Request parameters getting lost
I have a very odd situation... I have an app running on Tomcat 5.0.1.8. We're using it as both a web server and servlet container. What's happening is I'm getting NullPointerExceptions in both JSP's and servlets that is a result of request parameters seemingly being lost somewhere along the way. In other words, if I submit a form to a servlet with a couple of fields, the parameters are not showing up in the request object, hence I get NullPointerExceptions trying to access them. This is an intermittent problem, in fact it's fairly rare (which has saved my a** at work thus far!), but I still have not been able to explain it. It is happening at various points in my app, no consistent pattern that I've been able to discern, all of which should theoretically be impossible to have no parameters because the user is forced to enter things via JavaScript, or clicking a button submits a hidden form, things like that. I've tried the best I can to get it to happen on my development installation, but of course I've been unable to replicate it, but I have seen it on the production server so I know it's not just a stupid user trick (although I can't rule out them doing something stupid that I just haven't imagined). I have a sneaking suspicion that it's a server tuning issue, and in fact I just did some reading and it looks like my predecessor in charge of tuning Tomcat really screwed up some things. Here's his connector configuration: Connector allowTrace=true enableLookups=false redirectPort=8443 secure=false acceptCount=100 bufferSize=4096 compression=off connectionLinger=-1 connectionTimeout=6 debug=0 disableUploadTimeout=true maxHttpHeaderSize=8192 maxKeepAliveRequests=200 maxSpareThreads=175 maxThreads=300 minSpareThreads=100 port=8181 socketBuffer=12000 tcpNoDelay=true / That looks incredibly wrong to me in terms of tuning. The app has a TOTAL of 87 users, and not all of them are using the app at the same time, and the requests are certainly not coming all at the same time. I'm guessing we're talking about an average of maybe 20 concurrent requests at any given time, not a huge load by any stretch. So, my question is twofold... One, has anyone ever seen such an issue as missing parameters before, and if so, what information can you share with me about it? Two, am I off my rocker to think that connector config is way out of wack, and assuming it is, what suggestions would you guys have to fix it, given the approximate load I've stated here? Thanks in advance everyone! Frank - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Response and file downloads
You should be aware that IFrames are an IE-only thing. Won't work on any other browser AFAIK. What did you get when you tried onLoad()? Maybe I can gelp get that working. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Jonathan Wilson wrote: Just an FYI: I was unable to get the body onLoad() to work properly on both IE5 and Mozilla - forget exactly why but it was supposed to work! Anyway, I instead used an IFRAME (internal frame) which I added to my forms' output stream(the same form the user just clicked submit() on - essentially a reload with new status information updated and a tad-bit-o-extra-output). The little-bit-o-code is below: iframe name=thisIFRAME id=thisIFRAME src=get_doc?key_id=1668 frameBorder=0 width=0 scrolling=no height=0/iframe This creates a hidden(I don't want to argue the metaphysical side of this) window which in effect 'clicks' on the link I created. Works nicely...so far. I'm not a HTML/Javascript guru so I can't tell you how long this trick will work. Good luck --Jonathan Justin Ruthenbeck wrote: At 12:17 PM 11/1/2004, you wrote: I am not sure what you are refering to as atypical or robustness... I meant to say that you could approximate the behavior you were asking for (dual response), but doing so would be hackish. How do other sites generate files on the fly (take it out of a database, or a report just run), on form submit, and send them down the line and not run into this problem? Like fzlists said, you'll see most sites load a page in response to a download request which either provides a link which the user can click on to download the binary content (right click, save as in IE), or that scripts the browser to automatically begin downloading. This is how CNet, Yahoo, and others do this. I see many people posting many places on the net that they are using the response to send a file, a lot of them are getting this IllegalState, but I never really found a followup solution that really fit my needs. Why would the possibility exist to push a file through the response if it leaves you with the ability to go nowhere after? If your browser submits a request and the response is a mp3 (through either URL inspection or Content-Disposition header), the browser will prompt the user to Save/Open/Run/whatever the file (and won't try to display it). Once the file has been saved, it will leave you at the original page from which the file was requested. Point being that after you push binary content through the response, it leaves you with whatever the previous page's options were ... there's really no contradiction in doing so. justin -Original Message- From: Justin Ruthenbeck [mailto:[EMAIL PROTECTED] Sent: Monday, November 01, 2004 2:56 PM To: Tomcat Users List Subject: Re: Response and file downloads Luc, At 11:42 AM 11/1/2004, you wrote: I am having a wee problem with using the response. I have a form on a page, with a submit button to download a file. That file is being pulled from a database and pushed to the response. The problem I am having, I just used that response to submit the page, so I am getting and IllegalStateException, even though it is still pushing the file to the browswer I also want to be able to send a redirect after the file is downloaded (so I can refresh the page so the form submit page is regenerated, since we are using a string to determine unique submits are only coming from the pages we generated, and not the browser address bar) Can we get a new response from the session variable (the one available to jsp writing) to send the file, then get another new response to perform a redirect Basically I want to be able to do something like the form submits, and passes to the applications perform methods through the jsp catching the submit response = new Response response.sendFile response = new Response response.sendRedirect (yes I know those are not actual methods and classes, just trying to explain what I want) Your understanding of how, exactly, the http protocol works is incorrect. Because it is a (single) request, (single) response protocol, what you're asking for cannot be done. It seems like what you want is for a user to fill out a form, click submit, then be presented with a new, fresh, form again ... with the file download on the side. If you have determined that you absolutely want this behavior (it's atypical, so doing it won't be particularly robust), consider programmatically opening another browser window on form submit from which the download will happen ... and reload your form in your main browser window. This will, of course, subject you to any headaches associated with javascipt window opening. justin __ Justin Ruthenbeck Lead Software Engineer, NextEngine Inc. justinr - AT - nextengine DOT com Confidential. See: http://www.nextengine.com/confidentiality.php
Re: Response and file downloads
It *is* possible that Mozilla now supports iFrames, I haven't kept up with it's development. I do know for sure that they were originally an IE-only extension, so if Mozilla does support it, it represents a very rare case of Microsoft leading the pack :) I'm not sure about the object tag idea... I've never seen it used that way but that certainly doesn't mean it won't work. My understanding is that it embeds content in a page that is recognized by one plug-in or another... I suspect it wouldn't help in this case, but I could be wrong. Now, if there is a way that I don't know about to target a layer, that could do the trick. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com David Wall wrote: You should be aware that IFrames are an IE-only thing. Won't work on any other browser AFAIK. Is that true? My impression is that iframes work on Mozilla, too. Anyway, I think you can accomplish the same thing as an IFRAME using an OBJECT tag, so that may be another way to return a page that instructs the client to automatically issue the GET to download the file when the page is returned. David - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Response and file downloads
Hassan Schroeder wrote: Dude, you need to get out more :-) Wife, kids, house, day job, my own company off-hours... Getting out hasn't happened much for about eight years now :) IFRAME is part of the HTML 4.0 spec: http://www.w3.org/TR/html4/present/frames.html#edef-IFRAME Cool, I didn't realize that. Maybe it was just that support for it was not universal until relatively recently. The last time I did any non-IE development frankly was about 3-4 years ago, obviously much could have changed since then. And you can use OBJECT to include anything -- text files, HTML files, images, whatever; if it's a browser-native format, it'll just be displayed. Something like this: object type=text/html data=alert-js.html height=100px width=300px /object :: will include the page referenced as data. That's definitely cool too, I never would have thought to even try it. I assume an object is available through DOM... does it have a src attribute? You know what I'm getting at: dynamic changing of the content. If that's possible, any idea how universal that would be? Still, the most reliable solution for the problem at hand is probably the META refresh... No argument here :) -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Response and file downloads
Yeah, even though I don't do much non-IE work these days, the other browsers are at worst comparable (and many would say have far exceeded IE). If you stick to standards-compliant code, there tends to be not much difficulty writing cross-browser code these days. I think there's still enough difference in how things are rendered to make it unpleasant, but it's not nearly as difficult as it used to be. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Chad Maniccia wrote: IE 4 made Netscape 4 look like a piece of crap. It was light-years ahead. I'm getting the impression that the other browsers have caught up but I refuse to develop for them unless made to. Questions: Have the other browsers caught up with ease and power of their scripting? Do any of them have an XMLHTTP equivalent? Do they share a common DOM? I hate writing cross browser code. Supporting multiple browsers is like having to test and write every application in Java, VB, and C. Chad -Original Message- From: Frank W. Zammetti [mailto:[EMAIL PROTECTED] Sent: Monday, November 01, 2004 5:29 PM To: Tomcat Users List Subject: Re: Response and file downloads It *is* possible that Mozilla now supports iFrames, I haven't kept up with it's development. I do know for sure that they were originally an IE-only extension, so if Mozilla does support it, it represents a very rare case of Microsoft leading the pack :) I'm not sure about the object tag idea... I've never seen it used that way but that certainly doesn't mean it won't work. My understanding is that it embeds content in a page that is recognized by one plug-in or another... I suspect it wouldn't help in this case, but I could be wrong. Now, if there is a way that I don't know about to target a layer, that could do the trick. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: DataSource and initialContext.lookup(java:comp/env)
I'll give it a shot... All JNDI resource lookups occur relative to some context. The code you posted first gets the default initial context, then looks for a resource named java:comp/env relative to that default context. It then gets a reference to a DataSource that exists within the context jdbc/wms relative to java:comp/env You can ROUGHLY think of this the same way you do URLs... in a sense, the java:comp/env might be something like www.apache.org. That gives you a starting context. Then if you want to retrieve a particular file in that domain, you look it up relative to the domain (i.e., www.apache.org/tomcat.htm). Same thing here... There is a hierarchy of JNDI resources, a tree structure, that has an initial context as the root. You then are in a sense constructing a path to your DataSource, and it might look something like /initial_context/java:comp/env/jdbc/wms (not exactly, but you get the idea). Does that help any? -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Eric Wulff wrote: I just returned from working on a tutorial at sun which I was inspired to go over based on my lack of understanding of the code snippet below. I'm trying to fully understand what's going on. Docs state that the code... initialContext.lookup(java:comp/env) returns a named object. Best I can tell is that this is a reference to a starting point in my directory... or something like that. Is anyone willing to explain what initialContext.lookup() fundamentally takes care of when called? Context initialContext = new InitialContext(); Context context = (Context) initialContext.lookup(java:comp/env); DataSource dataSource = (DataSource) context.lookup(jdbc/wms); thx Eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: can any one suggest me port number! 8080 is already used by Oracle9i's http server
Aside from 8080, 8181 is a pretty typical port to use. There's no rules or anything, virtually any port that isn't one of the well-known ports would be fine, but those two you tend to see used quite a bit. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Harry Douglass, Jr. wrote: Port 9090 will work. -Original Message- From: Raasi Potluri [mailto:[EMAIL PROTECTED] Sent: Saturday, November 06, 2004 7:38 PM To: [EMAIL PROTECTED] Subject: can any one suggest me port number! 8080 is already used by Oracle9i's http server Dear Friends, Many thanks to read this email. well I have installed Oracle 9i database on my PC and it has got its own Apache Http server at port 8080, by default. Now I'm trying to install Tomcat5.0.28 version and installation process gives me port number conflict please tell me what shall I do, anybody suggest me any other port number where I can install Tomcat bcoz i dont want to amend the oracle's usage of port 8080, regards, Raasi, __ Do you Yahoo!? Check out the new Yahoo! Front Page. www.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: DataSource and initialContext.lookup(java:comp/env)
java:comp/env is the default namespace defined by JNDI. The call to lookup() with this as an argument is returning an instance of a context corresponding to that namespace, which you need to do a further lookup for your specific resource. On a related note, I'm pretty sure you could condense all the code you have to just one line, something like: DataSource ds = (DateSource)new InitialContext().lookup(java:comp/env/jdbc/wms) I'm fairly certain that works. That might be clearer to you. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Eric Wulff wrote: helpful somewhat... at least in helping me narrow my question. So what is this java:comp/env? What exactly is being returned based on this string passed to lookup()? Eric On Sat, 06 Nov 2004 23:35:34 -0500, Frank W. Zammetti [EMAIL PROTECTED] wrote: I'll give it a shot... All JNDI resource lookups occur relative to some context. The code you posted first gets the default initial context, then looks for a resource named java:comp/env relative to that default context. It then gets a reference to a DataSource that exists within the context jdbc/wms relative to java:comp/env You can ROUGHLY think of this the same way you do URLs... in a sense, the java:comp/env might be something like www.apache.org. That gives you a starting context. Then if you want to retrieve a particular file in that domain, you look it up relative to the domain (i.e., www.apache.org/tomcat.htm). Same thing here... There is a hierarchy of JNDI resources, a tree structure, that has an initial context as the root. You then are in a sense constructing a path to your DataSource, and it might look something like /initial_context/java:comp/env/jdbc/wms (not exactly, but you get the idea). Does that help any? -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Eric Wulff wrote: I just returned from working on a tutorial at sun which I was inspired to go over based on my lack of understanding of the code snippet below. I'm trying to fully understand what's going on. Docs state that the code... initialContext.lookup(java:comp/env) returns a named object. Best I can tell is that this is a reference to a starting point in my directory... or something like that. Is anyone willing to explain what initialContext.lookup() fundamentally takes care of when called? Context initialContext = new InitialContext(); Context context = (Context) initialContext.lookup(java:comp/env); DataSource dataSource = (DataSource) context.lookup(jdbc/wms); thx Eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: hide source of a page
I had such a requirement at work one time, although fortunately I talked some sense into the higher-ups and they forgot about it, but not before I worked up an entire proof-of-concept document. IN THEORY, this could make it very difficult for would-be hackers, although I wouldn't say fullproof. The idea was to set up a frameset with one invisible frame and one full-screen frame. Into the invisible frame would go an ActiveX control that was encrypted with a custom binary encrypter program (could be an applet too, but obfuscation isn't as good as encoding a binary). Basically, every form submission to the server would go through the control, and every response from the server would go through it, both encrypted. On the response from the server, HTML is generated out of the control and placed into the frame in an obfuscated form. Javascript it used to guard against right-clicks and keyboard shortcuts, and since the app starts up in it's own chromless window, it's relatively secure from most clientside exploits. There is a handshake between the control and the server at startup that basically sets up a temporary public/private key pair, the point being to make it impossible to just issue commands via Telnet. You'd have to fake considerably more than just some URLs or header variables. So, the idea is that you could probably still get at the source, but it wouldn't be in cache so you'd probably have to use a memory scanner, but even if you did that it would be in an obfuscated form. Not impossible to decypher, but probably hard enough that most people wouldn't both. Getting at the server is going to be difficult. You could still decompile the control, but that's not going to be at all easy either considering the obfuscation and encryption (think a PE compactor approach). I think making it tough is about as good as you can hope to do, but as Steven said, it's ALWAYS going to be defeatable one way or another. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Steven J. Owens wrote: On Mon, Nov 08, 2004 at 09:37:09PM -0500, Dov Rosenberg wrote: The only thing I can think of to hide the source of the page is to create your own private label browser or perhaps load the source of the page in a hidden frame and use some javascript to display the text you want. Not sure why you would want to go thru the hassle - there are lots of ways to defeat any measure. You're right, this is futile, because it's trivial to get the source of the page, no matter what you do at the browser level. The browser has to see the source to render it, therefore the server is providing the source, upon request, to anything that knocks at port 80 and asks for it. Getting the source is as simple as telnetting to the webserver on port 80 and faking the commands. Or run a packet sniffer in the network you're browsing from. Or run a logging http proxy on your own machine and point your browser at it. You can't show something to people and keep it secret at the same time. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: hide source of a page
No, there are actually plug-ins for other browsers to run ActiveX controls. I don't know if they are particularly stable, but they do exist. As I stated previously, you could use an applet, but obfuscating byte code is a futile task at best, whereas encrypting a binary executable is a little bit easier and gives a bit more security. Not a lot mind you, but enough to matter. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Peter Johnson wrote: But ActiveX is an IE only element is it not? For that case why not just use an applet and serialise the data from Tomcat to the applet then either have JavaScript construct the page by querying the applet or have the applet be the interface. Sunitha --- in short don't try. PJ Frank W. Zammetti wrote: I had such a requirement at work one time, although fortunately I talked some sense into the higher-ups and they forgot about it, but not before I worked up an entire proof-of-concept document. IN THEORY, this could make it very difficult for would-be hackers, although I wouldn't say fullproof. The idea was to set up a frameset with one invisible frame and one full-screen frame. Into the invisible frame would go an ActiveX control that was encrypted with a custom binary encrypter program (could be an applet too, but obfuscation isn't as good as encoding a binary). Basically, every form submission to the server would go through the control, and every response from the server would go through it, both encrypted. On the response from the server, HTML is generated out of the control and placed into the frame in an obfuscated form. Javascript it used to guard against right-clicks and keyboard shortcuts, and since the app starts up in it's own chromless window, it's relatively secure from most clientside exploits. There is a handshake between the control and the server at startup that basically sets up a temporary public/private key pair, the point being to make it impossible to just issue commands via Telnet. You'd have to fake considerably more than just some URLs or header variables. So, the idea is that you could probably still get at the source, but it wouldn't be in cache so you'd probably have to use a memory scanner, but even if you did that it would be in an obfuscated form. Not impossible to decypher, but probably hard enough that most people wouldn't both. Getting at the server is going to be difficult. You could still decompile the control, but that's not going to be at all easy either considering the obfuscation and encryption (think a PE compactor approach). I think making it tough is about as good as you can hope to do, but as Steven said, it's ALWAYS going to be defeatable one way or another. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: hide source of a page
I said there are plug-ins for other browsers, not which browsers or how many browsers have them :) In truth, I know that there was one for Netscape on Windows, and that's about it. So, my statement was true, from a certain point of view (thank you Obi Wan!) Seriously though, I couldn't tell you which browsers have such capability, and I seriously doubt they exist on Linux as another user mentioned (and the other poster was right, my company developers mostly highly-complex internal apps or apps used by our clients which are all forced to use IE on Windows only, so I have some flexibility others don't, although I don't have some flexibility others do, but that's a topic for another thread). I do seem to recall seeing such a thing for Firefox on Windows, but I could be mistaken. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com David Stevenson wrote: On 9/11/04 4:57, Frank W. Zammetti [EMAIL PROTECTED] wrote: No, there are actually plug-ins for other browsers to run ActiveX controls. I don't know if they are particularly stable, but they do exist. Can you show me one for Safari, and one for the Nokia 6310? Thanks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Can I send response to browser even after the doGet returned?
Couple of things... No, I don't believe you can do anything with request/response after you exit doGet(). Well, let me amend that... you MIGHT be able to get away with it, but I wouldn't expect it to work all the time. What I mean is, once your servlet is done it's work, the container takes over again, and even if you do have a valid reference to the object, I wouldn't expect that you could make any safe assumptions about the state of that object. You might get away with it sometimes, but probably not every request. The other point I wanted to make is that there is a pretty standard rule against spawning threads to service requests. Simply stated, you aren't supposed to do it. The container is supposed to spawn threads as appropriate to service requests, and if your doing it on your own you are more or less competing with the container. Bad Things (tm) tend to happen under those circumstances. I'm not really sure what you are trying to accomplish, but I'm taking a guess that you think that by spawning the threads you will be able to handle more requests concurrently. If that's not the case, please explain you goals further. But, assuming that is correct, I think you may have a fundamental misunderstanding at work... A servlet is supposed to be thread-safe, and the reason for that is that the container will spawn as many instances of it as needed to service requests (to whatever configured limits there are of course). In other words, every request essentially has it's own thread executing your servlet, hence the need for it to be thread-safe. In other words, you spwaning threads is superfluous because the container is already doing essentially what your trying to do on your own. So, just make sure your code is thread-safe, and your fine. Or, are you trying to run some long-running process and think it would be better off as it's own thread? If that's the case, you probably want to look into some sort of queueing mechanism with either status polling or some sort of callback when the task is complete. Again, more details would be helpful. As I said, I'm making assumptions here, so I could be completely wrong! -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Santhosh Thomas wrote: Hi I know this is a basic question. I am passing the request and response object to another thread from the doGet() and after that the Get method returns. So that the processing is done in the thread and response to client will be flushed later. But by that time the servlet method would have returned. My question is, is it possible to flush the output to the client even after the servlet method returned (or response is commited) by tomcat. I am not talking about any server push but it is a simple http question. If http does not support this, how can I implement this? can i do this by extending the generic servlet instead of HttpServlet? Any help is greatly appreciated thanks and regards Boolee - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Can I send response to browser even after the doGet returned?
