Velocity / Avalon
Hi, I am repeating a question I posted several days ago, any answers welcome... I am using velocity 1.2 with tomcat 4.0.4 on SuSE Linux 8.0 and Sun's JDK 1.4. How do I activate log file rotation for the avalon log system used by velocity? And what to write into the velocity.properties file? Currently, it simply looks ... runtime.log.logsystem.class = org.apache.velocity.runtime.log.AvalonLogSystem runtime.log = compapps/cbapp/log/velocity.log ... Thanks again, Carsten -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Velocity / Avalon
Have you asked this question to the avalon or velocity mailing lists? grmpf, I am rather sure that I was not able to find access to these lists on the jakarta web pages at that time. Now I have got it. Sorry for bothering. Carsten -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Velocity / Avalon
Wouldn't you do this in a cron job similar to that of other system logs? This would imply that I have to restart Tomcat at rotation time which I do not want. Velocity seems to keep the log file open forever in my configuration, so even if I rename it, it continues filling up at the new location because the fd is never closed. I'm not familiar with SUSE (I run RedHat), but there may be a log management facility where all you would do is add the full path to the log file, number of active log files you want in the rotation, the naming convention (logfile.log.mmdd for example), and what to do with the log file once it falls out of rotation (archive, delete, etc.). There is something like that, but I do not want to rely on it, rather write the rotation script myself. But then I am stuck at above problem. I will go for the velocity mailing list and learn some configuration. Carsten -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: mod_jk error
Hi Nicholas, I have always assumed these error messages were caused by the browser closing the connection -- generally because the user has clicked on something else or pressed STOP. (Of course, a double-click can exhibit the same way.) The servlet doesn't know that the user is no longer listening, so when it tries to write the response to a closed connection, it get's an error. thanks for the answer... so nothing serious (no bugs in mod_jk) :) . What about buggy browsers needing a workaround in httpd.conf or similar? Are the following directives sufficient? httpd.conf (SSL virtual host): SetEnvIf User-Agent .*MSIE.* \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 Greetings, Carsten -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: tomcat - nobody
How can I start tomcat as nobody/nobody? Does it exist a script? What must I modify? I assume you are talking linux? For my setup, I created an extra tomcat user (account /home/tomcat) and installed tomcat there. In the bootup script /etc/init.d/boot.local you can put a line like - su -l -c where/is/tomcat start tomcat - or similar, and analog things in the halt script. You must make sure that all logging directories etc. are writable to this user. So it would be best to put them somewhere under /home/tomcat too. You can alternatively make the directory /var/log/tomcat and then a - chown -R tomcat: /var/log/tomcat -. Greetings, Carsten -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: AW: sessions, security, and the RFCs
The problem is, that if you keep the same session id after you switch to https it is possible that somebody steals your secure session. The only That's true. At least in theory, and some crackers might come pretty close. Dump sniffers and traffic loggers cannot read your data with SSL, but a real-time intelligent human connected to the cable will get you. As a consequence, switching from https to http and back is about equally secure as not using SSL at all. So you are shooting yourself in the foot by thinking that everything is safe, but your webapp is just one very big hole. Regards, Carsten -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: AW: sessions, security, and the RFCs
I would say that you are partially right. It may be valid to protect passwords in a https session and run the rest of the app (for performance reasons) in http. This is BTW how Microsoft's Passport is used in Hotmail used by 100 millions of users so this (bad habit) is definitely not that unusual. Anyway, I don't think that Tomcat should elminate this possibility. Add warnings to the "deconfiguration switch" and call it: SuboptimalSecurity="true"|"false":-) As you may have guessed, I am from the "Linux either yes or no" corner, as opposed to "Microsoft, and it works most of the time". Double euphemism points for the configuration directive though. What about "pseudo-safe non-standard SSL indifference?" :) Carsten -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: RE: Who use Tomcat as a stand-alone server in production environm ent ?
no, I don't use a security manager. My machine is secure, so I am not concerned about rogue servlets somehow making their way to my system. I would be more concerned about it if we had a more developers, used third party software(non-open source), etc. Imho, the Security manager is one of the easier things to configure (TC 3.3), and its use helps to clarify things and find bugs earlier. Carsten -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Tomcat hangs
Hi, I looked through the archives a bit, but I think I have to post this: I am running Tomcat 3.3 on SuSE Linux 7.3, apache 1.3.20/mod_jk and IBM's JDK 1.3. And velocity 1.1. 1. Occasionally, tomcat freezes: no pages are being served any more. Usually, then there are over 100 apache processes and about the same amount of network connections apache-tomcat. Restarting tomcat brings everything back up, and the apache processes slowly reduce to normal level. 2. After restarting tomcat, the logging works fine until midnight (!). Then, the servlet logger stops logging to its file, but everything goes to tomcat stdout, with the additional message 'No writer'. I am having these problems for quite a while now and would be really glad if someone has some clues. Or should I just upgrade to tomcat 4.0 and some other jdk (sun 1.4 is no option because of its fascict license). Cheers, Carsten -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
