APR on OSX with tomcat 5.5.x ?
Hi: Has anyone got Apache portable runtime (APR) to work on OS X (10.4.x) with tomcat 5.5.x ? My apr is installed in: /usr/local/apache/apr-1.2.8/ I've done all the usual steps of unpacking the apr src and compiling it with: ./configure --with-apr=/usr/local/apache/apr-1.2.8/ --with-java-home= /System/Library/Frameworks/JavaVM.framework/Home/ make Then, adding to catalina.sh: CATALINA_OPTS='-Djava.library.path=/usr/local/tomcat/bin/tomcat-native-1.1.6-src/jni/native/.libs' This works fine on linux. But fails to work on OS X. Some sort of load library issue (dyld?) ? Suggestions ? Best regards, --j Now that's room service! Choose from over 150,000 hotels in 45,000 destinations on Yahoo! Travel to find your fit. http://farechase.yahoo.com/promo-generic-14795097 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
mod_jk, timeout values, best practices
Hi! I've experimenting with different timeout values, to mod_jk. I have not yet been able to make it work the way I want. I have one apache and two tomcat. I have set up tomcat1 to be the primary and tomcat2 the failover. What I want to achieve is if at least one tomcat is up I want it to work but if both are down (either tomcat or ip, crashed or blocked by a firewall dropping packets) i want mod_jk to serve an error page as quickly as possible, in my opinion it should be immediate. The thing is also that there are a few requests that actually do take some seconds (10-20 maybe) before they return a page and we do not want these to time out. The first part is no problem: As long as _at least_ one tomcat is working and accessible by the mod_jk it works fine. (Even if I turn the tomcats on and off and block one by using a firewall during runtime.) The part I can't get to work is if both tomcats are unavailable by the mod_jk. The request is stalled and waiting a lot of or infinite time before returning the error page. (In my test case I have blocked both by a dropping firewall, which in our case can be a realistic problem.) Versions: Apache/1.3.33 (Debian GNU/Linux) mod_jk/1.2.21 tomcat 5.5.x My questions: * Can anyone help me on what timeout values to use i worker.properties? * Does anyone know about a best practices-page on timeout values on mod_jk? * Is there a description about how the connection handling between the mod_jk works and how the timeouts fit in? ... and yes I have read about the timeout properties http://tomcat.apache.org/connectors-doc/reference/workers.html about the ajp spec http://tomcat.apache.org/connectors-doc/ajp/ajpv13a.html and searched for best practices and working examples on the net. Thanks in advance for any help Erik Melkersson *httpd.conf* Location /test/cms/ SetEnv JK_WORKER_NAME cms SetHandler jakarta-servlet ErrorDocument 503 /index-cmsfail.html /Location *worker.properties (as it looked during my last test, infinite waiting)* worker.list=cms,jkstatus worker.jkstatus.type=status worker.cms.type=lb worker.cms.balance_workers=cmsfront1,cmsfront2 worker.cmsfront1.type=ajp13 worker.cmsfront1.host=polopoly9-front1.unit.liu.se worker.cmsfront1.port=8009 worker.cmsfront1.lbfactor=1 worker.cmsfront1.redirect=cmsfront2 #worker.cmsfront1.socket_timeout=60 #worker.cmsfront1.connect_timeout=2000 worker.cmsfront1.prepost_timeout=1000 #worker.cmsfront1.reply_timeout=3 worker.cmsfront2.type=ajp13 worker.cmsfront2.host=polopoly9-front2.unit.liu.se worker.cmsfront2.port=8009 worker.cmsfront2.lbfactor=1 worker.cmsfront2.activation=disabled #worker.cmsfront2.socket_timeout=60 #worker.cmsfront2.connect_timeout=2000 worker.cmsfront2.prepost_timeout=1000 #worker.cmsfront2.reply_timeout=3 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
problem in handlins request for JK2
Hello all, I am Sunil C. i have used JK2 connector to connect Apache and Tomcat I am having a servlet (Certserv) folder in webapps folder in Tomcat. i gave uri to that cert program in my workers2.properties file. everything is working fine. but i face a secuirty issue. this machine is in other domain. i mean Japan. i did a remote login and checked the uri . its working fine. the real problem lies ...when i type the uri from my machine. it should show authentication required because that folder is authentication restricted. but now ..i am able to run the uri from machine also. please tell me how can i restrict it. i tried giving : Location /cert JkUriSet worker ajp13:localhost:8009 /Location but it doesnt seem to work. is there something i have to include in my httpd.conf file of Apache? please help me forward thanks in advance. -- Sunil
Re: Problems with clientAuth
Hello all ! Someone can throw a little light in this problem? I am not able to solve it, and I've tried anything I've found searching in google :S Thank all! 2007/4/2, Luis Villa [EMAIL PROTECTED]: Ok, now I'm getting mad :S IExplorer keeps saying the page can't be found (it doesn't ask for the certificate), and Firefox throws a -12271 error (I don't know if that is close enought to the error you said, Antoine. Anyway, nothing has changed since the last 12229 error (I left the computer off in the weekend because it's in my workplace). Martin, the behavior of Tomcat in your case (I think) is correct. You put clientAuth=true, so you are forcing the client to send the certificate to allow connection. You should install a certificate in IExplorer and Firefox. Thank you, Antoine and Martin :) 2007/4/2, Mirou, Antoine [EMAIL PROTECTED]: The problem appears when changing clientAuth to true. Then, when using iexplorer the browser simply can't find the page (or this is what it says), and when using firefox it warns about the certificate, but after accepting the certification it says that 'localhost has received an unexpected or incorrect message. Error code: -12229'. I've been googling for two days and I can't find a clue about what is failing nor what means this error code. I guess it's a -12227 error, and not 12229. This error appears when Firefox doesn't have any client certificate to give to the server. You should install a client certificate issued by the same CA on your browser. Regards, Antoine Afin de preserver l'environnement, merci de n'imprimer ce courriel qu'en cas de necessite. Please consider the environment before printing this mail. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: problem in handlins request for JK2
Please show us the setup files... - Original Message - From: sunil chandran [EMAIL PROTECTED] To: users@tomcat.apache.org Sent: Wednesday, April 04, 2007 9:02 AM Subject: problem in handlins request for JK2 Hello all, I am Sunil C. i have used JK2 connector to connect Apache and Tomcat I am having a servlet (Certserv) folder in webapps folder in Tomcat. i gave uri to that cert program in my workers2.properties file. everything is working fine. but i face a secuirty issue. this machine is in other domain. i mean Japan. i did a remote login and checked the uri . its working fine. the real problem lies ...when i type the uri from my machine. it should show authentication required because that folder is authentication restricted. but now ..i am able to run the uri from machine also. please tell me how can i restrict it. i tried giving : Location /cert JkUriSet worker ajp13:localhost:8009 /Location but it doesnt seem to work. is there something i have to include in my httpd.conf file of Apache? please help me forward thanks in advance. -- Sunil - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
IIS JK connector problem
Hi, We are trying to migrate a running tomcat/JK/IIS setup from win 2000/IIS 5.0 to win 2003/IIS 6.0. The struts application is hosted using two tomcat instances and we use JK connectors as load balancer for these two servers. We have configured the IIS with a 'jakarta' virtual directory.The setup is working fine in 2000/IIS 5.0 setup but not in the 2003/IIS 6.0. We have copied the ISAPI_REDIRECT.DLL frile from the 2000 box to 2003 box (we did not use any binary installation) and in the IIS the status for the jakarta shows as loaded with a green uparrow. But when we try to browse the site we get '404- File or directory not found error'. I've listed the config files below 1.isapi_redirect.properties # Configuration file for the Jakarta ISAPI Redirector # The path to the ISAPI Redirector Extension, relative to the website # This must be in a virtual directory with execute privileges extension_uri=/jakarta/isapi_redirect.dll # Full path to the log file for the ISAPI Redirector log_file=F:\tomcat\JakartaIsapiRedirector_PF\log\isapi_redirect.log # Log level (debug, info, warn, error or trace) log_level=info # Full path to the workers.properties file worker_file=F:\tomcat\JakartaIsapiRedirector_PF\conf\workers.properties.minimal # Full path to the uriworkermap.properties file worker_mount_file=F:\tomcat\JakartaIsapiRedirector_PF\conf\uriworkermap.properties 2.uriworkermap.properties # uriworkermap.properties - IIS # # This file provides sample mappings for example ajp13w # worker defined in workermap.properties.minimal # The general sytax for this file is: # [URL]=[Worker name] /*=loadbalancer # Optionally filter out all .jpeg files inside that context # For no mapping the url has to start with exclamation (!) ##!/servlet-examples/*.jpeg=loadbalancer 3.workers.properties.minimal ps=/ worker.list=loadbalancer worker.loadbalancer.type=lb worker.loadbalancer.balanced_workers=ajp13wpf, ajp13wpf2 worker.ajp13wpf.port=8019 worker.ajp13wpf.host=localhost worker.ajp13wpf.type=ajp13 worker.ajp13wpf.lbfactor=1 worker.ajp13wpf2.port=8029 worker.ajp13wpf2.host=localhost worker.ajp13wpf2.type=ajp13 worker.ajp13wpf2.lbfactor=1 # Disable worker2 for all requests except failover #worker.worker2.disabled=True 4.server.xml(instance-1)-- Server port=8015 shutdown=SHUTDOWN GlobalNamingResources Resource name=UserDatabase auth=Container type=org.apache.catalina.UserDatabase description=User database that can be updated and saved factory=org.apache.catalina.users.MemoryUserDatabaseFactory pathname=conf/tomcat-users.xml / /GlobalNamingResources Service name=Catalina Connector port=8090 maxThreads=550 minSpareThreads=50 maxSpareThreads=100 enableLookups=false acceptCount=50 connectionTimeout=2 disableUploadTimeout=true / Connector port=8019 enableLookups=false protocol=AJP/1.3 / Engine name=Catalina defaultHost=appname.domain.net jvmRoute=ajp13wpf !-- Valve className=org.apache.catalina.valves.RequestDumperValve/-- !--Logger className=org.apache.catalina.logger.FileLogger /-- Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ Host name=appname.domain.net appBase=F:/tomcat/deploy/hosts/ins1/ unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Valve className=org.apache.catalina.valves.AccessLogValve directory=logs prefix=appname.domain.net_access_log. suffix=.txt pattern=common resolveHosts=false/ !--Valve className= org.apache.catalina.valves.ByteBufferAccessLogValve directory=logs prefix=appname.domain.net_access_log . suffix=.txt pattern=common resolveHosts=false/ -- /Host Cluster className=org.apache.catalina.cluster.tcp.SimpleTcpCluster managerClassName= org.apache.catalina.cluster.session.DeltaManager expireSessionsOnShutdown=false useDirtyFlag=true notifyListenersOnReplication=true Membership className=org.apache.catalina.cluster.mcast.McastService mcastAddr= 228.0.0.4 mcastPort=45564 mcastFrequency=500 mcastDropTime=3000/ Receiver className=org.apache.catalina.cluster .tcp.ReplicationListener tcpListenAddress=auto tcpListenPort=4011 tcpSelectorTimeout=100 tcpThreadCount=6/ Sender className= org.apache.catalina.cluster.tcp.ReplicationTransmitter replicationMode=pooled ackTimeout=15000/ Valve className= org.apache.catalina.cluster.tcp.ReplicationValve filter=.*\.gif;.*\.js;.*\.jpg;;.*\.txt;/ /Cluster /Engine /Service /Server The server.xml for the other instance is
Re: Need help with authentication
Ok, here is some headers I found with fiddler: From firefox: - Request 1: GET /eai-admin/ HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9 ,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Proxy-Connection: keep-alive Cookie: JSESSIONID=8BE2C3B8AD18A29D2229F467A9391307 If-Modified-Since: Fri, 23 Feb 2007 15:40:10 GMT If-None-Match: W/1827-1172245210656 - Reply 1: HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 01:00:00 CET Content-Type: text/html;charset=ISO-8859-1 Content-Length: 602 Date: Wed, 04 Apr 2007 07:27:13 GMT html head titleLogin Page for Examples/title body bgcolor=white form method=POST action='j_security_check' table border=0 cellspacing=5 tr th align=rightUsername:/th td align=leftinput type=text name=j_username/td /tr tr th align=rightPassword:/th td align=leftinput type=password name=j_password/td /tr tr td align=rightinput type=submit value=Log In/td td align=leftinput type=reset/td /tr /table /form /body /html Reply 1 is normal, this is my login page. - Then I submit the login, Request 2: POST /eai-admin/j_security_check HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9 ,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Proxy-Connection: keep-alive Referer: http://localhost:8080/eai-admin/ Cookie: JSESSIONID=8BE2C3B8AD18A29D2229F467A9391307 Content-Type: application/x-www-form-urlencoded Content-Length: 30 j_username=timj_password=test - Reply 2 HTTP/1.1 302 Moved Temporarily Server: Apache-Coyote/1.1 Location: http://localhost:8080/eai-admin/ Content-Length: 0 Date: Wed, 04 Apr 2007 07:27:17 GMT - So I get redirected: GET /eai-admin/ HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9 ,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Proxy-Connection: keep-alive Referer: http://localhost:8080/eai-admin/ Cookie: JSESSIONID=8BE2C3B8AD18A29D2229F467A9391307 - Reply 3: HTTP/1.1 304 Not Modified Server: Apache-Coyote/1.1 Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 01:00:00 CET Date: Wed, 04 Apr 2007 07:27:17 GMT For IE I can see the following: - Request 1: GET /eai-admin/ HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Accept-Language: nl-be Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 1.1.4322) Host: localhost:8080 Proxy-Connection: Keep-Alive - Reply 1: HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 01:00:00 CET Set-Cookie: JSESSIONID=619A92CCA43BBE0FB205AA7455360214; Path=/ Content-Type: text/html;charset=ISO-8859-1 Content-Length: 646 Date: Wed, 04 Apr 2007 07:30:35 GMT html head titleLogin Page for Examples/title body bgcolor=white form method=POST action='j_security_check;jsessionid=619A92CCA43BBE0FB205AA7455360214' table border=0 cellspacing=5 tr th align=rightUsername:/th td align=leftinput type=text name=j_username/td /tr tr th align=rightPassword:/th td align=leftinput type=password name=j_password/td /tr tr td align=rightinput type=submit value=Log In/td td align=leftinput type=reset/td /tr /table /form /body /html - Request 2: POST /eai-admin/j_security_check;jsessionid=619A92CCA43BBE0FB205AA7455360214 HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Referer: http://localhost:8080/eai-admin/ Accept-Language: nl-be Content-Type: application/x-www-form-urlencoded Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 1.1.4322) Host: localhost:8080 Content-Length: 30 Proxy-Connection: Keep-Alive Pragma: no-cache Cookie: JSESSIONID=619A92CCA43BBE0FB205AA7455360214 j_username=timj_password=test - Reply 2: HTTP/1.1 302 Moved Temporarily Server: Apache-Coyote/1.1 Location: http://localhost:8080/eai-admin/ Content-Length: 0 Date:
