in his absence, I have been asked to handle this, I am from a windows
administrator background.
We only have couple of web apps hosted so no frequent changes happened.
There
On Thu, Jan 21, 2021 at 8:49 PM Darryl Lewis
wrote:
> How do you run and support a server techno
How do you run and support a server technology you know nothing about?
Someone must have built it, installed it, and support it.
On 22/1/21, 1:25 am, "Nitin Kadam" wrote:
Hi Team,
The internal security team reported below as Security findings. We do not
have anyone from a Tomcat
we did restarted server while trying. The issue is still there even after
restart.
On Thu, Dec 31, 2020 at 11:14 AM Darryl Lewis
wrote:
>
>
> true
> true
>
>
>
> Restart the server.
>
> On
true
true
Restart the server.
On 31/12/20, 3:50 pm, "Amit Khosla" wrote:
Hi Team,
As we are looking forward for JSESSIONID to be secure.
We made changes in web.xml in tomcat/conf
true
true
My choice of weapon is Melody: http://code.google.com/p/javamelody/
On 4/05/13 1:19 AM, Christopher Schultz ch...@christopherschultz.net
wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
All,
In Rainer's talk at ApacheCon [1], he mentioned a number of
JMX-inspectable values that weren't
Last Friday (April 26), ESET and Sucuri simultaneously blogged about the
discovery of Linux/Cdorked, a backdoor impacting Apache servers running
cPanel. -http://blogs.cisco.com/security/linuxcdorked-faqs/
So it looks like an cPanel application vulnerability, not an Apache
vulnerability. The title
Did you read and follow:
http://commons.apache.org/proper/commons-daemon/jsvc.html
On 30/03/13 12:54 AM, Shyam Yadav shyam.ya...@mobicule.com wrote:
Hi Ognjen,
I did all the setting you have mentioned for Unix Daemon for Tomcat, but
still i am getting the same problem.
i.e. Permission Denied.
Do you have a problem, or you just want to learn 'best practice'?
I would suggest you gather some performance statistics to start with, as
each application is different.
I lie to use a tool called Melody to gather running stats (maybe some
others on the list can suggest others) as I found it easy
Is there anything in the error log? Access log?
What applications are you running on it?
What version is it?
What OS are you on?
On 6/12/12 12:25 AM, vicky007aggar...@yahoo.co.in
vicky007aggar...@yahoo.co.in wrote:
Hello Guys,
My apache instance after sometime become unresponsive to restore it
running on it? basic customer data entry
application deployed on tomcart
What version is it? == Apache 2.2
What OS are you on? == Linux Redhat 5
From: Darryl Lewis darryl.le...@unsw.edu.au
To: Tomcat Users List users@tomcat.apache.org
Sent
I think he is asking is it possible to run tomcat ON Android and IOS.
With IOS, IMHO no, as the Apple TOS forbids running other languages or
emulations.
On 22/10/12 8:23 PM, André Warnier a...@ice-sa.com wrote:
Albretch Mueller wrote:
~
apache tomcat and other servlet engines would easily
catalina.sh run -security
Basically runs tomcat with the Security Manager.
I think the talina.sh command is missing the ca in front of it :-). If
not paste the script here, as it might be custom.
On 31/08/12 8:18 PM, Ragini raginippa...@gmail.com wrote:
Hi all,
I am trying to run JSF-JAAS
Have a look here:
http://onjava.com/pub/a/onjava/2007/01/03/discovering-java-security-require
ments.html?page=2
On 31/08/12 8:44 PM, Ragini raginippa...@gmail.com wrote:
Dear Darryl Lewis,
Thanks for your quick response..I corrected that silly mistake..As I
told I am able to profile tomcat
On 13/07/12 9:36 PM, Puneet Dewan puneet.dewan.open...@gmail.com wrote:
Can anyone tell me how does tomcat works
Architecture of Tomcat???
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional
:06 PM
To: Tomcat Users List
Subject: Re: wget and Tomcat resources
- Mensaje original -
De: Darryl Lewis darryl.le...@unsw.edu.au
Para: Tomcat Users List users@tomcat.apache.org
CC:
Enviado: Jueves 14 de junio de 2012 2:51
Asunto: RE: wget and Tomcat resources
Have a look
The -T 0 options limits disables the timeout, so it will hold the connection
open until it gets a response.
Personally, I'd remove it as if the 'ourserver' fails to respond (busy, network
issues, solar flares), that wget job will sit on the calling server forever.
The default is 900 seconds,
Did you delete the IE9 cache?
Does the problem only exist on IE9? Ie, try chrome and firefox.
