Re: PKCS11 in Windows
Is there a way to avoid the \0 problem? (XML does not allow to specify this character) Can you do: alias=tomcat#00; ? Hello Chris, No, it is not possible to use this character in XML (so I have read in the XML specification). Anyway, I tried and, if you write that, Tomcat responds with an error: org.xml.sax.SAXParseException: Character reference #00; is an invalid XML character. it is almost funny how a little detail can cause so many troubles. Thanks for your answer Chris, Regards
Problems with Xerces under Tomcat 5.5
Hi, I'm enveloping an application using Tomcat 5.5, Struts 1.3, Java 1.5: now I need server use Xerces for reading XML file from an action. The problem is that I can't do it because when I copy the Xerces jar in WEB-INF/inf directory of my application and restart server, this error message appears: org.apache.jasper.JasperException: Cannot find ActionMappings or ActionFormBeans collection What could I do? Thank you! Salvatore - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
SV: Location of API
Then that import on org.apache.tomcat.util.net.puretils.PureTLSImplementation.java --- import COM.claymoresystems.ptls.SSLSocket; should give error, but that is not giving any error. No, it just means the library is available at compile-time. Try checking your IDE for the jar file that contains the classes, and see why they aren't included in the deployment. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
extra field in form-based authentication
Hello, I would like to have an extra field in my form-based login page, but I'm wondering how I can retrieve the value of that extra field within my application (request.getParameter(blabla) does not work). I searched the web and a suggestion was to override authenticate() in FormAuthenticator. But I'm wondering how I tell the container to use my version of authenticate()? Are there other ways? This looks like something obvious, but after searching for a couple of hours, I haven't found a clear answer to this issue. Thanks in advance for any guidance, dirk - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[OT] Jobs in Kiev, Ukraine available
Hi, sorry for off topic. I work as consulter for a company which has some positions to fill in Kiev, Ukraine. Basically they are searching for Java Developers WEB/Backend, and good HTML-ers/ JSScripters. Everyone interested please email me your CV and loan expectations I will forward it to the HR manager there. thanx Leon P.S. And sorry for OT for all the others :-) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Range request header (and related headers) behaviour
Hi, I'm starting to see more clients making Range requests (iPhone among them) and I'm trying to understand how much work I have to do to support the correct behaviour. I've been investigating Tomcat support for this (although my application will be deployed in different servlet containers; definitely Tomcat 5.0.x, 5.5.x and Weblogic 9.x currently) and comparing my expectations with what I'm seeing. Exhibit A - requesting content, adding a Range: bytes=0-1499 header to the request. GET /Protocols/rfc2616/rfc2616-sec14.html HTTP/1.1 Host: www.w3.org User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-gb,en;q=0.5 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Range: bytes=0-1499 HTTP/1.x 206 Partial Content Date: Thu, 13 Dec 2007 10:57:39 GMT Server: Apache/2 Last-Modified: Wed, 01 Sep 2004 13:24:52 GMT Etag: 3e3073913b100 Accept-Ranges: bytes Content-Length: 1500 Cache-Control: max-age=21600 Expires: Thu, 13 Dec 2007 16:57:39 GMT P3P: policyref=http://www.w3.org/2001/05/P3P/p3p.xml; Content-Range: bytes 0-1499/126444 Keep-Alive: timeout=2, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 That works as expected, being served by Apache 2, returning a 206 response with the partial body being returned. When I request a page via Tomcat locally (requesting the Tomcat user documentation), I get the following: Exhibit B - request to Tomcat 5.0.30 ROOT webapp, adding a Range: bytes=0-1499 header to the request. GET / HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-gb,en;q=0.5 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Range: bytes=0-1499 HTTP/1.x 200 OK Content-Type: text/html;charset=ISO-8859-1 Transfer-Encoding: chunked Date: Thu, 13 Dec 2007 11:01:23 GMT Server: Apache-Coyote/1.1 i.e. a 200 response with the full response body. But as part of the same request, the images are retrieved... Exhibit C - related image request, adding a Range: bytes=0-1499 header to the request. GET /tomcat.gif HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11 Accept: image/png,*/*;q=0.5 Accept-Language: en-gb,en;q=0.5 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://localhost:8080/ Range: bytes=0-1499 HTTP/1.x 206 Partial Content Etag: W/1934-1101296588000 Last-Modified: Wed, 24 Nov 2004 11:43:08 GMT Content-Range: bytes 0-1499/1934 Content-Type: image/gif Content-Length: 1500 Date: Thu, 13 Dec 2007 11:01:23 GMT Server: Apache-Coyote/1.1 And these have a 206 response, with a partial response body. I note that the Tomcat 4.0 functional specs talk about Range request support [1], but not about how to ensure that it's enabled for all resources within a webapp. Questions: 1. Why doesn't the page served by the root item get returned as a partial content response? It is a jsp page in the ROOT webapp, which comes as part of the tomcat installation. 