Re: Question for Tomcat Developers - How to Plug In Encryption for JDBC passwords
Please do not start the flame war. Check what I have to say. I am really not a beginner in this area. First, feature I mentioned is commonly implemented on every major application server platform that I know- JBoss, WebSphere, WebLogic, Oracle AS. It's purpose is not to permanently protect the credentials, but to minimize or prevent the damage from a short duration attack - i.e. to minimize chances of a breach into a data tier. I am quite aware of all the other best security engineering practices, but in this case I am really addressing one pretty significant scenario - a short duration attack where the application server host machine has been completely compromised by an external or lateral attack. You attacked and fully breached the machine that is hosting Tomcat, and as you've done so you have triggered various trip wires. So you have only few minutes before the attack is confirmed. If the Tomcat password is in clear, you just need to connect to the database using the connection string provided and you can start pulling the data out. For the person skilled in the target database 5 min would be more then enough for all kinds of catastrophically damaging activities - primarely finding and reading the sensitive data. It is commonly recognized in the security circles that the application server's JDBC rights are achilles heel of the application. With clear passwords - there is nothing in your way. If you have 5 min on the Tomcat that has a connection password encrypted - you have to spend time to decrypt it - no matter how trivial that task may be, or how well known the algorithm may be. In a sophisticated, secured environment this time required to break even the most simplistic encryption algorithm can be sufficient enough for the intrusion detection and prevention mechanims to kick in and stop the show before any of the data has been read, exported or transported. Of all the elements in the distributed systems with relational backends - the most senstive part of it is a relational backend itself. Not a web server, root account, not a shadow files, but the database itself because if somebody gets hold of even one social security number, mother's maiden name, medical record, salary, ... the targeted business (and the people who implemented the application) may need to put a Closout Sale sign on their shop soon. Sample of JDBC configuration entry in BEA WebLogic 9 | jdbc-driver-params urljdbc:pointbase:server://123.123.123.123:9092/demo/url driver-namecom.pointbase.xa.xaDataSource/driver-name properties property nameuser/name valueexamples/value /property property namedatabaseName/name valuejdbc:pointbase:server://123.123.123.123:9092/demo/value /property /properties password-encryptedeNEVN9dk4dEDUEVqL1/password-encrypted /jdbc-driver-params| Parsons Technical Services wrote: Okay, I know I am starting a flame war but why go through the effort? If I can see your encrypted passwords, then I can see the code that decrypts them. And with that I have your passwords. It only adds a step to my effort to crack your security. The only way to really secure them is to secure the files they are stored in. If you are on Linux or Windoze with NTFS this can be done. Then only you and Tomcat can see them. This of course does not exclude the admin/root, but if you can't trust them then you have bigger issues. So in reality don't bother with what is in the files, instead secure the files. If you disagree, then explain how you are going to send the password to MySQL? And some more info on your environment may help us give you some other suggestions. Please don't take this the wrong way. This has been discussed many times before and there is no real solution other than as stated above. If you have a different idea, please post it. We are open to new ideas and suggestions, but with this one, I feel the solution lies in the environment. Please feel free to prove me wrong. And yes it has been done before, for I am far from perfect. Doug - Original Message - From: Edmon Begoli [EMAIL PROTECTED] To: Tomcat Users List tomcat-user@jakarta.apache.org Sent: Saturday, February 26, 2005 10:08 PM Subject: Question for Tomcat Developers - How to Plug In Encryption for JDBC passwords Hi, I an using Tomcat 5.5.7, and I am planning on upgrading as needed. As we all know Tomcat enables me to configure JDBC resources that my app can use through the JNDI. My problem is that these passwords have to be stored as a plain text which is a very bitter pill in my environment. What is the Tomcat class that reads in those plain text values? I would like to override this behavior and to enable this class to read digests/encrypted passwords. I would also contribute this code to Tomcat code base if desired. Please advise, Edmon - To unsubscribe, e-mail:
Re: Startup
Caldarale, Charles R wrote: From: Nikola Milutinovic [mailto:[EMAIL PROTECTED] Subject: Re: Startup While 5.5.7 can be made to run on JDK (not JRE) 1.4.x, it is not intended for 1.4 series. I suspect that would be news to the developers. The 5.5 branch runs perfectly fine on the 1.4.2 JRE (the JDK is _not_ needed), as long as the compat.zip download is added to the primary download. 5.5.7 is also noticeably faster than 5.0.30, even on the 1.4.2 JRE. :-P I didn't say it cannot work. It can, but it has been stripped of APIs that are provided with 1.5.0, which are not present in 1.4.2. Which is why you need that compat.zip, right? I'm not sure if there are any other improvements over 5.0.x series, other than that. Nix. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Arabic encoding
It depends on what the Oracle JDBC driver does with byte values that are not legitimate US7ASCII. If, for some reason, it treated the data as ISO-8859-1 instead of US7ASCII, then it might have streamed out through tomcat, and the browser would have auto-detected the CP1256 pretending to be ISO-8859-1. -Original Message- From: Fadwa Barham [mailto:[EMAIL PROTECTED] Sent: Sunday, February 27, 2005 1:43 PM To: Tomcat Users List Subject: Re: Arabic encoding But I wonder why the old tomcat and java displayed arabic correctly, and I use the same classes12.jar in both of the old and the new. I want to know what is the differance, what encoding they stopped to support? It looks like that tomcat cannot understand the old Java cause I have to change the encoding to arabic windows in the internet explorer each time I request the servlet, and when I do this, every arabic character is displayed correctly. I think it is better to understand the problem and the changes so I can handle the problem if I faced it again in the newer versions of tomcat or Java. I know that being the database in us7ascii is not good, but changing the database encoding each time I face the problem is not the right way. I may change it this time, but I need to understand. thanks - Original Message - From: Benson Margulies [EMAIL PROTECTED] To: Tomcat Users List tomcat-user@jakarta.apache.org Sent: Sunday, February 27, 2005 12:44 AM Subject: RE: Arabic encoding Oracle's ODBC driver will transcode from the database to UTF-16 based on the databse encoding. If the database is in US7ASCII, this is a destructive process for Arabic. The only alternative I can think of is to do all your database I/O in hex. -Original Message- From: Fadwa Barham [mailto:[EMAIL PROTECTED] Sent: Saturday, February 26, 2005 1:20 PM To: Tomcat Users List Subject: Re: Arabic encoding I use oracle 7 database, and the NLS language is American_America.US7ASCII, and it is not easy to change it to utf-8. Beside, the question is, a servlet work fine on tomcat 4.0.6 why it stopped with the new versions, what changes made to the encoding of tomcat?? do I need tomcat-i18n-ar.jar? and if so, from where to get it? I can't determine where is the problem, is it from the new Java or the new tomcat. thanks in advanced - Original Message - From: Benson Margulies [EMAIL PROTECTED] To: Tomcat Users List tomcat-user@jakarta.apache.org Sent: Wednesday, February 23, 2005 11:26 PM Subject: RE: Arabic encoding What database? Do you have the database set up to deliver Unicode, or CP1256, correctly? Note that not all Arabic fits into CP1256, you might really be better off with UTF-8. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Question for Tomcat Developers - How to Plug In Encryption for JDBC passwords