Has there any way to implement asynchronous request/response using servlets? Not directly. What you can do though is submit the request from the browser, put some operation in a queue and return immediately with a page that will call another servlet (or the same one, either way) to poll for the status of the queued operation. There are packages out there to do such things without you having to build the functionality, but it's not a big deal to build it either. The bottom line though is that once your servlet completes, you cannot guarantee access to the request/response because the container will do what it will do with it. That's almost certainly why, as you say yourself, sometimes you get a response and sometimes you don't. The times you do is when your process finished before the container finished with the response, so you just got lucky, timing-wise. Just queue the operation and let the browser poll for the status. You don't have to show anything to the user that you don't want to either... Use a frameset. In the main frame where the form is submitted from, just show a Please Wait message (as returned when the request was queued). Then have a hidden frame that does the polling and updates the main frame when it's done. That way, the user will just continue to see Please Wait until your ready for them to see something different. Remember that anything asychronous pretty much boils down to two possible approaches: callbacks and polling. You could do either (callback to an applet for instance), but polling is probably easier. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Dakota Jack wrote: Why do you want to put the request in the queque? I do something similar in a messaging application that runs in the background. I have the message related matters bundled in an interface called Message that is passed to the multithreaded queque. Is there an advantage to passing the request to the queque instead of something engineered to handle that task? I guess I have Frank's question: why, why, why? ;-) Jack On Sat, 27 Nov 2004 13:28:31 +0530, Santhosh Thomas [EMAIL PROTECTED] wrote: Or, are you trying to run some long-running process and think it would be better off as it's own thread? If that's the case, you probably want to look into some sort of queueing mechanism with either status polling or some sort of callback when the task is complete. Again, more details would be helpful. No my process is not time consuming. It will finish in milliseconds and in the worst case can take a few seconds. I am not spawning a thread from each servlet request, but the request processor is another independent thread(started at web init) proecssing a queue of requests. I am only putting the request into the queue from doGet(). After putting into queue, the doGet() returns. The request processor thread then forms the response and tries to flush the output later. My experience is, sometimes I get the output in the browser, sometimes not. I thought it was a broser catching problem (I am not sure..). I cant do a polling in the servlet, bacause it will block my servlet. Has there any way to implement asynchronous request/response using servlets? thanks and regards Santhosh - Couple of things... No, I don't believe you can do anything with request/response after you exit doGet(). Well, let me amend that... you MIGHT be able to get away with it, but I wouldn't expect it to work all the time. What I mean is, once your servlet is done it's work, the container takes over again, and even if you do have a valid reference to the object, I wouldn't expect that you could make any safe assumptions about the state of that object. You might get away with it sometimes, but probably not every request. The other point I wanted to make is that there is a pretty standard rule against spawning threads to service requests. Simply stated, you aren't supposed to do it. The container is supposed to spawn threads as appropriate to service requests, and if your doing it on your own you are more or less competing with the container. Bad Things (tm) tend to happen under those circumstances. I'm not really sure what you are trying to accomplish, but I'm taking a guess that you think that by spawning the threads you will be able to handle more requests concurrently. If that's not the case, please explain you goals further. But, assuming that is correct, I think you may have a fundamental misunderstanding at work... A servlet is supposed to be thread-safe, and the reason for that is that the container will spawn as many instances of it as needed to service requests (to whatever configured limits there are of course). In other words, every request essentially has it's own thread executing your servlet, hence the need for it to be thread-safe. In other words, you spwaning threads
Re: [HttpSession creation: When How]
Yes, the session is created automagically when a servlet-served resource is accessed (meaning things other than HTML, images, things like that). JSPs and servlets in other words. I seem to remember a config switch to turn this off, but that's how it generally works, and this is usually how other app servers work too AFAIK. There are ways to deal with the, the way I generally do it is simply to check for some known object in session. This object is only placed in session from my logon process. So, if it's not there at any other time, the user hasn't been validated. Cue whatever error/redirection logic you want at that point. I think this is a fairly typical approach. This confused the hell out of me for a while too... It's a bit counterintuitive, especially when there exists API functionality to create a session or use an existing one. The logic there I suppose is that you may want to discard the automatically-created session in favor of your own during a logon process for instance, but I'm not sure I see the reason for doing that. In any case, you aren't seeing anything unusual here, it's simply something you have to deal with one way or another (or find out the config switch to turn it off, if my memory is serving me correctly in saying it exists at all). -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Carlos Cajina wrote: Good evening. My question is about HttpSession objects creation and destruction within a Servlet/JSP container. I'm using the JBoss/Tomcat bundle (versions 3.2.3/4.1.29) with a database realm properly configured. Here's how things work so far: 1. User goes to a predefined Welcome File (index.html) 2. Within the welcome file there's a link to a protected resource (wich happens to be the application's main screen) 3. The user clicks the link and the login page appears. 4. The user enters login/password and logs on successfully or is redirected to an error page. Up to this point everything works fine, but the thing that I don't understand is that the moment the user clicks the link that points to a protected resource an HttpSession object is created by the server even though the user hasn't been authenticated. This behavior kinda ruin my plans because I have a Session Creation/Destruction Listener that is supposed to detect a session creation event in order to be able to place some things (objects) in that user session, but it seems that the created session for the unauthenticated is recycled after authentication and my session lifecycle listener is no longer useful (the session already exists) I've looked into the Servlet spec but couldn't find anything clarifying enough... I'f anyone has any comments, tips, thoughts on this issue I'd like to hear'em... :^) Regards, Carlos... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: liberaries
These are the basic servlet classes. I usually just put j2ee.jar on the path, but there is also servlet-api.jar somewhere in /tomcat/common/lib. Either one should do the trick. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com James Peterson wrote: ok I am trying to recompile one of the examples that comes with tomcat and whenI do I get the following errors. Login.java:6: package javax.servlet does not exist import javax.servlet.*; ^ Login.java:7: package javax.servlet.http does not exist import javax.servlet.http.*; where do I get these or how can I fix this? -- James Peterson Network Administrator Roman Meal Milling Company Phone 701.282.9656 Fax 701.282.9743 Email [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: sending a JSP page by email
I *believe*, but don't hold me to it, that you can implement a filter AFTER the JSP renders, in the latest servlet spec. With that, you shouldn't have much trouble taking the output stream and sending it as an eMail. I'd also assume, although I don't know for sure, that you could basically kill the response at that point, so it's not trying to send back to the client or anything. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Thu, December 16, 2004 1:38 pm, haimra said: I had tried doing the same thing and failed. But after I gained more knowledge I had a new idea that I did not tried yet. I will be happy if you let me know if it works. The basic Idea is that if we used a servelet we had no problem taking the StringBuffer created and coping it into the mail message and not back to the browser. The problem with JSP, it's actually a servlet but we can not control it. In the Java Server Page (O'reilly page 315) book I found some directive element. %@ page buffer=12kb autoFlash=false % When autoFlash=false the JSP container will not flush the buffer until the following script % out.flash() % is used. Maybe there is a way to redirect this output writer to a buffer and email it. What do you think? Haim -Original Message- From: Gabriel Belingueres [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 15, 2004 12:15 AM To: [EMAIL PROTECTED] Subject: sending a JSP page by email Hi, How can I take advantage of Tomcat's JSP processing engine to use a JSP page as a template for an email? That is, I want to do something like a page forwarding from a servlet, but this forwarding process the JSP page and, instead of send it to the browser, it send it by email to somebody. Thanks in advance, Gabriel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[OT] Request an app test (free beer!)
I was informed last OT post I made that the subject should always include the word beer. I added the free to get your attention :) I'm working on something for which I need to know what the os.name property on various OS's is. I would greatly appreciate it if some folks could try the following: public class test { public static void main(String[] args) { System.out.println(System.getProperty(os.name)); } } I'm particularly interested in various *nix variants, Linux, Mac and such. Windows I already have answers for (although some verification to be sure nothing fishy is going on wouldn't hurt). If you could just post your OS and what the result was, I would greatly appreciate it. Thanks in advance! -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to run servlet for every 30 minutes in Tomcat 4.1.30
It's interesting, Craig and I had an exchange about threads in servlet containers last week... I can't find a link to the thread unfortunately. Anyway, the basic idea behind that don't spawn your own threads inside a servlet container admonishment is based more on the fact that it's quite easy to screw up doing so, more than it has to do with virtually anything else. You want the servlet container to manager resources for you, and you lose that by spawning your own threads. The container isn't aware of the threads, so it can't control them for things like graceful shutdowns or simply trying to control resource utilization. Many people, including me, tend to ignore that warning when the situation warrants it, but you have to be extra-careful. For instance, you don't under any circumstances want to hold on to references to response, request or session objects because you don't manage them. You also, unless you really have a need and know what your doing, want to spawn threads to handle requests at all. Any threads you do spawn in a container should tend to be independent units of execution. If your use case fits that description, you can get away with it relatively safely. That being said, spawning things like daemon threads for low-level behind-the-scenes type processing is generally OK, so long as you are careful (i.e., be sure no runaway processing can occur, make sure it will shut down gracefully, etc). You might be able to use something like that in this case, you'll have to decide. If your using Struts, you can spawn the thread from a plug-in, as I've done in the past, but there are non-Struts equivalents (worse comes to worse, just do it in a servlet.init()). Do yourself a favor and make the thread processing functional independent of your app essentially, and even make it so it's not aware it's running in a servlet container. But again, caution is the key. If you make it a demon thread and set it's priority as low as you can and be sure to not hold on to a reference to it, I've found that works just fine under a number of app servers on a numeber of OSs. The bottom-line is that really that psuedo-rule is around because people tend to shoot themselves in the foot when using threads a bit too often, so better to advise against getting into a situation where you might do that. But, if your confident in your ability, and believe the use case really warrants it, you CAN do it, and relatively safely. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Dennis Payne wrote: It is possible to create a servlet thread in the init() method. That thread sould stay alive and run something every thirty minutes. The issue of pushing information out to the user remins the same. The servlet and the thread cannot do that. On the other hand, it is possible to setup java script on the page to detect 30 minute intervals to pull a page from the server. It is an awful lot of work for so little a result... It is best just to put a java process into cron or task scheduler and have the user run the report when they want the info. [EMAIL PROTECTED] 12-21-2004 14:44 Jorge Sopena wrote: Why is bad using own threads inside web application? Aren't all the servlet request actually a thread in Tomcat? I can't find a reason why it's so bad solution. I think that comes from J2EE specs. I do not remember is threads just forbidden but if you follow specs, you do not know and you do not have to know how application server uses threads and controls thread behaviour. If portability is issue for your application, it is better to not use threads. In that way, you manage to have a single and independent application. Maybe I don't know some thread behaviour in Tomcat... After all, I have use threads in web application with tomcat :) and I haven't have any problems or strange thread behaviour. Sometimes whole concurrent programming and syncronizing my own threads causes troubles but nothing due tomcat. Back to original question. [EMAIL PROTECTED] wrote: I am using Tomcat4.1.30 version. I have to develop a client application which looks in the database every 30 minutes, ApplicationContextListener + Timer + TimerTask to retrieve the status of an order and send the status to the remote client. Again waits for the The client's response and insert the repsonse back to the database. What is that remote client? Is actually another server and your application is client. If so, just add client code for server in TimerTask (http-, web service- or whatever client). - Jukka - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED
Re: How to run servlet for every 30 minutes in Tomcat 4.1.30
Your just lending weight to what I said... Don't play with threads in a servlet contain unless your really sure you have to and are really sure you can do it safely :) (I'm not sure I knew init() could be called more than once, certainly I didn't remember when I wrote that, so excellent point) -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com QM wrote: On Tue, Dec 21, 2004 at 03:37:26PM -0700, Dennis Payne wrote: : It is possible to create a servlet thread in the init() method. That : thread sould stay alive and run something every thirty minutes. Yes and no. ;) It's possible to use a servlet's init() method for this; but per the spec, containers are free to initialize a servlet class as many times as they see fit. Much safer to use a ContextListener in this case, as those are triggered only on app (context) startup and shutdown. -QM - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to run servlet for every 30 minutes in Tomcat 4.1.30
Dennis Payne wrote: Frank, I'm using threads and didn't know I was vulnerable. I'm not sure vulnerable is really the right word, but I'll go with it :) Here's how I've done it. I created a class that implements runnable and call its initialize method from a servlet init method at application startup. The initialize method creates a thread and sets a low priority for it. Roughly what I do too, except that my class extends Thread and I kick it off from a Struts plug-in. Same effect though. The run method sleeps the thread and wakes it every two minutes. A processing class contains the methods that queries the database (postgres). Same here. I think I wake my threads every minute though. 1. Is this what you call a daemon thread? Nope. If you take a peak at the javadocs for the Thread class, you'll see a method setDaemon(boolean). This marks a thread as a daemon thread. The difference, if I remember correctly, is that the JVM won't shut down until all remaining threads are daemon threads. Threfore, if you spawn a normal thread, you can hold up the JVM from shutting down properly. This is in fact the situation I had... My Tomcat instance could never be properly shut down because the threads I had spawned where not daemon threads. Marking them as such solved that problem. To the best of my knowledge, being a daemon thread doesn't implicitly say anything about a threads priority. I think you could have a daemon thread set at high priority if you wanted. I suspect most daemon threads are bumped to a lower priority though, as I do. 2. Is this better done using cron? if so how do I ensure that it runs with a lower priority than my application code? Phil This is a matter of opinion, and there are some reasonable arguments for both points of view. My personal opinion is that if you have some periodic process that is going to need portions of your system, whether it's resources available in the container or shared code, as you do, then a low-priority daemon thread spawned at application startup is a good approach, assuming you write it carefully and solidly. For instance, in my case, my daemon threads do some record aging in the database, so to me it makes sense to share the same connection pool as the application itself. I also use a number of classes and functions that are part of the webapp itself, and I don't like the idea of duplicating the code for a cron job to use (sure, could just be a matter of setting up a classpath to those classes, but it's an extra dependency, and that doesn't thrill me). But, if these tasks were volatile in any way, or they had to run independently of the app itself no matter what, the cron job approach would probably be preferable. As for ensuring it runs at a lower priority than your application code, when running via cron, that's an answer I can't give you. I'm frankly a Unix newbie, more or less, so someone else out there would be better suited to answer that. I think you'd have to have it run at a lower priority than your app server, and I'm sure there's switches to set priority of jobs, but I don't know them. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JSP under /WEB-INF folder
I think his problem is probably linking to stylesheets and such... Actually, now I have to ask you... if you put *everything* under WEB-INF, I assume you are serving all graphics from a fronting web server then? Otherwise, any document returned to the user that links back to a resource under WEB-INF won't be reachable, which was the crux of his problem as I understood it, that's why he was talking about includes and such all over the place. But, if you really are serving everything from there, how are you doing it? Just curious at this point :) -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Dakota Jack wrote: I don't know why you are saying that css and/or js must be placed directly under WebRoot. Why do you? I can give you various solutions, once I find out what the problem is supposed to be. There is no issue, by the way, with putting your JSP files under WEB-INF. There are other ways to protect access, but this is, I think, a good one too. Jack On Sun, 26 Dec 2004 22:31:32 +0800, Koon Yue Lam [EMAIL PROTECTED] wrote: Hi, I want to protect my JSP from direct access, so they can only access by Struts action. but If I want to include some Javascript or CSS to a JSP, I can't ! Because .js and .css needed to place directly under WebRoot My solution is to use jps:include to include all those Javascript and CSS to JSP, but then the JSP will look very ugly and fill up with long long non HTML stuffs .. which is not so nice Is there any any to solve this or I just need to accept this trade-off? Any help would be appreciated Regards - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to run servlet for every 30 minutes in Tomcat 4.1.30
I think what you describe is probably more properly implemented as some sort of queueing system. Something along the lines of setting up a queue on each data collection server that lazily updates the central server (there's other ways to structure it of course). Otherwise, I myself would tend towards a push model, since that's really more in line with how most web development is done. So, have the data collection servers push the records to the central server instead, whether queues are involved or not. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com phil campaigne wrote: Frank W. Zammetti wrote: Dennis Payne wrote: Frank, I'm using threads and didn't know I was vulnerable. I'm not sure vulnerable is really the right word, but I'll go with it :) Here's how I've done it. I created a class that implements runnable and call its initialize method from a servlet init method at application startup. The initialize method creates a thread and sets a low priority for it. Roughly what I do too, except that my class extends Thread and I kick it off from a Struts plug-in. Same effect though. The run method sleeps the thread and wakes it every two minutes. A processing class contains the methods that queries the database (postgres). Same here. I think I wake my threads every minute though. 1. Is this what you call a daemon thread? Nope. If you take a peak at the javadocs for the Thread class, you'll see a method setDaemon(boolean). This marks a thread as a daemon thread. The difference, if I remember correctly, is that the JVM won't shut down until all remaining threads are daemon threads. Threfore, if you spawn a normal thread, you can hold up the JVM from shutting down properly. This is in fact the situation I had... My Tomcat instance could never be properly shut down because the threads I had spawned where not daemon threads. Marking them as such solved that problem. To the best of my knowledge, being a daemon thread doesn't implicitly say anything about a threads priority. I think you could have a daemon thread set at high priority if you wanted. I suspect most daemon threads are bumped to a lower priority though, as I do. 2. Is this better done using cron? if so how do I ensure that it runs with a lower priority than my application code? Phil This is a matter of opinion, and there are some reasonable arguments for both points of view. My personal opinion is that if you have some periodic process that is going to need portions of your system, whether it's resources available in the container or shared code, as you do, then a low-priority daemon thread spawned at application startup is a good approach, assuming you write it carefully and solidly. For instance, in my case, my daemon threads do some record aging in the database, so to me it makes sense to share the same connection pool as the application itself. I also use a number of classes and functions that are part of the webapp itself, and I don't like the idea of duplicating the code for a cron job to use (sure, could just be a matter of setting up a classpath to those classes, but it's an extra dependency, and that doesn't thrill me). But, if these tasks were volatile in any way, or they had to run independently of the app itself no matter what, the cron job approach would probably be preferable. As for ensuring it runs at a lower priority than your application code, when running via cron, that's an answer I can't give you. I'm frankly a Unix newbie, more or less, so someone else out there would be better suited to answer that. I think you'd have to have it run at a lower priority than your app server, and I'm sure there's switches to set priority of jobs, but I don't know them. Frank, I also am doing record aging. I want to move records older than two minutes to a centralized server for processing. Think of it as multiple data collection servers and a centralized data processing server. I'm thinking that the daemon to schedule queries against the data collection servers should execute on the centralized server. I'm wonder if this form of light weight replication is a good practice. Does anyone have some insite on this? Phil - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Including jsp files that exist outside of the web application
You know, I'm not sure how often this comes up for people, but it might make a good custom tag... I can imagine simply a version of jsp:include that allows for absolute paths. Sure, it'll tie you to an OS to some degree (i.e., change paths from Windows forms to Unix forms), but that might be something people can live with. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com [EMAIL PROTECTED] wrote: On Tue, 28 Dec 2004, Dakota Jack wrote: What if you don't include the JSP file but include the related JAVA file and use CLASSPATH? Will that work? You cannot, of course, make this dynamic, since you have class loader issues. The biggest issue is the class loader issue. You might create a set of interfaces and implemenations outside your web application that allow dynamic reloading. I don't see, however, why your edited files are not just popped into your web application without issues? We would love to be able to pop our edited files back into the web application, but we don't see an easy way to do that. The files must be dynamic, as they will be edited many times over the lifetime of the current web application. So far, symbolic linking out of the web application seems to be the only way we have found to really do this. Thank you, -Raiden - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JSP compilation problem
) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929) at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705) at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) at java.lang.Thread.run(Thread.java:595) One thing... it looks like the servlet got generated, just couldn't be compiled for some reason. I can't figure out why though. I'm not sure where the compiler error output referenced in the Catalina log is. I've done some Googling for about an hour but haven't come up with anything helpful. Any ideas? I've confirmed JAVA_HOME is set properly, and I copied tools.jar to /common/lib, neither help. Thanks! -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JSP compilation problem
Interesting response... The exact same JSP is compiling on two other machines. Your right though, manually compiling it is a good next step (one that I'm ashamed to say I didn't think of myself), so I'm off to do that now. Maybe I have a corrupt file in some minor, hard-to-detect way that is causing a problem on this one Tomcat instance. Thanks for the suggestion, it's a logical course of action. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Ryan Stewart wrote: Quite simply, you have an error in your JSP that is preventing the translated servlet from compiling. If you don't know where to look for the compiler output, then just go and manually compile the servlet. -Original Message- From: Frank W. Zammetti[EMAIL PROTECTED] To: Tomcat Usertomcat-user@jakarta.apache.org Date: Thu Dec 30 06:53:31 PST 2004 Subject: JSP compilation problem [...] HTTP Status 500 - type Exception report message description The server encountered an internal error () that prevented it from fulfilling this request. exception org.apache.jasper.JasperException: Unable to compile class for JSP [...] root cause Compile failed; see the compiler error output for details. [...] ___ Check-out GO.com GO get your free GO E-Mail account with expanded storage of 6 MB! http://mail.go.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JSP compilation problem
I did not post twice Ryan. If two posts appeared, it is the same problem with the list processor that we've been seeing for weeks now. I did post a reply however... I tried your suggestion and manually compiled. I have NO classpath variable in the environment (I thought this might have been a classpath issue, and I guess it could still be, but I don't see how at this point). I manually put servlet-api.jar, jsp-api.jar and jasper-runtime.jar in /tomcat/common/lib on the classpath and compiled, and it compiles cleanly. So the problem would not appear to be a problem with the generated servlet. Any other ideas? Thank you! -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Ryan Stewart wrote: I answered you yesterday on this. There's generally no reason to post the same question two days in a row. Just wait and see if an answer shows up. Your problem is (still) that you have one or more errors in your JSP. If you can't figure out where the compiler output is, then go and compile the translated servlet manually. -Original Message- From: Frank W. Zammetti[EMAIL PROTECTED] To: Tomcat Usertomcat-user@jakarta.apache.org Date: Thu Dec 30 06:53:31 PST 2004 Subject: JSP compilation problem Hello. I'm using Tomcat 5.0.29. Working from home today and trying to run a working application on my laptop, and I'm seeing an exception when trying to access the first JSP of the app. Here's the on-screen display: [...] exception org.apache.jasper.JasperException: Unable to compile class for JSP [...] ___ Check-out GO.com GO get your free GO E-Mail account with expanded storage of 6 MB! http://mail.go.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JSP compilation problem
Very interesting... Switching to JDK 1.4.2 solved the problem. I didn't even do an uninstall/reinstall... I always install my SDK to c:\java, so all I did was rename it and copy the directory over from another PC, so any paths and registry settings should still be valid, there's just an older version in it's place. I made sure to delete the Tomcat work folder for the app, started up Tomcat and tried it, everything worked fine... JSP class was generared, servlet compiled, and page came up, no problem. So... Is there actually a problem using JDK 5.0 with Tomcat 5.0.29? If so, what version of Tomcat is OK with 5.0? (assuming any are, which I DO assume). Or is this just some sort of fluke situation? In any case, my problem is solved, and that was the resolution. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Ryan Stewart wrote: First, I apologize if I came of sounding rude before. As an infrequent visitor to this list, I wasn't aware that you are a frequent contributor. I also don't seem to have received the other reply you mention. My next thought is that you might have two versions of Java installed. If so, which version is Tomcat using? Are you sure you compiled the servlet with the same one? -Original Message- From: Frank W. Zammetti[EMAIL PROTECTED] To: Tomcat Users Listtomcat-user@jakarta.apache.org Date: Sat Jan 01 07:22:09 PST 2005 Subject: Re: JSP compilation problem I did not post twice Ryan. If two posts appeared, it is the same problem with the list processor that we've been seeing for weeks now. I did post a reply however... I tried your suggestion and manually compiled. I have NO classpath variable in the environment (I thought this might have been a classpath issue, and I guess it could still be, but I don't see how at this point). I manually put servlet-api.jar, jsp-api.jar and jasper-runtime.jar in /tomcat/common/lib on the classpath and compiled, and it compiles cleanly. So the problem would not appear to be a problem with the generated servlet. Any other ideas? Thank you! ___ Check-out GO.com GO get your free GO E-Mail account with expanded storage of 6 MB! http://mail.go.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: dynamically compile JSPs
Hey, I remember this thread :) (Mostly because you quoted my comment!) One solution is to shell out to do the compilation. I think I probably gave it to you last time, but here's the two pertinent lines from my compile job that does it: java -classpath %CP% org.apache.jasper.JspC -v3 -die -d %JSPAppDir% -webapp %WebAppDir% javac -classpath %CP% -d %JspDir% %JspDir%\*.java ...where... %CP% is the classpath, inclduing servlet.jar %JSRDir% is the location of the JSP %WebAppDir% is something like c:\tomcat\webapps\myapp (I modified this a tad so it's more applicable to you, but don't shoot me if you have to hack it slightly) Now, what I'm thinking, AND I BY NO MEANS ENDORSE THIS AS A GOOD SOLUTION, is that you could shell out these two commands, and that I think would get the job done. This is a has a Windows skew to it of course, but I can't see any reason it wouldn't work under *nix, if that's your environment, which just some minor changes. I've never tried using JspC from Java code as you did, although I'd think that's the way you'd want to go. I don't know what's wrong with the code you provided however, but if you get to that hair-pulling stage where you feel like your really stuck, I'm relatively sure the above will do it for you, if worse comes to worse. I guess if this isn't something that's going to be happening a lot, it might not be a problem this way. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Matt Bathje wrote: [EMAIL PROTECTED] wrote: http://jakarta.apache.org/tomcat/tomcat-4.1-doc/jasper/docs/api/index.html Usage of the JspC class. This should be what you want. I work in Windows 95% of the time, and I'm a simplicity freak, so I tend do do things, most of the time, with batch files called from UltraEdit. Anyway, this is relevant because one of the steps in my typical build process is a compilation of all JSP's. I use this class to do that. I can give you the two lines from my batch file that does this if it would be helpful, but I tend to think the javadocs will get you where you want to go. This is kind of an old thread I'm replying to - but I implemented what I thought would work for this, and haven't been able to get anything working reliably. As a refresher, the scenario is this: - a Tomcat 5.0.x server with Jasper setup in development=false mode - I upload a jsp page through a web interface, and want it to be compiled/usable immediately, instead of waiting for the scheduled jasper compilation - putting ?jsp_compile=true on the page doesn't seem to work - making development=true isn't an option After looking through the JspC documentation a little bit, I tried this code in my class after the JSP file is uploaded: JspC antTask = new JspC(); antTask.setArgs(new String[] { uploadTileFilePath }); antTask.execute(); And this does not seem to compile the file reliably. It does seem like something is happening, because the upload/compile action takes about 25-30 seconds longer to load when the jsp compilation code is included. In my work directory, the .java and .class files are never updated (new time stamp) right away. Sometimes if I wait a bit (5-10 minutes) the files are updated properly, but this seems to be the normal scheduled compilation. Sometimes if I load the page up in a browser after it has been uploaded/compiled, it seems to be compiled on access, but this does not always happen. I was messing around with the code a little bit, and tried this: JspC antTask = new JspC(); antTask.setArgs(new String[] { -compile, uploadTileFilePath }); antTask.execute(); but this always gave me an error that javax.servlet package could not be found. I then tried: JspC antTask = new JspC(); antTask.setArgs(new String[] { uploadTileFilePath }); antTask.execute(); antTask.setArgs(new String[] { -compile, uploadTileFilePath }); antTask.execute(); and this seemed to make it (so far) that the JSP page always gets compiled the next time it is loaded in a browser. This is passable if it must be the solution, but what I would really like is that the file gets completely compiled during the upload/compile action. The reason for this is that I want the person uploading to have to deal with the extra processing time, and not the person loading the page. Any help with solving this problem would be greatly appreciated. Thanks, Matt - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Long running requests and timeouts?