2. Why do the images react correctly to the Range request? 3. How can I get my resources to respond correctly to the Range request? Am I missing some configuration thing? I have a mixture of JSP with Struts 1.2 and Spring MVC. I'm thinking that I'll need to find or write a Filter to handle this (particularly as it needs to run on other containers; e.g. Weblogic), but it seems a shame that it isn't part of the HTTP implementation within the container. The related headers that I need to consider include Accept-Range, If-Range and Content-Range. I can take care of setting ETags and Last-Modified headers for my resources, so I just need to ensure that something is handling the Range related functionality at some point. Cheers, James [1] http://tomcat.apache.org/tomcat-4.0-doc/catalina/funcspecs/fs-default.html -- View this message in context: http://www.nabble.com/Range-request-header-%28and-related-headers%29-behaviour-tp14314129p14314129.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Axis2] FileNotFoundException (SESSIONS.ser) during tomcat shutdown
On 13 Dec 2007, at 00:52, Caldarale, Charles R wrote: From: Michele Mazzucco [mailto:[EMAIL PROTECTED] Subject: Re: [Axis2] FileNotFoundException (SESSIONS.ser) during tomcat shutdown I've tried with a clean tomcat 6.0.13 setup where only axis2 1.3 was deployed (tomcat 5.5.20 behaves the same) - no web services were deployed in axis2. Tomcat provides space for a webapp's use via the context attribute javax.servlet.context.tempdir; this normally points to the directory work/Catalina/localhost/[appname], which is the one getting deleted. I suspect your webapp is taking the value of that attribute, using it for a bit, and then erroneously thinking it should clean up by deleting it. As an experiment, you can configure the name of the webapp's tempdir via the Context attribute workDir; Tomcat creates this directory during deployment of the webapp, but otherwise doesn't seem to touch it. Setting the workDir attribute to some other location might solve your problem, although the real fix is to have your webapp stop deleting things it didn't create. Chuck, it's not my webapp, it's axis2! Now the problem is that you are telling me that the problem is axis2 while the axis2 guys suggest me that it could be a tomcat issue. Michele - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e- mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Axis2] FileNotFoundException (SESSIONS.ser) during tomcat shutdown
Chuck, BTW I've set workDir in $CATALINA_HOME/conf/server.xml (inside the Host section) to point to a temp folder in my home. The folder and all subfolders are created, apart from axis2... so the error still occurs. What do you think? Thanks, Michele On 13 Dec 2007, at 11:29, Michele Mazzucco wrote: As an experiment, you can configure the name of the webapp's tempdir via the Context attribute workDir; Tomcat creates this directory during deployment of the webapp, but otherwise doesn't seem to touch it. Setting the workDir attribute to some other location might solve your problem, although the real fix is to have your webapp stop deleting things it didn't create. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: extra field in form-based authentication
In form based authentication - you have no access to the processor other than your suggestion of overriding authenticate() in FormAuthenticator. Depending on the purpose of the field you could always perform a kludge of setting the 3rd value in a cookie and have a filter check for hte cookie to perform any extra work you need. (Somehow - I doubt that will work) -Tim dirk ooms wrote: Hello, I would like to have an extra field in my form-based login page, but I'm wondering how I can retrieve the value of that extra field within my application (request.getParameter(blabla) does not work). I searched the web and a suggestion was to override authenticate() in FormAuthenticator. But I'm wondering how I tell the container to use my version of authenticate()? Are there other ways? This looks like something obvious, but after searching for a couple of hours, I haven't found a clear answer to this issue. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Range request header (and related headers) behaviour
The default servlet knows how to handle ranges. JSP's and servlets on their own do not understand ranges. (Because typically custom code is written and out.println() is called). The reason the default servlet can handle ranges is because the content is static. The size of the resource is known so one can easily do range checks appropriately. JSP's/servlets content is generated on the fly. (Which is the main reason you see chunked encoding since we don't know the content length until your done serving the content) That being said, you can make JSP's and servlets handle ranges by using a Filter (which I don't of yet) which can buffer the content of the JSP and only serve back the partial content as needed. -Tim James Abley wrote: Hi, I'm starting to see more clients making Range requests (iPhone among them) and I'm trying to understand how much work I have to do to support the correct behaviour. I've been investigating Tomcat support for this (although my application will be deployed in different servlet containers; definitely Tomcat 5.0.x, 5.5.x and Weblogic 9.x currently) and comparing my expectations with what I'm seeing. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Intermittent blank page after log-n
