Re: Virtual Hosting and SSL
Justin Jaynes wrote: I DID try, but there is no IP address attribute for connector elements. .. at least not in the documentation listed on the 5.5 documentation / configuration setup. On this page?? http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/http.html Look again :-) -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Virtual Hosting and SSL
Justin Jaynes wrote: I am running tomcat 5.5.12 and need to host two sites, both with ssl. Can you set up two connectors (one port 443 and one port 80) for one specific ip address and another set of connectors for another ip address? Yes. :-) That's exactly what you need to do. Try it, ask if you run into a specific problem... -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cannot setup JNDI with MySQL
John Cherouvim wrote: I've been trying to setup a mysql connection pool using JNDI as shown in http://jakarta.apache.org/tomcat/tomcat-5.0-doc/jndi-datasource-examples-howto.html But no luck. *What I get in tomcat\logs\stdout.log is: NotifyUtil::java.net.ConnectException: Connection refused: connect at java.net.PlainSocketImpl.socketConnect(Native Method) A Connection refused sounds like your driver config is fine but either MySQL isn't running, it's configured with skip-networking, or you've got a firewall/iptables/whatever issue. Can you connect (`telnet localhost 3306`) from the command line? -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Newbie question - Tomcat 5.0 and external Javascript files
Larry Meadors wrote: You may be able to use this instead: src=js/EdiHost.js It is nice, because you can rename your context, and not break your webapp. :) Or, if you're using JSTL, use: src=c:url value=/js/EditHost.js/ which has the added advantage of *not* being a relative path that'll only work if referenced from the base directory of the webapp, but *will* work regardless of changes to the webapp name... -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: PHP / JSP on Tomcat.
Lalit Batra wrote: Is it a good Idea to have PHP enabled on tomcat ? In my limited experience using the PHP4 servlet, some errors cause the whole JVM process to exit, so good idea depends on how badly you want to run PHP applications :-) Personally, I just run Apache on a different IP alongside Tomcat to handle the occasional LAMP-stack job... YMMV! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat directory protection
Peter Flynn wrote: I don't know if Kerem Erkan was talking about exploits, but I have looked for some facility in Tomcat equivalent to Apache .htaccess files and failed to find any mention of them. Is it possible to do this kind of IP-level or simple username/password restriction in Tomcat? I'm not aware of anything directly analogous to .htaccess, but you can certainly accomplish the same goals in other ways. Take a look at SRV.6 (Filtering) and SRV.12 (Security) of the Servlet spec. HTH, -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to share static content across applications
Ritchie Gillam wrote: I need the following entries: Context docBase=/data0.../webapps/sharedHRM path=/sharedHRM/ and then one entry for each application that references the shared assets like this: Context docBase=/data0.../webapps/sharedHRM path=/app1/sharedHRM/ Context docBase=/data0.../webapps/sharedHRM path=/app2/sharedHRM/ I am doing this because sometimes the JSP/JSF tag appends the application context and sometimes it don't. That sounds broken; I would try to fix that first before trying to kludge up multiple shared Contexts. But it doesn't sound Tomcat-related -- if you want to send me details off-list about this erratic tag, I'll be happy to try to help. :-) -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Why doesn't my context work?
Michael Sullivan wrote: what I found. Anyway, I created a file called home.xml in /opt/tomcat5/conf/Catalina/localhost. I made home.xml by copying admin.xml and altering it. Here are the contents of home.xml: Context path=/user appBase=/home docBase=michael/webspace/webapps debug=0 privileged=true /Context Per the Tomcat doc that's been quoted here half-a-dozen times in the last couple of days, or so it seems :-) -- *take the path attribute out* because Tomcat *doesn't use it* unless the Context is defined inside server.xml. Either call the file user.xml or change your request to http://www.espersunited.com/home/index.jsp And, as has already been pointed out, 'appBase' is not a valid attribute of Context. HTH, -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to share static content across applications
Ritchie Gillam wrote: I am creating a new Context element for the shared assets but the problem is by putting the Context element directly in the server.xml file, I am not longer able to undeploy and redeploy the shared assets application without restarting the server... OK, so don't do that :-) Use either of e.g. ${appBase}/assests/META-INF/context.xml or $CATALINA_HOME/conf/${hostname}/assets.xml Apologies if I'm missing something, but I don't see the problem... -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to share static content across applications
Ritchie Gillam wrote: In the applications that need the shared assets, I already have a Context defined in the context.xml file for each app and I can only have the one. ? An application *is* a Context; the point is to create a single shared asset Context and reference it from wherever. As below... Use either of e.g. ${appBase}/assests/META-INF/context.xml or $CATALINA_HOME/conf/${hostname}/assets.xml -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to change the SSL port
CommonGround Softworks/Phil McNamara wrote: The tomcat log does show a bind error message after my server.xml edit to port 443. Sep 15, 2005 10:37:07 PM org.apache.coyote.http11.Http11Protocol init SEVERE: Error initializing endpoint java.net.BindException: Permission denied:443 Are you starting Tomcat as root? Doesn't look like it... -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_jk performance
KEREM ERKAN wrote: ... I am looking to the security side of the problem and Apache+mod_jk does its job better than only Tomcat concerning security. How so? -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_jk performance
KEREM ERKAN wrote: Apache has better directory/file restricting and handling than Tomcat better in what way? What actual *security* issue are we talking about -- in other words, what exploit is Tomcat susceptible to that Apache is not? -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Case-insensitive URLs for serving HTML
[EMAIL PROTECTED] wrote: I have a webb app in Tomcat that serves only HTML, and I'd like to make the path component of the URL case-insensitive. ... I guess I'd like to match the URL pattern to a regular expression. One quick, easy approach: UrlRewriteFilter http://tuckey.org/urlrewrite/ HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to configure Tomcat for multiple IPs
Barnett, Brian W. wrote: I have tried one Service with multiple Connector's, one Connector for xxx.xxx.xxx.xxx and one Connector for yyy.yyy.yyy.yyy. I also had two Host elements in this scenario, but got no indication that anything was running on yyy.yyy.yyy.yyy. What indication were you looking for? :-) I have a production box with one Service and four Connectors (2 IPs using ports 80 and 443), so that should be fine. Maybe you should post the relevant parts of your server.xml. BTW, did you run nmap or telnet or something to check if anything was listening on the specified IPs in that configuration? -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Different JDBC sources?
Vsevolod (Simon) Ilyushchenko wrote: As a relative Tomcat newbie, I can't find anything about how to use two different JDBC sources with the same codebase. I'd like to have two different URLs that use the same classes and JSP pages, but reference two different databases (test and production). Is there a standard way of achieving this? Presumably these are two different Contexts; put the appropriate Resource in each ${context}.xml file... -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to configure Tomcat for multiple IPs
Barnett, Brian W. wrote: BTW, did you run nmap or telnet or something to check if anything was listening on the specified IPs in that configuration? To test listening on the specified IPs, I just pinged them both and that was successful. Well, yeah, that says the interface is alive, but doesn't mean anything's listening; running `telnet xxx.xxx.xxx.xxx 80` will tell you a lot more :-) Can you send me the complete Service element of your working configuration please? I'm running Tomcat 5.0.28. I'm running 5.5.9 but it shouldn't matter; I'll send it offlist. -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Different JDBC sources?