I can't answer your specific question, but the scenario you describe raises a red flag with me in general... When you potentially have such long-running requests, it's usual a Bad Idea(tm) to just allow them to run like this as part of a request. I think it's fair to say that most people would say you should be taking some sort of queueing or multithread approach, coupled with polling. I don't know your usage pattern, but especially if there could be a number of such requests coming in at once, you are tieing up server resources this way. You also start running into situations like you mention with timeouts (I'm actually surprised the browser itself didn't time out after a few minutes). It also doesn't give a very good appearance to the user... it seems like the system has just frozen, which it actually hasn't. If it's feasible, I think you may save yourself some trouble by rearchitecting this rather than trying to solve this problem. You can do something as simple as this... (1) Have a class with two static HashMaps. One HashMap we'll call THREADS and it will store a reference to an object (more on this in a second), keyed by userID... In the other that we'll call STATUS you will store a Boolean, also keyed by userID. (2) When one of these long-running requests comes in, spawn a thread to handle the XML generation, and put a reference to the thread in that THREADS HashMap for the userID your servicing (might want to use sessionID instead, it's up to you)... In the STATUS HashMap, store a false Boolean (false means the request hasn't completed yet). (3) Return a Plase Wait page to the user. Use a simple JavaScript timeout to call a status checking function every few seconds that checks the value of the Boolean. If false, just return that Please Wait page again. (4) When the thread completes, it should set that Boolean to true for that userID. (5) When the status checking function finds True, it should (a) get the reference to the thread from the THREADS HashMap, (b) get the XML from the thread (just store it in a class-level variable and expose it with a getter), (b) set some value in the thread object that indicates the thread should die, (c) return the XML to the browser. Does that all make sense? I don't know if your in a position to rearchitect what your doing, but if you are, I very much suggest doing so. Hope this helps! -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Andrzej Jan Taramina wrote: I have a situation where some requests that get sent to Tomcat are very long running (basically batch operations). I've been testing with a request that takes just over 7 minutes to process and returns and XML document as a response. The problem I'm having is that the response gets truncated. It's always truncated at a consistent spot (3207 characters for some reason, that's what Firefox reports). Shorter running requests don't truncate anything, regardless of how long the response might be. I'm running Tomcat 5.0.28 and my Connector in the Tomcat server.xml file looks like: Connector port=80 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false redirectPort=8443 acceptCount=100 debug=0 connectionTimeout=2 disableUploadTimeout=true / Is the connectionTimeout value the one that might be contributing to this behaviour? Are there any other timeout settings that might affect this? Thanks! Andrzej Jan Taramina Chaeron Corporation: Enterprise System Solutions http://www.chaeron.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Long running requests and timeouts?
Ok Andrzej, sorry I couldn't be of any real help. I see what I suggested wouldn't apply in your situation, I was just taking a guess anyway. And certainly I understand the pressure of deadlines :) Perhaps my approach might help someone else that's just lurking, but good luck in solving your problem. I too will be watching to see what your solution is, just out of curiosity. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Andrzej Jan Taramina wrote: Frank: I don't know your usage pattern, but especially if there could be a number of such requests coming in at once, you are tieing up server resources this way. You also start running into situations like you mention with timeouts (I'm actually surprised the browser itself didn't time out after a few minutes). It also doesn't give a very good appearance to the user... it seems like the system has just frozen, which it actually hasn't. These requests are not going to be called by users through a browser, since they are Web Services/REST types of requests. The only time they might get called through a browser is for testing purposes, in which case the tester knows that they will be very long running and that's not at issue. The timeout seems to be affecting scripted invocations of the request as well (using the commons-http library), so it doesn't seem to be a browser timeout issue as far as I can tell. If it's feasible, I think you may save yourself some trouble by rearchitecting this rather than trying to solve this problem. You can do something as simple as this... Does that all make sense? I don't know if your in a position to rearchitect what your doing, but if you are, I very much suggest doing so. Hope this helps! This does make sense, except for the user part, since users will never access the URL's involved directly. Furthermore, these long running tasks will be called by a scheduler, off hours, and typically there will be very few such requests a day (maybe 2 or 3 max). The requests are really single overnight batch processing runs. However, deadlines preclude rearchitecting the solution to make it asynchronous as you suggest (it's currently synchronous) in the short term. Hence my looking for a way to easily fix the timeout issue that causes the response to be truncated when Tomcat services a long running request. Thanks for the inputmost appreciated. Andrzej Jan Taramina Chaeron Corporation: Enterprise System Solutions http://www.chaeron.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: What is it mean that Java code does not belong in well designed JSP pages?
I certainly wouldn't presume to speak for Craig, so this is just my own answer... Scriplets, that is, code in JSPs inside % %, is generally considered a Bad Thing(tm) because it's too easy for business logic to sneak into the presentation. Now, there is I think room for debate about how far to push that idea. Some people think that a JSP should be absolutely nothing more than a template for display, so you should wind up with nothing but things like $=someVar%, or more correctly, something like bean:write name=myBean property=myVar /. However, where there is room for debate is whether using any sort of logic whatsoever in a JSP is bad or not. Taking the JSP as a template only idea to it's fullest extent seems to me to imply that logic in ANY form is to be avoided, and should not be done in a JSP, whether it's using taglibs or not to do it (i.e., logic:equal/ shouldn't even be used because it's logic). I think this is too extreme and limits the types of applications you can do... try doing the kinds of apps I do for a living for example, which are webapps that look, feel and work like fat clients, and you'll be hard-pressed to pull off the kinds of things I do without some level of logic in JSPs. That being said, good design dictates that you need to be careful what gets put in your JSPs, whether you use custom tags or not (I'm not a fan of custom tags myself in most cases). Business logic does NOT belong in JSPs, and indeed anything other than trivial bits of code probably shouldn't be there either. I'm not entirely sure what the code you posted is doing, but my gut feeling is that it's too much for a JSP. I do things like this all the time; % boolean altRow = false; String rowStyle = ; for (Iterator it = form.getTOAList().iterator(); it.hasNext(); ) { if (altRow) { rowStyle = cssListboxAltRow; altRow = false; } else { rowStyle = ; altRow = true; } HashMap nextItem = (HashMap)it.next(); BigDecimal toaID = (BigDecimal)nextItem.get(toaID); String status = (String)nextItem.get(status); % tr height=24 class=%=rowStyle% td%=status%/td td%=toaID%/td /tr % } % ...and some will say that's way too much... let's skip the this should be a custom tag! argument for the time being... This kind of code I see no problem with being in a JSP. It's strictly presentation-oriented, and isn't extensive. That being said, NOW we can get to the this shouldn't be there at all argument... it is a perfectly reasonable argument. In an environment where you have page authors and Java coders, you don't want your page authors to have to see code like that. In fact, in the perfect environment where it's split exactly right, they wouldn't even know what this code meant. But, if you had a custom tag that encapsulated that functionality, they could just put showTOAList/ and be done with it. That's the argument for taglibs (the main one anyway). However, you have to ask yourself what kind of environment your in... I dare say most environments are NOT set up that way... maybe they should be, but I don't think the majority are... most places, your page authors are your Java coders are your database developers are your business analysts, etc. In that case, I think the argument doesn't carry as much weight. Eh, I guess I'm off on a bit of a tangent. Most people will tell you that code in JSPs is to be avoided, and I'm not going out of my way to debate that. But, I think it's fair to say that if you do have code in JSPs, it should be (a) trivial and (b) strictly presentation-related. Breaking THOSE rules, which by extension breaks the higher rules, is to be avoided at all costs. Just my opinions. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Dola Woolfe wrote: I just read this thread and didn't quite understand it. If it means what it seems to mean on the surface, I'm doing everything wrong. Schematically, my typical JSP page looks like the following (basically 100% code). Is this what Craig is advising against? %@ page errorPage=ErrorPage.jsp import=html.*% [EMAIL PROTECTED] file=InitializePage.jsp% % Table table = new Table() .pAddH(#).pAddH(Action).pLN() .pAddC(1).pAddL(new Anchor(HelloPage.jsp, Say hello to my friend.)).pLN() .pAddC(2).pAddL(new Anchor(GoodByePage.jsp, Say good bye to my friend)).pLN() ; MyTemplate template = new MyTemplate (Main Actions, table); Page pAgE = new Page(new MyHead(Data Tools), new Body(template)); % %= pAgE % __ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED
Re: What is it mean that Java code does not belong in well designed JSP pages?
David Johnson wrote: Using taglibs instead of code adds a level of obfuscation that, IMHO, makes it difficult to get work done. I always end up taking the servlet that was generated from the JSP and rewriting it so it works correctly, performs adequately, and generates no side effects. This has always been my biggest problems with taglibs too, that and the fact that it's yet something else a new developer coming on to a project has to learn before they can be effective (or at least optimally effective). I prefer all the code being right there in front of me, not having to go hunt down source somewhere. Additionally, I don't like having to recompile a class to make a change and then redeploy the class (or worse yet, the whole app). If it's just in a JSP, I can update the app on-the-fly (assuming JSP compilation is still active). That being said, I actually like the idea of Tag Files. It's not quite as bad, it's no worse than a JSP include, although the point about more to learn still stands. But, then it's just usual JSP code, which they would already know, so it's still not quite as bad in that regard either. It's kind of amazing that a lot of people don't even know about that capability. Like you said though, what works in one environment may not work in another, and taking a hard stand either way is a bad idea. Heck, I've used taglibs on plenty of occasions and it's worked out beautifully. Right tool for the job and all that jazz, right?!? -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: What is it mean that Java code does not belong in well designed JSP pages?
That's a good point Tim... I have to admit I've only used methods a couple of times in JSPs, generally preferring all the code be inline (except where there would be a lot of duplication, then I tend to make utility classes). You make a good point though, I may start getting into that habit myself :) -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Tim Funk wrote: Essentially you have written a servlet but packaged it as a JSP. Anytime it becomes a trivial effort to hand transform a JSP into a servlet usually means some refactoring is in order. Personally I do not mind java code in JSP's but only if its structured. I try not to rely on in-line java code - but I try to use methods or inner classes for most java coding in a JSP. By doing that - it becomes easier to rip the methods and inner classes from the JPS page and into an independent object. By doing this - I get rapid turnaround - but don't code myself in a hole for when new functionality might be needed that might overlap existing pages. -Tim Dola Woolfe wrote: I just read this thread and didn't quite understand it. If it means what it seems to mean on the surface, I'm doing everything wrong. Schematically, my typical JSP page looks like the following (basically 100% code). Is this what Craig is advising against? %@ page errorPage=ErrorPage.jsp import=html.*% [EMAIL PROTECTED] file=InitializePage.jsp% % Table table = new Table() .pAddH(#).pAddH(Action).pLN() .pAddC(1).pAddL(new Anchor(HelloPage.jsp, Say hello to my friend.)).pLN() .pAddC(2).pAddL(new Anchor(GoodByePage.jsp, Say good bye to my friend)).pLN() ; MyTemplate template = new MyTemplate (Main Actions, table); Page pAgE = new Page(new MyHead(Data Tools), new Body(template)); % %= pAgE % __ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: ?? Sharing the JSTL JARS and Classloading ??
Tony LaPaso wrote: There's a more important issue at work here than whether or not I have to put the JARs in common/lib or shared/lib: When writing code it's considered a bad practice (and I think, rightfully so) to copy and paste the same code to various locations. Instead, we factor out common behavior into separate classes or methods. There's an analogous idea involved here -- instead of copying and pasting the same JARs across many web applications it makes more sense (to me, anyway), to factor out these JARs and make them centrally available. Having said that, I also realize the code within the JARs must be written such that the classes can be shared. The flip side of that of course is that you'll potentially run into the same problem as Windows: DLL Hell, although it'll be JAR Hell now :) The point about administrative simplicity is well-taken, but I've always been of the mindset that I'd rather have the JARs repeated in each webapp because then if I have to change a JAR version for a particular app I don't have to go and make sure all the other apps work with that version too. Same problem with DLLs... how many times have you had a version conflict with MS Common Controls? Maybe not recently because some work has been done to alleviate this situation, but certainly in the past is arose all the time. The same could happen if you make JARs shared across webapps. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: persistence after the request response cycle
The other common approach is to re-send the data for page 1 as hidden form fields with the page 2 form submission. That way, the second time the servlet is executed, it is getting all the required data as part of request. As a general rule (which is broken often for one reason or another!), if the amount of data is somewhat large (or could be, like a textarea's entry perhaps), then session tends to be frowned upon because it becomes a performance concern and a potential problem in a distributed environment. But if the size is small, session makes life easier, but be aware that server resources are being eaten with sessions, therefore if you envision a rather large client load, it can become an issue (but this tends to be solvable just by throwing hardware at the problem most of the time). -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Sun, September 19, 2004 6:02 pm, Craig Berry said: The usual mechanism for this is to persist intermediate data to a session-scope object which is persisted after all data has been accumulated. Struts provides excellent support for this pattern. -Original Message- From: ian stone [mailto:[EMAIL PROTECTED] Sent: Sun 9/19/2004 11:25 AM To: Tomcat Users List Cc: Subject: persistence after the request response cycle Hi All, In my present set up I have a servlet serving a HTML page, the HTML page returns the form data via POST which the same servlet saves to a MySQL database. I'd like to extend the present setup so that after receiving the 1st POST data, the servlet responds with HTML page 2. HTML page 2 then returns form data via POST to the same servlet. The servlet would then save the accumulated responses from HTML pages 1 2 to the MySQL database. How can I get the servlet to remember or persist the response of HTML page 1 without writing to the database or to file. Thanks Ian ___ALL-NEW Yahoo! Messenger - all new features - even more fun! http://uk.messenger.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat vs BEA Weblogic?