I'm using a JDBC realm with a site and sometimes when you try to access a secured resource you get a blank page after logging in. You have to refresh the page to get the secured resource to appear. After that everything works great. I'm using SSL now, but this happened before I was using SSL. Authentication works normally on Tomcat in DEV. I'm still trying to fine a pattern to the problem. This appears to only happen on the first login. If you logout and log back in it work normally. I assume it is a Tomcat/Mod_JK configuration issue. If you have experienced blank pages after log-in I would like to know what you found. Here is what I'm using. Tomcat: 5.5.20.0 OS Name:Ubuntu Feisty Fawn OS Version: 2.6.20-15-server JVM Version:1.6.0-b105 Server version: Apache/2.2.3 mod_jk version: tomcat-connectors-1.2.23 I did find one error during start-up in the mod_jk.log: [error] init_jk::mod_jk.c (2701): Initializing shm:/etc/apache2/logs/jk- runtime-status.8194 errno=2. Load balancing workers will not function properly. [warn] jk_map_read_property::jk_map.c (432): The attribute ' worker.loadbalancer.balanced_workers' is deprecated - please check the documentation for the correct replacement. Suggestions? http://www.byteworksinc.com/
Re: extra field in form-based authentication
in that case ... wouldn't the User-Agent header do the trick? -Tim dirk ooms wrote: interesting suggestion, but in my case the extra field is not related to the username. i would like to have a field where the user indicates on what type of device he/she works, so we can offer the appropriate stylesheet. On Thursday 13 December 2007 13:00, David Delbecq wrote: Or have the username in a hidden field and have javascript build it from to fields. example: j_username=Domain\\user j_password=* Most pragmatic way imho. javascript disabled user could still enter the \\ manually :) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: extra field in form-based authentication
interesting suggestion, but in my case the extra field is not related to the username. i would like to have a field where the user indicates on what type of device he/she works, so we can offer the appropriate stylesheet. On Thursday 13 December 2007 13:00, David Delbecq wrote: Or have the username in a hidden field and have javascript build it from to fields. example: j_username=Domain\\user j_password=* Most pragmatic way imho. javascript disabled user could still enter the \\ manually :) En l'instant précis du 13/12/07 12:51, Tim Funk s'exprimait en ces termes: In form based authentication - you have no access to the processor other than your suggestion of overriding authenticate() in FormAuthenticator. Depending on the purpose of the field you could always perform a kludge of setting the 3rd value in a cookie and have a filter check for hte cookie to perform any extra work you need. (Somehow - I doubt that will work) -Tim dirk ooms wrote: Hello, I would like to have an extra field in my form-based login page, but I'm wondering how I can retrieve the value of that extra field within my application (request.getParameter(blabla) does not work). I searched the web and a suggestion was to override authenticate() in FormAuthenticator. But I'm wondering how I tell the container to use my version of authenticate()? Are there other ways? This looks like something obvious, but after searching for a couple of hours, I haven't found a clear answer to this issue. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Beginner question: Configure Tomcat for JAAS?
Hi,
This is a beginner question :-(. I'm trying to get JAAS to work on my Tomcat
(6.0.12) installation. I used code from a Javaworld article (
http://www.javaworld.com/javaworld/jw-09-2002/jw-0913-jaas.html)
Of course I had to configure my Tomcat to work together with JAAS. The
document I used is:
http://tomcat.apache.org/tomcat-6.0-doc/printer/realm-howto.html
According to the Tomcat doc I have to do the following steps before I can
use JAAS to authenticate a user:
1. Develop your code. Place the compiled classes in Tomcat's classpath
2. Setup a login.config file for Java, and tell Tomcat where to find it (set
JAVA_OPTS)
3. Configure the JAASRealm in your server.xml
1 Develop code: I use the following classes:
PassiveCallbackHandler.java
RdbmsCredential.java
RdbmsLoginModule.java
RdbmsPrincipal.java
These classes I put in the package rdbmsjaas.
In the %CATALINA_HOME%/webapps/Javaworld_Jaas/WEB-INF/lib directory I
created the rdbmsjaas.jar file.
The jsp is called jaas.jsp, and is stored in
%CATALINA_HOME%/webapps/Javaworld_Jaas
2. Setup login.config
In %CATALINA_HOME%\conf I saved the file Javaworld_all_that_Jaas.config,
containing:
Example {
RdbmsLoginModule required
debug=true
url=jdbc:mysql://localhost/jaasdb?user=javauserpassword=javadude
driver=com.mysql.jdbc.Driver;
};
I created an XP Environment Variable JAVA_OPTS with the value -DJAVA_OPTS=-
Djava.security.auth.login.config==C:/Program Files/Apache Software
Foundation/Tomcat 6.0/conf/JavaWorld_All_That_Jaas.config (excluding and
)
I used the fully qualified address, instead of
$CATALINA_HOME/conf/JavaWorld_All_That_Jaas.config. I think XP balks when it
sees $CATALINA_HOME).