Re: mod_jk/1.2.21, jkstatus does not display runtime state of load balanced threads, only N/A
I have now been able to make it work on another minimalistic server using the same worker.properties. It displays the runtime state. Now I only have to find out what differs, that makes the status worker fail getting runtime state. (It's a lot that differs so that may take a long time :-/ ) Regards Erik Melkersson Rainer Jung wrote: Please open a bugzilla issue ... Erik Melkersson schrieb: Thanks for the info but unfortunately I don't think that is is case for me. I surfed to a mapped address and got pages back from the tomcat trough the workers and still had N/A as state. I've also used it and got an error message back (both tomcats blocked) but the state was still N/A. As I haven't changed the maintenance interval it should still be 60 secs. Regards Erik Melkersson Rainer Jung wrote: N/A as a state means, that no requests have been sent to this worker for some time. So mod_jk is not really able to tell you about the state of the worker. It can only detect OK, ERROR etc. when it is sending requests to the workers. No requests, no state. A worker will be in state N/A directly after starting Apache or if it was in state OK, but didn't get any requests during a complete maintenance interval. This is per default 60 seconds. Regards, Rainer - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: problem in handlins request for JK2
Hi , this is the modifictaion i made in workers2.properties file: [channel.socket:localhost:8009] info=Ajp13 forwarding over socket debug=0 tomcatId=localhost:8009 # define the worker [ajp13:localhost:8009] channel=channel.socket:localhost:8009 group=lb [uri:/cert] info=Colavo Authentication. debug=0 [uri:/] info=Colavo Authentication. debug=0 [uri:/event] info=Colavo Authentication. debug=0 [uri:/status] [uri:/status02] info=Colavo Authentication. debug=0 --- then i added LoadModule jk2_module modules/mod_jk2.so inside httpd.conf file in apache. now i can succesfully run http://serverIP/status http://serverIP/cert?username=password=... this is working fine. but i need to restrict from opening this URL from my systtem that url should ask for authorization required (401 error) but the problem is i am able to run this url of server located in Japan from my system also. which i should restrict. i need to do some changes in httpd.conf file itself.. please help me forward On 4/4/07, JOHN [EMAIL PROTECTED] wrote: Please show us the setup files... - Original Message - From: sunil chandran [EMAIL PROTECTED] To: users@tomcat.apache.org Sent: Wednesday, April 04, 2007 9:02 AM Subject: problem in handlins request for JK2 Hello all, I am Sunil C. i have used JK2 connector to connect Apache and Tomcat I am having a servlet (Certserv) folder in webapps folder in Tomcat. i gave uri to that cert program in my workers2.properties file. everything is working fine. but i face a secuirty issue. this machine is in other domain. i mean Japan. i did a remote login and checked the uri . its working fine. the real problem lies ...when i type the uri from my machine. it should show authentication required because that folder is authentication restricted. but now ..i am able to run the uri from machine also. please tell me how can i restrict it. i tried giving : Location /cert JkUriSet worker ajp13:localhost:8009 /Location but it doesnt seem to work. is there something i have to include in my httpd.conf file of Apache? please help me forward thanks in advance. -- Sunil - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Sunil
High cpu on Apache 2.2.3/Tomcat 5.5.20/APJ1.3 - Windows Server 2003 R2 SP1 SE
Hi, We are using Tomcat 5.5.20 with Apache 2.2.3/ssl/svn and jdk 1.6.0-b105 on a Windows Server 2003 R2/SP1 SE with 4 Xeon cores and 4GB ram. I have configured apache with a virtual host and the ProxyPass directive to redirect all the requests to the Tomcat instance, as in this example: VirtualHost 192.168.1.22:80 http://192.168.1.22/ ServerName test.ourdomain ServerAdmin mymail ErrorLog logs/test-error.log CustomLog logs/test-access.log common Location / ProxyPass ajp://test.localhost:8009/ /Location /VirtualHost The same binaries and configurations work like a charm on a Win 2000 Pro/SP4 single processor test machine, with the only difference that the virtual host is bound to * instead to a real ip address. On the Win2003 server, after the first requests, the tomcat5 process starts eating 100% cpu on one core and saturate all the cpus after some requests. After that the APJ13 link starts loosing bytes requiring a service restart. An Apache restart releases the resources of the tomcat5 process. Using a Redirect directive to the tomcat 8080 port instead of a ProxyPass work correctly but it isn't the desired solution. There are not antivirus or firewall/packet filter on the machines. Any hints? Thank you. Mirko
HttpSessionActivationListener not getting called in the Tomcat 5.5.20 clustered mode.
Hello I am using a tomcat clustered environment using two tomcat 5.5.20 servers in the Windows machine. I am using the in-memory replication for replicating the session. In my code, I have a session attribute that implements HttpSessionActivationListener interface. I expect this Listener to be called when the session gets replicated on the other server. I see that the session gets replicated but the Listener is not getting called at all. I require this listener to be called so that I can initialize some of the transient session attributes when the session is created on one tomcat instance but the next request goes on the other server. Can you please let me know why the HttpSessionActivationListener is not getting called? Is there something which I am not doing correctly? Here is my cluster configuration for one of the tomcat instance (which is the same for the other instance except for the port numbers): . Cluster className=org.apache.catalina.cluster.tcp.SimpleTcpCluster managerClassName=org.apache.catalina.cluster.session.DeltaManager expireSessionsOnShutdown=false useDirtyFlag=true notifySessionListenersOnReplication=true notifyListenersOnReplication=true Membership className=org.apache.catalina.cluster.mcast.McastService mcastAddr=228.0.0.4 mcastPort=45564 mcastFrequency=500 mcastDropTime=3000/ Receiver className=org.apache.catalina.cluster.tcp.ReplicationListener tcpListenAddress=10.126.1.119 tcpListenPort=4002 tcpSelectorTimeout=100 tcpThreadCount=6/ Sender className=org.apache.catalina.cluster.tcp.ReplicationTransmitter replicationMode=pooled ackTimeout=15000/ Valve className=org.apache.catalina.cluster.tcp.ReplicationValve filter=.*\.gif;.*\.js;.*\.jpg;.*\.htm;.*\.html;.*\.txt;/ Deployer className=org.apache.catalina.cluster.deploy.FarmWarDeployer tempDir=/tmp/war-temp/ deployDir=/tmp/war-deploy/ watchDir=/tmp/war-listen/ watchEnabled=false/ /Cluster Regards Savita
Re: Session Cookie and IE7
I really not sure, still on IE6... but no one is talking so I'm going to guess. I think so, but I dont use IE7 so who knows but have a look at this article its ASP, but its easy reading and explains the concept http://www.15seconds.com/issue/971108.htm and then look up setDomain in javax.servlet.http.Cookie Before you buy domain names, you could test it from 2 machine in the office just set domain names in the HOSTS file in system32/drivers/etc Only thing I could find on IE7 was this... its set to medium, which means. Medium High Cookies from third-party websites that do not have a compact policy (a condensed, computer-readable privacy statement) will be blocked. Now if the above doesnt work, then I think nothing will so then I would put a (condensed, computer-readable privacy statement) on the web server, dont ask me how, must be in the help files but it would say To stop this irritating Microsoft message change your setting to Cookie Low ha ha. I think your domain idea will work Have you guys noticed how much Antivirus Stuff microsoft is updating this whole security thing is driving me nuts, like other day I opened an old web page I had with (file) links to files on local machine... those links dont work anymore blocked. Seems like Bill wants to kick Norton and Avast and the others out of business, as they decide to become their own (one and only) AntiVirus producer. I think developers need to watch this area, because as MS close holes and string their antivirus program together, in the process programmers finding all sorts of new issues. Good time to sell your Norton shares... nasty Bill is coming... I think. - Original Message - From: john hufnagle [EMAIL PROTECTED] To: users@tomcat.apache.org Sent: Tuesday, April 03, 2007 3:35 PM Subject: Session Cookie and IE7 A partner of our company has a web site that includes HTML generated by our Tomcat web app. They use an iframe to contain our Tomcat generated HTML. The problem is that IE7 (works correctly for Firefox IE6) blocks the jessionid cookie because it is a third party cookie. If we have our site registered as a sub-domain of their domain is it possible for me to explicitly set the domain on the session cookie that Tomcat creates? I would like to be able to set the domain to be the parent domain of us and our partner company. I have done some searching of the archives and API and I don't see anyway to accomplish it. Any help appreciated. Thanks John - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Another Comet 6.0.10 question
Hi, The pages on Comet say the following about the read event: EventType.READ: This indicates that input data is available, and that one read can be made without blocking. The available and ready methods of the InputStream or Reader may be used to determine if there is a risk of blocking: the servlet should read while data is reported available, and can make one additional read without blocking. When encountering a read error or an EOF, the servlet MUST report it by either returning false or throwing an exception such as an IOException. This will cause the error event to be invoked, and the connection will be closed. It is not allowed to attempt reading data from the request object outside of the execution of this method. However, I just got a READ event where available() returns 0 (because the next byte to read would be -1 indicating the end of the stream). Is there any way to test for the end of the stream without calling read() ? Regards, Sebastiaan - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Need help with authentication
Hi again, I did some further researching. I found this on the 304 returned by Tomcat when using firefox: -8---8---8---8---8---8---8---8---8---8---8---8---8---8---8-- You should never see this error in your Web browser. It should simply present the Web page from its cache - because it believes the page has not changed since it was last cached. If your client is not a Web browser, then it should equally be able to present the page from a cache. If unable to do so, it is not using the If_Modified_Since or related headers correctly. -8---8---8---8---8---8---8---8---8---8---8---8---8---8---8-- When I disable caching in firefox, authentication works as it should and I get redirected as I should. So who's the culprit here. Firefox or Tomcat? Sorry, I'm a bit puzzled :(
RE: iis nd tomcat in one machine
From: Sabitha Divakaran [mailto:[EMAIL PROTECTED] I've installed both the IIS and tomcat in my system. Tomcat is listening the port 8080. It is installed after the IIS installation. But now iis is displaying page cannot be displayed when I take the url http://localhost:80 previously it was working fine If IIS can't start one or more Web sites due to a port conflict, you'll have messages to that effect in the Application event log and the affected sites will appear as Stopped in IIS manager (other sites will start up fine). Look there to see whether there's a port conflict before going any further in debugging. - Peter - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Session Hijacking with Apache Tomcat
Hi, I have to demonstrate Session Hijacking with Apache Tomcat to my advisor when some precautionary measures are not taken. I'm just wondering how can I do this. After a satisfactory demonstration, I need to demonstrate the steps I would take to get rid of this session hijacking. In short, i need to demonstrate session hijacking in apache tomcat and then show measures that would be taken to get rid of it. Any kind of help would be highly appreciated. Thanks in advance, ~Jas
Re: Another Comet 6.0.10 question
I have been reading the EventType.READ explanation over and over again, and now I have even more questions. 1) It says I should return false or throw an IOException when I get EOF. However, the event method has a void return type, so I don't know how to do the first. And if it's not unexpected it's not an error condition, and I don't want the error event to be invoked, so I can't throw an IOException. What do I do? 2) I keep getting READ events after reading all data from the stream (EOF reached). Now I don't want to close the event because I still want to write stuff, but I can't just return from the read event because I'll get another, causing a busy waiting loop. The bytes that need to be written arrive sporadically. How do I stop tomcat from causing READ events after the EOF while keeping the event open until the output is done as well. Regards, Sebastiaan Sebastiaan van Erk wrote: Hi, The pages on Comet say the following about the read event: EventType.READ: This indicates that input data is available, and that one read can be made without blocking. The available and ready methods of the InputStream or Reader may be used to determine if there is a risk of blocking: the servlet should read while data is reported available, and can make one additional read without blocking. When encountering a read error or an EOF, the servlet MUST report it by either returning false or throwing an exception such as an IOException. This will cause the error event to be invoked, and the connection will be closed. It is not allowed to attempt reading data from the request object outside of the execution of this method. However, I just got a READ event where available() returns 0 (because the next byte to read would be -1 indicating the end of the stream). Is there any way to test for the end of the stream without calling read() ? Regards, Sebastiaan - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Session Hijacking with Apache Tomcat
Jasbinder Singh Bali wrote: In short, i need to demonstrate session hijacking in apache tomcat and then show measures that would be taken to get rid of it. Any kind of help would be highly appreciated. Turn off cookies, Tomcat should then rewrite URLs to include jsessionid. Then it's trivial to hijack such session. -- Mikolaj Rydzewski [EMAIL PROTECTED] smime.p7s Description: S/MIME Cryptographic Signature