I won't argue any of these points. They are all valid. Often the request for encryption comes from individuals who want to lock there goods in a safe but leave the safe in the back of a truck with the keys in the ignition. In your case you want to hide the keys and disable the truck. Since time is the goal here and not ultimate security, then playing an encryption game would help. Also think of moving the username and passwords into separate files located in different locations. As for the encryption, you could do it twice. Once when the xml is parsed and read in and again when the database is being contacted. Now the real issue is that since time is your real goal, the last thing you want to do is contribute the code back to the project. This would give the hacker a road map where everything is and with a simple script, in less than a second, he or she would have your info. Also consider encrypting the username. Why give them half of your information. I have read the code for the call to the database and there are a couple ways to do it there. As for the other end during the file read, I haven't mess with that end yet. Again secrecy is you ally here. Yes, it would make your install custom, but that would be a good thing in your case. Why do you think M$ gets hacked so much? Doug - Original Message - From: Edmon Begoli [EMAIL PROTECTED] To: Tomcat Users List tomcat-user@jakarta.apache.org Sent: Sunday, February 27, 2005 3:14 AM Subject: Re: Question for Tomcat Developers - How to Plug In Encryption for JDBC passwords Please do not start the flame war. Check what I have to say. I am really not a beginner in this area. First, feature I mentioned is commonly implemented on every major application server platform that I know- JBoss, WebSphere, WebLogic, Oracle AS. It's purpose is not to permanently protect the credentials, but to minimize or prevent the damage from a short duration attack - i.e. to minimize chances of a breach into a data tier. I am quite aware of all the other best security engineering practices, but in this case I am really addressing one pretty significant scenario - a short duration attack where the application server host machine has been completely compromised by an external or lateral attack. You attacked and fully breached the machine that is hosting Tomcat, and as you've done so you have triggered various trip wires. So you have only few minutes before the attack is confirmed. If the Tomcat password is in clear, you just need to connect to the database using the connection string provided and you can start pulling the data out. For the person skilled in the target database 5 min would be more then enough for all kinds of catastrophically damaging activities - primarely finding and reading the sensitive data. It is commonly recognized in the security circles that the application server's JDBC rights are achilles heel of the application. With clear passwords - there is nothing in your way. If you have 5 min on the Tomcat that has a connection password encrypted - you have to spend time to decrypt it - no matter how trivial that task may be, or how well known the algorithm may be. In a sophisticated, secured environment this time required to break even the most simplistic encryption algorithm can be sufficient enough for the intrusion detection and prevention mechanims to kick in and stop the show before any of the data has been read, exported or transported. Of all the elements in the distributed systems with relational backends - the most senstive part of it is a relational backend itself. Not a web server, root account, not a shadow files, but the database itself because if somebody gets hold of even one social security number, mother's maiden name, medical record, salary, ... the targeted business (and the people who implemented the application) may need to put a Closout Sale sign on their shop soon. Sample of JDBC configuration entry in BEA WebLogic 9 | jdbc-driver-params urljdbc:pointbase:server://123.123.123.123:9092/demo/url driver-namecom.pointbase.xa.xaDataSource/driver-name properties property nameuser/name valueexamples/value /property property namedatabaseName/name valuejdbc:pointbase:server://123.123.123.123:9092/demo/value /property /properties password-encryptedeNEVN9dk4dEDUEVqL1/password-encrypted /jdbc-driver-params| Parsons Technical Services wrote: Okay, I know I am starting a flame war but why go through the effort? If I can see your encrypted passwords, then I can see the code that decrypts them. And with that I have your passwords. It only adds a step to my effort to crack your security. The only way to really secure them is to secure the files they are stored in. If you are on Linux or Windoze with NTFS this can be done. Then only you and Tomcat can see them. This of course does not exclude the admin/root, but if you can't
RE: Startup
From: Nikola Milutinovic [mailto:[EMAIL PROTECTED] Subject: Re: Startup I didn't say it cannot work. It can, but it has been stripped of APIs that are provided with 1.5.0, which are not present in 1.4.2. Which is why you need that compat.zip, right? The three jars in the compat download are jmx, xercesImpl, and xml-apis. The 5.0.x Tomcat releases include all of these; they were left out of 5.5.x since Sun now releases them in the 1.5 JRE, and having duplicates in the Tomcat libraries might cause problems and would create an unnecessarily larger download for 1.5 users. Note that the 5.5.x branch does not utilize any 1.5 JRE or language features, and the newly included Java compiler - which is why you only need a JRE, not a JDK - can't handle 1.5 source (but it sure is fast). I'm not sure if there are any other improvements over 5.0.x series, other than that. As I said before - performance. Check Peter Lin's results, recently published in this list. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Incorrect output using WDSC for iseries
I have created a simple WebApp using the wizards in WDSC. Input form sends
select criteria to jsp which pulls data from iSeries table and displays output.
This works great if I run it in a Websphere test server running on the client
workstation. It does not work correctly if running on a Tomcat test server
running on the client or if deployed to a Tomcat server running on the iSeries.
It returns the correct number of records in the output.jsp but they are all
repeats of the first record. There are no error messages and since it returns
some 'real' data, the connection must be working.
I first tried this using Tomcat 4.1.3 then upgraded to 5.5.7 with the same
results.