Are the sizes of the old index.jsp different from the new index.jsp?
Do you have any caching enabled/proxies etc?
On 13/05/12 10:33 PM, Martin Gainty mgai...@hotmail.com wrote:
'Morning All
I seem to
Make sure the monitoring code is before the struts call.
On 16/04/12 5:38 PM, Miguel González Castaños
miguel_3_gonza...@yahoo.es wrote:
On 16/04/2012 09:34, Debraj Mallick wrote:
hi there,
to access use :*http://host/context/monitoring*
link:
Try JavaMelody. It does a lot of monitoring straight out of the 'box'.
For there, it is a small step to use wget to screen scrape values from Melody
and send emails once they exceed a threshold.
-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent:
Some key authorities recently changed the default from 1024 to 2048 bit
keys.
On some occasions I've been forced to delete my keystore and start from
scratch to make sure there are no unsuitable keys still in there.
On 23/01/12 11:45 PM, André Warnier a...@ice-sa.com wrote:
Andrew Erskine
Did you restart tomcat?
On 20/01/12 5:00 AM, Andrew Erskine a.ersk...@darasoft.com wrote:
I have a self certificate that expired today.
I removed the certificate from the keystore which the server.xml is
pointin= g at and generated a new one with the same alias and I can see
that cert in=
You can also do it with iptables, converting any port 80 request to 8080.
The user types in http://mywebapp but gets redirected to
http://hostname:8080
On 10/10/11 8:01 PM, Francis GALIEGUE f...@one2team.com wrote:
On Mon, Oct 10, 2011 at 10:56, Léa Massiot lmhe...@orange.fr wrote:
Hello,
Something I've always wondered about, but never figured out, is how does
apache run as 'apache user' or 'nobody' and work on a port below 1024, but
Tomcat can't?
Anyone got a simple explanation?
On 10/10/11 9:53 PM, Mark Thomas ma...@apache.org wrote:
On 10/10/2011 09:56, Léa Massiot wrote:
Windows IP Firewall (WIPFW) is an open source project that claims to give
similar features to iptables, but I've not used it.
On 11/10/11 1:04 AM, Léa Massiot lmhe...@orange.fr wrote:
Thank you all for your answers.
@Mark
Yes indeed fundamentally three operations...
1. I guess you can only
Our certificates are about to expire and I need to generate new ones for
tomcat. I'm using keytool, but getting a strange error.
[root]# keytool -genkey -alias tomcat -keyalg RSA -keysize 2048 -keystore
keystore
Enter keystore password:
keytool error: java.lang.Exception: Key pair not
I use the service command to start and stop tomcat
i.e.
service tomcat5 start
service tomcat5 stop
service tomcat5 restart
On 3/05/11 2:29 PM, Asha K S a...@adobe.com wrote:
Hi,
Can anybody please let me know if there is way to start/stop Tomcat
remotely(Not start/stop of applications but
Copy and paste the following script into your text editor:
# This is the init script for starting up the
# Jakarta Tomcat server
#
# chkconfig: 345 91 10
# description: Starts and stops the Tomcat daemon.
#
# Source function library.
. /etc/rc.d/init.d/functions
# Get config.
.
I have an application (commercial) running on a virtual instance of Linux
talking to a Postgres database.
We are continually getting locks on the DB that are crashing the app.
I think it's just bad programming on the suppliers side, but the supplier has
latched onto the idea that it is because
This needs to be run as root
Put it in a cron job to fire every minute
#!/bin/sh
DOWN=0
read DOWN status.txt
if [ $DOWN -eq 1 ]
then
if [ `ps -ef|grep tomcat|grep -v grep|wc -l` -gt 0 ]
then
NOW=`date`
subject=tomcat recovered $NOW
address=m...@domain.com
ps -ef|grep
been bad.
I explain it a little more.
It is a method to output the information of the abnormal termination in
catalina.log that I want to know.
Would you teach it if you know some method?
Thank you.
- Original Message - From: Darryl Lewis
darryl.le...@unsw.edu.au
To: Tomcat Users
Put this in a cronjob to fire every minute
#!/bin/sh
if [ `ps -ef|grep tomcat|grep -v grep|wc -l` -lt 1 ]
then
subject=`tomcat down; date`
address=m...@domain.com
ps -efatt.txt
mail -s $subject $addr -- -fno-reply@yourdomain att.txt
fi
Fill in the address with your email address, and
Opps...typo
#!/bin/sh
if [ `ps -ef|grep tomcat|grep -v grep|wc -l` -lt 1 ]
then
NOW=`date`
subject=tomcat down $NOW
address=m...@domain.com
ps -efatt.txt
mail -s $subject $addr -- -fno-reply@yourdomain att.txt
fi
On 20/03/11 2:00 PM, Darryl darryl.le...@unsw.edu.au wrote:
Put this
am looking for a method to detect the down of tomcat by log file.