Re: Session Hijacking with Apache Tomcat
Jasbinder Singh Bali wrote: Hi, I have to demonstrate Session Hijacking with Apache Tomcat to my advisor when some precautionary measures are not taken. Maybe securityfocus.com has some information on that? - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Session Hijacking with Apache Tomcat
And how should i get rid of session hijacking. Is there any feature is tomcat that takes care of it? On 4/4/07, Mikolaj Rydzewski [EMAIL PROTECTED] wrote: Jasbinder Singh Bali wrote: In short, i need to demonstrate session hijacking in apache tomcat and then show measures that would be taken to get rid of it. Any kind of help would be highly appreciated. Turn off cookies, Tomcat should then rewrite URLs to include jsessionid. Then it's trivial to hijack such session. -- Mikolaj Rydzewski [EMAIL PROTECTED]
RE: Session Hijacking with Apache Tomcat
From: Jasbinder Singh Bali [mailto:[EMAIL PROTECTED] And how should i get rid of session hijacking. Is there any feature is tomcat that takes care of it? I shouldn't do your work for you, but... just hope your supervisor doesn't read tomcat-users :-). Demonstrate: the simplest approach is to use a network sniffer on the HTTP stream to get the session cookie, then fake that cookie in another request to the server. cURL will quite happily pass up faked cookie files. Fix: Use https and *never* pass sessions between cleartext and encrypted sessions, despite it being a common requirement on this list. Won't get round all possible attacks if you can gain access to the user's machine*, but it defeats eavesdropping unless the eavesdropper can break your SSL key - and if they can do that routinely, the world has *much* worse problems. - Peter * Keyloggers, browser helper objects/plug-ins, XSS attacks if the user is running an older browser or an exploit can be found in a newer one... - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Session Hijacking with Apache Tomcat
Jasbinder Singh Bali wrote: And how should i get rid of session hijacking. Is there any feature is tomcat that takes care of it? Figure it out yourself, it's not so hard ;-) I.e. you can store client's IP address in a session, and compare it with every request. If they don't match, then session is probably hijacked. That's the easiest solution, which will break some clients. -- Mikolaj Rydzewski [EMAIL PROTECTED] smime.p7s Description: S/MIME Cryptographic Signature
RE: Session Hijacking with Apache Tomcat
Hi, Client IP may not be right solution. This may fail if 2 users use the same proxy to access your site... This is normally the case in small and big business where every useris using a proxy to access a website Regards Guru -Original Message- From: Mikolaj Rydzewski [mailto:[EMAIL PROTECTED] Sent: 04 April 2007 16:04 To: Tomcat Users List Subject: Re: Session Hijacking with Apache Tomcat Jasbinder Singh Bali wrote: And how should i get rid of session hijacking. Is there any feature is tomcat that takes care of it? Figure it out yourself, it's not so hard ;-) I.e. you can store client's IP address in a session, and compare it with every request. If they don't match, then session is probably hijacked. That's the easiest solution, which will break some clients. -- Mikolaj Rydzewski [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Session Hijacking with Apache Tomcat
Isn't there any feature in tomcat itself that would automatically take care of session hijacking without doing something at web application level. something like the way BadInputFilering valve in Tomcat tries to escape certain string patterns from the GET and POST parameter names and values so that most XSS exploits fail to work, without modifying or disabling the web applications. On 4/4/07, Mikolaj Rydzewski [EMAIL PROTECTED] wrote: Jasbinder Singh Bali wrote: And how should i get rid of session hijacking. Is there any feature is tomcat that takes care of it? Figure it out yourself, it's not so hard ;-) I.e. you can store client's IP address in a session, and compare it with every request. If they don't match, then session is probably hijacked. That's the easiest solution, which will break some clients. -- Mikolaj Rydzewski [EMAIL PROTECTED]
[OT] RE: Session Hijacking with Apache Tomcat
From: Mikolaj Rydzewski [mailto:[EMAIL PROTECTED] Jasbinder Singh Bali wrote: And how should i get rid of session hijacking. Is there any feature is tomcat that takes care of it? Figure it out yourself, it's not so hard ;-) I.e. you can store client's IP address in a session, and compare it with every request. If they don't match, then session is probably hijacked. That's the easiest solution, which will break some clients. Yes. It's possible to get round that if you can inject packets onto the network, but it's getting harder to do so unless you can compromise one end of the network or the other - more routers and ISPs are dropping packets with faked source IPs, and more servers are implementing well-randomised TCP sequence numbers so that you can't fake a TCP connection blind. However, packet injection is generally relatively simple if you can get hold of a machine on the same local network as the target user or the target server - and if you're able to sniff traffic, there's a good chance you already have this. - Peter - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Session Hijacking with Apache Tomcat
Jasbinder Singh Bali wrote: And how should i get rid of session hijacking. Is there any feature is tomcat that takes care of it? On 4/4/07, Mikolaj Rydzewski [EMAIL PROTECTED] wrote: Jasbinder Singh Bali wrote: In short, i need to demonstrate session hijacking in apache tomcat and then show measures that would be taken to get rid of it. Any kind of help would be highly appreciated. Turn off cookies, Tomcat should then rewrite URLs to include jsessionid. Then it's trivial to hijack such session. -- Mikolaj Rydzewski [EMAIL PROTECTED] Your only avenue in avoiding a session hijack is SSL. IP checking is of limited success and still allows for the man-in-the-middle attack as well as hijacks from others that log-in behind the same cable router you are on. If it's important enough that session hijacking is a concern, it needs to be encrypted. --David - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Session Hijacking with Apache Tomcat
From: Jasbinder Singh Bali [mailto:[EMAIL PROTECTED] Isn't there any feature in tomcat itself that would automatically take care of session hijacking without doing something at web application level. Not in all cases. SSL deals with untrusted networks, but if you can't trust the user's computer (common in Internet applications) not even SSL will help you. - Peter - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Another Comet 6.0.10 question
On 4/4/07, Sebastiaan van Erk [EMAIL PROTECTED] wrote: Hi, The pages on Comet say the following about the read event: EventType.READ: This indicates that input data is available, and that one read can be made without blocking. The available and ready methods of the InputStream or Reader may be used to determine if there is a risk of blocking: the servlet should read while data is reported available, and can make one additional read without blocking. When encountering a read error or an EOF, the servlet MUST report it by either returning false or throwing an exception such as an IOException. This will cause the error event to be invoked, and the connection will be closed. It is not allowed to attempt reading data from the request object outside of the execution of this method. However, I just got a READ event where available() returns 0 (because the next byte to read would be -1 indicating the end of the stream). Is there any way to test for the end of the stream without calling read() ? Ok, that javadoc is a little bit out of date (ex: returning false). However, it is still valid: if you get a read event, you're supposed to do at least one read, and it could return -1 (if it got that from the client). If it fails to read data because the client disconnected, you'll get an IOException. Rémy - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Filter class not found problem
On 4/4/07, Frank W. Zammetti [EMAIL PROTECTED] wrote: As per my post last night, I discovered that the problem starts in 6.0.10... FWIW, I just installed 6.0.10 and dumped in a webapp of mine that uses a Filter as a front controller, and it works fine. I have both JAVA_HOME and JRE_HOME defined for convenience (so I can switch as I test/upgrade versions); right now it's Java 1.6.0-b105 as echo $JAVA_HOME /usr/local/jdk1.6.0 echo $JRE_HOME /usr/local/jdk1.6.0/jre So I'd say it's not a problem intrinsic to /all/ Filters... -- Hassan Schroeder [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Another Comet 6.0.10 question
On 4/4/07, Sebastiaan van Erk [EMAIL PROTECTED] wrote: 2) I keep getting READ events after reading all data from the stream (EOF reached). Now I don't want to close the event because I still want to write stuff, but I can't just return from the read event because I'll get another, causing a busy waiting loop. The bytes that need to be written arrive sporadically. How do I stop tomcat from causing READ events after the EOF while keeping the event open until the output is done as well. I think this is not going to be supported because there's no way for the container to ever close and cleanup the connection then. HTTP hacks have their limits ;) Rémy - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Another Comet 6.0.10 question
On 4/4/07, Rémy Maucherat [EMAIL PROTECTED] wrote: Ok, that javadoc is a little bit out of date (ex: returning false). However, it is still valid: if you get a read event, you're supposed to do at least one read, and it could return -1 (if it got that from the client). If it fails to read data because the client disconnected, you'll get an IOException. BTW, I made the necessary javadoc updates in the code which is currently in svn, and merged that updated javadoc in the main docs. Rémy - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Filter class not found problem
On Wed, April 4, 2007 11:21 am, Hassan Schroeder wrote: FWIW, I just installed 6.0.10 and dumped in a webapp of mine that uses a Filter as a front controller, and it works fine. I have both JAVA_HOME and JRE_HOME defined for convenience (so I can switch as I test/upgrade versions); right now it's Java 1.6.0-b105 as echo $JAVA_HOME /usr/local/jdk1.6.0 echo $JRE_HOME /usr/local/jdk1.6.0/jre So I'd say it's not a problem intrinsic to /all/ Filters... Fair to say... I noticed your not under Windows, which is potentially a big difference... but in any case, if it was a problem with my filter itself, I wouldn't expect it to be working in 6.0.9 with the same environment otherwise... also note I didn't recompile it when moving between 6.0.9 and 6.0.10, so nothing weird going on there. I just don't get it. Ah well, I've burned enough cycles on it... I can happily continue my real work under 6.0.9, no problem, but if anyone has any other ideas I'm certainly interested in hearing them... like I said, I don't know if this is a Tomcat bug or not, but I certainly can't explain it :) Frank -- Hassan Schroeder [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Need help with authentication
IE is sending Pragma: no-cache when it requests the admin page (Request 3 in your previous message). Firefox isn't, so I'm guessing Tomcat is assuming that FF has a copy. This is just what I noticed, I'm not an HTTP or Tomcat expert. | -Original Message- | From: Kenneth Westelinck [mailto:[EMAIL PROTECTED] | Sent: Wednesday, 04 April, 2007 09:19 | | I did some further researching. I found this on the 304 returned by Tomcat | when using firefox: | -8---8---8---8---8---8---8---8 | ---8---8---8---8---8---8---8-- | You should never see this error in your Web browser. It should simply | present the Web page from its cache - because it believes the page has not | changed since it was last cached. If your client is not a Web browser, | then | it should equally be able to present the page from a cache. If unable to | do | so, it is not using the If_Modified_Since or related headers correctly. | -8---8---8---8---8---8---8---8 | ---8---8---8---8---8---8---8-- | | When I disable caching in firefox, authentication works as it should and I | get redirected as I should. So who's the culprit here. Firefox or Tomcat? - The information contained in this message is confidential proprietary property of Nelnet, Inc. and its affiliated companies (Nelnet) and is intended for the recipient only. Any reproduction, forwarding, or copying without the express permission of Nelnet is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to this e-mail. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Another Comet 6.0.10 question
Ok, so I get a -1 on a read. Now what do I do? If I just return from the event handler I immediately get another read :-(. If I close the event I can't do output anymore. Can't it just send me ERROR/TIMEOUT events, just like what would happen if no READS arrive at all? In that case I can do async output (like in the Messaging application example). The CoyoteInputStream I called the read() on should know it reached the end of stream when I called read(), so why does it cause another READ event immediately even though it should know there is no more data? Shouldn't it behave in the same way that it would normally behave after handling a read event and there being no more data, i.e., do ERROR/TIMOUT events until the event is closed or new data arrives (which in this case can't happen)? Regards, Sebastiaan Rémy Maucherat wrote: On 4/4/07, Sebastiaan van Erk [EMAIL PROTECTED] wrote: Hi, The pages on Comet say the following about the read event: EventType.READ: This indicates that input data is available, and that one read can be made without blocking. The available and ready methods of the InputStream or Reader may be used to determine if there is a risk of blocking: the servlet should read while data is reported available, and can make one additional read without blocking. When encountering a read error or an EOF, the servlet MUST report it by either returning false or throwing an exception such as an IOException. This will cause the error event to be invoked, and the connection will be closed. It is not allowed to attempt reading data from the request object outside of the execution of this method. However, I just got a READ event where available() returns 0 (because the next byte to read would be -1 indicating the end of the stream). Is there any way to test for the end of the stream without calling read() ? Ok, that javadoc is a little bit out of date (ex: returning false). However, it is still valid: if you get a read event, you're supposed to do at least one read, and it could return -1 (if it got that from the client). If it fails to read data because the client disconnected, you'll get an IOException. Rémy - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Different aliases have different sessions in Tomcat, why?
