwoch, 12. März 2003 19:56 schrieb Costin Manolache: > Reinhard Moosauer wrote: > > Additional information: > > Without virtual host I got the request mapped. But no answer but > > a "segmentation fault .. child .. " in apache's error_log > > Can you send a stack trace ? > see below a ltrace on the apache thread. Don't know how to get a stack trace. > I'm checking the hosts problem. > Now I am using the 2.0.1-binary from jakarta's server. The logs say that virtual hosts are decoded now properly. 2.0.0 seems completely broken with virtual hosts. How to go on? many, many thanks for your help. regards, Reinhard > Costin > > > thanks, > > > > Am Mittwoch, 12. März 2003 16:43 schrieb Reinhard Moosauer: > >> Hello List, > >> > >> I tried the binary "mod_jk2-1.3-eapi.so" from > > http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk2/release/v2.0 > > >>.0/ with apache 1.3 and virtual hosts. > >> > >> In short: absolutely no luck. > >> I read all available docs (which seen quite current) and enabled > >> debugging in workers2.properties, but I diddn't get the uri-maps right. > >> He didn't decode the host-part of the uri:-entries. > >> > >> Example: > >> [uri:www.myhost.com/servlet/*] > >> was decoded to: > >> uri=/servlet/* > >> host=www.myhost.com/servlet/* > >> > >> Weird! Even when I omit the host-part it doesn't find the map when I > >> start a request. > >> I tried several combinations: > >> [uri:www.myhost.com] > >> [uri:www.myhost.com:80/servlet/*] > >> [uri:www.myhost.com:/servlet/*] > >> [uri:/servlet/*] > >> > >> I read the source (from tomcat-4.1.18), and I found that the version > >> must be different (wrong source line numbers) > >> But the source seems to be ok. Did I use a broken version? > >> Where can I find more current binary versions? > >> Building it seems painful, when I look to the configure script. > >> > >> Any hint is greatly appreciated. > >> > >> regards, > >> > >> Reinhard > >> > >> - > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] # ltrace -f -p 23462 ... ... strlen("GET /jkstatus HTTP/1.1") = 22 memcpy(0x080f6ea8, "GET /jkstatus HTTP/1.1", 23) = 0x080f6ea8 strlen("/jkstatus") = 9 memcpy(0x080f6ed8, "/jkstatus", 10) = 0x080f6ed8 memcpy(0x080f6ee8, "/jkstatus", 9)= 0x080f6ee8 strlen("HTTP/1.1")= 8 memcpy(0x080f6ef8, "HTTP/1.1", 9) = 0x080f6ef8 sscanf(0x080f6ef8, 0x0807da24, 0xbfffd068, 0xbfffd064, 0xbfffd060) = 2 memset(0x080f6f20, '\000', 400) = 0x080f6f20 memcpy(0x080f70b0, "Connection: Keep-Alive", 23) = 0x080f70b0 strchr("Connection: Keep-Alive", ':') = ": Keep-Alive" memcpy(0x080f70c8, "User-Agent: Mozilla/5.0 (compati"..., 59) = 0x080f70c8 strchr("User-Agent: Mozilla/5.0 (compati"..., ':') = ": Mozilla/5.0 (compatible; Konqu"... memcpy(0x080f7108, "Pragma: no-cache", 17)= 0x080f7108 strchr("Pragma: no-cache", ':') = ": no-cache" memcpy(0x080f7120, "Cache-control: no-cache", 24) = 0x080f7120 strchr("Cache-control: no-cache", ':')= ": no-cache" memcpy(0x080f7138, "Accept: text/*, image/jpeg, imag"..., 52) = 0x080f7138 strchr("Accept: text/*, image/jpeg, imag"..., ':') = ": text/*, image/jpeg, image/png,"... memcpy(0x080f7170, "Accept-Encoding: x-gzip, x-defla"..., 60) = 0x080f7170 strchr("Accept-Encoding: x-gzip, x-defla"..., ':') = ": x-gzip, x-deflate, gzip, defla"... memcpy(0x080f71b0, "Accept-Charset: iso-8859-15, utf"..., 50) = 0x080f71b0 strchr("Accept-Charset: iso-8859-15, utf"..., ':') = ": iso-8859-15, utf-8;q=0.5, *;q="... memcpy(0x080f71e8, "Accept-Language: de, en", 24) = 0x080f71e8 strchr("Accept-Language: de, en", ':')= ": de, en" memcpy(0x080f7200, "Host: m1
Re: JK2 not working with virtual hosts
