Class-Path-Manifest Entry

2004-01-26 Thread Reinhard Moosauer
Hello List,

I wonder, if the Class-Path-Entry of the Manifest in a 
web-application-ressource is interpreted by Tomcat.

I saw this functionality in BEA WebLogic. I tried in tomcat, but it did not 
work.

Is it implemented at all, or is it planned?
(Using 4.1.29)

Plug-and-play-installation of Webapps could be done with much smaller WARs.
So I would consider it as a nice feature.

Kind regards,

Reinhard


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Errorpage for Servlets

2003-12-17 Thread Reinhard Moosauer
Hi,

Jean-Pierre Pelletier submitted this bug (already closed):

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25547
(default errorpage is displayed instead of the one forwarded to)

I am also using the technique he describes. (In Tomcat 4.1)
Seems like this will work no more in Tomcat 5

My question: Is there a portable way to use the same errorpage for servlets 
and JSPs? 

I can think of these solutions:

1. use another attribute instead of javax.servlet.jsp.jspException and get 
it back in the errorpage

2. Simply use exception as the attribute name.

thanks in advance for some tips,


Reinhard

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: Suggestion: Many virtual hosts in Tomcat - hosts-directory

2003-06-25 Thread Reinhard Moosauer
Hi,

thanks for the quick answer. Please see comments inline

Am Montag, 23. Juni 2003 13:03 schrieb Remy Maucherat:
 Reinhard Moosauer wrote:
  Hello List,
 
  Tomcat has a very nice feature, which allows dropping .xml in the
  wepapp-directory and automatic deployment of contexts defined therein.
 
  I would suggest the same approach for Host definitions.
  For a lot of installations it would _completely_ eliminate the need for
  changes in server.xml.
  I don't know, if such a mechanism is planned for tc5.
  In this case: could we consider a backport of this feature?
 
  I would volunteer for an extension to 4.1. But I would like to hear the
  opinion of the developers.
 
  Here is the to-do-list:
  - add a parameter to the engine-Tag: virtualHostDir=
(default: hosts for example)
  - (Alternative: the plugin-way: define a listener, which does this)
  - deploy all defined hostxxx.xml in the given dir on startup.
  - optional: add an auto-deploy feature like in webapps
 
  I don't know yet, how invasive the change would be. I am very grateful
  for any hints.
 
  I would like to contribute the extension, if it is well-integrated and
  riskless enough for the stable tree. Otherwise: maybe it works at least
  for me...
 
  Please do not hesitate to give any kind of comments!

 I'd considered it a lot lately, but decided against it, as it's not as
 hassle free as you make it sound: the biggest problem is configuring the
 DNS, so I don't see what the feature would add.


I caught a bit of your consideration, I think, but I missed the conclusion.
Please give me a hint: what do you mean with configuring the DNS? 
I know that I need valid DNS-Entries for each virtual hosts, which can't 
obviously be done with Tomcat.
Is there another thing with DNS in Tomcat I do not see?

 With TC 5, you can dynamically add hosts with:
 - JMX (using some agent)
 - the admin webapp, like in TC 4.1.x

 I think that's good enough, and the extra complexity doesn't seem to add
 something of real value.


Imaginably I can do the setup of a new virtual host on a server with a quite 
simple shellscript. I want to add the possibilty to configure the tomcat 
hosts also in turn.
Patching it in server.xml is not nice. Not only because of the need to restart 
tomcat afterwards. Both are risky tasks when I want to do it unattended.

 I'd vote -0 or -1 on the issue.

If you don't mind I would like to clarify it a litte bit more.
Again, thanks a lot for your comments

Reinhard


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Suggestion: Many virtual hosts in Tomcat - hosts-directory

2003-06-23 Thread Reinhard Moosauer
Hello List,

Tomcat has a very nice feature, which allows dropping .xml in the 
wepapp-directory and automatic deployment of contexts defined therein.

I would suggest the same approach for Host definitions.
For a lot of installations it would _completely_ eliminate the need for 
changes in server.xml.
I don't know, if such a mechanism is planned for tc5. 
In this case: could we consider a backport of this feature?

I would volunteer for an extension to 4.1. But I would like to hear the 
opinion of the developers.