The ip adress is just set correct in the dns servers...simply the host adress in server.xml is set to www.mydomain.com and i defined alias as mydomain.com Tomcat recognize www.mydomain.com and mydomain.com as different applications and creates different sessions for them... Any recommendations? thanks - Original Message From: Martin Gainty [EMAIL PROTECTED] To: Tomcat Users List users@tomcat.apache.org Sent: Wednesday, April 4, 2007 2:46:42 AM Subject: Re: Different aliases have different sessions in Tomcat, why? Burak- nslookup www.mydomain.com qill display a IP address then put the IP entry in your hosts file e.g. 127.0.0.1 mydomain.com M- - Original Message - From: Burak Yýlmaz [EMAIL PROTECTED] To: users@tomcat.apache.org Sent: Tuesday, April 03, 2007 6:44 PM Subject: Different aliases have different sessions in Tomcat, why? Hi all i have a Tomcat 6.0.10 running on Centos 4.4 My configuration file(server.xml) is as below. Now i am explaning whats happening..I have changed the default webapplication by setting context path to zero length string and set my host applicationbase to webapps/mydomainapp value... By the way myapplication works well. (Until here everything is just an information) The problem is, when i type www.mydomain.com i am loging in with my account..And then typing address mydomain.com (without www) it asks me to log in again...It does not recognize the session of the www.mydomain.com... So i have different sessions for every Alias i defined Is there anyway to correct this? thanks for any help Burak YILMAZ unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Aliasmydomain.com/Alias Context path= docBase=. debug=5 reloadable=true crossContext=true Resource name=jdbc/myprojectdb auth=Container type=javax.sql.DataSource factory=org.apache.commons.dbcp.BasicDataSourceFactory maxActive=100 maxIdle=30 maxWait=1000 username=root password=xxx driverClassName=com.mysql.jdbc.Driver url=jdbc:mysql://localhost:3306/myprojectdb/ parameter nameconnectionProperties/name valueautoReconnect=true/value valueuseUnicode=true/value valuecharacterEncoding=utf8/value /parameter /Context /Host We won't tell. Get more on shows you hate to love (and love to hate): Yahoo! TV's Guilty Pleasures list. http://tv.yahoo.com/collections/265 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Need Mail bonding? Go to the Yahoo! Mail QA for great tips from Yahoo! Answers users. http://answers.yahoo.com/dir/?link=listsid=396546091
Re: Another Comet 6.0.10 question
On 4/4/07, Sebastiaan van Erk [EMAIL PROTECTED] wrote: Ok, so I get a -1 on a read. Now what do I do? If I just return from the event handler I immediately get another read :-(. If I close the event I can't do output anymore. Since there's not going to be any additional data from the client, and presumably all data on the socket input has been consumed, it would seem the only read event that this could be is a disconnect (which on Windows is reported as a regular there's data on the socket). Feel free to do your homework too, and try to determine what this event would be about, I can't reproduce everything. Can't it just send me ERROR/TIMEOUT events, just like what would happen if no READS arrive at all? In that case I can do async output (like in the Messaging application example). The CoyoteInputStream I called the read() on should know it reached the end of stream when I called read(), so why does it cause another READ event immediately even though it should know there is no more data? Shouldn't it behave in the same way that it would normally behave after handling a read event and there being no more data, i.e., do ERROR/TIMOUT events until the event is closed or new data arrives (which in this case can't happen)? As I said, it's not going to happen that way. The thing calling the events is a poller, not the input stream, and they are generated when something happens on the socket, or if there's leftover data waiting. Rémy - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: accessing files/dirs.....
yes I know, eventually I want to do this whole webapp in struts.. for now just want to be able to count how many images in 'images' folder.. (what I don't get here is first line.. where does the reqParameter come from? (this method is usu. used to get params from request (user input, query string, etc..) so don't get where directory is coming from here..) thank you very much.. David Smith wrote: Ok... I think I'm starting to see the picture here. You want to be able to write a jsp that can list the directory contents of a folder. This is very crude, no error checking, untested, etc. but you'll catch on ul % String reqParameter = request.getParameter( directory ) ; URI dirURI = this.getServletContext().getResource( reqParameter ).toURI() ; File dirFile = new File( dirURI ) ; if ( dirFile.isDirectory() ) { String[] fileList = dirFile.list() ; for ( int index = 0; index fileList.length; index++ ) { out.println( li + fileList[ index ] + /li ) ; } } % /ul And it does comply with the servlet spec. --David maya wrote: thank you.. someone in another forum said the same thing.. problem is, if I have trouble accessing directory, how will I tell these methods to get Resource for that dir? :) (also, alas, don't quite remember how to use methods of interfaces -- since interfaces can't be instantiated, didn't find getInstance() method for this interface.. but well, can look this up elsewhere, I suppose:) thank you... David Smith wrote: I'm not sure what you're attempting to do here, but have you thought about ServletContext.getResource() and ServletContext.getResourceAsStream() ? Both are safe methods of reading resources from the webapp whether it be in a compressed archive or not. There is also getRealPath(), but it will only work if the webapp is expanded (ie not a .war file). I can't recommend it enough -- read the servlet spec. It really does help. --David maya wrote: File dir = new File(C:\\apache-tomcat-5.5.17\\webapps\\india\\delhi\ \images); this works fine in my machine locally, but on my website.. if, say, I'm in dir where 'images' dir is, this doesn't work... File dir = new File(images) starting @ root of webapp also doesn't work... File dir = new File(/india/delhi/images); names of directors are good, they are all lowercase... have conditional to test... if (imgsList == null) out.println(null); always prints 'null' on my website... do paths in this constructor have to be absolute? so on my website path would have to start with http...? is this an access problem? if so, do I need to ask my webhosting folks? I know this is not a very kosher way of doing it, but am running this code in a JSP for now (still don't know enough struts and such to do this kind of stuff in a stand-alone class.. but of course eventually will have to.. all I want to do is count how many images are in 'images' dir.. that's it..) thank you... - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Axis2 v1.1.1 with Tomcat 6.0.10?
Hello, I installed Tomcat 6.0.10 and Axis2 1.1.1. I followed all the directions and dropped the axis2.war file into the f:\apache-tomcat-6.0.10\webapps directory. It was deployed correctly according to the log messages. When I tried to test it with my browser by visiting http://localhost:8080/axis2, an exception was thrown. (See the stack trace below.) I installed Tomcat 5.5 and repeated the process. No exception was thrown the the Welcome! page appeared correctly. Here's the stack trace from the log files. I couldn't see any clues about what went wrong in it. Apr 3, 2007 12:38:05 PM org.apache.catalina.core.ApplicationContext log INFO: ContextListener: contextInitialized() Apr 3, 2007 12:38:05 PM org.apache.catalina.core.ApplicationContext log INFO: SessionListener: contextInitialized() Apr 3, 2007 12:38:55 PM org.apache.catalina.core.StandardWrapperValve invoke SEVERE: Servlet.service() for servlet jsp threw exception org.apache.jasper.JasperException: Unable to compile class for JSP: Stacktrace: at org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHa ndler.java:85) at org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.ja va:330) at org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:41 5) at org.apache.jasper.compiler.Compiler.compile(Compiler.java:308) at org.apache.jasper.compiler.Compiler.compile(Compiler.java:286) at org.apache.jasper.compiler.Compiler.compile(Compiler.java:273) at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.ja va:566) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.ja va:308) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266) at javax.servlet.http.HttpServlet.service(HttpServlet.java:860) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica tionFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt erChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv e.java:228) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv e.java:175) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java :128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java :104) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve. java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:2 16) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:84 4) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process( Http11Protocol.java:634) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:445) at java.lang.Thread.run(Thread.java:595) Apr 3, 2007 12:38:55 PM org.apache.catalina.core.ApplicationDispatcher invoke SEVERE: Servlet.service() for servlet jsp threw exception org.apache.jasper.JasperException: Unable to compile class for JSP: Stacktrace: at org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHa ndler.java:85) at org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.ja va:330) at org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:41 5) at org.apache.jasper.compiler.Compiler.compile(Compiler.java:308) at org.apache.jasper.compiler.Compiler.compile(Compiler.java:286) at org.apache.jasper.compiler.Compiler.compile(Compiler.java:273) at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.ja va:566) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.ja va:308) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266) at javax.servlet.http.HttpServlet.service(HttpServlet.java:860) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica tionFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt erChain.java:206) at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatc her.java:687) at org.apache.catalina.core.ApplicationDispatcher.processRequest(Applicatio nDispatcher.java:471) at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDisp atcher.java:403) at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispat cher.java:301) at org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java :424) at org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java :343) at
How to redirect to stub page when app unavailable?
Hi Tomcat Users, I'm trying to formulate a clever method of providing a stub page, 'under maintenance' if you will, for when we are building a new version of a Tomcat served application : i.e. when Tomcat is offline - we need to keep it offline during the build as there are back-end DB updates that require no activity via the application. We are using Apache web server with mod_jk connectivity to the app servers via a large number of workers. Can anybody suggest a smart way of achieving this? Cheers in advance, Darren K Connaught wins RoSPA Gold Award for fourth year running Considerate Contractor Gold Award in 2006 Partnering Contractor of the Year Award in 2005 Please visit our website to see a full list of Connaught?s Registered Companies www.connaught.plc.uk/Investors/Registered-Companies Disclaimer: The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete this message. Connaught plc, Head Office 01392 444546
How to trace successful ssl handshake?