Vsevolod (Simon) Ilyushchenko wrote: Presumably these are two different Contexts; put the appropriate Resource in each ${context}.xml file... Thanks! How will different contexts be invoked depending on the URL? Well, maybe I misunderstood the original question :-) My presumption was that the same code exists at, say, http://dev.example.com/ and http://www.example.com which are clearly different Contexts, even if they're on the same machine being run as virtual hosts. So each Context has a Resource addressing the appropriate DB. Also, I need to distinguish between the test and production environment in the code to figure out whether emails should be sent or not. Can I detect the current context there? If your setup is as described above, you could use getServerName(); alternatively, put a Parameter in the Context to turn on/off email sending. Apologies if this isn't relevant to your environment, though! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: no luck with allowLinking=true
Maurice Yarrow wrote: I have simply had no success getting allowLinking=true. / Am running 5.0.28 (tried it in 5.0.30, as well, with same lack of success). / Context path=/getimg docBase=getimg debug=0 reloadable=true crossContext=true Resources className=org.apache.naming.resources.FileDirContext allowLinking=true / /Context Shouldn't that just be: Context path=/getimg docBase=getimg debug=0 reloadable=true crossContext=true allowLinking=true /Context :: ? which works for me in TC 5.5.x, at least, and appears to match the Context attribute descriptions for 5.0.x in http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/context.html FWIW! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: no luck with allowLinking=true
Maurice Yarrow wrote: Neither configuration worked to allow symlinks. Also, as I indicated in my first letter, I even set up a completely new 5.0.30 complete deployment to test this issue, but the results were the same. That's good, eliminating as many variables as possible. And if that setup doesn't work... Is it possible you have a permissions problem between the Tomcat process userid and the owner of the linked directory? -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: web.xml, url-pattern
Trond Hersløv wrote: Can you please be so kind and explain what the servlet spec. has to do with configuring the deployment descriptor. Chapter SRV.13: Deployment Descriptor Could you give me a link to the servlet spec? Download from: http://java.sun.com/products/servlet/reference/api/index.html HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: invalidate session after calling listeners
Franklin Phan wrote: I have found the solution. Cool. :-) What threw me off in the first place was the poor API documentation for HttpSessionBindingListener interface. It says for valueUnbound: Notifies the object that it is being unbound from a session and identifies the session. It gave me the impression that the method itself notifies the object (which is the object that contains the implementation of HttpSessionBindingListener itself) and provides a reference to the session. The API documentation for that method should have said something like: This method is called *upon receiving notification* that this object is being unbound from the *invalidated* session. Erm, yeah, the docs are sometimes a bit opaque. Still, though, what is a global listener approach? I was just making a distinction between having a single Context-wide process (listener) doing session-unbound tasks versus each /session/ having a bound object implementing HttpSessionBindingListener doing its own. It's the difference between Mom cleaning up after everyone, or all the kids cleaning their own rooms :-) HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: request.getServletPath() changes during request lifecycle, BUG or Specified behaviour ?
Darryl L. Miles wrote: At the start of my HttpServlet class code: request.getServletPath() = /myServlet But then my HttpServlet code runs a MVC pattern and decides to forward off to a JSP page /someDir/myPage.jsp so inside any tag's inside that JSP page now get: request.getServletPath() = /someDir/myPage.jsp Which is just plain wrong. Can anyone confirm if this correct behaviour ? To work around this sillyness: Alternatively, per the 2.4 Servlet spec: SRV.8.4.2 Forwarded Request Parameters Except for servlets obtained by using the getNamedDispatcher method, a servlet that has been invoked by another servlet using the forward method of RequestDispatcher has access to the path of the original request. The following request attributes must be set: javax.servlet.forward.request_uri javax.servlet.forward.context_path javax.servlet.forward.servlet_path javax.servlet.forward.path_info javax.servlet.forward.query_string ... etc. HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: invalidate session after calling listeners
Franklin Phan wrote: I'm trying to code a method to clean up specifically named files inside a working dir (in Windows XP) whenever the session times out. Rather than a global listener approach, why not just add an instance of your listener *to each session*? When the session ends and that object receives the event, it still knows its attributes; from your example: public void valueUnbound(HttpSessionBindingEvent se) { AbcdUtil util = new AbcdUtil(); /* -- neither of these is necessary, as userId is still defined * HttpSession session = se.getSession(); * String userId = (String)session.getValue(userId); */ I use this approach to return items to stock from an abandoned (via session timeout) shopping cart, for instance. FWIW! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Automatic deploy of updated war deletes the context file
Paul Austin wrote: The test case I am using is running on Tomcat 5.5.9. 1. The web application is deployed as a the app.war file, with no context.xml file to the wars/host directory _and_ no META-INF/context.xml in the war file, right? 2. The Host configuration is as follows. Host debug=99 name=host unpackWARs=false deployXML=false Logger className=org.apache.catalina.logger.FileLogger prefix=host timestamp=false / /Host 3. In conf/Catalina/host/app.xml ?xml version='1.0' encoding='utf-8'? Context debug=9 docBase=wars/host/app.war path=/app reloadable=true workDir=work/Catalina/host/app ResourceLink global=jdbc/appDs name=jdbc/appDs type=javax.sql.DataSource/ /Context When I copy app.war into wars/host to repeploy using the automatic deployer I check the conf/Catalina/host/ and http://host/manager/list and the app.xml and the /app context are deleted. I would check your logs for errors, but also go through all your entries in your server.xml and app.xml files For instance, for the path attribute of Context: The value of this field must not be set except when statically defining a Context in server.xml, as it will be infered from the filenames used for either the .xml context file or the docBase. Sometimes the subtle config errors will bite'cha :-) -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: newbie with a short question
nick sturm wrote: ok, I have done the two things on that page: renamed the serverlet and deleted the comments around the cgi section of the web.xml config file. Uh, you probably want to *read* those comments :-) -- specifically !-- executableName of the exectuable used to run the -- !-- script. [perl] Perl being the default, you'll have to figure out how to use the COMMAND.COM or whatever it is for Windows. Alternatively, write a Perl wrapper for it or just rewrite your .BAT file in Perl. *Or* byte, er, bite the bullet, google `java serial port controller` and just write what you need in Java :-) Good luck, -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Automatic deploy of updated war deletes the context file
Paul Austin wrote: Now the final question is how can I set the path to be a sub directory? So /subdir/app. This worked on my Tomcat 5 installation on Linux but doesn't work here. It seems to just ignore the path. No idea, never had a reason to try such a configuration -- sorry! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Virtual Hosts In Tomcat
Dennis Harris wrote: I have Tomcat 4.1 running on Server 2003. Now I want to point a new domain to this box using virtual hosts. I have read all the documentation and I'm still unclear where in the server.xml file to place this virtual host. Can someone paste an example of the virtual hosts and where exactly in goes in the server.xml file. Grossly simplified, the hierarchy is: Server Service Connector/ Engine defaultHost=localhost Host name=localhost/ Host name=dev.example.com/ Host name=cool.example.com/ /Engine /Service /Server Any help would be appreciated. By the way, I am a newbie with Tomcat. In which case, I'd recommend using a non-ancient release, i.e., one in current active development; you'll get more and better responses to your questions :-) HTH, -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Virtual Host Not Working Correctly