3 Configure JAASRealm in server.xml
In %CATALINA_HOME%\conf\ I changed web.xml. I added the following lines:
Realm className=org.apache.catalina.realm.JAASRealm
appName=jaas
userClassName=rdbmsjaas.RdbmsPrincipal
debug=99
/
If I run the jsp from http://localhost:8080/JavaWorld_Jaas/jaas.jsp, I can
enter my username/password, but when I click the Submit button, I get:
Caught Exception: java.lang.SecurityException: Unable to locate a login
configuration
Where did my configuration go wrong?
Abel
Re: extra field in form-based authentication
On Thursday 13 December 2007 13:54, Tim Funk wrote: in that case ... wouldn't the User-Agent header do the trick? AFAIK not, the screenwidth is the main thing i want to adapt to and i can have Firefox/Linux running on a webtablet with 800px screen, but also on a desktop with 1900px. -Tim dirk ooms wrote: interesting suggestion, but in my case the extra field is not related to the username. i would like to have a field where the user indicates on what type of device he/she works, so we can offer the appropriate stylesheet. On Thursday 13 December 2007 13:00, David Delbecq wrote: Or have the username in a hidden field and have javascript build it from to fields. example: j_username=Domain\\user j_password=* Most pragmatic way imho. javascript disabled user could still enter the \\ manually :) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: extra field in form-based authentication
Providing a separate form to choose layout would be far easier to do and maintain. Login form should contains only login informations (cf J2EE specs). If you want to play with customization of login form that go beyong what is allowed by j2EE security model, just forget container managed authentification and provide your own one. En l'instant précis du 13/12/07 14:06, dirk ooms s'exprimait en ces termes: On Thursday 13 December 2007 13:54, Tim Funk wrote: in that case ... wouldn't the User-Agent header do the trick? AFAIK not, the screenwidth is the main thing i want to adapt to and i can have Firefox/Linux running on a webtablet with 800px screen, but also on a desktop with 1900px. -Tim dirk ooms wrote: interesting suggestion, but in my case the extra field is not related to the username. i would like to have a field where the user indicates on what type of device he/she works, so we can offer the appropriate stylesheet. On Thursday 13 December 2007 13:00, David Delbecq wrote: Or have the username in a hidden field and have javascript build it from to fields. example: j_username=Domain\\user j_password=* Most pragmatic way imho. javascript disabled user could still enter the \\ manually :) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://www.devlog.be (a belgian developer's logs) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Turning off jsessionid
Actually this is not so uncommon, an there are many 'good' reasons to do so, see: http://randomcoder.com/articles/jsessionid-considered-harmful Here is an example of a filter that takes care of this: http://randomcoder.com/repos/public/randomcoder-website/tags/1.0.3/WEB-INF/src/com/randomcoder/security/DisableUrlSessionFilter.java Best wishes, Peter curunir wrote: Since you were curious why someone would want to disable URL rewriting, I can tell you why we had to do this. For our client, it was taken for a given that users would be frequently copying/pasting URLs in emails and IMs to other users. It's not a necessary part of our application, but we all know the vast majority of computer users are basically clueless when it comes to security and simply won't consider the security implications of their actions. If you enable URL rewriting, it makes it possible for someone visiting a URL sent to them in an email/IM to be logged in as the user who was originally passed the URL. Additionally, the users of the application frequently take screenshots when submitting bugs and those screenshots would, in many cases, also include the session id. In our application, where real money is at stake, this kind of risk is unacceptable. I'd go as far as to say that URL rewriting is fundamentally insecure for this reason and should be turned off whenever it's possible that URLs would be exposed in either of these two manners (provided your application requires a decent level of security). Christopher Schultz-2 wrote: ... I'm not sure why you'd ever want to do this, though. I'd love to hear your reason for doing it, though. ... - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [Axis2] FileNotFoundException (SESSIONS.ser) during tomcat shutdown
From: Michele Mazzucco [mailto:[EMAIL PROTECTED] Subject: Re: [Axis2] FileNotFoundException (SESSIONS.ser) during tomcat shutdown BTW I've set workDir in $CATALINA_HOME/conf/server.xml (inside the Host section) to point to a temp folder in my home. Don't change the workDir attribute for the Host - let that one stay as the default. The idea is to give the webapp a different work directory than the one Tomcat uses. You need to change just the workDir attribute for the webapp, inside its Context element. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Attempts to install Tomcat 5.5 on a windows machine with Apache 2.0.58