- Original Message -
From: Darryl Lewis darryl.le...@unsw.edu.au
To: Tomcat Users List users@tomcat.apache.org
Sent: Sunday, March 20, 2011 12:00 PM
Subject: Re: How to detect down of tomcat.
Put this in a cronjob to fire
What do the server logs actually show? What do the database logs show?
Depending upon the database, turn on the maximum level of debugging to see what
they are issuing.
It might even be a crawler doing this accidentally. Can you access the same
pages in the same order with no ill effects to the
http://www.devdoctor.com/blog/2009/07/how-to-encrypt-passwords-in-tomcat.php
On 31/10/10 11:44 PM, Mark Thomas ma...@apache.org wrote:
On 31/10/2010 12:29, Mark Thomas wrote:
On 31/10/2010 04:53, Mladen Turk wrote:
On 10/30/2010 07:28 PM, Mark Thomas wrote:
On 30/10/2010 12:59, Mladen Turk
Use encryption
http://java.sys-con.com/node/393364
On 30/10/10 8:41 PM, Pid p...@pidster.com wrote:
On 30/10/2010 09:19, Christoph Kukulies wrote:
Am 29.10.2010 15:29, schrieb Mark Thomas:
On 29/10/2010 14:19, Darryl Lewis wrote:
Are you serious?
Completely. If you have a scheme
wrote:
From: Darryl Lewis [mailto:darryl.le...@unsw.edu.au]
Subject: Re: running tomcat6 under a different user than root (debian)
Use encryption
http://java.sys-con.com/node/393364
Sorry, that just moves the problem. The article completely ignores the issue
of where to put the decryption key
or vlan.
On 31/10/10 8:01 AM, Pid * p...@pidster.com wrote:
On 30 Oct 2010, at 15:20, Darryl Lewis darryl.le...@unsw.edu.au wrote:
Well so far all this discussion has done is to make me realise that tomcat
should not be used in an environment that requires security.
Complete nonsense.
p
No one should, but I had a supplier recommend to run their application as root.
All their scripts and configuration instructions were for running as root.
Needless to say I didn't run it as that and rewrote their installation scripts.
Now I have to try and convince them that storing the database
as a non-root user, even if they crack the app to get system
access, they still have to go further to get root.
On 29/10/10 10:42 PM, Pid p...@pidster.com wrote:
On 29/10/2010 12:03, Darryl Lewis wrote:
No one should, but I had a supplier recommend to run their application as
root. All
Are you serious?
Why do we bother with SSL then? Lets just send everything in clear text...
On 29/10/10 11:03 PM, Mark Thomas ma...@apache.org wrote:
On 29/10/2010 12:03, Darryl Lewis wrote:
Now I have to try and convince them that storing the database connection
username and passwords
Here are my notes on importing a SSL certificate in case that is the problem. I
had a lot of issues and errors when I first tried.
(these were compiled from suggestions on this list)
Importing SSL certificates
RootAddTrustExternalCARoot.crt
Intermediate CA
On 23/09/10 9:56 PM, Pid p...@pidster.com wrote:
Tables for layout. How very 1997.
meow
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Try using another machine and :
telnet {server} 9045
and
telnet {server} 9046
You should get a response.
You can also try
lsof -i :9045
To see if tomcat has opened that port.
You might not the port opened in IPTABLES
The file the firewall outputs its logs to is usually either /var/log/syslog
In my experience, the PID can still exist of tomcat but a Java heap crash has
stopped it responding.
Checking a PID will not check if the application is responding.
You're better to do some sort of end to end monitoring
On 22/09/10 10:03 PM, Mendiratta, Shashank shashank_mendira...@intuit.com
.
Cheers.
On 22/09/10 10:13 PM, Mendiratta, Shashank shashank_mendira...@intuit.com
wrote:
Hi Darryl,
Yes This is the same problem I am facing. Sorry I am kind of new to it
but can you tell me what kind of end to end monitoring should I do ?
Regards
Shashank
-Original Message-
From: Darryl
. We send an alert and then restart the service . Befire
that we have to make a repository of types of error that can occur
Please do comment
Regards
Shashank
From: Darryl Lewis [mailto:darryl.le...@unsw.edu.au]
Sent: Wednesday, September 22, 2010 5:54 PM
To: Mendiratta, Shashank; Tomcat Users
47 matches
Mail list logo