Dennis Harris wrote: I am setting up a Virtual Host in Tomcat, I've added the following entry in my server.xml file. Host name=q5aims.net debug=0 appBase=webapps unpackWARs=true/ Context path=/q5aims_net docBase=q5aims_net debug=0 reloadable=true/ /Host However, when I test the link, it says the page cannot be found. In the directory q5aims_net I have one doc, index.html Are you trying to access 'http://q5aims.net/index.html' or 'http://q5aims.net/q5aims_net/index.html' as your Context entry indicates? -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Virtual Host Not Working Correctly
Dennis Harris wrote: Just trying to access http://q5aims.net/index.html Context path=/q5aims_net docBase=q5aims_net debug=0 Then you should have Context path= ... -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Automatic deploy of updated war deletes the context file
So Paul Austin says: Doctor, When I copy an updated copy of a war file that was deployed with a context.xml file in the META-INF directory and also I have a copy of the context.xml in the conf/Catalina/host directory the deployer just deletes the context altogether and doesn't reploy the application. ..and the Doctor says: Right, so don't do that. /* Heh. Vaudeville :-) */ Seriously, you only want to have your Context defined *one* place. -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Automatic deploy of updated war deletes the context file
Paul Austin wrote: Right but where should it go so that tomcat doesn't delete it? I've tried setting the deployXML=false on the host and having it just in the conf/Catalina/host directory (which is my preferred location), just in the war file and all various combinations. I've used both locations -- separately! -- without problems. Are you saying that with *only* /conf/Catalina/host/context.xml, nothing in META-INF/context.xml, your deployment fails and the context.xml file is removed? -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Multiple virtual hosts NEWBIE (UNCLASSIFIED)
The question is how am I gonna host these two sites on the same tomcat instance ? Is this done through tomcat ? Is it even possible ? The hosting company supports having multiple domains under one main domain. Any suggestions ? Yes -- read the excellent Tomcat Configuration reference for the version of Tomcat you're running. Also, you may find the learning curve shorter if you install that version on your desktop system to experiment with... FWIW! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Multiple virtual hosts NEWBIE (UNCLASSIFIED)
I appreciate your input. I went onto the site and I can't seem to find what I need. Could anyone please supply me with the URL of a reference manual ? I am using version 5.5.8 http://jakarta.apache.org/tomcat/tomcat-5.5-doc/ Good luck, -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Webapp suddenly not available
Vsevolod (Simon) Ilyushchenko wrote: The error is from Tomcat - if I go to port 8080, I also see it. My issue is that I can't figure out how to turn debug messages on via log4j - I'm sure I'd see something interesting there. Uh, yeah. Seems like it'd be a good idea to reinstall the orginal default ROOT directory temporarily and get log4j working properly. It's really straightforward, but the time to try isn't after your webapp breaks :-) Check out Allistair Crossley's http://www.adcworks.com/blog Good luck! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Security Questions Regarding Tomcat
Robert V. Coward/CTR/OSAGWI wrote: Hmmm. Well take a look at this entry from the server.xml file: !-- Define a Proxied HTTP/1.1 Connector on port 8082 -- !-- See proxy documentation for more information about using this. -- !-- Connector port=8082 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false acceptCount=100 connectionTimeout=2 proxyPort=80 disableUploadTimeout=true / -- I did not add this and from what I can tell this comes with the default config. Any info? About what? This is in the Fine Manual -- see the Connector documentation under tomcat-docs/config/: --- Proxy Support The proxyName and proxyPort attributes can be used when Tomcat is run behind a proxy server. These attributes modify the values returned to web applications that call the request.getServerName() and request.getServerPort() methods, which are often used to construct absolute URLs for redirects. Without configuring these attributes, the values returned would reflect the server name and port on which the connection from the proxy server was received, rather than the server name and port to whom the client directed the original request. For more information, see the Proxy Support HOW-TO. --- Though this isn't particularly relevant to your situation, since as are many of the *examples* in the default server.xml, this entry is *commented out*. HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Security Questions Regarding Tomcat
Robert V. Coward/CTR/OSAGWI wrote: Understood. But I do not want to use Tomcat proxying services. I just want to host 8080 locally and let my ipfilter firewall block and proxy for me. Then the default Tomcat configuration of listening on port 8080 is just what you need. I highly recommend making a copy of the original server.xml and then stripping out the examples before doing anything else; greatly improves readability. :-) If you're still uncertain about Tomcat's configuration, i.e., what port(s) it's listening on, you could run netstat and/or nmap before and after starting it, and compare the results. FWIW! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Security Questions Regarding Tomcat
Robert V. Coward/CTR/OSAGWI wrote: Apparently T5 comes with a port 80 proxy server a special servlet container or something. Basically I have ipfilter running and only allow access to port 8080, but if you send a request to 80 tTomcat picks up and does some sort of internal redirect to port 8080. Sorry, but that's simply not the case. The Connector definitions in $CATALINA_HOME/conf/server.xml control what ports (and IPs) Tomcat is listening on. I'm not familiar with 'ipfilter', but there should be a way to list the current rule set (equiv to `iptables -L`) to see what's going on. FWIW! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Security Questions Regarding Tomcat
Leandro Meiners wrote: Where can I find documentation regarding limting HTTP methods using security-constraints? The Security section of the Servlet 2.4 Spec (SRV.12) has some good examples -- highly recommended :-) FWIW! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat and the HttpServletRequest Object
Wendy Smoak wrote: You are depending on arbitrary browser behavior. As far as I can tell, there's nothing preventing me from writing a browser that, say, alphabetizes the request parameters before sending them to the server. well. :snips from: http://www.w3.org/TR/html401/interact/forms.html#h-17.13 application/x-www-form-urlencoded ... 2. The control names/values are listed in the order they appear in the document. ... multipart/form-data ... A multipart/form-data message contains a series of parts, each representing a successful control. The parts are sent to the processing agent in the same order the corresponding controls appear in the document stream. ... So it seems the HTML specification *does* require the parts be sent in particular (source) order. But it has nothing to say about what *processing agents* do with 'em. And if the servlet spec *doesn't* demand that the parts be stored and made available in that same order... It's never even occurred to me to expect form variables in any order, though. For one thing, only successful controls are sent at all, so what arrives is intrinsically somewhat arbitrary, eh? :-) As always, YMMV! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Http Refferer
Oscar Mechanic wrote: Why would it get a null ? Every page has a referrer. Simply not true -- a page accessed by having the URL hand-typed into a browser's address field has no referer. And PC anti-virus software frequently *blocks* sending a referer header regardless... -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Using more than one SSL cert in keystore?