Dear Tomcat Users, I'm using a tomcat 5.5 on win XP. My servlet uses 2 secure connectors (different cipher suites and protocol SSL and TLS) on 2 ports. I have already found a way to have in my servlet a trigger when a ssl handshake failure occurs. But, in successful case, my servlet needs more informations from the client hello message than the cipher suite used and the key. Has somebody an idea how to get this info? At least in tomcat log file (I'm using log4j) or console? Thanks, Julien. -- Feel free - 10 GB Mailbox, 100 FreeSMS/Monat ... Jetzt GMX TopMail testen: http://www.gmx.net/de/go/topmail - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat hiding director
Is there a way to hid some directory from user access? Like lets say i have a directory name 'hideme' and in it are some files. What i want to do is not allow user from accessing it like 'localhost/hideme/index.html' - Sucker-punch spam with award-winning protection. Try the free Yahoo! Mail Beta.
Share Bean between two webapps
I spend several hours to do this : I want to share a javabean between two different webapps i want to get fields and methods of a javabean that is stored in webapp2 from webapps1 I use Tomcat 5.0 and i have read http://tomcat.apache.org/tomcat-5.0-doc/jndi-resources-howto.html but i get no success! Please.. do you have a simple example??.. that is.. code and configurations (server.xml, web.xml, context.xml...) follow my codes... jndiWebShare1 is the folder under tomcat\webapps of webapp1 -- SharedBean1.java .. . under jndiWebShare1\WEB-INF\com\afterbit --- /* * SharedBean1.java */ package com.afterbit; /** * * @author Admin */ public class SharedBean1 { /** Creates a new instance of SharedBean1 */ public SharedBean1() { } private String foo = Shared Bean 1 : Value of FOO; private int bar = 0; public String getFoo() { return (this.foo); } public void setFoo(String foo) { this.foo = foo; } public int getBar() { return (this.bar); } public void setBar(int bar) { this.bar = bar; } } -- context.xml .. .under jndiWebShare1\META-INF --- ?xml version=1.0 encoding=UTF-8? Context path=/jndiWebShare1 docBase=webapps/jndiWebShare1 crossContext=true debug=0 reloadable=true Resource name=bean/SharedBean1Factory auth=Container type=com.afterbit.SharedBean1/ ResourceParams name=bean/SharedBean1Factory parameter namefactory/name valueorg.apache.naming.factory.BeanFactory/value /parameter parameter namebar/name value23/value /parameter /ResourceParams /Context -- web.xml .. .under jndiWebShare1\WEB-INF --- ?xml version=1.0 encoding=UTF-8? web-app xmlns=http://java.sun.com/xml/ns/j2ee; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xsi:schemaLocation=http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd; version=2.4 resource-env-ref descriptionObject factory for SharedBean1 instances./description resource-env-ref-namebean/SharedBean1Factory/resource-env-ref- name resource-env-ref-typecom.afterbit.SharedBean1/resource-env-ref- type /resource-env-ref /web-app -- index.jsp.. .JSP page with test bean under jndiWebShare1\ --- [EMAIL PROTECTED] contentType=text/html% [EMAIL PROTECTED] pageEncoding=UTF-8% [EMAIL PROTECTED] import = javax.naming.* % !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN http://www.w3.org/TR/html4/loose.dtd; html head meta http-equiv=Content-Type content=text/html; charset=UTF-8 titleJSP Page/title /head body h1JSP Page/h1 % Context initCtx = new InitialContext(); Context envCtx = (Context) initCtx.lookup(java:comp/env); SharedBean1 bean = (SharedBean1) envCtx.lookup (bean/SharedBean1Factory); out.println(foo = + bean.getFoo() + , bar = + bean.getBar()); % /body /html but I get an exception... org.apache.jasper.JasperException: Unable to compile class for JSP An error occurred at line: 17 in the jsp file: /index.jsp Generated servlet error: C:\jakarta-tomcat-5.0.27\work\Catalina\localhost\jndiWebShare1\org\apache\js p\index_jsp.java:69: cannot resolve symbol symbol : class SharedBean1 location: class org.apache.jsp.index_jsp SharedBean1 bean = (SharedBean1) envCtx.lookup(bean/SharedBean1Factory); Of course if i put in my JSP page [EMAIL PROTECTED] import = com.afterbit.* % it works...but.. SharedBean1 should be a shared resource.. so no need to import com.afterbit. no?!! Thanks! Roberto - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
error upload
I sign up with a web hosting last night I upload my war file and restart the server but when I go to the web site it give me this error any ides ? HTTP Status 404 - /Page1.jsp type Status report message /Page1.jsp description The requested resource (/Page1.jsp) is not available. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Share Bean between two webapps
Hi Roberto- I think you may be speaking of demand loading multiple hierarchical container instances in which case I would look at implementing your app with Spring IOC (Injection of Control) and locate/allocate/init your bean via ContextSingletonBeanFactoryLocator class http://www.springframework.org/docs/reference/beans.html HTH, Martin -- This email message and any files transmitted with it contain confidential information intended only for the person(s) to whom this email message is addressed. If you have received this email message in error, please notify the sender immediately by telephone or email and destroy the original message without making a copy. Thank you. - Original Message - From: Roberto Bottoni (Modernviaggi) [EMAIL PROTECTED] To: users@tomcat.apache.org Sent: Wednesday, April 04, 2007 1:08 PM Subject: Share Bean between two webapps I spend several hours to do this : I want to share a javabean between two different webapps i want to get fields and methods of a javabean that is stored in webapp2 from webapps1 I use Tomcat 5.0 and i have read http://tomcat.apache.org/tomcat-5.0-doc/jndi-resources-howto.html but i get no success! Please.. do you have a simple example??.. that is.. code and configurations (server.xml, web.xml, context.xml...) follow my codes... jndiWebShare1 is the folder under tomcat\webapps of webapp1 -- SharedBean1.java .. . under jndiWebShare1\WEB-INF\com\afterbit --- /* * SharedBean1.java */ package com.afterbit; /** * * @author Admin */ public class SharedBean1 { /** Creates a new instance of SharedBean1 */ public SharedBean1() { } private String foo = Shared Bean 1 : Value of FOO; private int bar = 0; public String getFoo() { return (this.foo); } public void setFoo(String foo) { this.foo = foo; } public int getBar() { return (this.bar); } public void setBar(int bar) { this.bar = bar; } } -- context.xml .. .under jndiWebShare1\META-INF --- ?xml version=1.0 encoding=UTF-8? Context path=/jndiWebShare1 docBase=webapps/jndiWebShare1 crossContext=true debug=0 reloadable=true Resource name=bean/SharedBean1Factory auth=Container type=com.afterbit.SharedBean1/ ResourceParams name=bean/SharedBean1Factory parameter namefactory/name valueorg.apache.naming.factory.BeanFactory/value /parameter parameter namebar/name value23/value /parameter /ResourceParams /Context -- web.xml .. .under jndiWebShare1\WEB-INF --- ?xml version=1.0 encoding=UTF-8? web-app xmlns=http://java.sun.com/xml/ns/j2ee; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xsi:schemaLocation=http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd; version=2.4 resource-env-ref descriptionObject factory for SharedBean1 instances./description resource-env-ref-namebean/SharedBean1Factory/resource-env-ref- name resource-env-ref-typecom.afterbit.SharedBean1/resource-env-ref- type /resource-env-ref /web-app -- index.jsp.. .JSP page with test bean under jndiWebShare1\ --- [EMAIL PROTECTED] contentType=text/html% [EMAIL PROTECTED] pageEncoding=UTF-8% [EMAIL PROTECTED] import = javax.naming.* % !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN http://www.w3.org/TR/html4/loose.dtd; html head meta http-equiv=Content-Type content=text/html; charset=UTF-8 titleJSP Page/title /head body h1JSP Page/h1 % Context initCtx = new InitialContext(); Context envCtx = (Context) initCtx.lookup(java:comp/env); SharedBean1 bean = (SharedBean1) envCtx.lookup (bean/SharedBean1Factory); out.println(foo = + bean.getFoo() + , bar = + bean.getBar()); % /body /html but I get an exception... org.apache.jasper.JasperException: Unable to compile class for JSP An error occurred at line: 17 in the jsp file: /index.jsp Generated servlet error: C:\jakarta-tomcat-5.0.27\work\Catalina\localhost\jndiWebShare1\org\apache\js p\index_jsp.java:69: cannot resolve symbol symbol : class SharedBean1 location: class org.apache.jsp.index_jsp SharedBean1 bean = (SharedBean1) envCtx.lookup(bean/SharedBean1Factory); Of course if i put in my JSP page [EMAIL PROTECTED] import = com.afterbit.* % it works...but.. SharedBean1 should be a shared resource.. so no need to import com.afterbit. no?!! Thanks! Roberto
Re: accessing files/dirs.....
What I posted was an excerpt from a jsp page writing the index of a folder -- no Struts in sight. directory was just an arbitrary request parameter for example purposes: http://localhost:8080/myWebApp/imageList.jsp?directory=%2fsome%2fdirectory It doesn't really matter how you get that string. In your case, you don't even need the for loop -- just write the count or store it in the pageContext for later use in a tag like c:out value=${fileCount} / For getting the count of files, just replace the contents of the if (dirFile.isDirectory()) block with this one statement: pageContext.setAttribute( fileCount, dirFile.list().length ) ; And then you can write it out later using the c:out tag as above or %=pageContext.getAttribute( fileCount )% --David maya wrote: yes I know, eventually I want to do this whole webapp in struts.. for now just want to be able to count how many images in 'images' folder.. (what I don't get here is first line.. where does the reqParameter come from? (this method is usu. used to get params from request (user input, query string, etc..) so don't get where directory is coming from here..) thank you very much.. David Smith wrote: Ok... I think I'm starting to see the picture here. You want to be able to write a jsp that can list the directory contents of a folder. This is very crude, no error checking, untested, etc. but you'll catch on ul % String reqParameter = request.getParameter( directory ) ; URI dirURI = this.getServletContext().getResource( reqParameter ).toURI() ; File dirFile = new File( dirURI ) ; if ( dirFile.isDirectory() ) { String[] fileList = dirFile.list() ; for ( int index = 0; index fileList.length; index++ ) { out.println( li + fileList[ index ] + /li ) ; } } % /ul And it does comply with the servlet spec. --David maya wrote: thank you.. someone in another forum said the same thing.. problem is, if I have trouble accessing directory, how will I tell these methods to get Resource for that dir? :) (also, alas, don't quite remember how to use methods of interfaces -- since interfaces can't be instantiated, didn't find getInstance() method for this interface.. but well, can look this up elsewhere, I suppose:) thank you... David Smith wrote: I'm not sure what you're attempting to do here, but have you thought about ServletContext.getResource() and ServletContext.getResourceAsStream() ? Both are safe methods of reading resources from the webapp whether it be in a compressed archive or not. There is also getRealPath(), but it will only work if the webapp is expanded (ie not a .war file). I can't recommend it enough -- read the servlet spec. It really does help. --David maya wrote: File dir = new File(C:\\apache-tomcat-5.5.17\\webapps\\india\\delhi\ \images); this works fine in my machine locally, but on my website.. if, say, I'm in dir where 'images' dir is, this doesn't work... File dir = new File(images) starting @ root of webapp also doesn't work... File dir = new File(/india/delhi/images); names of directors are good, they are all lowercase... have conditional to test... if (imgsList == null) out.println(null); always prints 'null' on my website... do paths in this constructor have to be absolute? so on my website path would have to start with http...? is this an access problem? if so, do I need to ask my webhosting folks? I know this is not a very kosher way of doing it, but am running this code in a JSP for now (still don't know enough struts and such to do this kind of stuff in a stand-alone class.. but of course eventually will have to.. all I want to do is count how many images are in 'images' dir.. that's it..) thank you... - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Need help with authentication
to disable Proxy Caching by FormAuthenticator $TOMCAT_HOME/conf/server.xml Context path=/myapp docBase=myapp Valve className=org.apache.catalina.authenticator.FormAuthenticator disableProxyCaching=false / /Context Is this what you're looking for??? M- This email message and any files transmitted with it contain confidential information intended only for the person(s) to whom this email message is addressed. If you have received this email message in error, please notify the sender immediately by telephone or email and destroy the original message without making a copy. Thank you. - Original Message - From: Nelson, Tracy M. [EMAIL PROTECTED] To: Tomcat Users List users@tomcat.apache.org Sent: Wednesday, April 04, 2007 11:19 AM Subject: RE: Need help with authentication IE is sending Pragma: no-cache when it requests the admin page (Request 3 in your previous message). Firefox isn't, so I'm guessing Tomcat is assuming that FF has a copy. This is just what I noticed, I'm not an HTTP or Tomcat expert. | -Original Message- | From: Kenneth Westelinck [mailto:[EMAIL PROTECTED] | Sent: Wednesday, 04 April, 2007 09:19 | | I did some further researching. I found this on the 304 returned by Tomcat | when using firefox: | -8---8---8---8---8---8---8---8 | ---8---8---8---8---8---8---8-- | You should never see this error in your Web browser. It should simply | present the Web page from its cache - because it believes the page has not | changed since it was last cached. If your client is not a Web browser, | then | it should equally be able to present the page from a cache. If unable to | do | so, it is not using the If_Modified_Since or related headers correctly. | -8---8---8---8---8---8---8---8 | ---8---8---8---8---8---8---8-- | | When I disable caching in firefox, authentication works as it should and I | get redirected as I should. So who's the culprit here. Firefox or Tomcat? - The information contained in this message is confidential proprietary property of Nelnet, Inc. and its affiliated companies (Nelnet) and is intended for the recipient only. Any reproduction, forwarding, or copying without the express permission of Nelnet is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to this e-mail. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Version of Java being used by Tomcat
Aneez, Try typing echo -version %JAVA% at the prompt. works in dos anyway, not sure if tomcat has its own specific syntax. Richard. - Original Message From: Aneez Backer [EMAIL PROTECTED] To: users@tomcat.apache.org Sent: Wednesday, April 4, 2007 7:37:59 PM Subject: Version of Java being used by Tomcat Hi I have two versions of JAVA installed on my terminal. Is there any possible way to know which version of JAVA is being used by Tomcat 5.0.28 ??? Aneez - Don't pick lemons. See all the new 2007 cars at Yahoo! Autos. Be a PS3 game guru. Get your game face on with the latest PS3 news and previews at Yahoo! Games. http://videogames.yahoo.com/platform?platform=120121
Re: Perl -T taint mode
On Wed, Apr 4, 2007 14:32, Mike Cossaboon [EMAIL PROTECTED] wrote: I am running Tomcat 5.5.17 on Solaris 10 with Perl 5.8.4 installed. I start my perl cgis with: #!/usr/bin/perl -T The -T is for Taint mode which I do to make the cgis more secure. With a -T option, the web page is displayed with no text from my print statements. If I remove the -T the perl cgis work fine. I would like to keep the -T option. Is there a way to configure Tomcat to accept Taint mode perl cgis? The problem is almost certainly not with Tomcat. What is likely happening is that the Perl interpreter is exiting with a fatal error when the CGI you are trying to run tries to do something insecure. (This error would usually be sent to your CGI's STDERR filehandle as plain text). The solution is to either rewrite the insecure code in the CGI to make it secure, or to tell Perl that it is OK to for the code to perform potentially insecure operatings by *not* running the CGI in Taint mode. The essential point to keep in mind is this: -T does not make your CGIs more secure, it just terminates your CGI if it tries to do any of the bad things that -T checks for. For more information, see http://perldoc.perl.org/perlsec.html Mark Montague ITCS Web/Database Production Team The University of Michigan [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: accessing files/dirs.....