Attached is wizard generated output.jsp code:
!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN
HTML
HEAD
%@ page import=java.util.*
contentType=text/html; charset=ISO-8859-1 pageEncoding=ISO-8859-1
%
META http-equiv=Content-Type content=text/html; charset=ISO-8859-1
%@ taglib uri=/WEB-INF/lib/jspsql.jar prefix=dab %
%
response.setHeader(Pragma, No-cache);
response.setHeader(Cache-Control, no-cache);
response.setDateHeader(Expires, 0);
%
META name=GENERATOR content=IBM WebSphere Studio
TITLESelect Master View/TITLE
!--Styles--
STYLE TYPE=text/css
!--
H1 {
text-align: center;
}
--
/STYLE
!--Style Sheet--
LINK href=theme/Master.css rel=stylesheet type=text/css
/HEAD
BODY
%--Store input filters into the session--%
%
if(request.getParameter(new_input) != null){
if(request.getParameter(VNDNR) != null){
session.setAttribute(VNDNR, request.getParameter(VNDNR));
}
}
%
%--Get host variables--%
%
String inputVNDNR = (String) session.getAttribute(VNDNR);
%
%-- Connect to the database --%
%! com.ibm.db.beans.DBConnectionSpec dsSpec = null; %
%
if (dsSpec == null) {
%
dab:driverManagerSpec id=MLDATA_CRPRCPTSConnection scope=page
userid='%=config.getInitParameter(username)%'
password='%=config.getInitParameter(password)%'
driver='%=config.getInitParameter(driverName)%'
url='%=config.getInitParameter(url)%' /
%
dsSpec = MLDATA_CRPRCPTSConnection;
}
%
%--Execute the query--%
dab:select id=select_master scope=request
connectionSpecRef=%=dsSpec%
dab:sql
SELECT MLDATA.CRPRCPTS.ITNBR, SUM(MLDATA.CRPRCPTS.REQQT) FROM
MLDATA.CRPRCPTS WHERE MLDATA.CRPRCPTS.ORDTYP = 'P' AND MLDATA.CRPRCPTS.VNDNR =
:VENDOR GROUP BY MLDATA.CRPRCPTS.ITNBR ORDER BY ITNBR ASC
/dab:sql
dab:parameter position=1 type=CHAR value=%=inputVNDNR% /
/dab:select
!--Java Script--
SCRIPT LANGUAGE=JavaScript TYPE=text/javascript
!--
function submitForm(nav){
document.myForm.elements[command].value = nav
index = document.myForm.elements[selected_index].value
if(nav == MLDATA_CRPRCPTSDetailsView index == -1){
alert(You must first make a selection)
}
else if(nav == MLDATA_CRPRCPTSDetailsView){
MLDATA_CRPRCPTS_ITNBR_ID = MLDATA_CRPRCPTS_ITNBR + index
document.myForm.elements[MLDATA_CRPRCPTS_ITNBR].value =
document.myForm.elements[MLDATA_CRPRCPTS_ITNBR_ID].value
document.myForm.submit()
}
else{
document.myForm.submit()
}
}
function setSelectedIndex(index){
document.myForm.elements[selected_index].value = index
}
//--
/SCRIPT
!--Banner--
H1Select Master View/H1
HR
!--Navigation--
FORM name=myForm action=MLDATA_CRPRCPTSController
method=POSTA
href=javascript:submitForm('MLDATA_CRPRCPTSInputForm')Back/A A
href=javascript:submitForm('MLDATA_CRPRCPTSMasterView')Refresh/A
!--Hidden Variables--
INPUT TYPE=hidden NAME=command VALUE=MLDATA_CRPRCPTSMasterView /
INPUT TYPE=hidden NAME=selected_index VALUE=-1 / INPUT
TYPE=hidden NAME=MLDATA_CRPRCPTS_ITNBR VALUE= / !--Table--
TABLE border=1
TBODY
TR
THSelect/TH
THItem/TH
THForcasted Quantity/TH
/TR
dab:repeat name=select_master index=rowNum over=rows
TR
TDA
href=javascript:setSelectedIndex('%=rowNum%');submitForm('MLDATA_CRPRCPTSDeta
ilsView')Details/A
/TD
TDdab:getColumn index=1 / INPUT
TYPE=hidden
NAME=MLDATA_CRPRCPTS_ITNBR%=rowNum%
VALUE='dab:getColumn index=1/'
//TD
TDdab:getColumn index=2 //TD
/TR
/dab:repeat
/TBODY
/TABLE
/FORM
/BODY
/HTML
RE: Question for Tomcat Developers - How to Plug In Encryption for JDBC passwords
Edmon, I am not sure if I understand, but perhaps you should tak a look at Matt Raible's Appfuse application framework at: https://appfuse.dev.java.net/ His solution uses: - SSL (optional of course, just a servlet parameter); - Container Managed Authentication; - a custom login servlet that encrypts the passwords (SHA is the default, but algorithm can vary); - username and password stored in a database (the password is encrypted using SHA). The only exposure of the passwords might be in your web server access logs. If that too is a concern, you could also take a look at trying to do SHA encryption of the password on the client web browser using Javascript - not sure if that's feasible or not. The login servlet would then need to be adjusted appropriately (i.e. it would not need to do the SHA encryption). HTH - Richard Edmon Begoli wrote: Hi, I an using Tomcat 5.5.7, and I am planning on upgrading as needed. As we all know Tomcat enables me to configure JDBC resources that my app can use through the JNDI. My problem is that these passwords have to be stored as a plain text which is a very bitter pill in my environment. What is the Tomcat class that reads in those plain text values? I would like to override this behavior and to enable this class to read digests/encrypted passwords. I would also contribute this code to Tomcat code base if desired. Please advise, Edmon - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Question for Tomcat Developers - How to Plug In Encryption for JDBC passwords
Why do you give your webapp access to a sql user with all this dangerous and unneccessary access? The user name / password on the externally-accessible machine could have a sql login that only granted access to views (or better yet) procedures, that allowed for the minimal necessary access: that's hardly 'enough access to dump all the credit card numbers'. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JDBC
Hi, I followed the JDBC document posted on Tomcat site. and it works fine. I am able to access the database and see the results. My question is. I have different users who will be using my application and I need to validate these users before I provide them acesss to database. How would I do this ?. Since tomcat has the user name and password already in the context, How would know which user is accessing. Thanks D __ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat SSL.
Hi I am using Tomcat 5.0.28, I need to have ssl configured, What are the steps in getting this. Any document and help is appreciated. Thanks __ Do you Yahoo!? Yahoo! Sports - Sign up for Fantasy Baseball. http://baseball.fantasysports.yahoo.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat SSL.