Paul Singleton wrote re' client-side redirects: You can do it like this (relies on JavaScript): You can also use this META tag in the head of the document: meta http-equiv=refresh content=0;url=http://example.com; / (The first part of content is the interval in seconds before the 'refresh' happens...) HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Multiple Hosts using dyndns
Daron wrote: I trying to set up Tomcat 5.5 to respond to multiple host names that I have configured using dyndns. I am not sure which facility I should be using. Sorry, don't know anything about dyndns -- does your *PC* respond to the multiple host names? i.e., can you 'ping' each of them and get a response? If so... Since my PC which is running tomcat only has one IP address I belive I need to configure hosts, not virtual hosts. ..you want to configure your multiple host names as Tomcat virtual hosts -- see the Host element documentation. That's going to be the same regardless of how the name resolution is being done (dyndns, DNS, NIS, /etc/hosts file, etc.), AFAIK. HTH, -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to create a MySQL datasource (DBCP) into TOMCAT 4.1.31...
Patrick Gelin wrote: I succeded to create a datasource for TOMCAT 5.5.7 and 5.5.9 but I have to deploy my webapp into TOMCAT 4.1.31 and it's not the same configuration parameters... 2. This is my server.xml conf file: ResourceParams name=jdbc/rpn_database parameter namefactory/name valueorg.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory/value /parameter I believe that's 5.5.x-specific -- commons-dbcp contains: org.apache.tomcat.dbcp.BasicDataSourceFactory :: (note only one '.dbcp'). Change that, make sure commons-dbcp is in your 4.1.31 $CATALINA_HOME/common/lib and give it a try. HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Only one ssl domain per server instance?
Mark Thomas wrote: You can define multiple Connectors, each with its own keystore. But don't forget that each will need to be on a different port. Actually, I assumed the OP would assign each Connector a different *IP address*, so that conventional URLs like https://www.example.com/ https://www.secondexample.com/ could be used, rather than, e.g. http:9443//www/yuckyexample.com/ :-) YMMV, -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Only one ssl domain per server instance?
Mark Winslow wrote: I'm wondering if there's a way to get more than one ssl domain per server instance. The ssl Connector tag seems to be in the top level in server.xml. You can define multiple Connectors, each with its own keystore. -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: confused about simple logging
Lane wrote: I got the valve configured and working in server.xml and immediately set about trying to make it work only in a specific context. I've tried to configure it in $CATALINA_HOME/conf/Catalina/localhost/helloworld.xml and in $CATALINA_HOME/webapps/hellowworld/WEB-INF/web.xml but the Valve seems to be ignored unless it is in $CATALINA_HOME/conf/server.xml I'm set now, but if anybody has information on per-context access logging it'd sure help me troubleshoot. I just took the Valve entry from a Host in my server.xml, stuck it inside a ROOT.xml file changing only the prefix attribute, restarted the server and bingo -- a context-specific log file is being created. There's really not much to it, as the example in the docs shows. Maybe you should post your entire Context file. -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: ip-based virtual hosting
Bill Barker wrote: I ... am interested in setting up ip-based virtual hosting in standalone Tomcat. Is that possible? It will be possible in TC 5.5.10. It's not possible in any of the currently released versions. ?! Could you explain, please? Because I've currently got several systems running what *I* think of as IP-based virtual hosts using TC 5.0.x and 5.5.x... -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Cannot access Tomcat from remote box
Vincent Yau wrote: Today, I got hold of 2 boxes that I need to setup tomcat. Both are Linux. So I downloaded Tomcat 5.0.28 on box boxes earlier today. They ran fine with a local browser accessing it. However, no other box on the network can access it. I got Connection Refused when trying to load the front page from any other machine (http://thatbox:8080). There is no firewall on either machine. Almost certainly wrong -- most new distros have iptables enabled by default. I have tried ping, ssh, scp, httpd and all traffic goes through fine on both boxes. But have you tried `telnet thatbox 8080` -- which is what would actually confirm there's something listening (unblocked) there? :-) -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How do I redirect all tomcat ports to use SSL?
Donny R Rota wrote: Thanks, I use security-constraints now, and I've been looking for this answer for weeks. I've not found that option available. Can you send me an URL to this? In the mean time, I'm going to see if I can find that option in my other sources. Uh, your other sources would presumably include a copy of the Servlet spec? :-) (That'd be SRV12.8 in the 2.4 spec, BTW) -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: 2 nd Try : help need for hosting the website
Ashok Anumandla wrote: I am trying to host my website on Tomcat 5.5.9 in my home machine, i did following steps .. - Configured my linksys to fwd the any request from www.anishanumandla.com to port number and 8080 port. I don't think you were successful with that step... But unfortunately i am not able to make it working , when i try http://localhost:8080/anishanumandla, it is working fine, but when i try accessing www.anishanumandla.com it is not working, Exactly. And port 80 of www.anishanumandla.com shows as closed. So either it's your Linksys, or your Windows has a firewall preventing access to that port, or something. But it's not a Tomcat issue. HTH, and good luck. -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: 2 nd Try : help need for hosting the website
Robert Harrison wrote: I don't think you can see the external address if you browse from the same machine the site is hosted on. 1) uh, why the hey not? Name resolution is name resolution; where you're browsing from shouldn't matter (unless your primary DNS is local and delivering non-routable addresses or something). 2) the point is, neither you nor I can connect to port 80 of the IP address for www.anishanumandla.com -- so it's broken. And not a Tomcat problem. 3) why are the other three people who responded to this post *all* named Robert? OK, you don't have to answer that. :-) -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: 2 nd Try : help need for hosting the website
Struan Kerr-Liddell wrote: Am I miss understanding? I can see www.anishanumandla.com Obviously the OP fixed his problem -- it was definitely unavailable a while ago (via browser/telnet/nmap). Cute kid :-) -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Change ROOT in Tomcat 5.5.9
Parsons Technical Services wrote: You can't do that with 5.5.X . You must declare the default context in the server.xml No, I don't know how you're getting that out of the reference below but there's no requirement to have your context -- any context -- defined in server.xml. Trust me, I've got several 5.5.x machines running right now, and *all* the contexts are defined in either /META-INF/context.xml or $CATALINA_HOME/conf/{engine}/{hostname}/{context}.xml http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/context.html FWIW, -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Change ROOT in Tomcat 5.5.9