The one comment I would make is that with BEA, you have a certain degree of accountability that you don't have with an open-source product. That can be important in a business environment. I'm probably starting a religious war by posting this, but to some companies it is frankly more important to have someone that's on the hook for problems that arise (and ultimately someone that is legally liable should it really go bad), and you just don't have that with an open-source project. This may or may not be important in your environment, and to be sure there are plenty of advantages that OSS has over commercial offerings and you need to weigh those against the downside(s). I'm not sure I can really comment in terms of how they compare from a technological standpoint. I can tell you that WebLogic is a very robust platform (having previously had some apps running on it), and one benefit that you might see is that having all the various pieces coming from the same vendor might make it more stable (think BEA vs. Tomcat w/JBoss and Axis all pieced together). This isn't necasserily true, but could be. On the flip side, all that functionality comes at the price of added complexity. Tomcat really is very simple to get going with and to administer and tune, and if it has all the functionality you need, this can be a boon to your work. I do have one app hosted on Tomcat. It's what I would call a low-to-mid-size app load-wise (around 75 concurrent users at any given time, on the order of 5,000 requests per day). Tomcat gives us fantastic performance with that load, so my guess it that it will scale quite a bit further. The other thing to be careful about, since you said you are inheriting this app, is if the programmers did anything that is WL-specific that you'd have to deal with to convert. If there's nothing, the decision is in some ways harder because you can justify Tomcat a little bit easier (on cost if nothing else). If there's ANYTHING that's WL-specific, if I were in your shoes, I'd probably stick with WL, just to try and minimize any problems I might get blamed for. It might be tough to figure out if there's anything that might be a problem or not, so possibly it's better to play it safe. In short, I'm a big fan of Tomcat, I use it exclusively during development and use it in production as well, but since you have an existing app already running on WL, and since it is a business environment, all things considered, I'd tend towards the side of sticking with WL. Especially if your company doesn't have a problem with the price, I think my lean would increase! -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Sun, September 19, 2004 7:31 pm, Bjørn T Johansen said: I am taking over a project that's running on Weblogic 8.1 SP3 today.. They are only using the jsp-container and it is time to renew the support agreement with BEA. So I was just wondering, is it worth it? Or is Tomcat as good as WL or maybe better? Does WL have features that is missing in Tomcat? When the time comes to use EJB, is JBoss as good as/better than WL? So basically, I would like some advice on why I should/shouldn't continue with Weblogic? :) Regards, BTJ -- --- Bjørn T Johansen [EMAIL PROTECTED] --- Someone wrote: I understand that if you play a Windows CD backwards you hear strange Satanic messages To which someone replied: It's even worse than that; play it forwards and it installs Windows --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: method level synchronization doesn't work
Why not just let SQL do the update? Do the following: update my_table set counter_field = counter_field + 1 (where clause here if needed) (off the top of my head, my syntax might be off) In other words, why not let the database handle the concurrency issue? That's kind of what they're there for (partly anyway). Malia Noori wrote: Thank you for replying, but I would appreciate it if you could expand on your explanation. Here is my original post: Actually, the data that I am modifying requires a transaction and synchronization. It increments a counter stored in the database. So, I have to do a select to get the current value, increment the counter, and then insert the new value. So if two threads are accessing it at the same time, the counter will not be properly incremented. What's puzzling is that method level synchronization does not work while synchronizing on a block of code inside a method works. Regardless of what persistence mechanism I use (i.e. Hibernate, EJB, etc), I have to synchronize on the method that increments the counter stored in the database. I can't avoid this due to business logic. Please let me know if there is alternative to synchronization. Thanks, Malia -Original Message- From: QM [mailto:[EMAIL PROTECTED] Sent: Thursday, September 30, 2004 3:01 PM To: Tomcat Users List Subject: Re: method level synchronization doesn't work On Thu, Sep 30, 2004 at 01:14:26PM -0400, Malia Noori wrote: : I thought Tomcat instantiates only 1 instance of JSP servlet to handle all : requests. Isn't that the reason why it's not suggested to have instance : variables? Close, but not quite. ;) The servlet spec permits a container to create as many instances of a servlet class as it sees fit. The same goes for creating and destroying a servlet object several times over a context (webapp) lifetime. That said, a servlet's main methods -- doGet(), doPost(), service() -- may be called concurrently for the same servlet object. These methods are thus meant to be thread-safe, and as such they shouldn't modify object instance variables. (It's fine to call such variables, as long as they are read-only or at least treated as such.) : If it is the case that 2 instance of JSP servlets gets created : to handle each request, what's the best object to synchronize on? I missed your original post, so I can say only this: when you find yourself painted into a corner, it's time to revisit the design stage. -QM -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: method level synchronization doesn't work
Well, I'm not sure it was stated that a return value was needed. The way I read the original post was basically (to paraphrase): I need to update a counter field, and the way I intend to do it is to retrieve the current value, modify it, and then write it out again as two separate queries. If that's the scenario, I don't see any reason the SQL statement I gave (assuming I got the syntax right) wouldn't work just fine. If your saying that you need to do the update and then retrieve the value for some reason, then I agree, it's not as straight-forward. One thing that MIGHT work, although I'd frankly have to go try it myself to be sure, is a subquery, something along the lines of: select (update table set counter=counter+1) as counter from table Even if the theory is correct, I'm not sure about how database-independant it may or may not be. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Mike Curwen wrote: Ok, since it's been brought forward... how do you update and retrieve all in one query? This is for: I need a new primary key, and I need it to be thread safe. something that would run on mysql? unless you can get this magic query, it's not quite as simple as let the databse handle it, is it? -Original Message- From: Peter Lin [mailto:[EMAIL PROTECTED] Sent: Thursday, September 30, 2004 7:42 PM To: Tomcat Users List; [EMAIL PROTECTED] Subject: Re: method level synchronization doesn't work that would be the easiest way. but you made it too easy, I thought people are suppose to suffer and stumble :) peter On Thu, 30 Sep 2004 17:46:51 -0400, Frank W. Zammetti [EMAIL PROTECTED] wrote: Why not just let SQL do the update? Do the following: update my_table set counter_field = counter_field + 1 (where clause here if needed) (off the top of my head, my syntax might be off) In other words, why not let the database handle the concurrency issue? That's kind of what they're there for (partly anyway). - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Reducing network traffic for rollover images
Yep, turns out this is a known issue with IE. I guess that's the reason CSS-based mouseovers aren't used much more often. You may want to take a different approach here... Consider doing what is probably the more common approach, which is to have two versions of your menu items, a normal state and a hover state version, and switch them via Javascript (using the pre-loading I mentioned). There does some to be some ways around the CSS problems though having to do with layers on top of each other and hiding one or the other. I played for a few minutes to get such an approach to work and I got about 95% of the way there (still had a problem with the actual content being placed properly over the background). I'd personally just go with the first approach. Like I said, I think it's the more common approach, and even though the CSS approach might be more appealing, the other way will probably be more cross-browser (if you consider this constant loading of issues in IE, and in Opera and some others from what I read, to be a cross-browser concern as I would). -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Robert Hunt wrote: To clarify: Watching the Tomcat access log and using permutations of CSS and the FrankZ/jscript-caching-strategy to achieve the rollover effects, I've found that the background image is requested: IExplore 6.0Netscape 7.2 - -- CSSeach mouseover once per page(1) JS once per page(2) once per page(2) each mouseover (1) upon first hover/mouseover (2) when the jscript executes - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Reducing network traffic for rollover images
I really think this is a case where we might be trying to hard to be innovative... Just do the typical two versions of an image and some scripting approach. Sure, slightly less maintainable, and yes, not quite as elegant code-wise, but it's a proven method that works across just about any browser (with JS enabled of course, but it degrades nicely to just the single normal state image, so no harm there). -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Robert Koberg wrote: Robert Hunt wrote: To clarify: Watching the Tomcat access log and using permutations of CSS and the FrankZ/jscript-caching-strategy to achieve the rollover effects, I've found that the background image is requested: IExplore 6.0Netscape 7.2 - -- CSSeach mouseover once per page(1) JS once per page(2) once per page(2) each mouseover (1) upon first hover/mouseover (2) when the jscript executes I have been hoping someone would offer some innovative solution, but there really isn't one... You have to perform some ugly hack. Check http://alistapart.com for some solutions. For example, you could provide the image with both (3?) states and adjust the margin to show the correct state: a href=boo class=hoverLink normal onmouseover=this.className='hoverLink hover' onmouseout=this.className='hoverLink normal'boo/a With the image looking like: - | normal state | 30px in ht - | hover state | 30px in ht - .hoverLink { background: url(images/states.gif); } .normal { margin-top: 0px; } .hover { margin-top: -30px; } something like that... :( best, -Rob - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Reducing network traffic for rollover images
I agree, and I actually had typed up almost an identical message but then decided not to send it (for some reason that I don't really recall). I do think the CSS-only approach is a nobel goal and is moving in the right direction. A fairly big problem with using CSS nowadays though is browser adherance to standards (read: IE!). It's not too bad if you stick with CSS1, but anything above that tends to become an issue, and of course it is what's above CSS1 that is of interest for the most part :) But yes, I agree completely with Nikola, and that's why I said (and I'm pretty sure I did send this message) that we might be trying to get too clever with the CSS-only approach. Going with Javascript and images is slightly less convenient to maintain, but it will likely be more cross-browser, and will degrade nicely in browser with scripting is diabled (you'd only see the usual non-hover state of the image all the time). Speaking of maintenance convenience... I don't like to plug products, but I've come to really like Xara WebStyle for buttons and things like this. It makes changes very easy. I have a rather complex application I built at work, and one of the requirements was a TON of tabbed dialog screens (the sheets were all dHTML-based, and the tabs were image-based because that was the way to achieve the look-and-feel they wanted). Anyway, we're talking about something in the neighborhood of 400 or so tab images because there was around 100 unique tabs throughout the system and each tab has four different versions (normal, hover, disabled and highlighted). WebStyle makes it incredibly easy to create the images in a wizard-like way, so when someone needs a new tab or slightly different verbiage, no problem, only takes a second to generate the image. For interface element graphics that you think might change with any kind of frequency (and to me this means AT ALL!), a program like WebStyle can be your best friend. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Nikola Milutinovic wrote: Robert Hunt wrote: After some analysis and trial error, I've found** that the correct JS syntax in this application is: {HTMLElement}.style.backgroundImage = 'url( ' + img1.src + ')'; where {HTMLElement} would be this as in: a href=xxx onmouseover=this.style.backgroundImage = 'url(' + img1.src + ')'; ... Why are you using background? Why not a regular image? a href=... onMouseOver=img1.src = 'img1_over.gif' onMouseOut=img1.src = 'img1.gif' img name=img1 id=img1 src=img1.gif /a Or you can use DOM style: onMouseOver=document.getEllementByID( img1 ).src = 'img1_over.gif' Watching the Tomcat access log and using permutations of CSS and the FrankZ/jscript-caching-strategy to achieve the rollover effects, I've found that the background image is requested: IExplore 6.0Netscape 7.2 CSSeach mouseover once per page JS each mouseover once per page Try the real image, that is pre-fetched in a script. So, as has been 99% of my experience, NS does it right, IE leaves a bit to be desired. heavy sigh It appears that when .style.backgroundImage is modified in IE, another HTTP GET request is triggered. I'm going to see if I can do a swap with a hidden element that (already) has the desired style and see if I can fake out IE. I understand what you want to do. You want your rollover to be done in CSS, no JScript or JavaScript involved. I'm afraid ther is no ellegant way of doing it. Using the background is awkward. That a ellement has to wrap something other than thin air. So you'll be placing a transparent GIF or something else traslucent inside the tag. No, image rollovers work best the traditional way. Nix. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JSP under /WEB-INF folder
Just from a curiosity standpoint Jack... I've already decided it's not an approach I'd advocate, but I am interested to know how you serve things like graphics and stylesheets from under WEB-INF. I assume all your graphics are actually server by an Action (a trick I've pulled when serving images from a database), and I further assume your stylesheets aren't just linked in... -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Dakota Jack wrote: snip On Tue, 28 Dec 2004 13:57:33 -0500, Frank W. Zammetti [EMAIL PROTECTED] wrote: I think his problem is probably linking to stylesheets and such... Actually, now I have to ask you... if you put *everything* under WEB-INF, I assume you are serving all graphics from a fronting web server then? Otherwise, any document returned to the user that links back to a resource under WEB-INF won't be reachable, which was the crux of his problem as I understood it, that's why he was talking about includes and such all over the place. But, if you really are serving everything from there, how are you doing it? Just curious at this point :) -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Dakota Jack wrote: I don't know why you are saying that css and/or js must be placed directly under WebRoot. Why do you? I can give you various solutions, once I find out what the problem is supposed to be. There is no issue, by the way, with putting your JSP files under WEB-INF. There are other ways to protect access, but this is, I think, a good one too. Jack /snip Frank, are you still interested in this? I just noticed it. Jack - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JSP under /WEB-INF folder
One thing worth pointing out about this is that you'll lose the benefit of fronting your app server with a web server... You won't be able to offload the serving of images, stylesheets and such, from the app server to the web server. That's probably not a big problem in many cases where a single server with a decent set of specs can handle the load anyway, but in a more robust enterprise environment, your really kind of defeating the purpose of a fleet of web servers in front of a number of app servers. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Dakota Jack wrote: snip On Sat, 29 Jan 2005 09:00:39 -0500, Frank W. Zammetti [EMAIL PROTECTED] wrote: Just from a curiosity standpoint Jack... I've already decided it's not an approach I'd advocate, but I am interested to know how you serve things like graphics and stylesheets from under WEB-INF. I assume all your graphics are actually server by an Action (a trick I've pulled when serving images from a database), and I further assume your stylesheets aren't just linked in... /snip img src='resource.do?file=whatever.jpg' link href='resource.do?file=whatever.css' rel='stylesheet' type='text/css' You can also put this sort of Struts protocol into Flash ActionScript, etc. To be complete on this list: public final class ResourceAction extends Action { public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { String file = request.getParameter(file); String ext = file.substring(file.lastIndexOf('.') + 1); String type = null; String path = null; if (gif.equals(ext)) { type = image/gif; path = path(gif); } else if (jpg.equals(ext)) { type = image/jpeg; path = path(jpeg); } else if (css.equals(ext)) { type = text/css; path = path(css); } else if (flash.equals(ext)) { type = application/x-shockwave-flash; path = path(flash); } else if (text.equals(ext)) { type = text/plain; path = path(text); } else if (js.equals(ext)) { type = text/javascript; path = path(js); } else if (png.equals(ext)) { type = image/png; path = path(png); } else if (html.equals(ext)) { type = text/html; path = path(html); } else if (applet.equals(ext)) { type = application/x-java-applet; path = classes + File.separator + com + File.separator + crackwillow + File.separator + applet; } String name = Classpath.WEB_INF + path + file; response.setContentType(type); response.setHeader(Cache-Control, ); response.setHeader(Pragma, ); response.setHeader(Expires, ); response.addHeader(Content-Disposition,filename= + name); try { FileInputStream fis = new FileInputStream(name); BufferedInputStream bis = new BufferedInputStream(fis); byte[] bytes = new byte[bis.available()]; OutputStreamos= response.getOutputStream(); bis.read(bytes); os.write(bytes); os.flush(); os.close(); } catch (IOException ioe) { StdOut.log(SiteConstant.ERROR_LOG,ResourceAction: problem file is: + name + \n + StackTrace.trace(ioe) + \n + ioe.getMessage()); } return null; } private String path(String fileType) { return resource + File.separator + content_type + File.separator + fileType + File.separator; } } ///;-) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JSP under /WEB-INF folder
Lo, Frank. You really don't lose anything. You just gain a choice. There is a lot more to be said on this, but you probably would know everything on this anyway, so I will leave it at that. That's not strictly true though Jack (neither your premise that you don't lose anything or that I know everything about this, I almost certainly don't!)... In some environments, as I'm sure you know and probably have even dealt with, you have a bunch of web servers in front of a bunch of app servers. The web servers serve static content like images, stylesheets and usually server-side includes, things like that, while the app server handles JSPs and actual server-side (servlet) code. Putting everything under WEB-INF removes this choice because every request has to be routed to your app servers now. In larger scenarios, the whole point of the web servers (well, most of the point anyway) is to offload that work from the app servers and gain efficiency. Division of labor and all that jazz. :) I'd certainly agree that if a particular situation doesn't call for such a distributed environment in the first place, than it's a moot point, and what you suggest certainly has some benefits. But if that's not the case, or if it some day might not be the case (i.e., your app might have to scale into such an environment), then it could become an issue and people should be aware of it before they make their decision. I also don't know what effect this might have in a true distributed environment (i.e., might it be a problem if one request, say for an image, is serviced by one machine, while another services the JSP execuetion itself?). This might never arise, or it might not be a problem at all even if it does, but it could be something for someone to explore is my point. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Dakota Jack wrote: snip On Sat, 29 Jan 2005 17:17:03 -0500, Frank W. Zammetti [EMAIL PROTECTED] wrote: One thing worth pointing out about this is that you'll lose the benefit of fronting your app server with a web server... You won't be able to offload the serving of images, stylesheets and such, from the app server to the web server. That's probably not a big problem in many cases where a single server with a decent set of specs can handle the load anyway, but in a more robust enterprise environment, your really kind of defeating the purpose of a fleet of web servers in front of a number of app servers. /snip Lo, Frank. You really don't lose anything. You just gain a choice. There is a lot more to be said on this, but you probably would know everything on this anyway, so I will leave it at that. Jack - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JSP under /WEB-INF folder PROTOCOL PAGES (ProtocolPages)
in a distributed environment. I'd be interested to hear your thoughts on this point... -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[OT] Re: JSP under /WEB-INF folder PROTOCOL PAGES (ProtocolPages)
. Not following... reading from where? Well, I bet you are being too humble. I am happy to say that my wife just thinks I am the most adorable, wonderful, guy. Go figure, eh? That's what I like, woman that are easy to please :) (You were left SO wide open there I just couldn't resist!) Technology seems to get ahead of rumor in our little world of web work. So, I definitely would like to revisit this. I am going to squeeze getting the *facts* in here soon. I look forward to your test results :) This seems to be false to me. Maybe I misunderstand you. I don't think the browser has a clue whether we are looking at src='myCss.css' or src='resource.do?file=myCss.css'. Right? Jack That's right, the browser doesn't know the difference, but the server side does, and I put that in quotes because it's a little tricker in this discussion to define it. Here's a typical sequence chart, simplified a bit: * Browser requests page from web server- * Web server returns HTML page- * Browser parses page and constructs list of resources to retrieve... * Each image is requested from web server (in parallel, one hopes!)- * Web server returns images, in many cases from a memory cache- * Browser renders page. Nothing unusual there. So you have 11 total round-trips to the server, one for the document, 10 for the images... It might be the same HTTP connection, but that's not definite (in fact I think it's definitely NOT the case, HTTP being stateless and all, but there could be something I don't know there at a very low level), and ultimately not relevant to this discussion anyway because it's still 11 requests, whether the actual connection is torn down between them and rebuilt anew for each or not. Now, let's see what happens using ResourceAction, and I'll take the simpler case of the page being straight HTML and not a JSP... * Browser requests page from web server... * Web server returns HTML page- * Browser parses page and constructs list of resources to retrieve... * Each image is requested from web server- * Web server recognizes .do and passes the request on to app server- * App server performs whatever functions it needs to in order to fulfill the request (in this case we're talking the whole litany of Struts functionality, including your Action of course)- * (Does the app server pass the response back to the web server to serve, or does it serve it directly to the client at that point? I'm actually not sure, but let's be optimistic and say the web server is out of the equation at this point, although I suspect that's NOT the case) In any case, images are returned to client- * Browser renders page. There is clearly more work done with the second chart because the app server is now involved. How costly is all that work? You could make the argument that because any servlet-based application is incurring those costs with most requests, what's the big deal about adding a few more? To a degree that would be a reasonable argument, but scalability is most certainly at risk because viewed from the point of view of the app server, a single page really corresponds to 10 app server requests. Even if it's all done in the most efficient way, those ten requests look, for all intents and purposes, like 10 simultaneous USERS (assuming 1 request per user). So, maybe your app server can handle 100 concurrent requests... If the web server was allowed to serve the images, your app server still has 100 slots available to service requests, which corresponds generally to 100 concurrent users... If it's serving 10 images for each physical user though, now you can only service 10 concurrent users, so you've reduced your overall server capacity (as viewed by outside clients) by 90%. Ouch. I fully acknowledge those are rough, worst-case numbers... I certainly don't mean to imply that your approach is 90% worse. Not at all! Just trying to illustrate the problem, as I see it, in certain environments. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Re: JSP under /WEB-INF folder PROTOCOL PAGES (ProtocolPages)
-INF *or* a database, transparently to the user and front-end. That's a nice bit of flexibility to be sure. I don't say you are mistaken. I just think that this is going to be an interesting little inquiry, if you want to chase it to its end, which is my normal proclivity. At this point I don't think either of us could walk away with an actual answer :) I understand. All your comments are quite fair, in my opinion. We'll look around and learn a bit here. I leave the leg-work to you :) -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Re: JSP under /WEB-INF folder PROTOCOL PAGES (ProtocolPages)