take a look here: http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html On Sun, 27 Feb 2005 13:58:45 -0800 (PST), deepak suldhal [EMAIL PROTECTED] wrote: Hi I am using Tomcat 5.0.28, I need to have ssl configured, What are the steps in getting this. Any document and help is appreciated. Thanks __ Do you Yahoo!? Yahoo! Sports - Sign up for Fantasy Baseball. http://baseball.fantasysports.yahoo.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Adobati Omar [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC
Write tomcat-users element in the tomcat-users.xml file. deepak suldhal wrote: Hi, I followed the JDBC document posted on Tomcat site. and it works fine. I am able to access the database and see the results. My question is. I have different users who will be using my application and I need to validate these users before I provide them acesss to database. How would I do this ?. Since tomcat has the user name and password already in the context, How would know which user is accessing. Thanks D __ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Hiroshi Iwatani *stop cruelty* Annual number of institutionally euthanized cats and dogs including kittens and puppies: US 5 million, JP 500 thousand. How about your country? *for our better karma* - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat For Multiple Users
Hi, want to set up a Tomcat server for the use of all students in the department. I need a server configuration where each student (account) will have a permission to deploy and undepoly only those webapplications that belongs him/her. No account will be able to manipulate the stuff of the other accounts. Please, give me advices about how to do that. Thanks Ferad Zyulkyarov! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC
Hi, This does not solved the problem, with this I can restrict access to user group or allow access. Once the user has access I need to know who he or she is so that I can query the database with respect to his or her user_id. And So how would I do this. Thanks D --- Hiroshi Iwatani [EMAIL PROTECTED] wrote: Write tomcat-users element in the tomcat-users.xml file. deepak suldhal wrote: Hi, I followed the JDBC document posted on Tomcat site. and it works fine. I am able to access the database and see the results. My question is. I have different users who will be using my application and I need to validate these users before I provide them acesss to database. How would I do this ?. Since tomcat has the user name and password already in the context, How would know which user is accessing. Thanks D __ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Hiroshi Iwatani *stop cruelty* Annual number of institutionally euthanized cats and dogs including kittens and puppies: US 5 million, JP 500 thousand. How about your country? *for our better karma* - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JDBC
Sounds like you need application logic to do this - probably in conjunction with using Tomcat's Container Managed Authentication (CMA). Tomcat can validate the username against a database (see JDBCRealm at http://jakarta.apache.org/tomcat/tomcat-5.5-doc/realm-howto.html#JDBCRea lm ). However after being authenticated you can issue request.getRemoteUser(); to determine which user logged in. Then you can control how their database queries are issued. HTH - Richard deepak suldhal wrote: Hi, This does not solved the problem, with this I can restrict access to user group or allow access. Once the user has access I need to know who he or she is so that I can query the database with respect to his or her user_id. And So how would I do this. Thanks D --- Hiroshi Iwatani [EMAIL PROTECTED] wrote: Write tomcat-users element in the tomcat-users.xml file. deepak suldhal wrote: Hi, I followed the JDBC document posted on Tomcat site. and it works fine. I am able to access the database and see the results. My question is. I have different users who will be using my application and I need to validate these users before I provide them acesss to database. How would I do this ?. Since tomcat has the user name and password already in the context, How would know which user is accessing. Thanks D __ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Hiroshi Iwatani *stop cruelty* Annual number of institutionally euthanized cats and dogs including kittens and puppies: US 5 million, JP 500 thousand. How about your country? *for our better karma* - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Yahoo! À´ÐÅ×Ô¶¯»Ø¸´
ÄúºÃ£¡Äú¶ÔÕâ¸öÐÐÒµÓÐÐËȤ£¿×¬µ½Ç®ÀÂ𣿲»·Á¿¼ÂÇ¿¼ÂÇÍƹãÎÒÃǵÄרÀû£¬ÔÛºÏ×÷ֻ׬²»Å⣬ÈÃÄúÕæÕýµÄ°×ÊÖÆð¼Ò£¨Äú²»Í¶×ÊÔõô»áÅ⣿£©ÁªÏµ°¡£¡ Èý¹«£º¹«¿ª£¬¹«Æ½ºÍ¹«ÕýÖ±½ÓÏúÊÛ8ÕÛ£¬×Ô¼º¿´°É ÎÒÃǺÓÄÏÜþÑôÅóÓÑÓÚ´º»¨Ò²À´ºÏ×÷ÁË°¡ ËýµÄµç»°13137158831 ÎÒÃÇ¿ª·âµÄÅóÓÑÁõºìϼ´ó½ã ÊÖ»ú13937890987 Õ¬µç0378-5865295 http://sunjinsheng.anyp.cn ENGLISH QQ66474435 +QQ88527227 TIVÑĮ̀ÉÌó(µÚÒ»ÈË)»òÕß13542072734ÀîÉÐÆæ +QQ44116005 Æ棨µÚ¶þÈË£© µç»°02368317916 Í¿Ôö +QQ252034688(µÚÈýÈË)ÊÖ»ú13570548822µç»°02085522738ºò½ú¶«+QQ264729225globolÇþµÀ(µÚËÄÈË)·½±ã¸Û°ÄÒÔ¼°ËùÓз±Ìå°æ±¾µÄÅóÓÑÔÄÀÀÇë½øÈë http://sunjinsheng.home.sunbo.net/ µ±Ç°×¨ÀûºÏ×÷Ǣ̸ÖÐ ¶ÔÎÒÃǵÄרÀûÓÐÐËȤµÄÅóÓÑÇëÉÔ΢ µÈµÈ ÍòÒ»Õâ¸öǢ̸²»³É ÎÒÃÇÔÙ̸ רÀûºÏ×÷̸³ÉÁË Ä¿Ç°¸÷¸öµØÇøµÄ´úÀí²»±ä ÏÖ³ÏÕÐÆäËûµØÇøµÄ¶À¼Ò´úÀí µç»°13938603662 Original Message: X-YahooFilteredBulk: 219.146.223.41 Authentication-Results: mta108.mail.cnb.yahoo.com from=jakarta.apache.org; domainkeys=neutral (no sig) X-Originating-IP: [219.146.223.41] Return-Path: tomcat-user@jakarta.apache.org Received: from 219.146.223.41 (EHLO jakarta.apache.org) (219.146.223.41) by mta108.mail.cnb.yahoo.com with SMTP; Mon, 28 Feb 2005 08:13:11 +0800 From: tomcat-user@jakarta.apache.org To: [EMAIL PROTECTED] Subject: Hello Date: Mon, 28 Feb 2005 08:11:59 +0800 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary==_NextPart_000_0005_8F0CA16D.717EFEBC X-Priority: 3 X-MSMail-Priority: Normal This is a multi-part message in MIME format. --=_NextPart_000_0005_8F0CA16D.717EFEBC Content-Type: text/plain; charset=Windows-1252 Content-Transfer-Encoding: 7bit The message contains Unicode characters and has been s _ DO YOU YAHOO!? Get your free @yahoo.com address at http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat and SSL
Hi I followed the document http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html and reached to a point where I created .keystore file. * This .keystore is now located at C:\Documents and Settings\Owner * Where as my Tomcat is at C:\jakarta-tomcat-5.0.28 What is the default location that tomcat expects this .keystore file. Thanks __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat and SSL
Hi I followed the document http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html and reached to a point where I created .keystore file. * This .keystore is now located at C:\Documents and Settings\Owner * Where as my Tomcat is at C:\jakarta-tomcat-5.0.28 What is the default location that tomcat expects this .keystore file. Thanks __ Do you Yahoo!? Yahoo! Mail - Easier than ever with enhanced search. Learn more. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat and SSL