I have been trying to install Tomcat 5.5 on a windows machine where there is an Apache webserver running. The version of Apache is 2.0.58. I did a clean re-installation of Apache, checked the path of system variables such as CATALINA_HOME, JAVA_HOME and PATH. I have checked the config files for spelling errors, specifically for Apache httpd.conf workers.properties for Tomcat mod_jk.conf Despite all of this I cannot get Tomcat to work. I have checked the Apache installation via a full URL (http://ling-map2.win.su.se) and also via http://localhost. I get the normal response from Apache but when I check http://localhost:8080, I get a message The connection was refused when trying to contact localhost:8080. I have also checked in the Tomcat/logs/mod_jk.log; I am pasting some of its intial lines below. PHP Warning: PHP Startup: Unable to load dynamic library 'C:\\Program Files\\php\\ext\\php_cpdf.dll' - The specified procedure could not be found.\r\n in Unknown on line 0 PHP Warning: PHP Startup: Unable to load dynamic library 'C:\\Program Files\\php\\ext\\php_cpdf.dll' - The specified procedure could not be found.\r\n in Unknown on line 0 [Thu Dec 13 15:07:19 2007] [info] jk_open_socket::jk_connect.c (433): connect to 130.237.171.49:8009 failed with errno=61 [Thu Dec 13 15:07:19 2007] [info] ajp_connect_to_endpoint::jk_ajp_common.c (877): Failed connecting to tomcat. Tomcat is probably not started or is listening on the wrong host/port (130.237.171.49:8009). Failed errno = 61 [Thu Dec 13 15:07:19 2007] [info] ajp_send_request::jk_ajp_common.c (1227): Error connecting to the Tomcat process. [Thu Dec 13 15:07:19 2007] [info] ajp_service::jk_ajp_common.c (1724): Sending request to tomcat failed, recoverable operation attempt=1 [Thu Dec 13 15:07:19 2007] [info] jk_open_socket::jk_connect.c (433): connect to 130.237.171.49:8009 failed with errno=61 [Thu Dec 13 15:07:19 2007] [info] ajp_connect_to_endpoint::jk_ajp_common.c (877): Failed connecting to tomcat. Tomcat is probably not started or is listening on the wrong host/port (130.237.171.49:8009). Failed errno = 61 [Thu Dec 13 15:07:19 2007] [info] ajp_send_request::jk_ajp_common.c (1227): Error connecting to the Tomcat process. [Thu Dec 13 15:07:19 2007] [info] ajp_service::jk_ajp_common.c (1724): Sending request to tomcat failed, recoverable operation attempt=2 I have searched the tomcat archives and also performed general google searches. Although I do get hits where a similar problem is described, I haven't found any solution yet. I am sure this has happened before so a pointer to a file/address where I could find guidance on how to proceed will be greatly appreciated. Thank you in advance for your time and help. Best wishes, Ljuba -- === Ljuba Veselinova Dept of Linguistics Email: [EMAIL PROTECTED] Stockholm University Phone: +46-8-16 2332 106 91 Stockholm Fax : +46-8-15 5389 Sweden URL : http://www.ling.su.se/staff/ljuba/ We learn by going where we want to go. Julia Cameron - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: extra field in form-based authentication
I was thinking you had to use j_username and j_password for the j_securitycheck login action you might could add another variable in those classes called, but at the very least it would be adding it in and overriding authenticate I would think. -Original Message- From: dirk ooms [mailto:[EMAIL PROTECTED] Sent: Thursday, December 13, 2007 5:00 AM To: users@tomcat.apache.org Subject: extra field in form-based authentication Hello, I would like to have an extra field in my form-based login page, but I'm wondering how I can retrieve the value of that extra field within my application (request.getParameter(blabla) does not work). I searched the web and a suggestion was to override authenticate() in FormAuthenticator. But I'm wondering how I tell the container to use my version of authenticate()? Are there other ways? This looks like something obvious, but after searching for a couple of hours, I haven't found a clear answer to this issue. Thanks in advance for any guidance, dirk - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: extra field in form-based authentication
can you not pull in a header value somewhere and determine that? Seems like you could in either your servlet or JSP pull in the header/user agent value and then write the style sheet reference accordingly. Perhaps not? -Original Message- From: dirk ooms [mailto:[EMAIL PROTECTED] Sent: Thursday, December 13, 2007 6:49 AM To: users@tomcat.apache.org Cc: David Delbecq Subject: Re: extra field in form-based authentication interesting suggestion, but in my case the extra field is not related to the username. i would like to have a field where the user indicates on what type of device he/she works, so we can offer the appropriate stylesheet. On Thursday 13 December 2007 13:00, David Delbecq wrote: Or have the username in a hidden field and have javascript build it from to fields. example: j_username=Domain\\user j_password=* Most pragmatic way imho. javascript disabled user could still enter the \\ manually :) En l'instant précis du 13/12/07 12:51, Tim Funk s'exprimait en ces termes: In form based authentication - you have no access to the processor other than your suggestion of overriding authenticate() in FormAuthenticator. Depending on the purpose of the field you could always perform a kludge of setting the 3rd value in a cookie and have a filter check for hte cookie to perform any extra work you need. (Somehow - I doubt that will work) -Tim dirk ooms wrote: Hello, I would like to have an extra field in my form-based login page, but I'm wondering how I can retrieve the value of that extra field within my application (request.getParameter(blabla) does not work). I searched the web and a suggestion was to override authenticate() in FormAuthenticator. But I'm wondering how I tell the container to use my version of authenticate()? Are there other ways? This looks like something obvious, but after searching for a couple of hours, I haven't found a clear answer to this issue. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Axis2] FileNotFoundException (SESSIONS.ser) during tomcat shutdown