Here is the to-do-list:
- add a parameter to the engine-Tag: virtualHostDir=
  (default: hosts for example)
- (Alternative: the plugin-way: define a listener, which does this)
- deploy all defined hostxxx.xml in the given dir on startup.
- optional: add an auto-deploy feature like in webapps

I don't know yet, how invasive the change would be. I am very grateful for any 
hints.

I would like to contribute the extension, if it is well-integrated and 
riskless enough for the stable tree. Otherwise: maybe it works at least for 
me...

Please do not hesitate to give any kind of comments!

regards,

Reinhard


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: Tomcat SSL mutual authentication: Nobody's got a clue?

2003-03-28 Thread Reinhard Moosauer
Hi,

when Internet Explorer prompts you with the list of certificates to send to 
the server, it checks KeyUsage of the certs in you keystore.
If the list is empty, it means you have no usable cert.

How do you generate your certs? If you use openssl, please consult
openssl.txt in the docs. KeyUsage is explained there.
The behavior is dependent of version of ie and windows. 

Certs from a trustcenter are very restricted in respect of usage. A email cert 
may be usable only for email, and nothing more. Same for file encryption 
(EFS), code signature and authentication, ...
Non-Repudiation could be the KeyUsage you need. But don't know
Take care: the KeyUsage of the CA-cert is sometimes also checked. Not talking 
about CRLs.

With a Win2000 CA you have to chose the right profile when requesting the 
cert.

This is definitely the wrong list to get deeper insight with certificates. But 
I am also not sure what the right place would be... 
openssl could be a good idea.

With this program you can generate test certs for any usage:
http://sourceforge.net/projects/myca
(Usable with Linux and cygwin. It's based on openssl)

Sometimes it is useful to test it with another browser. 

hope that helps,

Reinhard

Am Dienstag, 25. März 2003 23:53 schrieb [EMAIL PROTECTED]:
 Thanks, but I have read that documentation many times.

 That documentations tells us how to run Tomcat in SSL mode.  And as I
 mentioned in the previous message, I know how to do that.

 What I want is mutual authentication, that is,

 1. The Web server authenticates itself by sending its certificate to the
 client.  (This is what the doc talks about)

 2. The client authenticates itself by sending its certificate to the Web
 server.  (This is not mentioned in that documentation, and is what I want
 to do)

 Bill Barker [EMAIL PROTECTED] wrote:
 http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl-howto.html
 
 - Original Message -

 From: [EMAIL PROTECTED]

 To: Tomcat Developers List [EMAIL PROTECTED]
 Sent: Tuesday, March 25, 2003 1:44 PM
 Subject: Tomcat SSL mutual authentication: Nobody's got a clue?
 
  I want configure Tomcat SSL for mutual authentication.  And I've been
 
 exploring this for a while.
 
  If tomcat-users don't know this, tomcat-developers also get no clue?
 
  __
  Try AOL and get 1045 hours FREE for 45 days!
  http://free.aol.com/tryaolfree/index.adp?375380
 
  Get AOL Instant Messenger 5.1 for FREE! Download Now!
  http://aim.aol.com/aimnew/Aim/register.adp?promos=380455
 
  -
  To unsubscribe, e-mail: [EMAIL PROTECTED]
  For additional commands, e-mail: [EMAIL PROTECTED]
 
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]

 __
 Try AOL and get 1045 hours FREE for 45 days!
 http://free.aol.com/tryaolfree/index.adp?375380

 Get AOL Instant Messenger 5.1 for FREE! Download Now!
 http://aim.aol.com/aimnew/Aim/register.adp?promos=380455

 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



JK2 not working with virtual hosts

2003-03-12 Thread Reinhard Moosauer
Hello List,

I tried the binary mod_jk2-1.3-eapi.so from 
http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk2/release/v2.0.0/
with apache 1.3 and virtual hosts.

In short: absolutely no luck. 
I read all available docs (which seen quite current) and enabled debugging in 
workers2.properties, but I diddn't get the uri-maps right.
He didn't decode the host-part of the uri:-entries.

Example:
[uri:www.myhost.com/servlet/*]
was decoded to:
uri=/servlet/*
host=www.myhost.com/servlet/*

Weird! Even when I omit the host-part it doesn't find the map when I start a 
request.
I tried several combinations:
[uri:www.myhost.com]
[uri:www.myhost.com:80/servlet/*]
[uri:www.myhost.com:/servlet/*]
[uri:/servlet/*]

I read the source (from tomcat-4.1.18), and I found that the version must be 
different (wrong source line numbers)
But the source seems to be ok. Did I use a broken version?
Where can I find more current binary versions?
Building it seems painful, when I look to the configure script.