ok, I asked webhosting guy, this is what finally worked: /chroot/home/myuid/mydomain/tomcat/webapps/india/delhi/images :) many thanks for yr help... David Smith wrote: What I posted was an excerpt from a jsp page writing the index of a folder -- no Struts in sight. directory was just an arbitrary request parameter for example purposes: http://localhost:8080/myWebApp/imageList.jsp?directory=%2fsome%2fdirectory It doesn't really matter how you get that string. In your case, you don't even need the for loop -- just write the count or store it in the pageContext for later use in a tag like c:out value=${fileCount} / For getting the count of files, just replace the contents of the if (dirFile.isDirectory()) block with this one statement: pageContext.setAttribute( fileCount, dirFile.list().length ) ; And then you can write it out later using the c:out tag as above or %=pageContext.getAttribute( fileCount )% --David maya wrote: yes I know, eventually I want to do this whole webapp in struts.. for now just want to be able to count how many images in 'images' folder.. (what I don't get here is first line.. where does the reqParameter come from? (this method is usu. used to get params from request (user input, query string, etc..) so don't get where directory is coming from here..) thank you very much.. David Smith wrote: Ok... I think I'm starting to see the picture here. You want to be able to write a jsp that can list the directory contents of a folder. This is very crude, no error checking, untested, etc. but you'll catch on ul % String reqParameter = request.getParameter( directory ) ; URI dirURI = this.getServletContext().getResource( reqParameter ).toURI() ; File dirFile = new File( dirURI ) ; if ( dirFile.isDirectory() ) { String[] fileList = dirFile.list() ; for ( int index = 0; index fileList.length; index++ ) { out.println( li + fileList[ index ] + /li ) ; } } % /ul And it does comply with the servlet spec. --David maya wrote: thank you.. someone in another forum said the same thing.. problem is, if I have trouble accessing directory, how will I tell these methods to get Resource for that dir? :) (also, alas, don't quite remember how to use methods of interfaces -- since interfaces can't be instantiated, didn't find getInstance() method for this interface.. but well, can look this up elsewhere, I suppose:) thank you... David Smith wrote: I'm not sure what you're attempting to do here, but have you thought about ServletContext.getResource() and ServletContext.getResourceAsStream() ? Both are safe methods of reading resources from the webapp whether it be in a compressed archive or not. There is also getRealPath(), but it will only work if the webapp is expanded (ie not a .war file). I can't recommend it enough -- read the servlet spec. It really does help. --David maya wrote: File dir = new File(C:\\apache-tomcat-5.5.17\\webapps\\india\\delhi\ \images); this works fine in my machine locally, but on my website.. if, say, I'm in dir where 'images' dir is, this doesn't work... File dir = new File(images) starting @ root of webapp also doesn't work... File dir = new File(/india/delhi/images); names of directors are good, they are all lowercase... have conditional to test... if (imgsList == null) out.println(null); always prints 'null' on my website... do paths in this constructor have to be absolute? so on my website path would have to start with http...? is this an access problem? if so, do I need to ask my webhosting folks? I know this is not a very kosher way of doing it, but am running this code in a JSP for now (still don't know enough struts and such to do this kind of stuff in a stand-alone class.. but of course eventually will have to.. all I want to do is count how many images are in 'images' dir.. that's it..) thank you... - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Perl -T taint mode
Hi All, I am running Tomcat 5.5.17 on Solaris 10 with Perl 5.8.4 installed. I start my perl cgis with: #!/usr/bin/perl -T The -T is for Taint mode which I do to make the cgis more secure. With a -T option, the web page is displayed with no text from my print statements. If I remove the -T the perl cgis work fine. I would like to keep the -T option. Is there a way to configure Tomcat to accept Taint mode perl cgis? Thanks, Mike - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Version of Java being used by Tomcat
Hi I have two versions of JAVA installed on my terminal. Is there any possible way to know which version of JAVA is being used by Tomcat 5.0.28 ??? Aneez - Don't pick lemons. See all the new 2007 cars at Yahoo! Autos.
Re: Version of Java being used by Tomcat
better make sure thats what Tomcat is using.. This email message and any files transmitted with it contain confidential information intended only for the person(s) to whom this email message is addressed. If you have received this email message in error, please notify the sender immediately by telephone or email and destroy the original message without making a copy. Thank you. - Original Message - From: Richard Dunne [EMAIL PROTECTED] To: Tomcat Users List users@tomcat.apache.org Sent: Wednesday, April 04, 2007 2:49 PM Subject: Re: Version of Java being used by Tomcat Aneez, Try typing echo -version %JAVA% at the prompt. works in dos anyway, not sure if tomcat has its own specific syntax. Richard. - Original Message From: Aneez Backer [EMAIL PROTECTED] To: users@tomcat.apache.org Sent: Wednesday, April 4, 2007 7:37:59 PM Subject: Version of Java being used by Tomcat Hi I have two versions of JAVA installed on my terminal. Is there any possible way to know which version of JAVA is being used by Tomcat 5.0.28 ??? Aneez - Don't pick lemons. See all the new 2007 cars at Yahoo! Autos. Be a PS3 game guru. Get your game face on with the latest PS3 news and previews at Yahoo! Games. http://videogames.yahoo.com/platform?platform=120121 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Version of Java being used by Tomcat
Should be reported in the manager app -- http://localhost:8080/manager/html Obviously change localhost and 8080 to reflect your installation. --David Aneez Backer wrote: Hi I have two versions of JAVA installed on my terminal. Is there any possible way to know which version of JAVA is being used by Tomcat 5.0.28 ??? Aneez - Don't pick lemons. See all the new 2007 cars at Yahoo! Autos. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Version of Java being used by Tomcat
sorry.. http://TomcatHost:8080/manager/html (look at JVM Version at bottom of screen) Martin-- This email message and any files transmitted with it contain confidential information intended only for the person(s) to whom this email message is addressed. If you have received this email message in error, please notify the sender immediately by telephone or email and destroy the original message without making a copy. Thank you. - Original Message - From: Richard Dunne [EMAIL PROTECTED] To: Tomcat Users List users@tomcat.apache.org Sent: Wednesday, April 04, 2007 2:49 PM Subject: Re: Version of Java being used by Tomcat Aneez, Try typing echo -version %JAVA% at the prompt. works in dos anyway, not sure if tomcat has its own specific syntax. Richard. - Original Message From: Aneez Backer [EMAIL PROTECTED] To: users@tomcat.apache.org Sent: Wednesday, April 4, 2007 7:37:59 PM Subject: Version of Java being used by Tomcat Hi I have two versions of JAVA installed on my terminal. Is there any possible way to know which version of JAVA is being used by Tomcat 5.0.28 ??? Aneez - Don't pick lemons. See all the new 2007 cars at Yahoo! Autos. Be a PS3 game guru. Get your game face on with the latest PS3 news and previews at Yahoo! Games. http://videogames.yahoo.com/platform?platform=120121 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Version of Java being used by Tomcat
That would show the version that is default for that console. You might do better to look at the configuration for the Tomcat server to see where it looks for the JRE. That would let you know for sure. If you are running on a WinXXX platform and as a service, you could look at the settings for the environment there as well. An easy way would be to use log( System.getProperties().getProperty( java.version ); or something like that. If you want to see all of the environment properties you are running in, this should work. . . . Properties p = System.getProperties(); Enumeration e = p.keys(); while( e.hasMoreElements() ) { String s = (String)e.nextElement(); System.out.println( s + = + p.getProperty( s ) ); } . . . Robert S. Harper Senior Engineer Information Access Technology, Inc. 1100 East 6600 South, Suite 300 Salt Lake City Utah USA 84121-7411 (801)265-8800 Ext. 255 FAX (801)265-8880 This e-mail is intended only for the addressee and may contain confidential and/or privileged information. Any review, retransmission, or action taken upon this information by persons other than the intended recipient is prohibited by law. If you received this communication in error, please contact us immediately at 801-265-8800. Although this e-mail and any attachments are believed to be free of any virus or other defect, it is the responsibility of the recipient to ensure that anything received or opened is virus free. No responsibility is accepted by IAT for any loss or damage in the event that such a virus or defect exists. -Original Message- From: Richard Dunne [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 04, 2007 12:49 PM To: Tomcat Users List Subject: Re: Version of Java being used by Tomcat Aneez, Try typing echo -version %JAVA% at the prompt. works in dos anyway, not sure if tomcat has its own specific syntax. Richard. - Original Message From: Aneez Backer [EMAIL PROTECTED] To: users@tomcat.apache.org Sent: Wednesday, April 4, 2007 7:37:59 PM Subject: Version of Java being used by Tomcat Hi I have two versions of JAVA installed on my terminal. Is there any possible way to know which version of JAVA is being used by Tomcat 5.0.28 ??? Aneez - Don't pick lemons. See all the new 2007 cars at Yahoo! Autos. Be a PS3 game guru. Get your game face on with the latest PS3 news and previews at Yahoo! Games. http://videogames.yahoo.com/platform?platform=120121 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Finding Version Of Tomcat On Unix?