Dakota Jack wrote: app server = (AS) struts server = (SS) req = request -- = pass res = response You lost me here already... What's the difference between the app server and the struts server? Isn't Struts running IN your app server? With ResourceAction ___ First case HTML = req (AS) res (AS) = 2 Second image JPEG (say) = req (AS) -- res (SS) = 3 . Tenth image JPEG (say) = req (AS) -- res (SS) = 3 WIthout ResourceAction ___ First case HTML = req (AS) res (AS) = 2 First image JPEG (say) = req (AS) res (AS) = 2 Second image JPEG (say) = req (AS) res (AS) = 2 . Tenth image JPEG (say) = req (AS) res (AS) = 2 This is 22 versus 32. Apparently you forgot (I think?) that the app server has to handle ten images too. They don't just go out with the page, although we are looking at this in a very oversimplified sense. I don't see how you got 22 OR 32! :) The first request from the client is for the HTML document, right? So that's one request. The browser then sees ten img tags, regardless of what they point to. So for each one it makes a request. That's 10 requests, right? So it's 11 in all from the client to the server (ignoring for the moment whether server means app server alone or web server in front of app server, or whatever other configuration you might dream up). The only different between the two approaches we've been discussing is what on the server is going to handle each of those 11 requests... Is it a web server sending back a static HTML page for the first request, and then an image for each of the subsequent 10 image requests, or is it a web server returning the HTML page and then an app server returning the images, or an app server returning the page AND the images? There is no question that the AS is quicker with HTML than the SS, but I am not so sure about the images. The SS may be faster. There is lots of room here for tuning. Let me ask you this question... If you are accessing a web site, and you connect directly to the Internet, is that, ignoring things like caching and such, generally going to be faster than going through a proxy? I'd hope you would say yes. Now, clearly, if the proxy is doing caching and/or other optimizations, it might turn out to be faster, but that further proves my point: the web server is like the proxy in this example. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Re: JSP under /WEB-INF folder PROTOCOL PAGES (ProtocolPages)
Dakota Jack wrote: I am certain on this one, because you can do this sort of thing *without* the web or app servers at all. I do this fairly frequently with code not unlike and heavily borrowing in principle from Jason Hunters HttpMessage and HttpsMessage in COS. The ResourceAction sends the response and ends the whole process by returning null. I agree, obviously you can take Tomcat for instance and use it to serve everything... I have a production app that is a single server running Tomcat and Oracle and that's it, no web server anywhere, everything is served from Tomcat whether it's a JSP, an image, an HTML document or whatever else. The question that's in my mind though is what happens when you have a web server in front of Tomcat? Just rendering to the response in a servlet might not be enough in that case... Think of a proxy analogy... Does the web server almost appear like a proxy? In other words, a request comes in to the web server, does it (a) pass the connection to the app server to fulfill, at which point it's done and can service more requests, or (b) does it ask the app server for the resource, whatever it is, wait for the response from the app server and send it along to the client when the app server is done responding? Same idea as a network proxy. The point being, just because the app server CAN serve everything, doesn't necasserily mean it WILL with a web server in front. But again, I don't know the answer here, it's just a question in my mind. ceteris paribus /snip Heh, I meant to tell you last time, this is Latin, not Greek. LOL ///;-) Really?? Well, I have something to yell at my Macroeconomics professor for then! I know for sure she said it was Greek! :) Funny aside... My Macroeconomics professor... her last name, and I couldn't have made this up, is Economopolous. That just rules! But now your pushing those caching decisions back on the browser, right? I thought one of your basic premises was to not trust the browser to construct URLs and such? Wouldn't you have the same distrust for caching? (and probably worse since that is at least at the users' discrection) /snip The answers are no, yes, no. Setting caching in the response object is not equivalent to setting caching in the meta tags. This is why the ResourceAction has an edge. Note also that the setting of cache, pragma and expires are runtime alterable, and can override the meta tags, in ResourceAction. I left those decisions out of the code I sent you. Did you notice where I added in it response to someone's query on that? I did notice, but my point is that the browser settings would override any tags or headers you set. I might be wrong about that, but that would be my expectation. After all, what good is a setting in my browser that says don't cache anything if a web site designer can come along and overrule that? Surely the FOSS community would be up in arms over their loss of freedom, right?!? ;) -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Re: JSP under /WEB-INF folder PROTOCOL PAGES (ProtocolPages)
I still don't understanding the 32 and 22... What do the [2] and [3]'s represent? Dakota Jack wrote: Too late when I sent this. Let me make the necessary alterations to the nomenclature. Sorry! web server = df. (WS) app server = df. (AS) request= df. req response = df. res = df. passing the control With ResourceAction 1.0 WS req WS res HTML [2] 1.1 WS req AS res [3] 1.2 WS req AS res [3] 1.3 WS req AS res [3] 1.4 WS req AS res [3] 1.5 WS req AS res [3] 1.6 WS req AS res [3] 1.7 WS req AS res [3] 1.8 WS req AS res [3] 1.9 WS req AS res [3] 1.10 WS req AS res [3] Total 32 Without ResourceAction 1.0 WS req WS res HTML [2] 1.1 WS req AS res [2] 1.2 WS req AS res [2] 1.3 WS req AS res [2] 1.4 WS req AS res [2] 1.5 WS req AS res [2] 1.6 WS req AS res [2] 1.7 WS req AS res [2] 1.8 WS req AS res [2] 1.9 WS req AS res [2] 1.10 WS req AS res [2] Total 22 However, let me note, once again, that we can make it 22 to 22 by simply sending the attributes that are relevant back to a different server. For example, we could have img src='http://blahblahblah.com/ResourceAction.do?file=whatever.gif' Doing this, if we are talking about serving images to a large-scale site, we could get rid of both the WS and the AS and use a SCS (small custom server) optimized for this situation. I do this sort of thing constantly, *sub rosa*, on my sites. This is probably quicker than using WS to serve the images, and certainly so if the images are in any way dynamic in nature and if we make use of the multithreading opportunities that crop up in this situation. But, this is going afield. And, this is only looking at the upside too. Jack If we are talking about dynamically-created resources, then I would tend to agree with your view. But we have, at least as far as I was concerned, been talking about strictly static resources. In that case, your basic premise boils down to, as I see it: An app server running ResourceAction can serve resources more efficiently than a web server. Again, strictly talking about static resources, I would be absolutely SCHOCKED to learn this is the case under most circumstances. That would be like saying a Cadillac could beat a NASCAR vehicle in 1 ten-lap race... It might be able to under some circumstances, like the NASCAR driver being drunk!, and certainly there are some very nice trade-offs to driving the Caddy like more room and a better stereo, but in general you wouldn't expect the Caddy to lose. A bit of hyperbole there, but the underlying point is what's important. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Re: JSP under /WEB-INF folder PROTOCOL PAGES (ProtocolPages)
Dakota Jack wrote: The good is that the web site designer knows when a change has been made and the assumption is that you are going to see what the web site designer has to offer. No? Jack I concur with the assumption, but I don't see it making any difference... Remember that what we affectionately refer to as the web these days is really a lot more than what it was originally. One of the things that was originally intended is that the client is in complete control. If the user wants to request a resource from a server, and they tell their browser via a setting that no, I WANT you to go ask that server EVERY SINGLE TIME for the resources, NEVER use what you might have in the local cache, then they should be allowed to do that, and whatever the web site creator wants you to do is irrelevant. Same idea when the user can override fonts and colors and the like with their own local settings. Nowadays though, us web app/site designers think WE know how best a client should view our site, and we actually go out of our way to make it so... how many times have you visited a site where the font is too small and the usual font size adjustments don't make any difference? So you have to go in to setting and uncheck that User Font Sizes Specified By Site option. Annoying, and not what was originally intended. This is of course all only relevant to the extent that it supports my point, that anything you do on the server side to try and control caching is either (a) useless because the end user can override it anyway or (b) not in keeping with the spirit of the web, at least, not as originally intended. Now I'm off on a bit of a tangent though :) -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat control from Ant
Hello all. I have an Ant build script for an application that stops Tomcat if it's running, deletes the work folder for the application (so I can ensure all JSPs get recompiled) and starts Tomcat again. Here's the two relevant tasks: target name=tomcat_cleanup delete dir=${app_base_dir}/../../work/Catalina/localhost/toa / /target target name=start_tomcat exec executable=${catalina_home}/bin/startup.bat os=Windows XP spawn=true env key=CATALINA_HOME value=${catalina_home} / /exec /target app_base_dir is properly defined (I know because the work folder DOES get deleted) pointing to the root of the webapp, as is cataline_home (because Tomcat DOES start up). Here's the problem... When I access the first page on my application (index.jsp in the root of the webapp), I get the following: The file or path you specified (..\..\..\\bin\bootstrap.jar) is invalid relative to C:\tomcat org.apache.tools.ant.util.FileUtils.resolveFile(FileUtils.java:761) org.apache.tools.ant.Project.resolveFile(Project.java:1293) snip - I'm beting the whole stack trace isn't important Anyone have any ideas? Funny thing is, if I manually run startup.bat, sure enough everything works perfectly as it should. I don't get it. Thanks all! -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat control from Ant
I figured it out... kinda of obvious after the fact actually... My catalina_home Ant property was defined as ../../../ You see, all the paths in the build script are defined relative to the build file, which is always in the directory source in the root of the webapp. Everything else works this way, but not catalina_home. I defined it as c:\tomcat instead and everything works again. It would be nice if I could define in relatively like all the rest, so if anyone has any ideas, I'm all ears. But, failing that, I can live with this one absolute path in the build script. Sorry for the list noise :) -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Thu, February 17, 2005 11:02 am, Frank W. Zammetti said: Hello all. I have an Ant build script for an application that stops Tomcat if it's running, deletes the work folder for the application (so I can ensure all JSPs get recompiled) and starts Tomcat again. Here's the two relevant tasks: target name=tomcat_cleanup delete dir=${app_base_dir}/../../work/Catalina/localhost/toa / /target target name=start_tomcat exec executable=${catalina_home}/bin/startup.bat os=Windows XP spawn=true env key=CATALINA_HOME value=${catalina_home} / /exec /target app_base_dir is properly defined (I know because the work folder DOES get deleted) pointing to the root of the webapp, as is cataline_home (because Tomcat DOES start up). Here's the problem... When I access the first page on my application (index.jsp in the root of the webapp), I get the following: The file or path you specified (..\..\..\\bin\bootstrap.jar) is invalid relative to C:\tomcat org.apache.tools.ant.util.FileUtils.resolveFile(FileUtils.java:761) org.apache.tools.ant.Project.resolveFile(Project.java:1293) snip - I'm beting the whole stack trace isn't important Anyone have any ideas? Funny thing is, if I manually run startup.bat, sure enough everything works perfectly as it should. I don't get it. Thanks all! -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JavaMail API ?
I wouldn't have expected to see them in Tomcat frankly... Although sending eMails from a webapp is relatively common, it's not common enough to be included with an app server (well, except for Websphere, which generally includes everything under the sun!) I am kind of surprised it hasn't been incorporated into JDK1.5 though, that would have been a reasonable expectation. Is it perhaps rolled into J2EE instead? I don't know. Same for JAF. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com David Smith wrote: No mistake that I know about. JAF and JavaMail are both separate downloads from Sun's site and have been all along. Licensing issues probably prevent them from being included in the Tomcat dist. --David Nikola Milutinovic wrote: Nikola Milutinovic wrote: Hi all. I'm running Tomcat 5.5.7 on Windows XP and Sun JDK 1.5.0_01 I notice that JavaMail API is missing from BOTH Tomcat and JRE. There is no javax.mail.* hierarchy in ${JAVA_HOME}/lib/rt.jar It is also missing JAF (Java Activation Framework). I mean, no problem, I CAN get a hold of those JARs, but really, what's the story? A simple mistake on Sun's or TC team's part? Nix. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Accessing the context path within a Servlet/JSP
See HttpServletRequest.getContextPath() J Malcolm wrote: I have looked at the JavaDocs, but I can't find a method that will give me the context path for a web app: (i.e. Context path=/abcxyz docBase=...) All I want is the /abcxyz string precisely as defined in the context tag. I have tried getPath() from the servletContext, but it returns part of the host name as well. That doesn't make sense either, but that's the way it's working for me... It returns jndi: for the protocol (???) Am I doing something else wrong here? I found the getServletContextName() method. But that is an optional parameter on the context tag, and I can't risk using something that might not be defined. I'm currently parsing up the URL object returned from servletContext.getResource(/); But this is a hack. Surely there is a better way to get the root URL context for a web app... (?) Suggestions?? (BTW... Tomcat 5.5.7) Thanks. Jerry - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[OT] Re: development environment
* Pentium IV 2.8GHz, 2G RAM, dual 21 monitors (CRT's... they're still far better to me, screw size!) * Windows XP Professional as main OS and Redhat8/WinNT/Win98/Mandrake in VMWare for testing * UltraEdit Directory Opus - This is essentially my development environment, these two are where I spend 90% of my time during the day * Tomcat locally for all development as well as an instance on the Redhat VM, a secondary PC next to me (lesser hardware specs, but still decent) running Windows 2000 has WebSphere 5.1 which is our production app server of choice * Maxthon and Firefox for testing * Oracle 9i for all database development * SourceSafe for some things, CVS for others (we are moving to all CVS, but SS is still in use right now) That's the important stuff I figure. That's at work by the way, but I have an almost identical setup in my home office (laptop instead of secondary PC is the big difference), configured in a very similar way, so with the full VPN access to work, I can work almost as effectively at home as at work, not to mention work on my own stuff off-hours. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Patrick Lacson wrote: hi All, I'm curious to what everyone's dev environment looks like. Here's mine: hardware Penium IV 2.0Ghz / 1GB Ram OS Windows XP Pro IDE / Tools Eclipse 3.x / Emacs - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Nervous about Sessions ...
There *technically* isn't any requirement that things you store in session be serializable. However, since some app servers use databases or file systems to persist session information, and that many times is implemented using serialization, and since serializable is usually (if not always) necessary in a clustered environment to replicate the session between nodes, you probably do for all intents and purposes only want to store serializable objects in session, just to future-proof your app. Yes, you can store simple java types, and no, you do not *have* to use beans (although I think this is generally considered a best practice in most cases). If you do use beans though, you will probably want to make sure you only use serializable types in the bean, or mark them transient as Viorel mentioned, as per the point made in the first paragraph above. But again, there's nothing that says you have to do any of this... if you KNOW you are only going to run on a single server and if you KNOW your app server is only storing session in memory, there is nothing that says any object you put in session, on it's own or by virtue of members it contains, must be serializable. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com David Whitehurst wrote: If I use the session to store things, 1. Can I use simple java types? 2. Do I have to use Java Beans (extends serializable)? David Whitehurst Viorel Dragomir wrote: Yes. But you can set some attributes of the objects as [ transient ] to not be serialized. So you don't have to make all objects in the package serializable. Viorel Dragomir . .. --- - Original Message - From: David Whitehurst To: tomcat-user@jakarta.apache.org Sent: Wednesday, April 27, 2005 11:31 Subject: Nervous about Sessions ... Long ago a multi-client, multi-Oracle application was written using Struts. Recently, we had a 4 in 22,000 record data integrity issue. I found one client implementation that used prepared statements but the primary key was being used e.g. update mytable set a= ?, b=? where pri_key = + pkey + ' ; ...whoa! I said, called the developer and we had a talk. Then, I also found that where we use a HashMap object it is not synchronized. I suspect that was the data problem, i.e. two records saved by two different people, and the data was the same for the different records in the same Oracle second. I'm looking for comments about the use of this HashMap on requests but I'm also nervous now where I use Strings in the session e.g. a clientname, username, etc. My concern started when I read the posts about the non-serializable objects in the session. Do all java objects placed in the session have to be serializable? Thanks, David L. Whitehurst - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: set header in all responses
A filter is an ideal solution for this... It has the benefit of being app-specific, so should you ever want to host another app in the same TC instance that doesn't require those headers, they won't be set automatically (i.e., at the server-level). -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Rodrigo Avila wrote: Hi all! Is possible to put this headers in all responses generated by Tomcat? response.setHeader(Pragma,no-cache); response.setHeader (Cache-Control,no-history); response.setDateHeader(Expires,-1); Thanks the attetion. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: set header in all responses
Filters: http://java.sun.com/products/servlet/Filters.html -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Rodrigo Avila wrote: right... I need to all apps in an TC instance use these headers... how I do it? I don't know how use filters / valves... Thanks! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: RES: Nervous about Sessions ...
Hi Paul, No, I don't know of any changes... I'm actually wondering if this is a restriction the latest servlet spec places on objects in session... I tend to doubt Tomcat would be imposing such a restriction unless the spec indicated such a restriction... I myself might learn something here! :) Does anyone reading this know a definitive answer? Frank Paulo Alvim wrote: Hi Frank, I think this post is related to mine: We had a few non-serializable objects stored in session in TC 5.0.28 but after migrating the app TC 5.5.9 is throwing java.lang.IllegalArgumentException: setAttribute: Non-serializable attribute. ...when we try to put a non-serializable in the session. We are using a JSTL recommended form like: (...) javax.servlet.jsp.jstl.fmt.LocalizationContext lc = new javax.servlet.jsp.jstl.fmt.LocalizationContext(bundle); javax.servlet.jsp.jstl.core.Config.set(session, javax.servlet.jsp.jstl.core.Config.FMT_LOCALIZATION_CONTEXT,lc); (...) Do you know about any changes related to that in TC 5.5.x? Thank you! Paulo -Mensagem original- De: Frank W. Zammetti [mailto:[EMAIL PROTECTED] Enviada em: quarta-feira, 27 de abril de 2005 12:59 Para: Tomcat Users List Assunto: Re: Nervous about Sessions ... There *technically* isn't any requirement that things you store in session be serializable. However, since some app servers use databases or file systems to persist session information, and that many times is implemented using serialization, and since serializable is usually (if not always) necessary in a clustered environment to replicate the session between nodes, you probably do for all intents and purposes only want to store serializable objects in session, just to future-proof your app. Yes, you can store simple java types, and no, you do not *have* to use beans (although I think this is generally considered a best practice in most cases). If you do use beans though, you will probably want to make sure you only use serializable types in the bean, or mark them transient as Viorel mentioned, as per the point made in the first paragraph above. But again, there's nothing that says you have to do any of this... if you KNOW you are only going to run on a single server and if you KNOW your app server is only storing session in memory, there is nothing that says any object you put in session, on it's own or by virtue of members it contains, must be serializable. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com David Whitehurst wrote: If I use the session to store things, 1. Can I use simple java types? 2. Do I have to use Java Beans (extends serializable)? David Whitehurst Viorel Dragomir wrote: Yes. But you can set some attributes of the objects as [ transient ] to not be serialized. So you don't have to make all objects in the package serializable. Viorel Dragomir . .. --- - Original Message - From: David Whitehurst To: tomcat-user@jakarta.apache.org Sent: Wednesday, April 27, 2005 11:31 Subject: Nervous about Sessions ... Long ago a multi-client, multi-Oracle application was written using Struts. Recently, we had a 4 in 22,000 record data integrity issue. I found one client implementation that used prepared statements but the primary key was being used e.g. update mytable set a= ?, b=? where pri_key = + pkey + ' ; ...whoa! I said, called the developer and we had a talk. Then, I also found that where we use a HashMap object it is not synchronized. I suspect that was the data problem, i.e. two records saved by two different people, and the data was the same for the different records in the same Oracle second. I'm looking for comments about the use of this HashMap on requests but I'm also nervous now where I use Strings in the session e.g. a clientname, username, etc. My concern started when I read the posts about the non-serializable objects in the session. Do all java objects placed in the session have to be serializable? Thanks, David L. Whitehurst - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Images CSS not loaded after the request passes through a Servlet Filter
Question: are the requests for images and CSS files also going through the filter? I'm wondering if those requests are getting forarded to the logon page too, which obviously wouldn't work. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Thu, April 28, 2005 1:25 pm, Roberto said: Hi, I have a small java application, in which a servlet processes the request and then calls a JSP to present the data. Everything is OK with that configuration. Then, I decided to create a servlet filter, to redirect every request to that application, to a login page first. The code of that filter is the following: ** public final class ApplicationFilter implements Filter { private FilterConfig _fc = null; public void init(FilterConfig filterConfig) throws ServletException { this._fc = filterConfig; } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { try { RequestDispatcher rd = _fc.getServletContext().getRequestDispatcher(/login); rd.forward(request, response); } catch (Exception e) { System.out.println(Exception: + e.getMessage()); e.printStackTrace(); } } -- (the rest was intentionally omitted) -- *** The redirection works great, BUT all images and CSS referenced in the JSP file are not loaded after the request passes through the filter. The application runs perfectly, and takes the user to the login screen, and after that, to the application. The application does some database queries and returns the data correctly. BUT, everything without images or the styles defined in the CSS file. Just to make a test, I put the CSS file contents directly inside the JSP file, and it worked great. In this case, images were not loaded also... The process flows like this: Request -- Filter -- login (a servlet) -- login.jsp -- queryDB (a servlet) -- queryDB.jsp When I disable the filter, in the web.xml file, everything works as would be expected. The configuration in web.xml is OK: all servlets are set, as is the filter itself. I'm using Tomcat 5.0.28 on a Gentoo Linux system, with POSIX threads and kernel 2.6.9. The hardware is a P IV HT 3.2 Ghz. I also checked the archives of this list, but was unable to find any reference to a problem like this one. Does anyone know what is happening ? Regards, Roberto - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Concurrency Issue With a SessionListener.