On Sun, 27 Feb 2005 16:22:52 -0800 (PST), deepak suldhal [EMAIL PROTECTED] wrote: Hi I followed the document http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html and reached to a point where I created .keystore file. * This .keystore is now located at C:\Documents and Settings\Owner * Where as my Tomcat is at C:\jakarta-tomcat-5.0.28 What is the default location that tomcat expects this .keystore file. Search for keystoreFile in that document and you will receive your answer... Regards, -- Jason Bainbridge http://kde.org - [EMAIL PROTECTED] Personal Site - http://jasonbainbridge.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat and SSL
Hi when I type set on command line I see HOMEPATH=\Documents and Settings\Owner CATALINA_HOME=C:\jakarta-tomcat-5.0.28 And my keystore file is at C:\Documents and Settings\Owner\.keystore I uncommented the server.xml file to enable the 8443 port as secure ssl port. Retarted tomcat server. and connected to https://localhost:8443 This brought me with certificate page. and so I guess I have configured this port for SSL. __ Do you Yahoo!? Yahoo! Mail - now with 250MB free storage. Learn more. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
errors with IE
When I use IE and try to access localhost I get http://kd.mysearch.myway.com/jsp/GGmain.jsp?PG=SEASSEC=ABONEptnrS=KDst=addrsearchfor=localhost:8080 I have been posting this error mail since many days and want to know how should I solve this. This is really irritating to see some junk pages every time I want to access localhost. Thanks D __ Do you Yahoo!? Yahoo! Mail - now with 250MB free storage. Learn more. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: errors with IE
On Sun, 27 Feb 2005 17:54:19 -0800 (PST), deepak suldhal [EMAIL PROTECTED] wrote: When I use IE and try to access localhost I get http://kd.mysearch.myway.com/jsp/GGmain.jsp?PG=SEASSEC=ABONEptnrS=KDst=addrsearchfor=localhost:8080 I have been posting this error mail since many days and want to know how should I solve this. This is really irritating to see some junk pages every time I want to access localhost. mysearch must be set as your default search engine through spyware or whatever... are you typing just localhost:8080? MSIE gets confused by that as it thinks the : is the : in http:// so you need to type http://localhost:8080, if you are typing that and still getting the error then it means that Tomcat isn't starting up for some reason or another. Regards, -- Jason Bainbridge http://kde.org - [EMAIL PROTECTED] Personal Site - http://jasonbainbridge.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: errors with IE
have you tried to access your web app from different pc? cause im suspecting some spams on your pc. aris -Original Message- From: deepak suldhal [mailto:[EMAIL PROTECTED] Sent: Monday, February 28, 2005 9:54 AM To: tomcat users Subject: errors with IE When I use IE and try to access localhost I get http://kd.mysearch.myway.com/jsp/GGmain.jsp?PG=SEASSEC=ABONEptnrS=KDs t=addrsearchfor=localhost:8080 I have been posting this error mail since many days and want to know how should I solve this. This is really irritating to see some junk pages every time I want to access localhost. Thanks D __ Do you Yahoo!? Yahoo! Mail - now with 250MB free storage. Learn more. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Heap size - java.lang.OutOfMemoryError
Check this out. http://www.pauaware.co.nz/tomcatntservice.htm On Sat, 26 Feb 2005 07:51:06 -0600, Caldarale, Charles R [EMAIL PROTECTED] wrote: From: Rasmus - Camp Online [mailto:[EMAIL PROTECTED] Subject: Heap size - java.lang.OutOfMemoryError I have tried everything to increase the heap size, setting the environment variables: As has been explained on this list numerous times, environment variables are not used when running Tomcat as a Windows service. Only the .bat files look at the variables. There are registry setting you can set to have the service change the JVM heap parameters. Look in the archives, Google, read the doc, ... - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: errors with IE
if I type the http://localhost:8080/ I get tomcat page. but If I pull the same from the address bar I get mysearch default search engine through spyware. How do I get rid of spyware. I keep getting everytime I try to open a page. Thanks --- Jason Bainbridge [EMAIL PROTECTED] wrote: On Sun, 27 Feb 2005 17:54:19 -0800 (PST), deepak suldhal [EMAIL PROTECTED] wrote: When I use IE and try to access localhost I get http://kd.mysearch.myway.com/jsp/GGmain.jsp?PG=SEASSEC=ABONEptnrS=KDst=addrsearchfor=localhost:8080 I have been posting this error mail since many days and want to know how should I solve this. This is really irritating to see some junk pages every time I want to access localhost. mysearch must be set as your default search engine through spyware or whatever... are you typing just localhost:8080? MSIE gets confused by that as it thinks the : is the : in http:// so you need to type http://localhost:8080, if you are typing that and still getting the error then it means that Tomcat isn't starting up for some reason or another. Regards, -- Jason Bainbridge http://kde.org - [EMAIL PROTECTED] Personal Site - http://jasonbainbridge.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat For Multiple Users
It sounds similar to what I'm attempting. I was finally able to setup Tomcat w/ IIS to allow webapps outside of $CATALINA_HOME, but haven't gone beyond any very simple JSP pages yet. You could do the same with Apache. To put it very basically, use your web server/OS to setup these student directories (and thus permissions/access), like any other user-based account/web areas irrespective of Tomcat, but, then you need to configure your web server and Tomcat to allow these places to host webapps and have Tomcat process them. Each student's web area will need to be added to Tomcat's server.xml and the properties file for whatever jk/jk2 module you use with which web server you use. Try getting that setup first, and then you should be at the point to ask for further, or at least more specific, help. I would be curious to know any further specifics from this group, unless allowing a user's directory allows them to setup and deploy their own app's (in/below same) -- without any more work from the Tomcat/web server admin.? Thanks, -Matt On Mon, 28 Feb 2005, Ferad Zyulkyarov wrote: Hi, want to set up a Tomcat server for the use of all students in the department. I need a server configuration where each student (account) will have a permission to deploy and undepoly only those webapplications that belongs him/her. No account will be able to manipulate the stuff of the other accounts. Please, give me advices about how to do that. Thanks Ferad Zyulkyarov! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Matthew Kozak Rutgers University-Camden [EMAIL PROTECTED] ** They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Ben Franklin ** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Memory Problem
I am using apache FOP to create some PDFs. I am facing OutOfMemory problem specially for Chinese PDFs. I understand that I can increase JVM memory. I tried to change the catalina.bat and inserted following line JAVA_OPTS = -Xmx512M First of all i am not sure whether above is correct or not (problem remains still same). Any idea ? exactly how i can increase the memory? and in what way i can check that i am really getting that much memory ? regards manisha - Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less.