On 13 Dec 2007, at 15:33, Caldarale, Charles R wrote: From: Michele Mazzucco [mailto:[EMAIL PROTECTED] Subject: Re: [Axis2] FileNotFoundException (SESSIONS.ser) during tomcat shutdown BTW I've set workDir in $CATALINA_HOME/conf/server.xml (inside the Host section) to point to a temp folder in my home. Don't change the workDir attribute for the Host - let that one stay as the default. The idea is to give the webapp a different work directory than the one Tomcat uses. You need to change just the workDir attribute for the webapp, inside its Context element. Ok... but I haven't been working directly with servlet for a long time. Where do I find the Context element related to axis2 (which is a servlet)? Should it be inside $CATALINA_HOME/webapps/axis2/WEB- INF/web.xml? If so, there's no Context element in such file. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e- mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: DCOM problem in Tomcat 6 on Windows
Hello! Karsten, You didn't mention if you were running Tomcat as a service. I'll assume you are. Yes. [snip] Just for grins, have you tried using the identical DLL to run this console program? Yes - they are in different directories but are otherwise identical (size, data, SHA-1 checksum). The DLL doesn't get registered, only loaded. Usually when folks have problems and weird issues running Tomcat on Windows like this is because they are using Tomcat as a Windows Service and aren't sensitive to the differences in privilege for their console user (usually Karsten or whatever) and the Tomcat service user (Tomcat? System... not sure what the default is). You might want to look into the permissions of the effective user that Tomcat uses when running as a service. Thanks for the hint - I checked this. The Windows service ran as Local System which I guess is an admin account. I changed it to my own admin user account but that didn't help. I have a third Java program, run as a Windows service, with that same (default, I guess) Local System account, which can use the DLL and the DCOM communication within it just fine. Next I used the ZIPped version of Tomcat, set it all up and started it explicitly from a command line with admin rights, but that gave me the same results. Unfortunately, since we use some JSP 2.1 features, I can't try this with Tomcat 5.x. I tried this both on XP and Vista, and the results were the same. Does anybody else have an idea why DCOM fails under Tomcat 6? - -chris Karsten - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [Axis2] FileNotFoundException (SESSIONS.ser) during tomcat shutdown
From: Michele Mazzucco [mailto:[EMAIL PROTECTED] Subject: Re: [Axis2] FileNotFoundException (SESSIONS.ser) during tomcat shutdown Where do I find the Context element related to axis2 (which is a servlet)? First you said axis2 is a webapp, now you say it's a servlet; I suspect the former is correct. A webapp can utilize many servlets, which I think is the case here. Should it be inside $CATALINA_HOME/webapps/axis2/WEB-INF/web.xml? No, the contents of that file are defined by the servlet spec (JSR-154), whereas the Context element is specific to Tomcat. It can be in webapps/axis2/META-INF/context.xml or in conf/Catalina/localhost/axis2.xml; the latter overrides the former if it's in both places. (It can also be in server.xml, but that location should not be used for recent versions of Tomcat.) It may not exist at all, in which case you'll need to create it in one of the above locations, with just the workDir attribute. The relevant doc is here: http://tomcat.apache.org/tomcat-6.0-doc/config/context.html - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Attempts to install Tomcat 5.5 on a windows machine with Apache 2.0.58
I've got tomcat going behind apache several times. My general view is get them both working independently and then hook them up. From your original mail I'm skeptical that you actually have got tomcat started properly. [Thu Dec 13 15:07:19 2007] [info] ajp_send_request::jk_ajp_common.c (1227): Error connecting to the Tomcat process. [Thu Dec 13 15:07:19 2007] [info] ajp_service::jk_ajp_common.c (1724): Sending request to tomcat failed, recoverable operation attempt=1 [Thu Dec 13 15:07:19 2007] [info] jk_open_socket::jk_connect.c (433): connect to 130.237.171.49:8009 failed with errno=61 [Thu Dec 13 15:07:19 2007] [info] ajp_connect_to_endpoint::jk_ajp_common.c (877): Failed connecting to tomcat. Tomcat is probably not started or is listening on the wrong host/port (130.237.171.49:8009). Failed errno = 61 [Thu Dec 13 15:07:19 2007] [info] ajp_send_request::jk_ajp_common.c (1227): Error connecting to the Tomcat process. [Thu Dec 13 15:07:19 2007] [info] ajp_service::jk_ajp_common.c (1724): Sending request to tomcat failed, recoverable operation attempt=2 I have searched the tomcat archives and also performed general google searches. Although I do get hits where a similar problem is described, I haven't found any solution yet. I am sure this has happened before so a pointer to a file/address where I could find guidance on how to proceed will be greatly appreciated. Questions 1. What ports are bound to apache? - only 80 I should hope. Make sure that 8009 and 8080 aren't bound by apache otherwise tomcat can't work. 2. If you stop apache does tomcat start? localhost:8080 is the HTTP connection to tomcat. I assume you are trying localhost:8080 to see if tomcat is available. The mod_jk