Parsons Technical Services wrote: Please read what Yuval wrote -- OK, that was: I want to change the ROOT context to my web app but not in the Tomcat directory. I tried to define the context in xml file in the conf/Catalina/localhost/ with path= and delete the ROOT folder in The webapp directory but it doesn't work. :: which I took to mean having a ROOT context in a place other than $CATALINA_HOME/webapps/. And all that takes is to change the docbase attribute of the relevant ROOT.xml file, which has an assumed context path of . Perhaps I misunderstand the OP's goal... -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: how to host website on Tomcat 5.5.9
Ashok Anumandla wrote: I am trying to host my son website on Tomcat 5.5.9 in my home machine, i did following steps .. But unfortunately i am not able to make it working , when i try http://localhost:8080/anishanumandla, it is working fine, but when i try accessing www.anishanumandla.com it is not working, i am getting page not found error, 1) Can you ping www.anishanumandla.com? I can't :-) So you need to first make sure that name resolves correctly, and your system can be reached as that address. 2) You should also read the docs on the Host element -- you'll need an Alias element as well:: prompt% host www.anishanumandla.com www.anishanumandla.com is an alias for anishanumandla.com. anishanumandla.com has address 24.6.220.179 3) You'll need to change your Connector port setting from 8080 to 80 That should get you started :-) HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Newbie Question: conext.xml
Fritz Schneider wrote: Welcome, fellow newbie! I struggled with this one also. It turns out that the context element for a root directory MUST be nested inside the host element in server.xml. No, no, no. That's simply not true. I have multiple installations of 5.5.x systems running and not one has a Context element inside the server.xml. The dead simplest approach is to put ROOT.xml as $CATALINA_HOME/conf/{engine}/{hostname}/ROOT.xml Within that ROOT.xml file you can specify the docbase as ROOT or WhAtTheHeyEver or any appropriate arbitrary path... The name of the file is a Tomcat convention; the docbase *path* you specify is entirely up to you. -Original Message- From: Bob Bronson [mailto:[EMAIL PROTECTED] I want the document base directory (the Context's docBase) for my default web application to be something other than ROOT. Please don't ask, why?, this is a simplification of a different but equivalent problem. -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Newbie Question: conext.xml
Bob Bronson wrote: But using the $CATALINA_HOME/conf/{engine}/{hostname}/ROOT.xml approach is only one of 4 documented approaches (and the only approach I was able to get working). Why don't the other three work? Well, I'm absolutely certain that this: 4: {appbase}/{docbase}/META-INF/context.xml :: works just fine -- I use that approach sometimes. Both of these: 1: $CATALINA_HOME/conf/context.xml 2: $CATALINA_HOME/conf/[enginename]/[hostname]/context.xml.default :: I've never tried, so I'd have to fiddle around a bit. But since the other two work fine, and to me represent the optimal approach to managing my webapps, I'm not overly motivated :-) As always, YMMV! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat Admin Question
James Croft wrote: Tomcat's administration web application is no longer installed by default. Download and install the admin package to use it. I've had a look around the Jakarta site and can't find this package. Anyone know where I can find this? The same page you got the rest of the software to install: http://jakarta.apache.org/site/downloads/downloads_tomcat-5.cgi Most browsers have a function called find in page (or similar) -- try using that to find 'admin' :-) HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: can't see a tomcat installation on home network
Nikola Milutinovic wrote: Try SSH, instead of Telnet. Download PuTTY and install it. Sheesh, no, don't confuse the issue. This is not about the OP trying to open a shell on a remote system, it's about *using telnet* as a command-line tool to try to connect to an arbitrary remote port -- in this case port 8080, (hopefully) opened by Tomcat. SSH isn't part of this picture. FWIW! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [SPAM2] - RE: Problems with DataSourceRealm Tomcat 5.5 - Found word(s) list error in the Text body
Lorenzo Jimnez wrote: This is my context.xml Resource name=jdbc/egistry scope=Shareable type=javax.sql.DataSource/ If this is a direct copy/paste, you have a mismatch between the names above and below, but that doesn't matter because ResourceParams name=jdbc/registry :: this *isn't* the way to specify params in 5.5 -- read this: http://jakarta.apache.org/tomcat/tomcat-5.5-doc/jndi-datasource-examples-howto.html parameter namefactory/name valueorg.apache.commons.dbcp.BasicDataSourceFactory/value /parameter ... HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: class path (UNCLASSIFIED)
S M wrote: The same as before. Not surpring if you haven't addressed the problems Jason already pointed out -- lCATALINA_HOME = C:\Program Files\Apache Group\Tomcat 4.1 1) Reinstall Tomcat in `C:\tomcat_4.1` or something, with *no* spaces in the path. 2) Don't put servlet.jar and j2ee.jar in the same classpath, as you'll have duplicated classes... Jason Bainbridge wrote: On Apr 12, 2005 3:39 PM, S M wrote: sorry for the confusion, but i have set CLASSPATH, i echoed on cmd as mentioned and yes it shows me the CLASSPATH as listed below .;C:\javacode;%CATALINA_HOME%;%CATALINA_HOME%\common\lib\servlet.jar;%J2EE_HOME%\lib\j2ee.jar; where ;C:\javacode had the source code. Have you explicityly set CATALINA_HOME as well? Does it have spaces in it? If so surround it with double quotes or move it to a path with no spaces. I don't think having servlet.jar and j2ee.jar in the same classpath is a good idea either. -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How do I restrict access to webapps applications from browser users?
Ikonne, Ike wrote: It is more like the last thing you listed below. I know that when fronted with Apache, that can be done, I thought tomcat had similar directory control that apache has without having to setup security constraints. You basically nailed it, I may have to tell my clients to just front tomcat with Apache. How are adding lines of configuration to .htaccess/httpd.conf any different than adding a few lines to web.xml? And for no apparent (to me, anyway) advantage you're going to throw in another couple of pieces of software to be installed, configured and maintained? What exactly is it about Apache httpd directory control that you prefer? -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: problem with installing tomcat in linux
[EMAIL PROTECTED] wrote: yes i did exported those env variables. but still i am getting the following error Cannot find ./catalina.sh This file is needed to run this program Executables, including shell scripts, are only found if they're in your PATH. Either add the $CATALINA_HOME/bin directory to your PATH setting or start Tomcat directly using: prompt $CATALINA_HOME/bin/catalina.sh start It would probably be useful to look at that startup script as well, to understand the role of various environment variables... HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Troubleshooting Virtual Hosts with Tomcat 5 standalone mode...