how to make manager available to each virtual host
I am running tomcat 5.0.28 on a linux fedora core 2 machine. I have configured virtual hosts for tomcat. I wish to make the manager application available to each vertual host that I have configured so that users can deploy applications to their account. What I did is add a context to each virtual host and defined the varables for the context exactly as they are defined in the context found in the localhost host. I have gotten this approach to work on a localwindow xp installation, however it fails on a remote linux installation. Can anyone give me a hint what needs to be done? Here is the error message I get: HTTP Status 500 - type Exception report message description The server encountered an internal error () that prevented it from fulfilling this request. exception javax.servlet.ServletException: Wrapper cannot find servlet class org.apache.catalina.manager.HTMLManagerServlet or a class it depends on org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540) org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118) org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160) org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799) org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705) org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577) org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683) java.lang.Thread.run(Thread.java:534) root cause java.lang.ClassNotFoundException: org.apache.catalina.manager.HTMLManagerServlet org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLoader.java:854) org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLoader.java:721) org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540) org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118) org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160) org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799) org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705) org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577) org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683) java.lang.Thread.run(Thread.java:534) note The full stack trace of the root cause is available in the Apache Tomcat/5.0.28 logs. Apache Tomcat/5.0.28 Thank youJames T. Studebaker
RE: errors with IE
I don't know if this helps but I had the same problem and used this tools to get rid of the browser hijacks. http://www.spychecker.com/program/hijackthis.html Tyler Pedersen [EMAIL PROTECTED] -Original Message- From: deepak suldhal [mailto:[EMAIL PROTECTED] Sent: Sunday, February 27, 2005 7:44 PM To: Tomcat Users List; Jason Bainbridge Subject: Re: errors with IE if I type the http://localhost:8080/ I get tomcat page. but If I pull the same from the address bar I get mysearch default search engine through spyware. How do I get rid of spyware. I keep getting everytime I try to open a page. Thanks --- Jason Bainbridge [EMAIL PROTECTED] wrote: On Sun, 27 Feb 2005 17:54:19 -0800 (PST), deepak suldhal [EMAIL PROTECTED] wrote: When I use IE and try to access localhost I get http://kd.mysearch.myway.com/jsp/GGmain.jsp?PG=SEASSEC=ABONEptnrS=KDs t=addrsearchfor=localhost:8080 I have been posting this error mail since many days and want to know how should I solve this. This is really irritating to see some junk pages every time I want to access localhost. mysearch must be set as your default search engine through spyware or whatever... are you typing just localhost:8080? MSIE gets confused by that as it thinks the : is the : in http:// so you need to type http://localhost:8080, if you are typing that and still getting the error then it means that Tomcat isn't starting up for some reason or another. Regards, -- Jason Bainbridge http://kde.org - [EMAIL PROTECTED] Personal Site - http://jasonbainbridge.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 266.5.1 - Release Date: 2/27/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 266.5.1 - Release Date: 2/27/2005 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: errors with IE
you can download some spywares from download.com. aris -Original Message- From: deepak suldhal [mailto:[EMAIL PROTECTED] Sent: Monday, February 28, 2005 10:44 AM To: Tomcat Users List; Jason Bainbridge Subject: Re: errors with IE if I type the http://localhost:8080/ I get tomcat page. but If I pull the same from the address bar I get mysearch default search engine through spyware. How do I get rid of spyware. I keep getting everytime I try to open a page. Thanks --- Jason Bainbridge [EMAIL PROTECTED] wrote: On Sun, 27 Feb 2005 17:54:19 -0800 (PST), deepak suldhal [EMAIL PROTECTED] wrote: When I use IE and try to access localhost I get http://kd.mysearch.myway.com/jsp/GGmain.jsp?PG=SEASSEC=ABONEptnrS=KDs t=addrsearchfor=localhost:8080 I have been posting this error mail since many days and want to know how should I solve this. This is really irritating to see some junk pages every time I want to access localhost. mysearch must be set as your default search engine through spyware or whatever... are you typing just localhost:8080? MSIE gets confused by that as it thinks the : is the : in http:// so you need to type http://localhost:8080, if you are typing that and still getting the error then it means that Tomcat isn't starting up for some reason or another. Regards, -- Jason Bainbridge http://kde.org - [EMAIL PROTECTED] Personal Site - http://jasonbainbridge.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: errors with IE
Also adaware from www.lavasoft.de . If you run Symantec there new version check for adware and malware. Be careful with hijackthis it is a great tool but needs to be used in the context for which it was wrote. You can break things if you don't follow the instructions. So read the documentation closely and follow it. Doug - Original Message - From: Tyler Pedersen [EMAIL PROTECTED] To: 'Tomcat Users List' tomcat-user@jakarta.apache.org Sent: Sunday, February 27, 2005 10:20 PM Subject: RE: errors with IE I don't know if this helps but I had the same problem and used this tools to get rid of the browser hijacks. http://www.spychecker.com/program/hijackthis.html Tyler Pedersen [EMAIL PROTECTED] -Original Message- From: deepak suldhal [mailto:[EMAIL PROTECTED] Sent: Sunday, February 27, 2005 7:44 PM To: Tomcat Users List; Jason Bainbridge Subject: Re: errors with IE if I type the http://localhost:8080/ I get tomcat page. but If I pull the same from the address bar I get mysearch default search engine through spyware. How do I get rid of spyware. I keep getting everytime I try to open a page. Thanks --- Jason Bainbridge [EMAIL PROTECTED] wrote: On Sun, 27 Feb 2005 17:54:19 -0800 (PST), deepak suldhal [EMAIL PROTECTED] wrote: When I use IE and try to access localhost I get http://kd.mysearch.myway.com/jsp/GGmain.jsp?PG=SEASSEC=ABONEptnrS=KDs t=addrsearchfor=localhost:8080 I have been posting this error mail since many days and want to know how should I solve this. This is really irritating to see some junk pages every time I want to access localhost. mysearch must be set as your default search engine through spyware or whatever... are you typing just localhost:8080? MSIE gets confused by that as it thinks the : is the : in http:// so you need to type http://localhost:8080, if you are typing that and still getting the error then it means that Tomcat isn't starting up for some reason or another. Regards, -- Jason Bainbridge http://kde.org - [EMAIL PROTECTED] Personal Site - http://jasonbainbridge.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 266.5.1 - Release Date: 2/27/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 266.5.1 - Release Date: 2/27/2005 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: errors with IE