I had to do almost the exact same thing a while back... I'm not sure what the source of your lockup is, although I can say my code synchronized on what would be your activeSessions Set any place it was accessed (probably more than I had to frankly)... I'm not even sure there would have been concurrency issues anyway frankly, but it seemed like a good idea at the time :) One issue I'm not sure you have thought of though, and I suppose it could have to do with the lockup, although I'm not sure how... your list of users will be unique to each node in the cluster. You would have an instance of ActiveUsersListener on each node, and each of those would have its own activeSessions Set, so you wouldn't have a consolidated list of users on your site, you'd have a list of users on a given node in each instance of the listener... further, if a user hits one node during logon, and then is directed to another, and during that request you try and retrieve the session from activeSessions, it won't be there because its in the version of activeSessions on the first node. Where specifically does the lockup occur, meaning, is it during logon or a listing of users? I'd bet you can see enough in the log to at least tell what method your in (well, not as the code is posted... throw some log outputs in sessionCreated(), sessionDestroyed() and getActiveUsers() so you can at least see the last place you wind up... hell, I'd put log messages around every single line in this listener so I could tell exactly where it was failing. Frank Jacob Champlin wrote: I am having issues with a SessionListener I have written. The purpose of the Listener is to maintain a List of Active Users on the site. Here is the code for the Listener. // BEGIN CODE public class ActiveUsersListener implements Serializable, HttpSessionListener { public static Set activeSessions = new HashSet(); public void sessionCreated(HttpSessionEvent event) { activeSessions.add(event.getSession()); } public void sessionDestroyed(HttpSessionEvent event) { activeSessions.remove(event.getSession()); } public static List getActiveUsers() { List users = new ArrayList(); Iterator sessionIter = activeSessions.iterator(); HttpSession session = null; EmoUser user = null; while (sessionIter.hasNext()) { session = (HttpSession) sessionIter.next(); user = (EmoUser) session.getAttribute(EmoUser.SESSION_KEY); if (user != null user.hasLoggedIn()) { users.add(user); } } return users; } } // END CODE I then have a webpage that calls ActiveUsersListener.getActiveUsers() to list out all the active users on the site. Note: I don't just store the User objects because the user object doesn't get created until the user logs in. So the problem I am having is that this code works fine on a single box under Tomcat 5.5.4 . However, as soon as we go into a cluster we get lockups in Tomcat. The server is completely unresponsive, and there are no log/error messages. Because of this I am assuming we have a concurrency issue, however I have no idea where the problem is. A few more bits of information, we persist sessions to file system on shut down, and we use in memory session replication only when session.setAttribute() is called (DirtyFlag). Thank you in advance for any help. Jacob Champlin EMO Corporation - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: compile against servlet.jar but must run tomcat with servlet-ap1.jar
As a generality, a compilation should set up all required environment setting with each build run. Those settings should be transitory, i.e., should not persists beyond that build. So in your case you would add servlet.jar to the classpath temporarily, compile, and revert the classpath (which may happen automatically depending on how you do your build). If you are using an IDE, it will almost certainly handle this for you via some sort of classpath setup screen. An IDE wouldn't be worth much if it didn't at least handle this for you :) If you are working from a plain command line, you have some choices... First, write a batch file or shell script, depending on your environment, to do your compile. This script would include setting the classpath, your javac command, and possibly restoring the classpath to what it was before. Note that if on Windows you execute a batch file, the change to classpath is only valid for the life of that command line invocation, so there's no need to restore anything (unless you are going to sit at a command prompt in the same window and build a couple of times). Second, use Ant or Maven or some other build tool. I suggest this option if you aren't using an IDE for sure. It sounds like you might be doing some sort of teaching based on the fact that it's a getting started project... If your going to be teaching anyway, or if you are just learning yourself, I suggest taking the dive into Ant right away. I like Ant myself, some prefer Maven... the choice is yours, but I think it's fair to say that Ant is a little more popular at this point... Maven might be king a few months down the road though. In any case, neither is difficult at all once you get the basics down, and it will save you a lot of trouble in the long-run. Frank Fred Cook wrote: Hi All, We our new to Tomcat and have a bit of an odd problem. We are developing a getting started project. We have found that we must compile with servlet.jar in our CLASSPATH, but Tomcat will not run with servlet.jar in the CLASSPATH. Tomcat will run with servlet-api.jar, but the test program will not compile with servlet-api.jar in the CLASSPATH. To be more specific we get a: package javax.servlet.http does not exist error when compiling against servlet-api.jar Similar errors ocure when running Tomcat with servlet.jar Changing the CLASSPATH everytime we decide to compile or run isn't much fun. Anybody got an idea on why this is happening, and what the solution is. Tomcat vs 5.5.7 apache vs 2.0.53 RH 8.0 JDK 1.5 -Fred - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Free reporting s/w that works with apache+tomcat
Take a look at DataVision. I think you'll like it. I wrote an article a while back specifically dealing with using it in web applications. Although the article uses servlets and you say your using JSPs (just JSP's?) it should still be applicable. http://www.omnytex.com/articles Feel free to ping me if you decide to use it and need some help getting going beyond the article and included documentation. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com U K Laxmi wrote: I'm developing a web application using apache+tomcat on windows 2000 machine. I'm using Ms Access 2003 as the backend. I'm using JSP for developing web application. I'm developing some web based reports in HTML. But when i export them to Excel, it doesn't look exactly same as that of HTML report. Moreover i need some header and footer information appear in the report. That i'm unable to achieve using JSP and HTML. So, i'm looking for a free reporting software that can meet above functionality and can work with apache+tomcat. If anyone know any work worunds for my problem, pls inform me. It will be a great help to me. Thank you. __ Yahoo! Mail Mobile Take Yahoo! Mail with you! Check email on your mobile phone. http://mobile.yahoo.com/learn/mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Free reporting s/w that works with apache+tomcat
Hi, CSV files don't generally contain header and footer information... you can get column headers in the first row, that's about it. I don't believe DataVision will export to Excel natively, but check the docs in case I'm wrong. Do you really mean header and footer in the sense of a Word document? It's a bit unusual to have such a thing in an Excel document (although not at all unheard of), so I'm wondering if maybe you mean something a little different, i.e., maybe just column headers and some sort of totals? Frank U K Laxmi wrote: Thank you for the information. I read your report and it looks interesting. I went to DataVision web site and found that it can export comma separated files ie. CSV file. Will it be possible to retain header and footer information with a .CSV file? I basically want excel files as the report output. B'coz the end user needs to send to those reports to it's vendors. Excel is the most desired format for them. Pls give your feedback on this before i start implementing on this. Thank you. --- Frank W. Zammetti [EMAIL PROTECTED] wrote: Take a look at DataVision. I think you'll like it. I wrote an article a while back specifically dealing with using it in web applications. Although the article uses servlets and you say your using JSPs (just JSP's?) it should still be applicable. http://www.omnytex.com/articles Feel free to ping me if you decide to use it and need some help getting going beyond the article and included documentation. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com U K Laxmi wrote: I'm developing a web application using apache+tomcat on windows 2000 machine. I'm using Ms Access 2003 as the backend. I'm using JSP for developing web application. I'm developing some web based reports in HTML. But when i export them to Excel, it doesn't look exactly same as that of HTML report. Moreover i need some header and footer information appear in the report. That i'm unable to achieve using JSP and HTML. So, i'm looking for a free reporting software that can meet above functionality and can work with apache+tomcat. If anyone know any work worunds for my problem, pls inform me. It will be a great help to me. Thank you. __ Yahoo! Mail Mobile Take Yahoo! Mail with you! Check email on your mobile phone. http://mobile.yahoo.com/learn/mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Discover Yahoo! Have fun online with music videos, cool games, IM and more. Check it out! http://discover.yahoo.com/online.html -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Sessions and keep-alives
If you can use Javascript (and can require it), what you could do is set a timer in app B's onLoad event to call a Javascript function in app A from app B (parent.myFunction();)... This function could refresh whatever the current page is in some interval less than your timeout period. You'll have to ensure all pages of app A have that refresh function in page-scope, and that all pages in B set that timer and make the call. If a full-page refresh isn't feasible, you can make an AJAX call to app A that does really nothing, but that should be enough to keep the session from timing out. Does that all make sense? (I'm not sure I described it well) Frank W. Zammetti -Original Message- From: Patrick Lacson[EMAIL PROTECTED] Sent: 5/13/05 12:56:43 AM To: Tomcat Users Listtomcat-user@jakarta.apache.org Subject: Re: Sessions and keep-alives I've considered iframes, but unfortunately not an option for us. From what I understand AJAX can make async calls to the HTTP server from the webapplication only, not on behalf of another. So if the popup application is webapp B, and the parent webapp A, how can I call the webapp A server from webapp B for the keep-alive? On 5/12/05, Tim Funk [EMAIL PROTECTED] wrote: The simplest kludge is an iframe that is hidden and uses a META refresh. Or look at using ajax. -Tim Patrick Lacson wrote: hi All! I'm involved in a project that integrates two disparate web applications: webapp A is using WebSphere and webapp B is using Tomcat. The integration involves Single Sign On, with webapp A being the primary webapp from which webapp B is launched. webapp B is launched as a popup-window. My question is: how can i ensure that while the user is working on the webapp B popup, the parent window webapp A, does not time-out? Thanks in advance! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Patrick - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] [Message truncated. Tap Edit-Mark for Download to get remaining portion.] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Sessions and keep-alives
If you can use Javascript (and can require it), what you could do is set a timer in app B's onLoad event to call a Javascript function in app A from app B (parent.myFunction();)... This function could refresh whatever the current page is in some interval less than your timeout period. You'll have to ensure all pages of app A have that refresh function in page-scope, and that all pages in B set that timer and make the call. If a full-page refresh isn't feasible, you can make an AJAX call to app A that does really nothing, but that should be enough to keep the session from timing out. Does that all make sense? (I'm not sure I described it well) Frank W. Zammetti -Original Message- From: Patrick Lacson[EMAIL PROTECTED] Sent: 5/13/05 12:56:43 AM To: Tomcat Users Listtomcat-user@jakarta.apache.org Subject: Re: Sessions and keep-alives I've considered iframes, but unfortunately not an option for us. From what I understand AJAX can make async calls to the HTTP server from the webapplication only, not on behalf of another. So if the popup application is webapp B, and the parent webapp A, how can I call the webapp A server from webapp B for the keep-alive? On 5/12/05, Tim Funk [EMAIL PROTECTED] wrote: The simplest kludge is an iframe that is hidden and uses a META refresh. Or look at using ajax. -Tim Patrick Lacson wrote: hi All! I'm involved in a project that integrates two disparate web applications: webapp A is using WebSphere and webapp B is using Tomcat. The integration involves Single Sign On, with webapp A being the primary webapp from which webapp B is launched. webapp B is launched as a popup-window. My question is: how can i ensure that while the user is working on the webapp B popup, the parent window webapp A, does not time-out? Thanks in advance! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Patrick - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] [Message truncated. Tap Edit-Mark for Download to get remaining portion.] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Sessions and keep-alives
I'm curious how this would work? If I open a page with an invisible GIF, there's no way (without scripting and such) to have the GIF refresh, right? Or is there something I'm missing? You can set a meta refresh on the page, but not the GIF itself, as far as I know anyway. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Fri, May 13, 2005 12:04 pm, Tim Diggins said: I'd just include this invisible gif on every page (request) of webapp B. (bone-headed solution, but why get more tricksy until you need it). -- Tim Patrick Lacson wrote: Interesting solution Tim.. so webapp B would invoke this invisible gif from webapp A on an interval basis? -P On 5/13/05, Tim Diggins [EMAIL PROTECTED] wrote: Hi Patrick - If not an iframe, why not a gif... There's nothing (in principle I think*) stopping you having a jsp page that returns a (tiny, invisible) gif (with the right mimetype) and with appropriate expires/cache-control headers to make sure that it gets got each time. That's the way some web-counters work, for example, and I can't see it would create a problem... (I don't however know whether you can maintain two session cookies at the same time... Would work however with a param-based session). --Tim * I have done this in similar kinds of situations with python php, but not tomcat. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: delete temporary content after session timeout
Write a SessionListener... it has two methods, one that fires when a session is created, one when it is destroyed. That should do the trick for you. That's not a Tomcat-specific solution either, so it should be rather portable should you ever need to move to another app server. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Bob Wobbler wrote: Hi, I have an app that uploads user files in a temporary folder. I want to delete them when the session ends. I know I could solve this with a cron-job, but I'm looking for a way to solve it with Tomcat. Does anyone have an idea how to solve it? Thx for your help in advance, cheers, Robert - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: delete temporary content after session timeout
Let's see... (1) You are correct, it's nothing more than an entry in web.xml. Remember, this isn't a Tomcat-specific thing, it's a J2EE thing (servlet spec specifically I think), so it's YOUR APP'S web.xml. The entry is simply: listener listener-classcom.company.app.MySessionListener/listener-class /listener Assuming that class is available to the classloader, your all set. (2) I'm not too familiar with the Spring framework, but since it's still built on top of the servlet spec, this would apply just the same, it should be independant of app server and framework in use. Spring may have it's own mechanism for doing this, but given the choice I'd chose the standard approach, which is a listener. (3) I don't have any good references handy, but just Googling SessionListener will turn up plenty of hits. Just to save you some time, here's the basic structure of a SessionListener class: package com.company.app.MySessionListener import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSessionEvent; public class MySessionListener implements HttpSessionListener { /** * This method is called by the servlet container just after http session is * created. * * @param bevent/b HttpSessionEvent */ public void sessionCreated(HttpSessionEvent event) { } /** * This method is called by the servlet container just before http session is * destroyed. * * @param bevent/b HttpSessionEvent */ public void sessionDestroyed(HttpSessionEvent event) { } } Couldn't be simpler! You can do event.getSession() in both if you need to do anything with the session (like, for the OP, if you have a reference to the user ID who's directory you want to purge of temporary files). -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Tim Diggins wrote: that sounds very useful, not something I've done before -- can I ask a few questions - 1) how does one bind that into Tomcat -- declare a session listener in (I presume) web.xml? 2) as I'm using Spring Framework, is this still relevant (or is there a spring-specific way of binding in a session listener --- sorry, ought to ask that on a spring list...) 3) can you recommend the best reference material / sites on managing sessions (standard tomcat docs seem to have nothing on sessions I can find.) Tim Frank W. Zammetti wrote: Write a SessionListener... it has two methods, one that fires when a session is created, one when it is destroyed. That should do the trick for you. That's not a Tomcat-specific solution either, so it should be rather portable should you ever need to move to another app server. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to do Downtime with a Apache/Tomcat webapp
I had a similar requirement in my app... We had a two-hour window per day when the app was unavailable because background tasks were processing. The server was still up, and so was the app technically, but it was not available. I wrote a filter to take care of this. I had a flag in application context to tell if the app was up or not too, so that if I had to make the app unavailable during a time when it normally was available, I just set the flag. I also defined a single user that was still allowed to get in (another context parameter). This works out great. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Len Popp wrote: I've been thinking about the same problem, but I haven't gotten around to working on it seriously. How about this: Instead of fiddling with the JkMount directives in Apache, swap the web.xml in your Tomcat app so it points to a minimal servlet that returns the Out of service page for all requests. Does that sound like it would work? It would be less disruptive because you don't have to restart Apache (if there's more to the web site than the one Tomcat app). Plus this will work with stand-alone Tomcat. On 5/15/05, Richard Mixon (qwest) [EMAIL PROTECTED] wrote: I'm curious how folks handle letting users know that their webapp is down when doing maintenance. We've got a pretty standard setup. Our informational/static site is served by Apache 2.0.x. We use mod_jk to link to a page in our webapplications, triggering CMA for authentication and login. We run Tomcat 5.5.x. Although we actually have Tomcat clustered, there are still times when we need to make the application unavailable. (i.e. doing database schema changes, etc.). I would like for a page to be displayed that says the application is temporarily not available. So, what's the best way to do this? One way I can think of is to modify the JkMount directives so that may context name was not mapped to Tomcat, but instead to a static page - the just do a restart. Trouble is some of our users have bookmarks into various pages/actions in the application - we would somehow have to mapp all pages that began with the context name to this single page. This sounds a bit messy. Is there a more straightforward way of doing this? Thank you - Richard - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Can a servlet receive its own request?
You *probably* could do this... I'm not 100% sure. What I *AM* sure about though is that this would be pretty ugly :) I'm not sure what you mean by Outside server processes request and responds with POST response (also via https). though... Is the idea that the request to the outside server is to be asychronous, or will your servlet be awaiting a reply? If the former, then you probably can go with your approach and it won't be all that ugly... it's essentially nothing more than another request coming in to the servlet, same as always, your just going to process it differently... as long as you get enough information back to be able to complete the transaction, it should work fine. Just treat the initial request to your servlet and the response back from the outside server as two separate requests and you should be fine. If however, as I suspect might be the case, your servlet is going to actually be awaiting a reply from the outside server, then you should look at using Commons HTTPClient. I'm relatively sure it supports SSL connections, and then all your doing is making a remote request, awaiting the response and processing accordingly. It'd be just like using the standard URL object, but it's more robust than that. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Wed, May 18, 2005 11:58 am, Michael Mehrle said: Simple question, but it's driving me nuts. I really don't want to get into the whole web service business - all I need is for a servlet to be the recipient of its own request. Or - in other words - can a servlet act like a web browser - just without the GUI? Use case: - Servlet issues https request to an outside server (via getServletContext().getRequestDispatcher(https://www.someoutsideserver/) ) - Outside server processes request and responds with POST response (also via https). - Servlet [somehow] is able to be the recipient of the response. - Servlet parses the response and stores data to the database. Notes: - The servlet is not the default servlet on that tomcat instance. - Everything happens via https and I expect the outside server will listen on 443 and tomcat on 8443 ANY suggestions would be very helpful - this seems to be a tricky one. TIA, Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Can a servlet receive its own request?
I don't think saying it's silly is really helpful, or even necessarily accurate... If the idea is that the request to the outside server is meant to to asynchronous, i.e., maybe it feeds a queue or something, then it's a reasonable model. It doesn't sound like that's what the OP meant, but if it was, it would be reasonable. Of course, even in that case the servlet is not receiving its own request, it is simply making a request, at which point it is done, and at some future time receiving a request with the results. I agree with you that Web Services need not be as complicated as some make it out to be... no need to involve SOAP or XML-RPC or any other of the numerous alphabet soup entries. I was doing Web Services seven years ago, long before I heard the term. I suppose you could say that's not standards-compliant, which is one of the goals behind Web Services of course... if everyone used the same mechanisms than theoretically it would all be interoperable with no effort, and that's not the case if you essentially cook up your own protocols, but since the reality is that even following the standards you rarely get that right now, it's not such a problem :) -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Wed, May 18, 2005 2:53 pm, Will Hartung said: From: Michael Mehrle [EMAIL PROTECTED] Sent: Wednesday, May 18, 2005 8:58 AM - Servlet issues https request to an outside server (via getServletContext().getRequestDispatcher(https://www.someoutsideserver/) ) - Outside server processes request and responds with POST response (also via https). - Servlet [somehow] is able to be the recipient of the response. - Servlet parses the response and stores data to the database. Your problem is with the whole model. There is no reason why a Servlet can't send an HTTP(S) request to another server. But the server that you are making the request shouldn't be making an independent POST back to you, rather it should just send you the data you want back as the reply body. You then parse the reply and move on. IF you insist that the reply be in the manner of a POST from the other server (really really silly IMHO), then, simply, you need to make the request to the other server be the last thing your Servlet does. Then when the POST comes back, you pick up where you left off, tracking your state through a request parameter. So, your Servlet may start with a request like: http://otherserver.com/processData?mysession=123stage=1 Then the otherserver replies with a POST to: http://yourserver.com/yourServlet?mysession=123stage=2 You use the mysession information to maintain your state between requests. But the key is that your servlet ends each time, and Tomcat then restarts it when the POST comes back. It's still a silly idea. You don't need Webservices, SOAP, XML-RPC, etc to talk to another server via HTTP. You can easily stream serialized Java objects to each other if you want, use the simple Java Properties file format for your responses, etc. I think if you have control over both servers, WEB RPC can be very simple for a limited domain. If you don't have control over the other server, then you do what you have to do. I mean, seriously: public class AddNumberServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { PrintWriter out = response.getWriter(); String arg1 = request.getParameter(arg1); String arg2 = request.getParameter(arg2); int i1 = Integer.parseInt(arg1); int i2 = Integer.parseInt(arg2); int result = i1 + i2; out.println(answer= + result); } } public class RequesterServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { PrintWriter out = response.getWriter(); URL reqURL = new URL(http://otherserver/AddNumberServlet?arg1=2arg2=4); Properties result = new Properties(); result.load(reqURL.openStream()); String answer = result.get(answer); out.println(HTMLBODYWhen you add up 2 and 4 you get + answer + /BODY/HTML); } } There. Instant web service. Error checking and robustness are left as an exercise for the reader, but you can see that you don't need a 500 page book to get some data from another web server. Not to discount the XML-RPC and SOAPs, they have their place most certainly. No doubt XML-RPC started just like this and grew from there (and then into SOAP), but its just a simple example of how easy this can be when you have control over the whole shebang. Regards, Will Hartung ([EMAIL PROTECTED]) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL
Re: Where do -Xms32m, -Xmx256m, and -Xrs go in the Tomcat 5.0.28 batch files?