Jeff Duska wrote: I'm trying to setup a couple of virtual hosts using Tomcat in stand alone mode. I started with the goal of having a user directory for each virtual host. For example, for the sample domain1.com the appbase would be /home/domain/webapps. I setup my server.xml file to have the following host settings Host name=domain1.com debug=0 appBase=/home/domain/webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Context path= docBase=./ /host OK, don't do that :-) Don't put the Context elements in server.xml. Put your Host elements there, e.g. Host name=oahu appBase=/www/oahu/Host Host name=maui appBase=/www/maui/Host Host name=kauai appBase=/www/kauai/Host Then (assuming you're using the default Engine name) make directories $CATALINA_HOME/conf/Catalina/oahu $CATALINA_HOME/conf/Catalina/maui $CATALINA_HOME/conf/Catalina/kauai In each of those put your Context files, as in $CATALINA_HOME/conf/Catalina/oahu/ROOT.xml $CATALINA_HOME/conf/Catalina/oahu/manager.xml !-- the above if you want the manager app available -- $CATALINA_HOME/conf/Catalina/oahu/cowabunga.xml !-- etc... -- which will look (minimally!) like Context docBase=/www/oahu/ROOT !-- define Resources, etc. -- /Context That's it. Restart tomcat. Done. See, wasn't that easy? :-) HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Cannot get a connection, pool exhausted
Koller Krisztian wrote: Try adding the abandoned connection recovery settings and have it log them. How can I do this? The FM will help: http://jakarta.apache.org/tomcat/tomcat-5.5-doc/jndi-datasource-examples-howto.html :: as will looking at the JavaDoc for commons-dbcp http://jakarta.apache.org/commons/dbcp/apidocs/index.html HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat Connection refused :-(
gaurav wrote: what to do !! Basic troubleshooting. 1) look in your logs (and if this problem seems associated with the Oracle install, look in its log(s) and the syslogs, too). 2) prompt export JAVA_OPTS=-verbose prompt $CATALINA_HOME/bin/catalina.sh run watch the console and see where and why Tomcat stops initializing HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Newbie help
[EMAIL PROTECTED] wrote: Now, I've downloaded JWSDP and tomcat50-jwsdp, and nothing makes sense anymore. What I want to do is the following: - create a directory in the /webapps dir, and place my small servlets in that dir and run them. I don't know anything about JWSDP, but have you read the setup and configuration pages for the version of Tomcat you're using? e.g., http://jakarta.apache.org/tomcat/tomcat-5.0-doc/index.html That's the how-to you're looking for, I suspect... -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat rookie needs help building application
Barry Kimelman wrote: So I changed my current directory to the toplevel of my project and issued the command ant compile. I received the following error message : BUILD FAILED C:\barry\myproject\build.xml:146: taskdef class org.apache.cataline.ant.DeployTask cannot be found Line 146 of my build.xml file is as follows : taskdef name=deploy classname=org.apache.catalina.ant.DeployTask/ I searched the JAR files under my Tomcat installation and found that the JAR file located at C:\Tomcat5.5\server\lib\catalina-ant.jar conatins the missing class. According to the Tomcat documentation that I read, JAR files placed under $CATALINA_HOME/common/lib are available both to web applications and internal Tomcat code. But you're neither of those :-) so it's *your* CLASSPATH that needs to include C:\Tomcat5.5\server\lib\catalina-ant.jar when you run ant from the command line. -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: php and apache tomcat
Benson Margulies wrote: Apache isn't the same thing as 'Apache Software Foundation / Jakarta Tomcat'. The usual PHP requires plain old Apache, not Tomcat. Well -- yes to the first, not exactly to the second. The chances are good that the original poster is confused about the difference between Apache httpd and Tomcat, but PHP 4 has an option in the `configure` script to build a PHP servlet. I've built it, run it, used it for lightweight PHP stuff. Works OK, more or less, but any significant glitch takes the whole JVM down. In other words, not suitable for serious production use, but fine for running one calendar app, or some such trivia :-) The servlet build function seems to be missing in PHP5, though. FWIW, -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Problem with Tomcat caching old pages that it shouldn't
Asfand Qazi wrote: Basically here's my problem: I make a jsp page that works correctly. OK. Then, I make a fault in it that shows a compile error page - also fine. The problem is, when I reload it a second time, Tomcat serves me the old compiled JSP scriptlet, instead of giving me the compile error message again! Yep, I've seen this too, on 5.5.7 -- hadn't spent any real time on it, but... http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/context.html cacheTTL ..the above sounds like a likely candidate, since it's obviously not related to initial *loading* of changed classes. Please post back the results of your testing :-) -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Installation Issues Revisited - AIX 5.2
Bob Wyatt wrote: When I run the binary version of 5.0.28, tomcat works until it runs the following script: String FilePath=request.getRealPath(/Web-inf/admin.properties.xml); ^^^ Not surprising you get an NPE after that... it's /WEB-INF/ eh? Case matters :-) (Not to mention that `request.setRealPath()` is deprecated...) -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: {OT] Re: Jumping in and out of JSP
Charles P. Killmer wrote: Does anyone know of a creative solution to this? Or some way to achieve what I am after? Not to rain on your parade :-) but one of the main reasons for using JSP (IMHO) is to *separate* markup and code. Something like this wouldn't even be considered best practice in /markup/, by current standards: return table border=\0\ cellspacing=\0\ cellpadding=\0\; Just table would do it, leave the other stuff to CSS... (If you feel you really *must* return markup from a function, you could put it into a custom taglib, though, which would be a whole lot cleaner all the way around...) FWIW! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Scoping of JNDI Resources?
J Malcolm wrote: I've actually got my realms defined per host. That's not the problem. The problem is that the datasources for the various realms must be declared globally (apparently). I'm assuming that any datasource that is defined globally is accessible to any Tomcat app that knows the datasource name, right? This means that the realm authentication db for one host is accessible to any other host that might be able to determine the datasource name. Ah, OK, this isn't a problem I've had to deal with, but: http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/globalresources.html :: I would read this: The GlobalNamingResources element defines the global JNDI resources for the Server. These resources are listed in the server's global JNDI resource context. This context is distinct from the per-web-application JNDI contexts described in the JNDI Resources HOW-TO. The resources defined in this element are not visible in the per-web-application contexts unless you explicitly link them with ResourceLink elements. :: as refuting the above concern... But I don't have time to test that theory right now :-) HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Scoping of JNDI Resources?
J Malcolm wrote: I know you can define DataSources, etc. globally to all of Tomcat using GlobalNamingResources. I have also determined that you can define individual DataSources inside a webApp's Context/Context block inside a Host block. But are these the only two options? I would like to define DataSources that are scoped to a Host, but not global to all of Tomcat. I tried a few things, but couldn't seem to get it to work any other way. Is there a way to define a DataSource (or any other JNDI resource) at the host level? You didn't mention what version you're running, but take a look at this page for the DefaultContext : http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/defaultcontext.html More generally, examples of server.conf are great. But is there a document that describes all the options and variations of what you do in server.xml? It's not a single document, but the Server Configuration Reference (again, this is for the 5.0 branch, adjust as required) covers it all, element by element: http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/index.html HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Scoping of JNDI Resources?