Any hint is greatly appreciated.

regards,

Reinhard

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: JK2 not working with virtual hosts

2003-03-12 Thread Reinhard Moosauer

Additional information:
Without virtual host I got the request mapped. But no answer but
a segmentation fault .. child ..  in apache's error_log



thanks,


Am Mittwoch, 12. März 2003 16:43 schrieb Reinhard Moosauer:
 Hello List,

 I tried the binary mod_jk2-1.3-eapi.so from
 http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk2/release/v2.0
.0/ with apache 1.3 and virtual hosts.

 In short: absolutely no luck.
 I read all available docs (which seen quite current) and enabled debugging
 in workers2.properties, but I diddn't get the uri-maps right.
 He didn't decode the host-part of the uri:-entries.

 Example:
 [uri:www.myhost.com/servlet/*]
 was decoded to:
 uri=/servlet/*
 host=www.myhost.com/servlet/*

 Weird! Even when I omit the host-part it doesn't find the map when I start
 a request.
 I tried several combinations:
 [uri:www.myhost.com]
 [uri:www.myhost.com:80/servlet/*]
 [uri:www.myhost.com:/servlet/*]
 [uri:/servlet/*]

 I read the source (from tomcat-4.1.18), and I found that the version must
 be different (wrong source line numbers)
 But the source seems to be ok. Did I use a broken version?
 Where can I find more current binary versions?
 Building it seems painful, when I look to the configure script.

 Any hint is greatly appreciated.

 regards,

 Reinhard

 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: JK2 not working with virtual hosts

2003-03-12 Thread Reinhard Moosauer
Hello,

Am Mittwoch, 12. März 2003 19:56 schrieb Costin Manolache:
 Reinhard Moosauer wrote:
  Additional information:
  Without virtual host I got the request mapped. But no answer but
  a segmentation fault .. child ..  in apache's error_log

 Can you send a stack trace ?


see below a ltrace on the apache thread. Don't know how to get a stack trace.

 I'm checking the hosts problem.


Now I am using the 2.0.1-binary from jakarta's server. The logs say that 
virtual hosts are decoded now properly.
2.0.0 seems completely broken with virtual hosts.

How to go on?

many, many thanks for your help.

regards,

Reinhard
 Costin

  thanks,
 
  Am Mittwoch, 12. März 2003 16:43 schrieb Reinhard Moosauer:
  Hello List,
 
  I tried the binary mod_jk2-1.3-eapi.so from

 http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk2/release/v2.0

 .0/ with apache 1.3 and virtual hosts.
 
  In short: absolutely no luck.
  I read all available docs (which seen quite current) and enabled
  debugging in workers2.properties, but I diddn't get the uri-maps right.
  He didn't decode the host-part of the uri:-entries.
 
  Example:
  [uri:www.myhost.com/servlet/*]
  was decoded to:
  uri=/servlet/*
  host=www.myhost.com/servlet/*
 
  Weird! Even when I omit the host-part it doesn't find the map when I
  start a request.
  I tried several combinations:
  [uri:www.myhost.com]
  [uri:www.myhost.com:80/servlet/*]
  [uri:www.myhost.com:/servlet/*]
  [uri:/servlet/*]
 
  I read the source (from tomcat-4.1.18), and I found that the version
  must be different (wrong source line numbers)
  But the source seems to be ok. Did I use a broken version?
  Where can I find more current binary versions?
  Building it seems painful, when I look to the configure script.
 