Additional information: Without virtual host I got the request mapped. But no answer but a "segmentation fault .. child .. " in apache's error_log thanks, Am Mittwoch, 12. März 2003 16:43 schrieb Reinhard Moosauer: > Hello List, > > I tried the binary "mod_jk2-1.3-eapi.so" from > http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk2/release/v2.0 >.0/ with apache 1.3 and virtual hosts. > > In short: absolutely no luck. > I read all available docs (which seen quite current) and enabled debugging > in workers2.properties, but I diddn't get the uri-maps right. > He didn't decode the host-part of the uri:-entries. > > Example: > [uri:www.myhost.com/servlet/*] > was decoded to: > uri=/servlet/* > host=www.myhost.com/servlet/* > > Weird! Even when I omit the host-part it doesn't find the map when I start > a request. > I tried several combinations: > [uri:www.myhost.com] > [uri:www.myhost.com:80/servlet/*] > [uri:www.myhost.com:/servlet/*] > [uri:/servlet/*] > > I read the source (from tomcat-4.1.18), and I found that the version must > be different (wrong source line numbers) > But the source seems to be ok. Did I use a broken version? > Where can I find more current binary versions? > Building it seems painful, when I look to the configure script. > > Any hint is greatly appreciated. > > regards, > > Reinhard > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JK2 not working with virtual hosts
Hello List, I tried the binary "mod_jk2-1.3-eapi.so" from http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk2/release/v2.0.0/ with apache 1.3 and virtual hosts. In short: absolutely no luck. I read all available docs (which seen quite current) and enabled debugging in workers2.properties, but I diddn't get the uri-maps right. He didn't decode the host-part of the uri:-entries. Example: [uri:www.myhost.com/servlet/*] was decoded to: uri=/servlet/* host=www.myhost.com/servlet/* Weird! Even when I omit the host-part it doesn't find the map when I start a request. I tried several combinations: [uri:www.myhost.com] [uri:www.myhost.com:80/servlet/*] [uri:www.myhost.com:/servlet/*] [uri:/servlet/*] I read the source (from tomcat-4.1.18), and I found that the version must be different (wrong source line numbers) But the source seems to be ok. Did I use a broken version? Where can I find more current binary versions? Building it seems painful, when I look to the configure script. Any hint is greatly appreciated. regards, Reinhard - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Request to Fix Tomcat Standalone 302 redirect Issue
Hi, at Jan 03, 2003 Matt Parker published a patch in this list: "[PATCH] forward instead of redirect for welcome files" which was discussed thourougly with Costin, Remy and others. I'm not sure about the conclusion of this. But it seemed that 5.0 should reintroduce this behavior by option. Please read that thread. Maybe there are some hints to get further. (I am also very interested in this changing this, but as long as apache ist an option, the priority stays medium...) Kind regards, Reinhard Am Sonntag, 16. Februar 2003 00:41 schrieb neal: > Has anyone considered fixing the following Tomcat standalone issue: > > if a request is made to "www.xyz.com", tomcat auto redirects (per the > welcome files list) to "www.xyz.com/index.html". That's a 302 http > redirect. Aside from this being a very non-standard approach th handling > default files within a directory, it is extremely problematic when dealing > with Search Engines. > > Search engines hate 302s and penalize most sites that utilize them, > particularly as their default page. Further in the case of Google, a page > rank is assigned to a url based upon inboind links. If the inboind links > are all to "www.xyz.com" and that url is just a redirect, you will never > benefit from the inbound links to your default url and never achieve a nigh > ranking. > > For these reasons this "feature" of tomcat renders the standalone http > server virtually commercially non-viable. This is a major concern for any > commercial site that reaps traffic from search engines, or from inbound > links. > > I setup my site using tomcat standalone because I saw no reason to set it > up with Apache initially. But this one single reason is making me > seriously second guess that choice. Is this not somehting that can be > easily fixed in a future version? And if it can be fixed I would > like to beg ... grovel ... anything ... to have this changed. Otherwise, > re-setting up with apache is going to cost me a fair amount of $$$ and time > at this point. :-\ > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]