J Malcolm wrote: But it does not appear that the Default-Context applies to DataSourceRealms for a host. Is there a way to define a datasource for use by a realm in a particular host (without making the datasource available to other hosts?) Ah, Realms, well then: http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/realm.html :: says: You may nest a Realm inside any Catalina container Engine, Host, or Context). Not tested -- I'm also running 5.5.7, but my DataSourceRealm is applied globally -- but that sounds like it fits the bill... -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBCRealm changes from Tomcat 5.0.x to 5.5.x
alexander dosher wrote: DataSourceRealm (5.5.7): doesn't work or is unconfigurable by me - i've got a Server GlobalNamingResources Resource type=javax.sql.DataSource name=UserDatabase and an Engine Realm className=org.apache.catalina.realm.DataSourceRealm name=UserDatabase snip/ How about something like: GlobalNamingResources Resource name=jdbc/authorization auth=Container type=javax.sql.DataSource username=ren password=stimpy driverClassName=com.mysql.jdbc.Driver url=jdbc:mysql://localhost:3306/authority?autoReconnect=true/ /GlobalNamingResources :: and :: Realm className=org.apache.catalina.realm.DataSourceRealm dataSourceName=jdbc/authorization userTable=users userNameCol=user_name userCredCol=user_pass userRoleTable=user_roles roleNameCol=role_name/ :: which -- season to taste -- works for me :-) FWIW! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBCRealm changes from Tomcat 5.0.x to 5.5.x
Richard Mixon (qwest) wrote: We upgraded from Tomcat 5.0.19 to Tomcat 5.5.7 in production and are now getting JDBC connection errors when the site has not been accessed for a while. This is happening when a user tries to login - we use a JDBCRealm to authenticate the user. Would using the DataSourceReal provide any help here? I'm using a DataSourceRealm with 5.5.7 and not seeing any problems reconnecting at any time (MySQL 4.1.7 + Connector/J 3.1.6)... FWIW, -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBCRealm changes from Tomcat 5.0.x to 5.5.x
Richard Mixon (qwest) wrote: Hassan, Could it be that you do not experience the long periods of inactivity on weekends that we do? No, I'm using this for both my own dev workbench and an intranet server at the moment, and at the least they're idled out overnight. So there's not enough authentication traffic to really show up the 33357 bug, but I *certainly* exceed the connection timeout period. -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Facing problems in tomcat configuration - on XP Professional
raghavendra datt wrote: Can you please tell me how to figure out whether firewall is running or not? To check whether that port is being blocked: C:\telnet localhost 8080 You'll see either tomcat responding or something (firewall, or ...) preventing access :-) HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Visibility of resources under WEB-INF/classes
Rico wrote: What I outlined in my email is that when I don't do the above because I use my own Context docBase=C:\myWebApp path=/something Tomcat cannot find the resources as follows: C:\myWebApp\WEB-INF\classes\hibernate.cfg.xml and OK, just took a look at an old Windows(2k) machine w/4.x stuff on it; those apps, which all worked fine outside the $CATALINA_HOME/webapps directory, used forward slashes like: Context docBase=C:/myWebApp path=/something You might check the appBase definition of your Host element :-) HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: What does each part of a className mean?
Chris, When I talked to a guy from verisign during the creation he said that was one of the differences of 5 over 4. That it did not matter where the keystore or the cert was placed as long as there were no errors during the install. Right now the keystore and certs are placed off the root something like the c:\j2sdk1.4.2_06\bin\. This location is the same directory that holds the keytool.exe file that I used to create the keystore. The keytool.exe just dumped everything into its home location. The server is under c:\apache\tomcat not sure if this is the root problem or if I am just barking at the moon. I believe I sent you this offlist several days ago, but perhaps not. In any case, you can specify any location for your keystoreFile, you just need to put that information into the Connector element so TC (version 4 or 5!) knows where to find it. And I wouldn't recommend leaving your keystore file where it is now :-) Delete it and recreate in a location of your choice. The instructions below are for a Linux system, so adapt for your Windows environment as necessary... Following these instructions should take all of 5 minutes... I didn't have SSL enabled on my dev machine, so to test this I 1) uncommented the SSL Connector, changing the port to 443 so I wouldn't have to type in the port in the address bar 2) ran keytool prompt% $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore /etc/.keystore -keypass woohoo 3) added that info to the Connector Connector port=443 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=https secure=true clientAuth=false sslProtocol=TLS keystoreFile=/etc/.keystore keystorePass=woohoo / And that's it; worked right off the bat. If yours isn't behaving as you expect, you might want to redo the install from scratch, just to be sure, and then check the logs if it's still not responding. Good luck! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Enabling CGI
Kelly, Steve wrote: Has anyone out there got CGI scripts running from a tomcat webapp. If so, I'll carry on my investigations. If not, I might just give up ! Yes. I'm baffled by the apparent problems with this. Since I needed to update a dev server anyway, I /just now/: 1) downloaded and installed TC 5.5.7 2) uncommented the CGI servlet and servlet-mapping entries in $CATALINA_HOME/conf/web.xml 3) renamed the $CATALINA_HOME/server/lib/servlets-cgi.renametojar to servlets-cgi.jar 4) added a ROOT.xml file to $CATALINA_HOME/conf/Catalina/localhost (pointing to an existing context) 5) added a cgi directory under WEB-INF in that context. 6) added the `printenv` test cgi from an Apache httpd install 7) started TC, using the default server.xml 8) entered http://example:8080/cgi-bin/printenv in browser -- RESULT: listing of environment variables as expected It really couldn't be much simpler, unless it were configured for CGI by default :-) HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: What does each part of a className mean?