Hello List! I have a quick question that I'm hoping someone can help me with: How can I find the version of Tomcat running on my Unix box? When I go into the README.txt doc, I see that it's 4.1...but I don't know the last #'s in the version: 4.1.x... Is there a command I can run to find this info out? Thanks much for your time and assistance! -Jeanna
Re: Tomcat hiding director
Hi Doan- The easist way is to configure .htaccess for the folder and configure access according to which referer or what type of page they want http://www.javascriptkit.com/howto/htaccess13.shtml Martin -- This email message and any files transmitted with it contain confidential information intended only for the person(s) to whom this email message is addressed. If you have received this email message in error, please notify the sender immediately by telephone or email and destroy the original message without making a copy. Thank you. - Original Message - From: Hoa Doan [EMAIL PROTECTED] To: users@tomcat.apache.org Sent: Wednesday, April 04, 2007 12:34 PM Subject: Tomcat hiding director Is there a way to hid some directory from user access? Like lets say i have a directory name 'hideme' and in it are some files. What i want to do is not allow user from accessing it like 'localhost/hideme/index.html' - Sucker-punch spam with award-winning protection. Try the free Yahoo! Mail Beta. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Perl -T taint mode
Mark, Thanks for the link to the perl site on Taint. I will be testing out some perl settings. Mike At 02:59 PM 4/4/2007, you wrote: On Wed, Apr 4, 2007 14:32, Mike Cossaboon [EMAIL PROTECTED] wrote: I am running Tomcat 5.5.17 on Solaris 10 with Perl 5.8.4 installed. I start my perl cgis with: #!/usr/bin/perl -T The -T is for Taint mode which I do to make the cgis more secure. With a -T option, the web page is displayed with no text from my print statements. If I remove the -T the perl cgis work fine. I would like to keep the -T option. Is there a way to configure Tomcat to accept Taint mode perl cgis? The problem is almost certainly not with Tomcat. What is likely happening is that the Perl interpreter is exiting with a fatal error when the CGI you are trying to run tries to do something insecure. (This error would usually be sent to your CGI's STDERR filehandle as plain text). The solution is to either rewrite the insecure code in the CGI to make it secure, or to tell Perl that it is OK to for the code to perform potentially insecure operatings by *not* running the CGI in Taint mode. The essential point to keep in mind is this: -T does not make your CGIs more secure, it just terminates your CGI if it tries to do any of the bad things that -T checks for. For more information, see http://perldoc.perl.org/perlsec.html Mark Montague ITCS Web/Database Production Team The University of Michigan [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Version of Java being used by Tomcat
You can create simple jsp page with a scriptlet that dumps System properties to console. Check javadoc for System for more information. Andrew Pliszk Aneez Backer wrote: Hi I have two versions of JAVA installed on my terminal. Is there any possible way to know which version of JAVA is being used by Tomcat 5.0.28 ??? Aneez - Don't pick lemons. See all the new 2007 cars at Yahoo! Autos. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Finding Version Of Tomcat On Unix?
As with the recently asked question on which java version is in use, you should be able to glean that from the manager webapp. http://localhost:8080/manager/html (replace localhost and 8080 with appropriate values for your installation) Log in with a user that has the manager role and it should offer you lots of good information on the status of tomcat. --David [EMAIL PROTECTED] wrote: Hello List! I have a quick question that I'm hoping someone can help me with: How can I find the version of Tomcat running on my Unix box? When I go into the README.txt doc, I see that it's 4.1...but I don't know the last #'s in the version: 4.1.x... Is there a command I can run to find this info out? Thanks much for your time and assistance! -Jeanna - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat hiding director
I don't think .htaccess works with Tomcat alone -- doesn't it require Apache as well? You could write a filter to block all IP addresses. -Rashmi On 4/4/07, Martin Gainty [EMAIL PROTECTED] wrote: Hi Doan- The easist way is to configure .htaccess for the folder and configure access according to which referer or what type of page they want http://www.javascriptkit.com/howto/htaccess13.shtml - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Finding Version Of Tomcat On Unix?
Super - Thanks for the reply! David Smith [EMAIL PROTECTED] 04/04/2007 02:40 PM Please respond to Tomcat Users List users@tomcat.apache.org To Tomcat Users List users@tomcat.apache.org cc Subject Re: Finding Version Of Tomcat On Unix? As with the recently asked question on which java version is in use, you should be able to glean that from the manager webapp. http://localhost:8080/manager/html (replace localhost and 8080 with appropriate values for your installation) Log in with a user that has the manager role and it should offer you lots of good information on the status of tomcat. --David [EMAIL PROTECTED] wrote: Hello List! I have a quick question that I'm hoping someone can help me with: How can I find the version of Tomcat running on my Unix box? When I go into the README.txt doc, I see that it's 4.1...but I don't know the last #'s in the version: 4.1.x... Is there a command I can run to find this info out? Thanks much for your time and assistance! -Jeanna - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Version of Java being used by Tomcat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Richard, Richard Dunne wrote: Aneez, Try typing echo -version %JAVA% at the prompt. works in dos anyway, not sure if tomcat has its own specific syntax. Never heard of that one before. As far as I know, echo on DOS does not accept any arguments other than ON, OFF or a message to display. %JAVA% expands to the value of the environment variable JAVA, which is not guaranteed to contain anything. For instance, I have Java installed on my win32 box and the command interpreter blankly gives me: C:\Documents and Settings\Chris echo -version %JAVA% - -version %JAVA% C:\Documents and Settings\Chris Not very helpful :( - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGFAPc9CaO5/Lv0PARApXGAKCMj1GJCeTxV7cEI/2yrVoFs15iVQCgtaO4 Dxs/dfqjdMg1utzoASO4CfA= =L662 -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Version of Java being used by Tomcat
java -version Should give you what is the default java version used Gurdeep -Original Message- From: Christopher Schultz [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 04, 2007 1:00 PM To: Tomcat Users List Subject: Re: Version of Java being used by Tomcat -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Richard, Richard Dunne wrote: Aneez, Try typing echo -version %JAVA% at the prompt. works in dos anyway, not sure if tomcat has its own specific syntax. Never heard of that one before. As far as I know, echo on DOS does not accept any arguments other than ON, OFF or a message to display. %JAVA% expands to the value of the environment variable JAVA, which is not guaranteed to contain anything. For instance, I have Java installed on my win32 box and the command interpreter blankly gives me: C:\Documents and Settings\Chris echo -version %JAVA% - -version %JAVA% C:\Documents and Settings\Chris Not very helpful :( - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGFAPc9CaO5/Lv0PARApXGAKCMj1GJCeTxV7cEI/2yrVoFs15iVQCgtaO4 Dxs/dfqjdMg1utzoASO4CfA= =L662 -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Version of Java being used by Tomcat
There is one more thing related to java version and JSPs, there is a configuration setting for the version used to compile jsps. So even if you have 1.5 your JSPs still might compile in 1.4 mode. This is setup in the tomcat xml config file. Andrew Gurdeep Kaur (gurdeep) wrote: java -version Should give you what is the default java version used Gurdeep -Original Message- From: Christopher Schultz [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 04, 2007 1:00 PM To: Tomcat Users List Subject: Re: Version of Java being used by Tomcat -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Richard, Richard Dunne wrote: Aneez, Try typing echo -version %JAVA% at the prompt. works in dos anyway, not sure if tomcat has its own specific syntax. Never heard of that one before. As far as I know, echo on DOS does not accept any arguments other than ON, OFF or a message to display. %JAVA% expands to the value of the environment variable JAVA, which is not guaranteed to contain anything. For instance, I have Java installed on my win32 box and the command interpreter blankly gives me: C:\Documents and Settings\Chris echo -version %JAVA% - -version %JAVA% C:\Documents and Settings\Chris Not very helpful :( - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGFAPc9CaO5/Lv0PARApXGAKCMj1GJCeTxV7cEI/2yrVoFs15iVQCgtaO4 Dxs/dfqjdMg1utzoASO4CfA= =L662 -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Version of Java being used by Tomcat
Also remember that he said he had multiple versions of Java installed on his machine and it is possible that what Tomcat runs under may very well be different from what a console window would get. This is the case for me as well. I have three or four different versions of the JRE and what version is active in a process is dependent on the environment I set for that process. If you are coding a servlet, you can use System.out.println( System.getProperty( java.version ) ); and that will show you the version that is active for that process. Robert S. Harper Senior Engineer Information Access Technology, Inc. 1100 East 6600 South, Suite 300 Salt Lake City Utah USA 84121-7411 (801)265-8800 Ext. 255 FAX (801)265-8880 This e-mail is intended only for the addressee and may contain confidential and/or privileged information. Any review, retransmission, or action taken upon this information by persons other than the intended recipient is prohibited by law. If you received this communication in error, please contact us immediately at 801-265-8800. Although this e-mail and any attachments are believed to be free of any virus or other defect, it is the responsibility of the recipient to ensure that anything received or opened is virus free. No responsibility is accepted by IAT for any loss or damage in the event that such a virus or defect exists. -Original Message- From: Andrew Pliszka [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 04, 2007 2:06 PM To: Tomcat Users List Subject: Re: Version of Java being used by Tomcat There is one more thing related to java version and JSPs, there is a configuration setting for the version used to compile jsps. So even if you have 1.5 your JSPs still might compile in 1.4 mode. This is setup in the tomcat xml config file. Andrew Gurdeep Kaur (gurdeep) wrote: java -version Should give you what is the default java version used Gurdeep -Original Message- From: Christopher Schultz [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 04, 2007 1:00 PM To: Tomcat Users List Subject: Re: Version of Java being used by Tomcat -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Richard, Richard Dunne wrote: Aneez, Try typing echo -version %JAVA% at the prompt. works in dos anyway, not sure if tomcat has its own specific syntax. Never heard of that one before. As far as I know, echo on DOS does not accept any arguments other than ON, OFF or a message to display. %JAVA% expands to the value of the environment variable JAVA, which is not guaranteed to contain anything. For instance, I have Java installed on my win32 box and the command interpreter blankly gives me: C:\Documents and Settings\Chris echo -version %JAVA% - -version %JAVA% C:\Documents and Settings\Chris Not very helpful :( - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGFAPc9CaO5/Lv0PARApXGAKCMj1GJCeTxV7cEI/2yrVoFs15iVQCgtaO4 Dxs/dfqjdMg1utzoASO4CfA= =L662 -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Lots of JspRuntimeContext threads
Hello, Tomcat 5.5.9/Windows XP/Java 1.5_11 I have a Tomcat running about 16 contexts. A few of them are fairly busy. We recently had a Out of memory: unable to create new native thread Exception. At the time, we had roughly 500 threads in the VM. Of that, 147 were named JSPRuntimeContext[\context name]. Seven of the contexts had more than 15 of these threads, one had 25. The rest all have 3 or less. I've googled and looked through the source, and it seems to me I should expect at most one of these threads per context. I'm struggling to find anyone else talking about this. Am I correct in assuming I should see only 1 per context? Has this been addressed in post-5.5.9 releases? I didn't see anything pertinent in the release notes. I just can't imagine how I could make this happen w/ app code. The apps running are plain vanilla JSP apps - no jspc tricks or using the Tomcat API. Any advice would be much appreciated. Thank you, Adam
Re: Another Comet 6.0.10 question