And just to let you know, should you ever need/want to run Tomcat as a service, it's a different story at that point. At least on Windows, those settings are stored in the registry. If you ever need to go down that road, I highly suggest a look at Tomcat Service Manager: http://web.bvu.edu/staff/david/index.jsp?section=softwaresubsection=tcservcfgpage=overview Of course, if your not on Windows or not running as a service, you already have your answer :) -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Mon, May 23, 2005 10:11 am, Dakota Jack said: Thanks for the assistance. I finally figured this out, for future people trying to find the same answer. The environmental variables at the top of catalina.bat can be set there. So, I added: SET CATALINA_OPTS=-Xms512m -Xmx512m -Xrs after rem rem CATALINA_OPTS (Optional) Java runtime options used when the start, rem stop, or run command is executed. rem in catalina.bat. On 5/23/05, Parsons Technical Services [EMAIL PROTECTED] wrote: Jack, To use the batch files you need to set it as an Environment Variable. The catalina.bat file will the pick it up and add it to command line. If you are wanting to do some quick testing, I think you MAY be able to include it on the command line with startup.bat. I don't run on Windows so I can't test it. If you look in the catalina.bat you will see the comments at the top talking about the variables. If you look in startup.bat you will see where it picks up the command line variables. The .sh files are the nix OS equivalent to the Windows .bat files. Doug - Original Message - From: Edao, Aliye [EMAIL PROTECTED] To: Dakota Jack [EMAIL PROTECTED] Cc: Tomcat Users List tomcat-user@jakarta.apache.org Sent: Monday, May 23, 2005 2:57 AM Subject: AW: Where do -Xms32m, -Xmx256m, and -Xrs go in the Tomcat 5.0.28 batch files? Hi Jack, The answer is CATALINA_HOME/bin/catalina.sh CATALINA_OPTS=-Xmx512m -Xss1024k -XX:+PrintGCDetails -server ... Mit freundlichem Gruß / kind regards SBS ORS GD AHS OA42 Otto-Hahn-Ring 6 D - 81739 München Tel. (089) 636-41024 Fax (089) 636-49347 Dr. Aliye Edao mailto:[EMAIL PROTECTED] -Ursprüngliche Nachricht- Von: Dakota Jack [mailto:[EMAIL PROTECTED] Gesendet: Montag, 23. Mai 2005 08:48 An: Tomcat Users List Betreff: Where do -Xms32m, -Xmx256m, and -Xrs go in the Tomcat 5.0.28 batch files? I am running out of memory when running some imaging ops with Tomcat 5.0.28 and need to set the java command with the attributes -Xms32m, -Xmx256m, and -Xrs. However, danged if I can figure out how to do that. I am using the simple startup.bat and shutdown.bat. Where is the place I plugin with those values? Thanks? -- You can lead a horse to water but you cannot make it float on its back. ~Dakota Jack~ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- You can lead a horse to water but you cannot make it float on its back. ~Dakota Jack~ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Where do -Xms32m, -Xmx256m, and -Xrs go in the Tomcat 5.0.28 batch files?
http://web.bvu.edu/staff/david/index.jsp?section=softwaresubsection=tcservcfgpage=downloads -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Mon, May 23, 2005 10:56 am, Dakota Jack said: Hi, again, Frank, Where can I get a copy of the code/binaries for Java Service Manager (the update of Tomcat Service Manager)? I went to this site but there seems to be no reference to any downloads. On 5/23/05, Frank W. Zammetti [EMAIL PROTECTED] wrote: And just to let you know, should you ever need/want to run Tomcat as a service, it's a different story at that point. At least on Windows, those settings are stored in the registry. If you ever need to go down that road, I highly suggest a look at Tomcat Service Manager: http://web.bvu.edu/staff/david/index.jsp?section=softwaresubsection=tcservcfgpage=overview Of course, if your not on Windows or not running as a service, you already have your answer :) -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Mon, May 23, 2005 10:11 am, Dakota Jack said: Thanks for the assistance. I finally figured this out, for future people trying to find the same answer. The environmental variables at the top of catalina.bat can be set there. So, I added: SET CATALINA_OPTS=-Xms512m -Xmx512m -Xrs after rem rem CATALINA_OPTS (Optional) Java runtime options used when the start, rem stop, or run command is executed. rem in catalina.bat. On 5/23/05, Parsons Technical Services [EMAIL PROTECTED] wrote: Jack, To use the batch files you need to set it as an Environment Variable. The catalina.bat file will the pick it up and add it to command line. If you are wanting to do some quick testing, I think you MAY be able to include it on the command line with startup.bat. I don't run on Windows so I can't test it. If you look in the catalina.bat you will see the comments at the top talking about the variables. If you look in startup.bat you will see where it picks up the command line variables. The .sh files are the nix OS equivalent to the Windows .bat files. Doug - Original Message - From: Edao, Aliye [EMAIL PROTECTED] To: Dakota Jack [EMAIL PROTECTED] Cc: Tomcat Users List tomcat-user@jakarta.apache.org Sent: Monday, May 23, 2005 2:57 AM Subject: AW: Where do -Xms32m, -Xmx256m, and -Xrs go in the Tomcat 5.0.28 batch files? Hi Jack, The answer is CATALINA_HOME/bin/catalina.sh CATALINA_OPTS=-Xmx512m -Xss1024k -XX:+PrintGCDetails -server ... Mit freundlichem Gruß / kind regards SBS ORS GD AHS OA42 Otto-Hahn-Ring 6 D - 81739 München Tel. (089) 636-41024 Fax (089) 636-49347 Dr. Aliye Edao mailto:[EMAIL PROTECTED] -Ursprüngliche Nachricht- Von: Dakota Jack [mailto:[EMAIL PROTECTED] Gesendet: Montag, 23. Mai 2005 08:48 An: Tomcat Users List Betreff: Where do -Xms32m, -Xmx256m, and -Xrs go in the Tomcat 5.0.28 batch files? I am running out of memory when running some imaging ops with Tomcat 5.0.28 and need to set the java command with the attributes -Xms32m, -Xmx256m, and -Xrs. However, danged if I can figure out how to do that. I am using the simple startup.bat and shutdown.bat. Where is the place I plugin with those values? Thanks? -- You can lead a horse to water but you cannot make it float on its back. ~Dakota Jack~ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- You can lead a horse to water but you cannot make it float on its back. ~Dakota Jack~ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- You can lead a horse to water but you cannot make it float on its back. ~Dakota Jack~ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to change the value of a form's text field by scriplet?
You might not be asking this, but... Scriplets execute on the server, not on the client. The results of a scriplet are in essence inserted into the response. So in that regard, no, you can't use a scriplet to change the value of a text field as you would with Javascript because Javascript executes on the client *AFTER* the response has been completely rendered and returned to the broser, while a scriplet executes *WHILE* the response is being rendered and *BEFORE* it is returned to the client. Does that answer the question, or did I misinterpret? Frank Cassius V. de Magalhaes wrote: Hello, I would like to change the value of a form's text field by scriplet, is it possible, please? Through Javascript, I can use the form name plus the name of the field, for example, myform.address.value='xxx'. I know I can do myform.address.value='%= something %', where something is a scriplet variable declared previously. Is it possible to change the value of a form field inside of a scriplet just as we can by a javascript code, please? TIA, Vinicius. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to change the value of a form's text field by scriplet?
I should also mention, you can certainly do something like this: script function changeIt() { myForm.myField.value = %=someValue%; } /script ...but that's not much different than just setting the value of the field with a scriplet. However, if you perhaps have some discrete values that you want to be able to change the field to, like maybe something like a previous value button, and you have the value at the time the JSP is interpreted, you can do this and just call changeIt() in response to onClick() of the button. That's something of a hybrid. Frank Frank W. Zammetti wrote: You might not be asking this, but... Scriplets execute on the server, not on the client. The results of a scriplet are in essence inserted into the response. So in that regard, no, you can't use a scriplet to change the value of a text field as you would with Javascript because Javascript executes on the client *AFTER* the response has been completely rendered and returned to the broser, while a scriplet executes *WHILE* the response is being rendered and *BEFORE* it is returned to the client. Does that answer the question, or did I misinterpret? Frank Cassius V. de Magalhaes wrote: Hello, I would like to change the value of a form's text field by scriplet, is it possible, please? Through Javascript, I can use the form name plus the name of the field, for example, myform.address.value='xxx'. I know I can do myform.address.value='%= something %', where something is a scriplet variable declared previously. Is it possible to change the value of a form field inside of a scriplet just as we can by a javascript code, please? TIA, Vinicius. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Adding content/JSPs on the fly
Could you instead store the JSP in a database? Let's say you have a table with the following structure: jsp_nameString jsp_content BLOB jsp_name is your primary key and is literally a JSP name. Now, create a servlet filter that examines the path that was requested and pulls out the file name part... so the path might be /my/app/page1.jsp, you just want the page.jsp part. Now, get the BLOB from the database based on that JSP name. Convert the BLOB to a string and stick it in request, then forward to a JSP that is the following: %=(String)request.getAttribute(theJSPContent)% And that's that. You could create a screen specifically for uploading a JSP and storing it in the database. Would something like this suite your needs? I realize it's not as straight-forward as one might like, but it's not too bad either. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com Will Hartung wrote: From: Steve Kirk [EMAIL PROTECTED] Sent: Friday, May 27, 2005 11:44 AM It sounds reasonable, but probably isn't tested or by design, so probably best to just have a go. Re portability, the best advice I can offer is an old chestnut: read the servlet spec. This is particularly relevant in this case. The spec is generally pretty good at telling you you pretty accurately if (a) what you want to do should/must be supported or (b) what you want do do is forbidden. Of course there are some areas that it does not have a view either way on, but I find it to be an invaluable document - I have it on shortcut from my taskbar and consult it often. It's at least as useful as the javadocs or TC docs. For those of you that don't know where to find it, it's here, under specifications. http://java.sun.com/products/servlet/reference/api/index.html Choose the servlet spec version appropriate to your TC version as described in the table on the tomcat home page: http://jakarta.apache.org/tomcat/index.html I'm reasonably familiar with the specification. One of the notable bits about it is simply the fact that within the spec, you're pretty much not guaranteed writeable access to the file system at all (save for a temporary area, and it's simply that -- temporary). But the reality is that most engines give you access to the disk that way. Just one more specific point on your note Will - I would have thought if anything that you want it to be a precondition that the webapp NOT be deployed as a war. I've a feeling that if TC explodes the war, then it might not check the exploded FS for changes. Don't take this as gospel though, this is a hazy half-remembered bit of info. As far as I know, the Servlet spec doesn't have a deployment method outside of a WAR. It's pretty much a container behavior to actually explode the WAR on to the file system, yet, most obviously do for performance reasons. But it does bring up a basic problem, for example, if by some fluke the app is redeployed, all of that new data is blasted away by the WAR..that would be Bad. But I can't see another (easy) way to create JSPs on the fly, or in fact to create any other content that can be served directly the server. It's an annoying nit of the spec, to me, that it doesn't expose this behavior to the developer. For example, unlike EJBs (which has a specified limitation on accessing the disk), the Servlet spec does allow you to access the disk, though perhaps not within the WAR hierarchy. But, there is no way to, say, forward to a static resource that the server can then handle in its own internally optimal way. Rather, I have to open the static resource, determine the content type (I can get that from the Servlet spec), and then feed it into the output stream, when in fact it would simply be easier to do req.serveStatic(/tmp/mynewgraphic.gif) or some such thing, or be able to forward outside of the web app (i.e. to a actual file rather than a URL). Simply, the application structure and such are pretty much isolated from the developer. I can't add anything dynamically to the security domain, for example, which means if I want that kind of capability in my application, I have to essentially implement ALL of the container security -- mapping, role checks, etc. Container security is an all or nothing. Be happy with its limited funcitonality or dump it entirely. So, now if I want dynamic templating in my Webapp, I, technically, have to dump JSP completely and switch to something like Velocity. All of the power of JSP, tag libraries, etc. is gone. I imagine that I could mimic the JSP environment, compile the JSP myself, compile the java myself, load the class myself and feed the output into the standard output stream, but that seems like a silly wheel to reinvent when I have a full container here that DOES THAT ALREADY, doncha think? Mind, I may still just Do It, open up paths to the disk and plonk files and JSPs in place and see what happens, but it's a flaming hoop
Re: Cross-site scripting vulnerability
I notice the more... at the end of that... do you have the more by chance? Cross-site scripting (CSS) vulnerabilities are, generally-speaking, concerned with situations where a server-side process generates HTML dynamically and there is a possibility of input data that has not been scrubed of certain dangerous characters (i.e., ()%, etc.) being inserted into the generated code. Proper crafting of such input data can result in code being executed as trusted when it clearly should not be. (As amazing as it seems, I found the following page from Microsoft, of all sources!, to be a good explanation of the problem: http://support.microsoft.com/default.aspx?scid=kb;en-us;252985) As such, a tool that says a server is an enabling vector for such a vulnerability is not being especially helpful because virtually *any* server-side code that doesn't deal with such characters is potentially an enabling vector. If it narrows down the location of the apparent vulnerability, i.e., specified a path it tested maybe, it might point at something legitimately of concern. If it's just saying Hey, Tomcat could be used to craft a CSS hack, well, yes, it COULD, but then so could *anything* server-side that generates HTML! (Ironically, I spent most of today dealing with a servlet filter written by another team at my company that deals with cross-site scripting vulnerabilities, but which seems to have some unexpected side-effects, so I had to get up to speed on CSS vulnerabilities in a hurry!) Frank Narses Barona wrote: Our security tool produces the following warning against Tomcat 4.1.29 : [HTTP/8080/TCP] Server is an enabling vector for cross-site scripting exposure in clients [trace-1]. More... I seached the mailing list and found several references to cross-site scripting. Based on the information, I am lead to believe that the problem is not with the product, but with the examples or some other non-critical piece of code. I have removed the jakarta-tomcat-4.1.29/webapps/examples directory and its' content, but the problem persists. Is there some other file/directory that needs to be removed to fix this problem? I noticed one reference to a SnoopServlet, but can't find any file by that name. Narses Barona - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Validating a session
This might seem bizarre, but... Assume that a request contains a session ID as a parameter. Is there a way *programmatically* to validate that session ID? In other words, the query string contains the session ID, and in a servlet I need to be able to ask the container if it is valid or not. But, for reasons that would probably make your head spin if I explained, I cannot simply allow the container to do it, I need to be able to do it from my own code. Moreover, this can't be a Tomcat-specific solution. Any takers? :) -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Simple question on HTTP return codes
I fear I should know this answer, but... How can one, from a servlet (or Struts Action maybe) throw a specific HTTP return code? I need to return a 403 from a servlet if certain things are not present in the request... is it just a matter of setting a particular header, or is there something to throw, like an exception? Thanks all! -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Simple question on HTTP return codes
Yep, I *should* have known that :)... The sendError() method of HttpServletRequest does it. Sorry for wasted bandwidth! -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Tue, May 31, 2005 3:13 pm, Frank W. Zammetti said: I fear I should know this answer, but... How can one, from a servlet (or Struts Action maybe) throw a specific HTTP return code? I need to return a 403 from a servlet if certain things are not present in the request... is it just a matter of setting a particular header, or is there something to throw, like an exception? Thanks all! -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Validating a session
Thanks Jack, that's a good reference. It didn't really answer my specific question, not that I could see immediately anyway, but I solved the problem a different way anyhow, so it's all good. I bookmarked that anyway, could be a good reference down the road for something. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Tue, May 31, 2005 2:51 pm, Dakota Jack said: The following is a pretty good, even if ugly, article on session ids, Frank. Very comprehensive and it should cover in some part whatever you are working on: http://www.technicalinfo.net/papers/WebBasedSessionManagement.html On 5/31/05, Frank W. Zammetti [EMAIL PROTECTED] wrote: This might seem bizarre, but... Assume that a request contains a session ID as a parameter. Is there a way *programmatically* to validate that session ID? In other words, the query string contains the session ID, and in a servlet I need to be able to ask the container if it is valid or not. But, for reasons that would probably make your head spin if I explained, I cannot simply allow the container to do it, I need to be able to do it from my own code. Moreover, this can't be a Tomcat-specific solution. Any takers? :) -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- You can lead a horse to water but you cannot make it float on its back. ~Dakota Jack~ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Simple question on HTTP return codes
Cool, good to know there is a difference. Thanks! Frank Dakota Jack wrote: Just a small note, Frank. You use sendError(int sc) for errors but setStatus(int sc) for codes that are not errors. On 5/31/05, Frank W. Zammetti [EMAIL PROTECTED] wrote: Yep, I *should* have known that :)... The sendError() method of HttpServletRequest does it. Sorry for wasted bandwidth! -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Tue, May 31, 2005 3:13 pm, Frank W. Zammetti said: I fear I should know this answer, but... How can one, from a servlet (or Struts Action maybe) throw a specific HTTP return code? I need to return a 403 from a servlet if certain things are not present in the request... is it just a matter of setting a particular header, or is there something to throw, like an exception? Thanks all! -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Which is best practice for stowing objects, request or session context?