Chris Hosler wrote: I am having a problem getting SSL to work on my tomcat 5 sever Read this: http://jakarta.apache.org/tomcat/tomcat-5.5-doc/ssl-howto.html If, after that, you're still having problems -- let us know. :-) -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Virtual domains
Dola Woolfe wrote: But does Tomcat support virtual domains? The FM, particularly the Server Configuration Reference, is your friend :-) http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/index.html :: which would lead you to the Host element... http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/host.html -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: multiple ips, multiple ssl certificates and port forwarding
[EMAIL PROTECTED] wrote: i also tried it with one service and multiple connectors with the same result ... only one of the keystore-files is taken ... as it is the one of the webservers original name i tend to think that this may be a portforward-problem (i.e. all forwardes port/ips are mapped to the one associated with the used keystore) .. has anybody a working tomcat 4.1.x configuration with multiple ips and ssl keystores? Yes, one service with multiple connectors for different IPs using different keystores. It works fine, and I don't see any significant difference between my server.xml and the one you previously sent. I would seriously urge you to turn off the port-forwarding, change the connectors to standard ports 80 and 443 and test again. :-) FWIW! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: multiple ips, multiple ssl certificates and port forwarding
[EMAIL PROTECTED] wrote: hmm ... portforwarding works with jetty (on the same ports), so it should also work with tomcat, and i'd rather have tomcat on a non privileged port. You can always add it back in, once you've resolved the problem (and confirmed that's *not* part of it). But that's just my approach. which tomcat version are you using? could you send me an anonymized version of your config? I'll send you a sample server.xml offlist (for a 4.1.x install). -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: multiple ips, multiple ssl certificates and port forwarding
Parsons Technical Services wrote: unfortunately this does not seem to solve the problem ... but results in the following error (as the given keystore cannot be used) java.io.FileNotFoundException: /home/essence/.keystore (No such file or directory) First, the give server.xml showed the keystore file (originally) as /home/essence/essence/KEYS/c.keystore which doesn't match the reported error above -- check for typos. Tomcat needs the name of the keystore to be .keystore No it doesn't. The name (and path) is arbitrary, which is why there *is* a keystoreFile attribute. As I said before, I haven't done this myself. I have, and none of my installations use .keystore as the file name... -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: multiple ips, multiple ssl certificates and port forwarding
[EMAIL PROTECTED] wrote: the keystore syntax is correct, as it works with one keytore ... the problem arises when there are multiple virtual hosts, it takes always one of them, but not the corresponding I'm puzzled by two aspects of your setup: 1) why don't you just assign the proper ports in the Connectors instead of redirecting through iptables? 2) what's the point of the multiple Services? -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Using DNS name instead of port number
John Martyniak wrote: I would like to be able to use the following Virtual host apps.beforedawn.com to run my app. Instead of having to include the 8080. Their is also a Webserver running on the box. So that I could run http://apps.beforedawn.com/index.jsp So my question is can this be done inside of Tomcat, or will I need to use mod_jk. If the system in question has multiple IP addresses, yes. Configure your Tomcat connector to listen to the appropriate address(es) on port 80 and configure Apache to listen to the other address(es). -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Using DNS name instead of port number
John Martyniak wrote: The server currently only has one IP address and several virtual hosts. For example on this box I would to do the following: Web Server: Serves http://www.beforedawn.com Tomcat Server: http://apps.beforedawn.com/index.jsp http://diagnostics.beforedawn.com/index.jsp Is this possible? Yeah, but with only one IP you'll have to use mod_jk or mod_proxy. I'd say adding an IP address would be the easier setup :-) FWIW, this is how I run my dev box -- a couple of IP addresses for different versions of Tomcat and one for Apache (for the occasional PHP job). -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Using DNS name instead of port number
John Martyniak wrote: Unfortunately this is for one of my external boxes (read have to pay ungodly sums of money to get another block of IP addresses). Well, you only need one, eh? :-) So if I set this up using mod_jk then I will have to do the following It's been a long time since I used Apache in front of Tomcat, but that generally looked OK. Try it. You certainly won't need to use mod_rewrite, though. -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JSP under /WEB-INF folder
Koon Yue Lam wrote: yes, the .js and .css are externally-accessible, but the .jsp aren't so my jsp can't refer to those .js and .css Of course they can; most of my sites work this way. Your JSP is sending HTML to *the client UA* with the URL of the CSS and JavaScript files -- it's the UA that retrieves them. and after viewing this thread, I think I would take QM approche but u mentioned I can put all jsp into one folder and protect it. How? Is it a web container level or OS level protection ? From a previous thread, it seems that one container (BEA, per Wendy Smoak) doesn't support forwarding to JSPs under WEB-INF. Perhaps the ambiguity in the spec will be resolved next time around. But since I have no current plans to use anything but Tomcat, the portability argument carries no weight here -- I put my JSPs in WEB-INF and let the container provide the protection. No fuss, no muss :-) FWIW! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JSP under /WEB-INF folder
Koon Yue Lam wrote: Hi, I want to protect my JSP from direct access, so they can only access by Struts action. but If I want to include some Javascript or CSS to a JSP, I can't ! Because .js and .css needed to place directly under WebRoot I'm afraid I don't understand the issue. If you're putting your JS and CSS in an externally-accessible place (maybe /scripts and /styles) then the standard HTML references for external resources: link rel=stylesheet type=text/css href=/styles/example.css/ style type=text/css@import /styles/example.css;/style script type=text/javascript src=/scripts/example.js/script :: will work fine. The client UA can access them directly (and cache them, which is usually a desirable behavior). HTH, -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [newbie] Container Managed Security - preventing direct access to .jsp
Robert Taylor wrote: Please let me know if this questions is just too obvious and I'll gladly RTFM... See below :-) It just seems like a common idiom to provide a portable mechanism for protecting direct access to .jsp so as to enforce access through some controller. I have in the past placed .jsp files behind WEB-INF, but I don't believe that is portable and would like to use CMS to achieve this. Given that the Java Servlet Specification Version 2.4, page 70 sez: A special directory exists within the application hierarchy named WEB-INF. This directory contains all things related to the application that aren't in the document root of the application. The WEB-INF node is not part of the public document tree of the application. No file contained in the WEB-INF directory may be served directly to a client by the container. I don't know how much more portable you want it to be :-) HTH! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [newbie] Container Managed Security - preventing direct access to .jsp
Robert Taylor wrote: Does this not imply that I can do what I am trying to do? I suppose; I'm just baffled why you want to reinvent this particular built-in wheel, but don't let that stop you :-) -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [newbie] Container Managed Security - preventing direct access to .jsp
Robert Taylor wrote: I didn't realize that was added to the 2.4 spec. It was in 2.3, too. I'd guess it was in the spec from the get-go, but don't have an older copy to hand to confirm. Even so, it would be nice to know how to use CMS to achieve this. What is your definition of Container Managed Security, then, if not this? The container prevents direct access to the resources placed within WEB-INF, without you having to do anything else. Maybe a better way to form the question would be how do I use CMS to protect .jsp pages from direct access as above. and return a user friendly page/message when a .jsp page is requested without going through the controller? A custom 404 page should take care of it. And you can get as fancy with that as you like :-) FWIW! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 5.5.6 Admin Package
Charlie Yates wrote: Is there any documentation available that describes how to install and configure the Admin webapp ... put both tar files in the same directory; untar them. Done. :-) OK, you also need to add a user whose roles include 'admin' to $CATALINA_HOME/conf/tomcat-users.xml And if you're using the minimal server.xml example, you'll want to add the two Listeners from the top of the full server.xml. (re)start Tomcat... HTH, -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Problems whith admin application and users management
Shapira, Yoav wrote: I'm using the minimal server config xml file and sha for users' password encryption. This is probably the cause: a misconfiguration somewhere along the way. The minimal caught my eye this morning and I realized that I'd also used it as the basis for my server.xml -- it's missing these two lines found in the full-figured example server.xml file :-) Listener className=org.apache.catalina.mbeans.ServerLifecycleListener/ Listener className=org.apache.catalina.mbeans.GlobalResourcesLifecycleListener/ Add, restart, admin app is now happy... -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Problems whith admin application and users management
fmancini wrote: I'm running admin webapp using Tomcat5.5.4 Everything seems to work except the users configuration in admin webapp: if I click on any element under Users definition in the tree on the left pane I got this error message: FWIW, I get the same error -- haven't cared enough to troubleshoot it yet :-) but I'm also using TC5.5.4 w/JDK1.5.0... exception SEVERE: action: Error retrieving attribute users javax.management.InstanceNotFoundException: Users:type=UserDatabase,database=Use rDatabase at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.getMBean(Defaul tMBeanServerInterceptor.java:1010) -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]