  Any hint is greatly appreciated.
 
  regards,
 
  Reinhard
 
  -
  To unsubscribe, e-mail: [EMAIL PROTECTED]
  For additional commands, e-mail: [EMAIL PROTECTED]

 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]

# ltrace -f -p 23462
...
...
strlen(GET /jkstatus HTTP/1.1)  = 22
memcpy(0x080f6ea8, GET /jkstatus HTTP/1.1, 23)  = 0x080f6ea8
strlen(/jkstatus)   = 9
memcpy(0x080f6ed8, /jkstatus, 10)   = 0x080f6ed8
memcpy(0x080f6ee8, /jkstatus, 9)= 0x080f6ee8
strlen(HTTP/1.1)= 8
memcpy(0x080f6ef8, HTTP/1.1, 9) = 0x080f6ef8
sscanf(0x080f6ef8, 0x0807da24, 0xbfffd068, 0xbfffd064, 0xbfffd060) = 2
memset(0x080f6f20, '\000', 400)   = 0x080f6f20
memcpy(0x080f70b0, Connection: Keep-Alive, 23)  = 0x080f70b0
strchr(Connection: Keep-Alive, ':') = : Keep-Alive
memcpy(0x080f70c8, User-Agent: Mozilla/5.0 (compati..., 59) = 0x080f70c8
strchr(User-Agent: Mozilla/5.0 (compati..., ':') = : Mozilla/5.0 
(compatible; Konqu...
memcpy(0x080f7108, Pragma: no-cache, 17)= 0x080f7108
strchr(Pragma: no-cache, ':')   = : no-cache
memcpy(0x080f7120, Cache-control: no-cache, 24) = 0x080f7120
strchr(Cache-control: no-cache, ':')= : no-cache
memcpy(0x080f7138, Accept: text/*, image/jpeg, imag..., 52) = 0x080f7138
strchr(Accept: text/*, image/jpeg, imag..., ':') = : text/*, image/jpeg, 
image/png,...
memcpy(0x080f7170, Accept-Encoding: x-gzip, x-defla..., 60) = 0x080f7170
strchr(Accept-Encoding: x-gzip, x-defla..., ':') = : x-gzip, x-deflate, 
gzip, defla...
memcpy(0x080f71b0, Accept-Charset: iso-8859-15, utf..., 50) = 0x080f71b0
strchr(Accept-Charset: iso-8859-15, utf..., ':') = : iso-8859-15, 
utf-8;q=0.5, *;q=...
memcpy(0x080f71e8, Accept-Language: de, en, 24) = 0x080f71e8
strchr(Accept-Language: de, en, ':')= : de, en
memcpy(0x080f7200, Host: m1b.home.priv, 20) = 0x080f7200
strchr(Host: m1b.home.priv, ':')= : m1b.home.priv
qsort(0xbfffb820, 9, 12, 0x08051a30 unfinished ...
strcasecmp(Connection, User-Agent)= -18
strcasecmp(Pragma, Cache-control) = 13
strcasecmp(Connection, Cache-control) = 14
strcasecmp(Connection, Pragma)= -13
strcasecmp(User-Agent, Pragma)= 5
strcasecmp(Accept, Accept-Encoding)   = -45
strcasecmp(Accept-Language, Host) = -7
strcasecmp(Accept-Charset, Accept-Language)   = -9
strcasecmp(Accept, Accept-Charset)= -45
strcasecmp(Accept-Encoding, Accept-Charset)   = 2
strcasecmp(Accept-Encoding, Accept-Language)  = -7
strcasecmp(Cache-control, Accept) = 2
strcasecmp(Cache-control, Accept-Charset) = 2
strcasecmp(Cache-control, Accept-Encoding)= 2
strcasecmp(Cache-control, Accept-Language)= 2
strcasecmp(Cache-control, Host)   = -5
strcasecmp(Connection, Host)  = -5
strcasecmp(Pragma, Host)  = 8
... qsort resumed

Re: JK2 not working with virtual hosts

2003-03-12 Thread Reinhard Moosauer
Hi,

yes. But where to get a binary for 2.0.2 and apache13? 
(I should have asked earlier this time)

Reinhard


Am Mittwoch, 12. März 2003 20:58 schrieb Mladen Turk:
  -Original Message-
  From: Reinhard Moosauer [mailto:[EMAIL PROTECTED]
 
  Additional information:
  Without virtual host I got the request mapped. But no answer
  but a segmentation fault .. child ..  in apache's error_log
 
   I tried the binary mod_jk2-1.3-eapi.so from
  http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk

 2/release/

 v2.0
 .0/ with apache 1.3 and virtual hosts.

 Could you try with 2.0.2. The 2.0.0 and (partially) 2.0.1 versions has
 some problems with the Virtual host,
 so you should use the 2.0.2.

 MT.


 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]