connector will use port 8009 for the AJP connection. It is possible to run tomcat behind apache with 8080 disabled but I assume that is not what you're intention. Ljuba Veselinova wrote: I have been trying to install Tomcat 5.5 on a windows machine where there is an Apache webserver running. The version of Apache is 2.0.58. I did a clean re-installation of Apache, checked the path of system variables such as CATALINA_HOME, JAVA_HOME and PATH. I have checked Despite all of this I cannot get Tomcat to work. I have checked the Apache installation via a full URL (http://ling-map2.win.su.se) and also via http://localhost. I gethe config files for spelling errors, specifically for Apache httpd.conf workers.properties for Tomcat mod_jk.conf t the normal response from Apache but when I check http://localhost:8080, I get a message The connection was refused when trying to contact localhost:8080. Sounds like tomcat hasn't started. I have also checked in the Tomcat/logs/mod_jk.log; I am pasting some of its intial lines below. Have you checked the tomcat logs to see that it has started properly? Look for catalina.out in your tomcat logs directory. PHP Warning: PHP Startup: Unable to load dynamic library 'C:\\Program Files\\php\\ext\\php_cpdf.dll' - The specified procedure could not be found.\r\n in Unknown on line 0 PHP Warning: PHP Startup: Unable to load dynamic library 'C:\\Program Files\\php\\ext\\php_cpdf.dll' - The specified procedure could not be found.\r\n in Unknown on line 0 Why are you getting php warnings in the mod_jk log? Looks like your logging isn't set up correctly. [Thu Dec 13 15:07:19 2007] [info] jk_open_socket::jk_connect.c (433): connect to 130.237.171.49:8009 failed with errno=61 [Thu Dec 13 15:07:19 2007] [info] ajp_connect_to_endpoint::jk_ajp_common.c (877): Failed connecting to tomcat. Tomcat is probably not started or is listening on the wrong host/port (130.237.171.49:8009). Failed errno = 61 This seems the critical line - tomcat is probably not started or is listening on the wrong host/prot Is tomcat listening on localhost? It looks like you are trying to talk to the defined IP above (130...) and not localhost Hope that helps Alan Thank you in advance for your time and help. Best wishes, Ljuba - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Axis2] FileNotFoundException (SESSIONS.ser) during tomcat shutdown
On 13 Dec 2007, at 16:35, Caldarale, Charles R wrote: From: Michele Mazzucco [mailto:[EMAIL PROTECTED] Subject: Re: [Axis2] FileNotFoundException (SESSIONS.ser) during tomcat shutdown Where do I find the Context element related to axis2 (which is a servlet)? First you said axis2 is a webapp, now you say it's a servlet; I suspect the former is correct. A webapp can utilize many servlets, which I think is the case here. OK. Axis2 is a web app which includes a SOAP engine (which is a servlet) and an admin page (which is another servlet) Should it be inside $CATALINA_HOME/webapps/axis2/WEB-INF/web.xml? No, the contents of that file are defined by the servlet spec (JSR-154), whereas the Context element is specific to Tomcat. It can be in webapps/axis2/META-INF/context.xml or in conf/Catalina/localhost/axis2.xml; the latter overrides the former if it's in both places. (It can also be in server.xml, but that location should not be used for recent versions of Tomcat.) It may not exist at all, in which case you'll need to create it in one of the above locations, with just the workDir attribute. The relevant doc is here: http://tomcat.apache.org/tomcat-6.0-doc/config/context.html Done. The folder is created at tomcat startup but when I stop tomcat it still complains because it doesn't find the file SESSIONS.ser (i.e. the same error occurs). The only workaround is to disable session persistence ($CATALINA/conf/ context.xml). Michele - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e- mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Servlets loading issue
This is what I have ,Do I need to modify it to point to test classes /servelets ? [EMAIL PROTECTED] /usr/local/apache-tomcat-5.5.25/conf]: head context.xml ?xml version=1.0 encoding=UTF-8? !-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the License); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 [EMAIL PROTECTED] /usr/local/apache-tomcat-5.5.25/conf]: Christopher Schultz [EMAIL PROTECTED] 12/12/2007 05:13 PM Please respond to Tomcat Users List users@tomcat.apache.org To Tomcat Users List users@tomcat.apache.org cc Subject Re: Servlets loading issue -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Shekhar, [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] /usr/local/apache-tomcat-5.5.25/conf]: oslevel -r 5300-07 How about: (in /usr/local/apache-tomcat-5.5.25/conf) $ head context.xml Can we get a copy of the stack trace, too? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHYF0X9CaO5/Lv0PARAn2aAJ4neOKDeGZv3qugkjvlyBjJeZXzHACgwgLP YkAP3l/+78S44UvkPtGGvT8= =HRDy -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
User roles
Our Security group wants for me to change the Tomcat 5 default password. I believe that this setting is within the tomcat-users.xml file. I know that the role called tomcat needs to be in there to have the service operate correctly. Could you please provide instructions for changing the default password to something else and how it affects the service=3F I assume that the service would need to be restarted following adjustments to the XML =66ile. Thank you. Michael Shaw Programmer Select Medical Corporation [EMAIL PROTECTED] Note: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you.