If you only use adaware you will most likely not get rid of the problem. It will likely appear when your reboot, or when you launch IE again. The reason is that it's in the registry. Tyler Pedersen [EMAIL PROTECTED] -Original Message- From: Parsons Technical Services [mailto:[EMAIL PROTECTED] Sent: Sunday, February 27, 2005 9:47 PM To: Tomcat Users List Subject: Re: errors with IE Also adaware from www.lavasoft.de . If you run Symantec there new version check for adware and malware. Be careful with hijackthis it is a great tool but needs to be used in the context for which it was wrote. You can break things if you don't follow the instructions. So read the documentation closely and follow it. Doug - Original Message - From: Tyler Pedersen [EMAIL PROTECTED] To: 'Tomcat Users List' tomcat-user@jakarta.apache.org Sent: Sunday, February 27, 2005 10:20 PM Subject: RE: errors with IE I don't know if this helps but I had the same problem and used this tools to get rid of the browser hijacks. http://www.spychecker.com/program/hijackthis.html Tyler Pedersen [EMAIL PROTECTED] -Original Message- From: deepak suldhal [mailto:[EMAIL PROTECTED] Sent: Sunday, February 27, 2005 7:44 PM To: Tomcat Users List; Jason Bainbridge Subject: Re: errors with IE if I type the http://localhost:8080/ I get tomcat page. but If I pull the same from the address bar I get mysearch default search engine through spyware. How do I get rid of spyware. I keep getting everytime I try to open a page. Thanks --- Jason Bainbridge [EMAIL PROTECTED] wrote: On Sun, 27 Feb 2005 17:54:19 -0800 (PST), deepak suldhal [EMAIL PROTECTED] wrote: When I use IE and try to access localhost I get http://kd.mysearch.myway.com/jsp/GGmain.jsp?PG=SEASSEC=ABONEptnrS=KDs t=addrsearchfor=localhost:8080 I have been posting this error mail since many days and want to know how should I solve this. This is really irritating to see some junk pages every time I want to access localhost. mysearch must be set as your default search engine through spyware or whatever... are you typing just localhost:8080? MSIE gets confused by that as it thinks the : is the : in http:// so you need to type http://localhost:8080, if you are typing that and still getting the error then it means that Tomcat isn't starting up for some reason or another. Regards, -- Jason Bainbridge http://kde.org - [EMAIL PROTECTED] Personal Site - http://jasonbainbridge.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 266.5.1 - Release Date: 2/27/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 266.5.1 - Release Date: 2/27/2005 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 266.5.1 - Release Date: 2/27/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 266.5.1 - Release Date: 2/27/2005 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
TC (4), IIS isapi_redirector.dll
Hi, I am attempting to serve up my pages using IIS, and have Tomcat process my JSPs/Servlets using JK 1.2 Connector. I am following a what I would call a reputable tutorial (http://www.onjava.com/pub/a/onjava/2002/12/18/tomcat.html) which tells me to look here http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk/release/v1 .2.0/bin/ for the isapi_redirector.dll, there or under my Win32 directory. I am running XP Pro and do not appear to have a Win 32 directory. In the above page are the various project downloads. Can someone tell me where I am being directed please? I see no effervescence to Isapi, IIS, redirector, JK or anything else of a similar topic. thanks and regards Paul.
RE: TC (4), IIS isapi_redirector.dll
effervescence = reference! (I have MS spell check to thank for that..or my spelling) Hi, I am attempting to serve up my pages using IIS, and have Tomcat process my JSPs/Servlets using JK 1.2 Connector. I am following a what I would call a reputable tutorial (http://www.onjava.com/pub/a/onjava/2002/12/18/tomcat.html) which tells me to look here http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk/release/v1 .2.0/bin/ for the isapi_redirector.dll, there or under my Win32 directory. I am running XP Pro and do not appear to have a Win 32 directory. In the above page are the various project downloads. Can someone tell me where I am being directed please? I see no effervescence to Isapi, IIS, redirector, JK or anything else of a similar topic. thanks and regards Paul. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: TC (4), IIS isapi_redirector.dll
Hello! visit this site to automate your integration of tomcat and iis. http://www.shiftomat/opensource download the file and follow the instructions... regards aris -Original Message- From: Paul Wallace [mailto:[EMAIL PROTECTED] Sent: Monday, February 28, 2005 2:25 PM To: tomcat-user@jakarta.apache.org Subject: TC (4), IIS isapi_redirector.dll Hi, I am attempting to serve up my pages using IIS, and have Tomcat process my JSPs/Servlets using JK 1.2 Connector. I am following a what I would call a reputable tutorial (http://www.onjava.com/pub/a/onjava/2002/12/18/tomcat.html) which tells me to look here http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk/release/v1 .2.0/bin/ for the isapi_redirector.dll, there or under my Win32 directory. I am running XP Pro and do not appear to have a Win 32 directory. In the above page are the various project downloads. Can someone tell me where I am being directed please? I see no effervescence to Isapi, IIS, redirector, JK or anything else of a similar topic. thanks and regards Paul. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: TC (4), IIS isapi_redirector.dll
Hi thanks, but that link is dead! Hello! visit this site to automate your integration of tomcat and iis. http://www.shiftomat/opensource download the file and follow the instructions... regards aris -Original Message- From: Paul Wallace [mailto:[EMAIL PROTECTED] Sent: Monday, February 28, 2005 2:25 PM To: tomcat-user@jakarta.apache.org Subject: TC (4), IIS isapi_redirector.dll Hi, I am attempting to serve up my pages using IIS, and have Tomcat process my JSPs/Servlets using JK 1.2 Connector. I am following a what I would call a reputable tutorial (http://www.onjava.com/pub/a/onjava/2002/12/18/tomcat.html) which tells me to look here http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk/release/v1 .2.0/bin/ for the isapi_redirector.dll, there or under my Win32 directory. I am running XP Pro and do not appear to have a Win 32 directory. In the above page are the various project downloads. Can someone tell me where I am being directed please? I see no effervescence to Isapi, IIS, redirector, JK or anything else of a similar topic. thanks and regards Paul. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: TC (4), IIS isapi_redirector.dll
sorry... forgot .com =) anyway, here's the site again. http://www.shiftomat.com/opensource/ regards aris philippines -Original Message- From: Paul Wallace [mailto:[EMAIL PROTECTED] Sent: Monday, February 28, 2005 2:39 PM To: Tomcat Users List Subject: RE: TC (4), IIS isapi_redirector.dll Hi thanks, but that link is dead! Hello! visit this site to automate your integration of tomcat and iis. http://www.shiftomat/opensource download the file and follow the instructions... regards aris -Original Message- From: Paul Wallace [mailto:[EMAIL PROTECTED] Sent: Monday, February 28, 2005 2:25 PM To: tomcat-user@jakarta.apache.org Subject: TC (4), IIS isapi_redirector.dll Hi, I am attempting to serve up my pages using IIS, and have Tomcat process my JSPs/Servlets using JK 1.2 Connector. I am following a what I would call a reputable tutorial (http://www.onjava.com/pub/a/onjava/2002/12/18/tomcat.html) which tells me to look here http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk/release/v1 .2.0/bin/ for the isapi_redirector.dll, there or under my Win32 directory. I am running XP Pro and do not appear to have a Win 32 directory. In the above page are the various project downloads. Can someone tell me where I am being directed please? I see no effervescence to Isapi, IIS, redirector, JK or anything else of a similar topic. thanks and regards Paul. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Pre-Compilation in Tomcat Jasper