Hi, thanks very much for the replies. Rémy Maucherat wrote: On 4/4/07, Sebastiaan van Erk [EMAIL PROTECTED] wrote: Ok, so I get a -1 on a read. Now what do I do? If I just return from the event handler I immediately get another read :-(. If I close the event I can't do output anymore. Since there's not going to be any additional data from the client, and presumably all data on the socket input has been consumed, it would seem the only read event that this could be is a disconnect (which on Windows is reported as a regular there's data on the socket). Feel free to do your homework too, and try to determine what this event would be about, I can't reproduce everything. Hmm... I don't work under Windows, I use Ubuntu Linux, but I'll try figure out why it keeps sending me READ events after the end of stream was reached; I'll get back to you on that one (I'll see if I can make a small test program which exhibits the behavior). Can't it just send me ERROR/TIMEOUT events, just like what would happen if no READS arrive at all? In that case I can do async output (like in the Messaging application example). The CoyoteInputStream I called the read() on should know it reached the end of stream when I called read(), so why does it cause another READ event immediately even though it should know there is no more data? Shouldn't it behave in the same way that it would normally behave after handling a read event and there being no more data, i.e., do ERROR/TIMOUT events until the event is closed or new data arrives (which in this case can't happen)? As I said, it's not going to happen that way. The thing calling the events is a poller, not the input stream, and they are generated when something happens on the socket, or if there's leftover data waiting. As far as the polling is concerned, I think I don't quite understand the interface just yet. So far, I've seen the following behavior: BEGIN - (no data is sent from the client) TIMEOUT (return form the handler) - TIMEOUT (return) - ... The timeout here is presumably caused by a socket read (with a certain timeout)? That would explain why it is not trivial to generate timeouts after the stream is closed. BEGIN - (data) READ - READ - READ (read, eof, return from handler) - READ (read, eof, return from handler) - ... The fact that it keeps on calling read could be because I don't throw an exception or call event.close(). Maybe that's not the correct use of the Comet interface? As far as I can see, the CometProcessor interface is designed around the input stream. As soon as it reaches the end or is closed, you have to do what output you can and clean up and close the event. Is that correct? Is it even possible to do output in parts? HTTP is a request/response protocol and some caches/proxies don't accept any more input once some output has been committed. With this restriction it would seem that output in parts is impossible with Comet. After the input stream is closed, the polling stops and the event method is never called anymore, providing no means to end the request. The only way of being able to do output in parts is keeping the request input stream open until all the output is done. I see no fundamental problems of implementing the events as I described before: that Tomcat keeps polling the event handler while the response has not been ended. Sure, it's not possible to do this using the events of the poller on the socket, but I think it must be possible to implement it in a different manner? The reason I keep asking about this is because I don't see how else output in parts is ever going to work with the current interface... Maybe that's not the intention, but it does seem that the sample messenger application on the Advanced IO page does in fact also use output in parts... (To implement the messenger app with request/response type http, I would imagine the client doing one long request to the Comet server that sends no data and only reads messages pending on the server, and short post requests containing a message whenever the client wants to send one). To summarize: output in parts seems useful, there seem to be no fundamental barriers in implementing it, and it can even be done using a request/response cycle that does not read from the request after data is committed to the response. The only thing I don't understand is how to achieve this with the current Comet implementation in Tomcat. Regards, Sebastiaan Rémy - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Another Comet 6.0.10 question
On 4/4/07, Sebastiaan van Erk [EMAIL PROTECTED] wrote: Hmm... I don't work under Windows, I use Ubuntu Linux, but I'll try figure out why it keeps sending me READ events after the end of stream was reached; I'll get back to you on that one (I'll see if I can make a small test program which exhibits the behavior). I didn't think you were using Windows, so I didn't mention it: the problem is that Windows notifies disconnects as a regular read event, rather than with an error code. In that case, you have to do an additional read to get the IO exception, after which the connection is closed. If you don't read (and either let the exception go through or close the event), the socket goes back to the poller, and is signaled again right away. That's totally annoying ... It should work properly in Unix, but you'll get an error event, and that will be the end of your connection. The fact that it keeps on calling read could be because I don't throw an exception or call event.close(). Maybe that's not the correct use of the Comet interface? As I said, I don't know what the problem is. I am interested in fixing identified bugs, and trying to improve on behaviors where I can. Is it even possible to do output in parts? HTTP is a request/response protocol and some caches/proxies don't accept any more input once some output has been committed. With this restriction it would seem that output in parts is impossible with Comet. After the input stream is closed, the polling stops and the event method is never called anymore, providing no means to end the request. The only way of being able to do output in parts is keeping the request input stream open until all the output is done. Evidently, HTTP has never been designed as a protocol where the client and the server would use it as a convinient way to open a biderectional communication channel. As a result, this usage can have unspecified compatibility issues, not scale with proxy X or Y, etc. Note however that the HTTP protocol is still respected, as long as you use chunking for all transfers. The main point in Tomcat was to provide an easy API which would blend with the servlet API and could meet certain specific needs, until something better emerges (and it's not going to be an async HTTP Servlet API, since it would have the same exact compatibility issues). The reason I keep asking about this does not make much sense. It's possible there will be refinements to the behavior eventually, but there's nothing which requires you to send an EOF on input. You want to do it, but it's really your design choice and has no real benefit. Rémy - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: connection pool
Martin Gainty wrote: MG-- You want to make sure your abandoned connections are properly re-cycled e.g. To configure a DBCP DataSource so that abandoned dB connections are removed and recycled add the following paramater to the ResourceParams configuration for your DBCP DataSource Resource: parameter nameremoveAbandoned/name valuetrue/value /parameter yeah, the problem with this is that the algorithm for the abandoned connections is quite fishy, you'll pretty much have to reach max connections before any abandoned removal is done. but yes, that is what you need, also set logAbandoned=true so that you can get some info where your leak is Filip http://tomcat.apache.org/tomcat-5.0-doc/jndi-datasource-examples-howto.html MG -- - Original Message - From: Daniel Stephens [EMAIL PROTECTED] To: Tomcat Users List users@tomcat.apache.org Sent: Monday, April 02, 2007 12:36 PM Subject: Re: connection pool sorry if someone has already mentioned this, but you will probably have to add the testOnborrow Parameter. So that also means you have to use the ValidationQuery, etc... but it(the pool) should try to restablish a connection at that point. testOnBorrow will cause some more overhead, but it might resolve your problem. here's an example.. parameter namefactory/name valueorg.apache.commons.dbcp.BasicDataSourceFactory/value /parameter parameter namedriverClassName/name valueoracle.jdbc.driver.OracleDriver/value /parameter parameter nameurl/name valuejdbc:oracle:thin:@host:port:sid/value /parameter parameter nameusername/name valuejohn/value /parameter parameter namepassword/name valuedoe/value /parameter parameter namemaxActive/name value5/value /parameter parameter namemaxIdle/name value5/value /parameter parameter namemaxWait/name value-1/value /parameter parameter nameremoveAbandoned/name valuetrue/value /parameter parameter namevalidationQuery/name valueselect count(*) from dual/value /parameter parameter nametestOnBorrow/name valuetrue/value /parameter On 3/19/07, Gioia, Michael [EMAIL PROTECTED] wrote: Hi, I'm new to tomcat and have a problem with keeping up the connection to the database thru the connection pool. Almost every weekend the database gets bumped and the java app that were running needs to have tomcat restarted to reconnect to the database thru the connection pool. When we come in on Monday tomcat and the database are up and running, but the app will not connect to the database. Is there a way to reestablish the connection so our users don't have to wait until we come in on Monday to restart tomcat? Many Thanks, MG No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.446 / Virus Database: 268.18.25/744 - Release Date: 4/3/2007 5:32 AM - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 6.0.10 hangs on startup when APR enabled
Mladen Turk wrote: Stefan Armbruster wrote: Hi finally I did this: rm /dev/random; ln -s /dev/urandom /dev/random ... and Tomcat starts up fine. Wow, that something. You are very brave and root ;) awesome! Try with setting: $ export RANDFILE=/dev/urandom then start Tomcat. or create a $HOME/.rnd file Regards, Mladen - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 6.0.10 Comet question
Rémy Maucherat wrote: On 4/3/07, Filip Hanik - Dev Lists [EMAIL PROTECTED] wrote: yes, a proposal is coming up, my guess is that you will do a {public int write(ByteBuffer)} on the CometEvent object. returns number of bytes written, but nothing is set in stone yet I hope that your proposal does not include that sort of API, because I'm not going to like it if it does. I'm still noodling on it :), my old brain just needs some time, ideally I want to find a transparent way. Filip Rémy - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: session replication
Yerramsetti, Naga wrote: Hi, What happens if we use session replication and we try to store in session an object that is not serializable? throws an error, probably an IllegalArgumentException on session.setAttribute you can also take a look at www.terracotta.org, as they don't require Serializable to work Filip Thank you. Naga No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.446 / Virus Database: 268.18.25/744 - Release Date: 4/3/2007 5:32 AM - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: High cpu on Apache 2.2.3/Tomcat 5.5.20/APJ1.3 - Windows Server 2003 R2 SP1 SE
if you are already using mod_proxy, why use AJP, mod_proxy in particular, has a more solid implementation in HTTP than AJP Filip Mirko Viviani wrote: Hi, We are using Tomcat 5.5.20 with Apache 2.2.3/ssl/svn and jdk 1.6.0-b105 on a Windows Server 2003 R2/SP1 SE with 4 Xeon cores and 4GB ram. I have configured apache with a virtual host and the ProxyPass directive to redirect all the requests to the Tomcat instance, as in this example: VirtualHost 192.168.1.22:80 http://192.168.1.22/ ServerName test.ourdomain ServerAdmin mymail ErrorLog logs/test-error.log CustomLog logs/test-access.log common Location / ProxyPass ajp://test.localhost:8009/ /Location /VirtualHost The same binaries and configurations work like a charm on a Win 2000 Pro/SP4 single processor test machine, with the only difference that the virtual host is bound to * instead to a real ip address. On the Win2003 server, after the first requests, the tomcat5 process starts eating 100% cpu on one core and saturate all the cpus after some requests. After that the APJ13 link starts loosing bytes requiring a service restart. An Apache restart releases the resources of the tomcat5 process. Using a Redirect directive to the tomcat 8080 port instead of a ProxyPass work correctly but it isn't the desired solution. There are not antivirus or firewall/packet filter on the machines. Any hints? Thank you. Mirko No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.446 / Virus Database: 268.18.25/745 - Release Date: 4/3/2007 12:48 PM - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to trace successful ssl handshake?
-Djavax.net.debug=handshake,ssl Filip Julien Gaulon wrote: Dear Tomcat Users, I'm using a tomcat 5.5 on win XP. My servlet uses 2 secure connectors (different cipher suites and protocol SSL and TLS) on 2 ports. I have already found a way to have in my servlet a trigger when a ssl handshake failure occurs. But, in successful case, my servlet needs more informations from the client hello message than the cipher suite used and the key. Has somebody an idea how to get this info? At least in tomcat log file (I'm using log4j) or console? Thanks, Julien. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: servlet url pattern problem!
It is webapp/servlet/login indeed. In fact, my jsp structure is as following: in index.jsp: jsp:include page=/jsp/top.jsp/ in top.jsp: FORM action=%=request.getContextPath()%/servlet/login method=POST onsubmit=return loginCheck(this); .. /FORM //here, the form will be submit On 4/3/07, David Delbecq [EMAIL PROTECTED] wrote: En l'instant précis du 03/04/07 11:47, jacky s'exprimait en ces termes: in web.xml: servlet-mapping servlet-namelogin/servlet-name url-pattern/servlet/login/url-pattern /servlet-mapping in jsp: FORM action=%=request.getContextPath()%/servlet/login method=POST There is an error when the jsp is submit (URL: http://localhost:8080/test/servlet/login): type Status report message /test/servlet/ description The requested resource (/test/servlet/) is not available. You tried to post to webapp/servlet, not webapp/servlet/login according to your error message. Check you didn't forget a /login somewhere in your jsp. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Best Regards. jacky
Re: servlet url pattern problem!
If you compile the Servlet class and Re-start Tomcat after defining the mapping in web.xml it should work. I tried the following and it works: - web.xml - servlet servlet-namelogin/servlet-name servlet-classtest66.LoginServlet/servlet-class /servlet servlet-mapping servlet-namelogin/servlet-name url-pattern/servlet/login/url-pattern /servlet-mapping -- LoginServlet compiled -- package test66; import javax.servlet.*; public class LoginServlet extends HttpServlet { public void doPost(HttpServletRequest request, HttpServletResponse response){ doGet(request,response); } public void doGet(HttpServletRequest request, HttpServletResponse response){ System.out.println( Inside Login Servlet); } } JSP %@ page contentType=text/html;charset=UTF-8 language=java % html headtitle/title/head body FORM action=%=request.getContextPath()%/servlet/login method=POST input type=text name=text value=hello / input type=submit name=submit value=submit / /FORM /body /html -Rashmi On 4/5/07, jacky [EMAIL PROTECTED] wrote: It is webapp/servlet/login indeed. In fact, my jsp structure is as following: in index.jsp: jsp:include page=/jsp/top.jsp/ in top.jsp: FORM action=%=request.getContextPath()%/servlet/login method=POST onsubmit=return loginCheck(this); .. /FORM //here, the form will be submit - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]