Digby has the right idea... It's not a question of which is better, it's a question of which is appropriate for what you are doing. Many people do not deal in clustered environments, nor do they deal frankly with high scalability requirements. I have to deal with both of those concerns in my daily work. One of the things you learn in a hurry is that storing anything in session that doesn't really need to be there has a negative impact on both. Even in a single-server environment, scalabilty can be adversely affected fairly quickly when session size isn't a concern to a developer. My rule of thumb is to put everything in request unless I know for sure there is a reason to put it in sesion. This might be a need across multiple pages as Digby says, or just because I know it is somewhat expensive to reproduce the content (i.e., maybe a complex SQL query). And when I do have to put anything in session, I try and store the smallest amount of data I possibly can to accomplish what I'm doing. I have never had a situation where I needed application context by the way, not for something that deals with request servicing. I don't know if it is true these days to be honest, but back when I did nothing but Microsoft-based development, it was a pretty well-known fact that it was more expensive to store things in session than in request, and even more expensive to store things in context than session. Even if that isn't true today in the Java world, I still proceed as if it is because that mentailty tends to push stored data/objects down to where they should be in terms of lifetime and scope. Frank Digby wrote: IMHO, I would suggest storing objects for the shortest time possible. If an object is only going to be used once, there's no point clogging up memory with lots of unused objects, which won't be garbage collected until the session is destroyed. My rule of thumb is to use the request when it's a one-off, the session if it might be used by another page, and the application if it will be used by more than one user (which is quite rare). Digby Adrian Beech wrote: Hi all, A work colleague mentioned on Friday it would be better to place objects (beans and the like) which had been created in a servlet into the request context when exposing them to the JSP. To date all the code I've written stores beans and the like in the session context and all has appeared to be fine thus far. I understand the nature of the various contexts and how they relate to the process life cycle, etc. Can someone please shed some light on this and possibly explain the merits of placing the objects in either context? For example, what are the pitfalls of using the request context? Is there any material around which adequately details when or when not to use the specific contexts? Cheers. AB - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: IE-Page not found problem
Moving on to a more helpful answer... Have you tried using something like HTTPWatch to see what's going on? IE seems to display that page generically for a host of different problems, and viewing the underlying HTTP transaction might narrow things down a bit. Also, you could ask your users to turn off the friendly messages option... I'm not certain, but I believe they will get you slightly more helpful (to you) messages with that option turned off. It's under Tools...Internet Options... Advanced... Show Friendly HTTP Error Messages. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Mon, June 6, 2005 10:22 am, Joe Plautz said: Simple, test with IE as well. sudip shrestha wrote: I have a struts-hibernate powered webapp running off a debian box, jdk 1.5 and tomcat 5.5.7 I have IE users complaining about page not found problems from time to time where as Firefox users never. I myselft have never encountered this problem as I use FirefoxThis led me to thinking that this might be a IE problem...Any suggestions on how to move ahead on the problem? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: IE-Page not found problem
Please see my previous post in this thread for some actual help (potentially anyway). -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Mon, June 6, 2005 11:14 am, sudip shrestha said: I have no idea why you are continuing on this pathBut all I am looking for is suggestions on how to debug this problem with IE, if there is any. I am not offerring any excuse!! It's my work related work. I have had few issues with IE in the past such as url redirection problem but I have managed to find the fix for those. So, I was thinking maybe somebody in the users list have had some kind of positive experience with this in the past. Frank's suggestion on this regard was constructive. I work in a huge company...suddenly asking users to change the browser is not exactly the pratical solution either. On 6/6/05, Joe Plautz [EMAIL PROTECTED] wrote: Sorry for not including the smiley face but, dude, you're informing of a problem that exists within a browser that is used by the vast majority of web users and for some reason refused to test with it. Works on my box is not a valid excuse. Here's a link to a html validator, http://validator.w3.org/ Here's a link that explains a lot of the known issues, http://www.howtocreate.co.uk/wrongWithIE/ sudip shrestha wrote: Dude: Read the email first... I am informing of the problem after we experienced with IE... On 6/6/05, Joe Plautz [EMAIL PROTECTED] wrote: Simple, test with IE as well. sudip shrestha wrote: I have a struts-hibernate powered webapp running off a debian box, jdk 1.5 and tomcat 5.5.7 I have IE users complaining about page not found problems from time to time where as Firefox users never. I myselft have never encountered this problem as I use FirefoxThis led me to thinking that this might be a IE problem...Any suggestions on how to move ahead on the problem? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] . - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat, SSL, IE, and .pdf downloads
Ironically, I ran into this last week as well. However, I was running my app on Websphere, and the cause (and solution) was subtly different... It is a Struts-based application. I had the nocache RequestProcessor setting in effect. This caused PDF generation to fail under SSL, same as the referenced issue. Removing the setting resolved the issue, but I then had to create a quick filter that would set the same cache headers the nocache setting does but allows me to define a list of paths that they should NOT be set for. So, now everything in the app gets the cache headers set EXCEPT the three paths accessed to generate PDFs, and life is good again. The point is be sure that it's no Tomcat setting the headers... and even if it is and you turn that off, be sure they aren't getting set anywhere else, like Struts, or some other app code. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Tue, June 7, 2005 2:46 pm, Mark Thomas said: This seems to be a popular subject today. Try looking at http://marc.theaimsgroup.com/?l=tomcat-userm=111811136603781w=2 Mark Panichi, Mary-Beth wrote: Greetings ~ We're having issues downloading .pdf files in SSL. I've been all over the web trying to find solutions. The issue appears to be interaction between Tomcat and InternetExplorer. IE appears to be corrupting the pdf files. There's an IE patch out there, but we've patched past that. The fix that they list, to uncheck the don't allow encrypted data to be cached to disk, works, but it's a setting that for security reasons we don't want to leave unchecked. I've tried all manner of setting headers for cache-control, etc.. We're dynamically generating the .pdf files, and streaming them to the jsp page. I've tried also saving the pdf's physically to the server and then getting them, but that didn't work either. Has anyone run into this issue? Does anyone have a solution? I've seen lots of suggestions out there, but nothing that actually works. Thanks! Mary Beth Panichi - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Probably an easy answer
If it is a class member you could conceivably use reflection to see if a given object/class has a member you name... if it's local though, no, it's a purely compile-time check. Do you really mean declared or do you perhaps mean initialized? Frank Charles P. Killmer wrote: Is there a way to, at runtime, check if a variable is declared? I have some code that I want to behave differently depending on whether or not a variable has been declared. I tried using a try catch block but it gets caught at compile time. Thanks Charles - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Probably an easy answer
The only other possible way I can think of, and I would have to do so experimenting to see if/how exactly it would work, would be something like: try { Object a = b; // Where b might be declared or might not be } catch () { // Not sure what exception would be thrown // Do something when b wasn't declared } I'm assuming there is a runtime exception to check for... that may not be true at all... part of me suspects there isn't... that's why I'd have to do some experimenting :) In fact, being in a JSP this might be the best option because I'm not sure how you could use reflection as I suggested, i.e., what object would you inspect when the field you want to check for is a JSP variable? I'm not sure. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Mon, June 13, 2005 8:58 am, Charles P. Killmer said: Thanks. And I do mean declared. I have a jsp that is included by a few other jsp's. Some of them declare a variable and some do not. Right now I have two files that are almost identical. One expects the variable to be present and the other does not. I am looking to consolidate these two files. Charles -Original Message- From: Frank W. Zammetti [mailto:[EMAIL PROTECTED] Sent: Friday, June 10, 2005 5:46 PM To: Tomcat Users List Subject: Re: Probably an easy answer If it is a class member you could conceivably use reflection to see if a given object/class has a member you name... if it's local though, no, it's a purely compile-time check. Do you really mean declared or do you perhaps mean initialized? Frank Charles P. Killmer wrote: Is there a way to, at runtime, check if a variable is declared? I have some code that I want to behave differently depending on whether or not a variable has been declared. I tried using a try catch block but it gets caught at compile time. Thanks Charles - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Probably an easy answer
Yeah, I wasn't sure that would work... Seemed like it would still be a compile error, but worth a shot. I'm out of ideas at the moment. I agree with what another poster said though... seems like there must be a better way to check than whether a variable is declared or not. I understand the problem you are trying to solve, I actually dealt with a similar issue with included code needing a Javascript variable that may or may not be present, but in this case I'm not sure of a good answer. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Mon, June 13, 2005 10:19 am, Charles P. Killmer said: I tried the try catch block and that led me to asking this forum. I tried a generic catch (Exception e) and it resulted in a compile error. My suspicion is that this is not an easy thing to do. Any brainstorms out there? Charles -Original Message- From: Frank W. Zammetti [mailto:[EMAIL PROTECTED] Sent: Monday, June 13, 2005 8:34 AM To: Tomcat Users List Cc: Tomcat Users List Subject: RE: Probably an easy answer The only other possible way I can think of, and I would have to do so experimenting to see if/how exactly it would work, would be something like: try { Object a = b; // Where b might be declared or might not be } catch () { // Not sure what exception would be thrown // Do something when b wasn't declared } I'm assuming there is a runtime exception to check for... that may not be true at all... part of me suspects there isn't... that's why I'd have to do some experimenting :) In fact, being in a JSP this might be the best option because I'm not sure how you could use reflection as I suggested, i.e., what object would you inspect when the field you want to check for is a JSP variable? I'm not sure. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Mon, June 13, 2005 8:58 am, Charles P. Killmer said: Thanks. And I do mean declared. I have a jsp that is included by a few other jsp's. Some of them declare a variable and some do not. Right now I have two files that are almost identical. One expects the variable to be present and the other does not. I am looking to consolidate these two files. Charles -Original Message- From: Frank W. Zammetti [mailto:[EMAIL PROTECTED] Sent: Friday, June 10, 2005 5:46 PM To: Tomcat Users List Subject: Re: Probably an easy answer If it is a class member you could conceivably use reflection to see if a given object/class has a member you name... if it's local though, no, it's a purely compile-time check. Do you really mean declared or do you perhaps mean initialized? Frank Charles P. Killmer wrote: Is there a way to, at runtime, check if a variable is declared? I have some code that I want to behave differently depending on whether or not a variable has been declared. I tried using a try catch block but it gets caught at compile time. Thanks Charles - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Help/Examples setting up security settings
with all this in it? Let's walk through it... (1) User enters http://mysite.com/admin/page1.jsp (2) The container looks through the defined security-constraint's and looks for one with a url-pattern element that matches the requested URL. In this case it finds one. (3) So, security kicks it. Now the login-config element is looked at and we see that form-based authentication is in use. So, the page named in the form-logon-page element is displayed. Note that if you were using basic auth, the user would get a popup box. (4) In either case, they enter their username and password. (5) At this point, we get into container-specific stuff... basically, whether it is a lookup against an LDAP directory, or against a Tomcat XML file, or something else entirely, j_security_check (a servlet) is responsible for this. It looks up the user, and assuming they are found, returns the group they are in. Might be AdminRole in this case, might be PlainOldUserRole, or something else. P.S., if the user isn't found, or their password is not correct, a 403 error is returned., You can name what page to display in this case by adding to web.xml: error-page error-code403/error-code location/jsp/badLogon.jsp/location /error-page (6) So, the container then has the group the authenticated user is in... So it consults the security-role elements and finds a match. It then looks again at the security constraints that the URL mapped to and see if the group the user is in is defined as having rights to that resource. (7) Assuming the group the user is in has rights, the original request goes through. This might be confusing... remember that the reason the login screen was displayed was because the user requested a constrained resource... you can think of that request as being placed on hold, in a sense, until the user is authenticated. Once they are, the original request continues and the resource is returned. Let me see if my ASCII art is up to the challenge... | Request for /admin/page1.jsp | || \/ | Security intercept: login page shown | || \/ - | Login form submit | - || \/ --- | User validated and belongs to allowed group | --- || \/ - | Request forwarded to /admin/page1.jsp | - Ok, hope that gets the point across. So, but the end of that chain, the page1.jsp is now displayed, the user is happy :) Note that this process as outlined is conceptual... there could be some details in how the container does it's thing that I got wrong... from your perspective, and the perspective of what the user sees though, it is correct. I think that's everything. Hope that helps! -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Mon, June 13, 2005 1:55 pm, Gagnon, Joseph M \(US SSA\) said: Hello, Does anyone have any examples of how to set up my deployment descriptor (web.xml in Tomcat 5.5.9) to do BASIC authentication (of any of the other methods, for that matter)? I've looked at various sources of information on the web (including some of Sun's sites), but have not yet found good examples (more than one would be great), from soup to nuts, with good explanations along the way, describing the various elements involved (what they do and why (or why not) they are needed). A lot of these sources provide copious amounts of information, but not good working examples that I can either use directly, or at least learn from. Many times example chunks of code are provided, but it's not made clear what each element does. Also, quite often only one example of a specific usage (say: FORM based authentication) is provided, but others are not. I guess the basic gripe I have is that there's a lot of information provided for this technology, but very little information provided that actually helps someone who's just learning this stuff, actually learn HOW to use it. Now there's a caveat: I'm investigating possibly using JSP for a work-related project. I am looking at adding some functionality to an existing web application that is currently written as an ASP app. Among other things, I am trying to evaluate JSP to see what advantages it may (or may not) provide over the existing ASP. At this point, I'm trying to take a small part (essentially the front end) of the ASP app. and JSP-icize it to see what's involved in creating the same (or similar) functionality. Unfortunately I keep running into problems that for the most part, result from my lack of knowledge in this technology area. I do not want
Test, please ignore
Sorry for the disturbance... trying to troubleshoot a posting issue... this will be the only such post to this list from me. Sorry again! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [OT] Help/Examples setting up security settings
Thanks very much Chuck! I'm glad I can help whenever I can. I know how overwhelming some of this stuff can be, to me as much as anyone else, and I also know how it feels to not be able to find explanations that are easy to understand. If I can make that situation just a little better, I am happy to do so. :) -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Mon, June 13, 2005 3:45 pm, Caldarale, Charles R said: From: Frank W. Zammetti [mailto:[EMAIL PROTECTED] Subject: Re: Help/Examples setting up security settings Having just spent a couple of weeks integrating a new security framework into an existing app, a framework that works in concert with J2EE security, let me see if I can help... Hang on, this is going to be a long post!... Frank - I've been perusing this list for some time now, and I have to say that you provide some of the most concise and lucid explanations I've ever seen. It's a pleasure to read them. Thank you very much. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Help/Examples setting up security settings
On Tue, June 14, 2005 9:26 am, Gagnon, Joseph M \(US SSA\) said: Very simple stuff. However, when I try to login (by loading the login.jsp page), I get the following error from Tomcat: HTTP Status 404 - /SPID_JSP/j_security_check type Status report message /SPID_JSP/j_security_check description The requested resource (/SPID_JSP/j_security_check) is not available. Apache Tomcat/5.5.9 Obviously, there are some other things that I need to do, but I don't know what they are. Also, I'm curious how to direct control to the success page once authentication passes and the login succeeds. Hmmm... The only thing that strikes me odd is what is being requested... Every time I've seen it, j_security_check is in the root... I wonder if Tomcat doesn't recognize j_security_check as being a special servlet if it isn't in the root? Just for chuckles, move your JSPs to the root of your webapp, that should result in /j_security_check being what the form is submitted to, see if that solves the problem (I *think* you could make the action of your form ../j_security_check instead of moving everything, that should do the same thing and would be easier). If that doesn't work then there is probably something else specific to Tomcat that needs to be done to enable that servlet that I am not aware of. As for the question of directing control to the success page, this is one of those things that is a bit confusing at first... you really don't direct control anywhere... what should happen is the URL your users should access *IS* the success page, assuming the succcess page is a constrained resource... in other words, write your application with the assumption that a user is already authenticated and that really the login page IS NOT part of your application. Then, when they try to access the success page, the request will be intercepted and the login page shown. If they enter valid credentials, THEN the success page will be returned to them automatically. That part usually confuses people at first (I think it did me too for a few minutes when I first dealt with this). Just remember, it's an intercept-based security mechanism... when the user tries to hit a protected resource, the request is intercepted and they are challenged to authenticate themselves. Conceptually, think of the original request as having been put on hold. Once they authenticate, the request continues where it left off, you have nothing special to do. I'm really very new at web programming, so I'm sure there are either a lot of stupid things I'm doing, or stuff I need to do, but am not. No, I think you've managed to get pretty far essentially on your own... Good job! :) Frank - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Help/Examples setting up security settings
dump, except this time, the page header shows what I expect: Get Environment Data. First, why didn't I get presented with the login page? Isn't that what was supposed to happen? Second, I don't understand the dual behavior observed above. Why should I get what happens in scenario 1? The file requested exists at the location specified. What gives? Why does scenario 2 allow me to access my page as I would expect to? Obviously, I don't know diddly-squat about how this technology works and is meant to be used. Everything I try ends up either a drop dead failure or confuses me even more than I already was. There does not seem to be any consistency to the behaviors I've been seeing. If someone asked me right now whether to recommend using JSP, I'd have to say No. I can't even get a simple test scenario to work. I'm trying to hold off on buying any books on the subject, because I'm not sure which ones would be the best to get (although I have some ideas) and more importantly, because I am trying to evaluate the technology and the feasibility (not to mention the do-ability) of potentially converting an existing ASP application to JSP. The books would be purchased through my department, and I don't want to have a bunch of books bought that I may end up not using, if the decision ends up being that we won't go the JSP route. I realize that it's difficult for someone reading this to get the full picture of my situation. I've tried to include all pertinent information. If anyone can help me out, I would sure appreciate it. (Thanks again Frank Zammetti for the information you've provided so far.) Thanks, Joe Gagnon -Original Message- From: Frank W. Zammetti [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 14, 2005 9:39 AM To: Gagnon, Joseph M (US SSA) Cc: Tomcat Users List Subject: RE: Help/Examples setting up security settings On Tue, June 14, 2005 9:26 am, Gagnon, Joseph M \(US SSA\) said: Very simple stuff. However, when I try to login (by loading the login.jsp page), I get the following error from Tomcat: HTTP Status 404 - /SPID_JSP/j_security_check type Status report message /SPID_JSP/j_security_check description The requested resource (/SPID_JSP/j_security_check) is not available. Apache Tomcat/5.5.9 Obviously, there are some other things that I need to do, but I don't know what they are. Also, I'm curious how to direct control to the success page once authentication passes and the login succeeds. Hmmm... The only thing that strikes me odd is what is being requested... Every time I've seen it, j_security_check is in the root... I wonder if Tomcat doesn't recognize j_security_check as being a special servlet if it isn't in the root? Just for chuckles, move your JSPs to the root of your webapp, that should result in /j_security_check being what the form is submitted to, see if that solves the problem (I *think* you could make the action of your form ../j_security_check instead of moving everything, that should do the same thing and would be easier). If that doesn't work then there is probably something else specific to Tomcat that needs to be done to enable that servlet that I am not aware of. As for the question of directing control to the success page, this is one of those things that is a bit confusing at first... you really don't direct control anywhere... what should happen is the URL your users should access *IS* the success page, assuming the succcess page is a constrained resource... in other words, write your application with the assumption that a user is already authenticated and that really the login page IS NOT part of your application. Then, when they try to access the success page, the request will be intercepted and the login page shown. If they enter valid credentials, THEN the success page will be returned to them automatically. That part usually confuses people at first (I think it did me too for a few minutes when I first dealt with this). Just remember, it's an intercept-based security mechanism... when the user tries to hit a protected resource, the request is intercepted and they are challenged to authenticate themselves. Conceptually, think of the original request as having been put on hold. Once they authenticate, the request continues where it left off, you have nothing special to do. I'm really very new at web programming, so I'm sure there are either a lot of stupid things I'm doing, or stuff I need to do, but am not. No, I think you've managed to get pretty far essentially on your own... Good job! :) Frank - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com
Re: Concurrent login detection - how?
A SessionContextListener gets called when a session times out, or is otherwise invalidated. This is how you do it. I did this in an app some time ago... I just needed to maintain a list of who was logged in. You can do something simple like I did: have a UsersList object with a single static HashMap in it. In that HashMap goes User objects. When the session is created, the listener is called, and you put the User object in it. When the session is destroyed, you remove it. I keyed the HashMap off user ID, you can do it however you like. Just be sure to take concurrency into account and it works rather well. You could do it to a database if your requirements make that a better choice. Frank Michael Mehrle wrote: That actually goes to the heart of my question: HOW do I detect when their session times out? ;-) I know the 'strategy' of doing this, but I don't know how to capture a timed-out session - technically. Any input would be welcome. TIA, Michael - Original Message - From: David Rickard [EMAIL PROTECTED] To: Tomcat Users List tomcat-user@jakarta.apache.org Sent: Tuesday, June 14, 2005 9:53 AM Subject: Re: Concurrent login detection - how? Remove IDs from the List when users log out (and add a ServletContextListener to catch people who leave the site without logging out--remove their IDs when their sessions time out); At 09:22 AM 6/14/2005, you wrote: What is the best way to detect two people being logged in concurrently using the same account? This is one aspect of my efforts to restrict fraudulent access. Again, I don't want to use Acegi since it seems to break the rest of my app. So, what's the best way to do this 'traditionally'? Thanks! Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- David Rickard Software Engineer TechBooks/GTS Your Single Source Solution! Los Angeles CA * York, PA * Boston,MA * New Delhi, India Visit us on the World Wide Web http://www.techbooks.comhttp://www.techbooks.com [EMAIL PROTECTED] 5650 Jillson St., Los Angeles, CA 90040 (323) 888-8889 x331 (323) 888-1849 (Fax) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: IE-Page not found problem
I realize this is the Tomcat list, but I suspect many people here use Struts in developing their apps... I think it is worth noting that Struts provides a nocache switch for the Request Processor that does the same thing (setting the no cache headers). I found this out the hard way about two weeks ago when I ran into this very problem, but it turned out to be caused by this Struts option as I was running under Websphere. The point being that even if you can disable the option in Tomcat (and I'm not sure you can?), if you are using Struts you still could experience the same issue if you aren't aware the the headers could be set in two places. FYI, I wound up writing a filter that lets me define paths that WILL NOT have the cache headers set, all others they are set for (because all but three paths in my app needed the headers set, the 3 were where PDFs get generated). I use this in place of the Struts setting. This filter will appear in my Sourceforge JavaWebParts project, in case anyone else might be interested. Frank Mark Leone wrote: Maybe IEs implementation existed before HTTP 1.1 and before the no-store option was introducted, which seems to clarify the matter of what isn't allowed to be stored to disk, there is nothing else in the specififcation that mandates the user-agent or cache can not (in the process of serving the orginary request) store it to disk (if the implementation needs to). That's a charitable way to look at it, and an interesting observation. However, MS explicitly justifies the behavior in reference to the no-cache directive (see second link below), and I believe that neither the HTTP 1.0 Pragma semantics nor the HTTP 1.1 Pragma and Cache-Control semantics support the behavior. Given, as you pointed out, that the no-store option in HTTP 1.1 clears it up, then I think IE's implementation is even more unreasonable, as there is a check-box for HTTP 1.1 support. I've worked with dynamic HTML for quite a few years and can't remember stumbling over this problem, what is the simplest server response that triggers this problem in IE ? The problem occurs when using IE over an SSL connection, when the server includes either cache-control: no-cache or pragma: no-cache headers, or both, in the response, and the user is attempting to download a file that is not rendered in the browser (e.g., the file is either to be saved to disk or launched in some app other than a browser). Note that IE does not manifest the problem when the no-cache directives are sent in the response for non-SSL connections. I believe that Tomcat sends the no-cache directives when serving a resource from a protected context, i.e. one for which a security-constraint is defined. (Mary-Beth reported here earlier that she got IE to behave properly by unchecking the option Do not save encrypted pages to disk, but I tried this and it did not alleviate the problem. I believe Mary-Beth was dealing with a different issue. It's worth noting that MS does not list unchecking this option as a workaround in their bug report response for this issue.) The Tomcat bug report on it can be found here: http://issues.apache.org/bugzilla/show_bug.cgi?id=27122 And the IE bug report and MS response can be found here: http://support.microsoft.com/?id=316431 The issue is especially vexing IMO because of how it manifests. IE actually draws the download box with the progress bar, showing the correct web address and even the correct mime type of the resource. Then instead of beginning the download it suddenly throws up a window that says the site is unreachable. -Mark Darryl - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: IE-Page not found problem
Yes, it can be done with a simple valve. See earlier message in this thread for details, or follow the link to the Tomcat bug database in my previous message. I missed that thread, but this is good to know. Thanks! Keep in mind, this is not just a problem with pdf files. It will happen when IE uses SSL to download *any* file that is not being rendered in the browser, when the no-cache directive is included in the response. Absolutely. Worth having this clearly stated for the archives for sure. Frank - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] [Message truncated. Tap Edit-Mark for Download to get remaining portion.] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: IE-Page not found problem
Yes, it can be done with a simple valve. See earlier message in this thread for details, or follow the link to the Tomcat bug database in my previous message. I missed that thread, but this is good to know. Thanks! Keep in mind, this is not just a problem with pdf files. It will happen when IE uses SSL to download *any* file that is not being rendered in the browser, when the no-cache directive is included in the response. Absolutely. Worth having this clearly stated for the archives for sure. Frank - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] [Message truncated. Tap Edit-Mark for Download to get remaining portion.] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]