Hi, Is there anything in Tomcat which will pre-compile our JSP's? What jasper has to do with Tomcat? Pls help. Thanks in advance. Regards, Karthik BV - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: TC (4), IIS isapi_redirector.dll
The installer mentioned uses JK2 which is officially unsupported by the Jakarta project. (See http://jakarta.apache.org/tomcat/connectors-doc/news/20041100.html#20041 115.1) Martin -Original Message- From: Aris Javier [mailto:[EMAIL PROTECTED] Sent: Monday, February 28, 2005 7:52 AM To: Tomcat Users List Subject: RE: TC (4), IIS isapi_redirector.dll sorry... forgot .com =) anyway, here's the site again. http://www.shiftomat.com/opensource/ regards aris philippines -Original Message- From: Paul Wallace [mailto:[EMAIL PROTECTED] Sent: Monday, February 28, 2005 2:39 PM To: Tomcat Users List Subject: RE: TC (4), IIS isapi_redirector.dll Hi thanks, but that link is dead! Hello! visit this site to automate your integration of tomcat and iis. http://www.shiftomat/opensource download the file and follow the instructions... regards aris -Original Message- From: Paul Wallace [mailto:[EMAIL PROTECTED] Sent: Monday, February 28, 2005 2:25 PM To: tomcat-user@jakarta.apache.org Subject: TC (4), IIS isapi_redirector.dll Hi, I am attempting to serve up my pages using IIS, and have Tomcat process my JSPs/Servlets using JK 1.2 Connector. I am following a what I would call a reputable tutorial (http://www.onjava.com/pub/a/onjava/2002/12/18/tomcat.html) which tells me to look here http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk/ release/v1 .2.0/bin/ for the isapi_redirector.dll, there or under my Win32 directory. I am running XP Pro and do not appear to have a Win 32 directory. In the above page are the various project downloads. Can someone tell me where I am being directed please? I see no effervescence to Isapi, IIS, redirector, JK or anything else of a similar topic. thanks and regards Paul. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SV: Cluster: will session listeners got called again after replication?
I have it turned on already. But seems that after a node is killed and then started up again, even though it can pick up the sessions from the other nodes, my HttpSessionBindingListener and HttpSessionListener were not called at all during the replication. Joseph On Fri, 25 Feb 2005, Filip Hanik - Dev Lists wrote: there is a flag you can set so that listeners don't get called, its optional its called notifyListenersOnReplication, see server.xml for example, default is true Filip Jesper Ekberg wrote: Hello! My first mail to this list. :) I have read it for a long time tho. We have a tried to cluster 3 Tomcat 5.5.7 machines and I found that HttpSessionBindingListener will be notified when the session is replicated and the machine crashes. I think this must be a bug?? The scenario: 3 Tomcat 5.5.7 machines on Windows 2003 Server (I know, not my fault ;)). JK2 Connector for load balancing. I log on and session is created and is replicated correctly to all machines. I shut down the server that I'm working on. The session is destroyed and method valueUnbound is called on the crashed machine. It seems odd to me that the method valueUnbound is called when the session is replicated, the session still lives on the other Tomcat machines. Sorry for my sometimes bad English ;) //Jesper -Ursprungligt meddelande- Från: Joseph Lam [mailto:[EMAIL PROTECTED] Skickat: den 24 februari 2005 08:44 Till: Tomcat Users List Ämne: Cluster: will session listeners got called again after replication? Anyone knows when a session is replicated to other nodes, will the HttpSessionBindingListener and HttpSessionAttributeListener objects be notified again? On the receiver nodes, how can I detect when a session from the sender node comes in so that I can do something with it? Joseph - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
page not loading completely with tomcat and response.sendRedirect()
We are using response.sendRedirect() to refresh a jsp page by redirecting to itself. When the page is redirected to itself, a portion of the static html code is not completely loaded. Below is the portion of the html code. If we remove 5 lines of code eg: some option values.the page loads completely and everything works properly! We suspect that there is some sort of buffer/memory issue with Tomcat. Please help, have tried on 2 versions of tomcat: 4.1.31 and 5.5.7 on redhat fedora core 3. td SELECT name=myLine OPTION SELECTED value=% out.println(jMyLine); % % out.println(jMyLine); % OPTION value=UnknownUnknown OPTION value=00 OPTION value=55 OPTION value=1010 OPTION value=1515 OPTION value=2020 OPTION value=2525 OPTION value=3030 OPTION value=4040 OPTION value=5050 OPTION value=6060 OPTION value=7070 OPTION value=8080 OPTION value=9090 OPTION value=100100 OPTION value=125125 OPTION value=150150 OPTION value=175175 OPTION value=200200 OPTION value=225225 OPTION value=250250 OPTION value=275275 OPTION value=300300 OPTION value=350350 OPTION value=400400 OPTION value=450450 /SELECT /td td input type=submit value=%out.println(submitButtonName); % name=mySubmit /font /td td input type=submit value=% out.println(clearButtonName); % name=reset/font /td Thanks, Kris
Re: how to make manager available to each virtual host
LeavesHi, I have opened a subject with a similar context to the yours under Tomcat For Multiple Users title. Please, can you explain me in more details (if possible step by step) how did you exactly configured the afore mentioned virtual hosts and the manager application for these virtual hosts. Thanks Ferad Zyulkyarov! - Original Message - From: James T. Studebaker To: tomcat-user@jakarta.apache.org Sent: Monday, February 28, 2005 5:15 AM Subject: how to make manager available to each virtual host I am running tomcat 5.0.28 on a linux fedora core 2 machine. I have configured virtual hosts for tomcat. I wish to make the manager application available to each vertual host that I have configured so that users can deploy applications to their account. What I did is add a context to each virtual host and defined the varables for the context exactly as they are defined in the context found in the localhost host. I have gotten this approach to work on a local window xp installation, however it fails on a remote linux installation. Can anyone give me a hint what needs to be done? Here is the error message I get: HTTP Status 500 - -- type Exception report message description The server encountered an internal error () that prevented it from fulfilling this request. exception javax.servlet.ServletException: Wrapper cannot find servlet class org.apache.catalina.manager.HTMLManagerServlet or a class it depends on org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540) org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118) org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160) org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799) org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705) org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577) org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683) java.lang.Thread.run(Thread.java:534) root cause java.lang.ClassNotFoundException: org.apache.catalina.manager.HTMLManagerServlet org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLoader.java:854) org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLoader.java:721) org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540) org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118) org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160) org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799) org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705) org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577) org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683) java.lang.Thread.run(Thread.java:534) note The full stack trace of the root cause is available in the Apache Tomcat/5.0.28 logs. -- Apache Tomcat/5.0.28 Thank you James T. Studebaker