RE: [Axis2] FileNotFoundException (SESSIONS.ser) during tomcat shutdown
From: Michele Mazzucco [mailto:[EMAIL PROTECTED] Subject: Re: [Axis2] FileNotFoundException (SESSIONS.ser) during tomcat shutdown The folder is created at tomcat startup but when I stop tomcat it still complains because it doesn't find the file SESSIONS.ser (i.e. the same error occurs). You're right; I thought I had checked that Tomcat would still use the Host workDir for SESSIONS.ser, but further testing shows that's not true. Something else to try is configuring a nested Manager element inside the axis2 Context, and specifying the pathname attribute as an absolute path to where SESSIONS.ser should be stored, while having some alternate location for the axis2 Context workDir attribute. The pathname attribute should include the file name (SESSIONS.ser), and every component of the path must already exist prior to Tomcat shutdown. In your situation, you could try the pathname value: /home/nmm42/devel/tomcat/apache-tomcat-6.0.13/work/Catalina/localhost/ax is2/SESSIONS.ser However, you really should search the webapp source code for references to javax.servlet.context.tempdir, and fix the code that's removing that directory. Deletion of the workDir affects not only session persistence, but also trashes class files generated from JSPs. The only workaround is to disable session persistence ($CATALINA/conf/context.xml). That affects all webapps; you should really apply workarounds only to the Context element for the webapp that's causing trouble, until you get it fixed. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: User roles
From: Shaw, Mike [mailto:[EMAIL PROTECTED] Subject: User roles Our Security group wants for me to change the Tomcat 5 default password. There's no such thing as a password for Tomcat itself. Various webapps deployed under Tomcat may have security constraints requiring certain roles, but the default tomcat-users.xml contains no passwords. The manager and admin apps do require roles and authentication, of course. I know that the role called tomcat needs to be in there to have the service operate correctly. Not true; running Tomcat as a service has nothing to do with what's in the tomcat-users.xml file. If you're serious about security, you'll discard the default toy Realm and use a real one. Read up on it here: http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: ISAPI JK2 ran better than JK, how can that be?
Hmm, I'm running Tomcat 4.1.18 which didn't even support the %D logging directive :-/ But now I have a load balancer in place, with one worker. A status is shown below after about 6hrs of traffic. As you can see the client errors make up about 6% of all incident traffic, though they dwarf server errors. Type Sticky Sessions Force Sticky Sessions Retries LB Method Locking Recover Wait Time Max Reply Timeouts lb TrueFalse 2 Request Optimistic 60 0 Good DegradedBad/Stopped BusyMax BusyNext Maintenance 10 0 18 60 37/99 Balancer Members NameTypeHostAddrAct State D F M V Acc Err CE RE Wr Rd BusyMax Route RR Cd Rs worker41 ajp13 localhost:8009 127.0.0.1:8009 ACT OK 0 1 1 140 42245 97 25560 24M 1.4G 18 60 worker410/0 It certainly gives me a better picture of what's going on, but I'm no further towards what is stopping everything working on a daily basis. But then just as I'm writing this my site falls over - I get the Service Temporarily Unavailable consistently on my pages. I grabbed a snapshot of the status worker - Type Sticky Sessions Force Sticky Sessions Retries LB Method Locking Recover Wait Time Max Reply Timeouts lb TrueFalse 2 Request Optimistic 60 0 Good DegradedBad/Stopped BusyMax BusyNext Maintenance 10 0 100 115 21/83 Balancer Members NameTypeHostAddrAct State D F M V Acc Err CE RE Wr Rd BusyMax Route RR Cd Rs worker41 ajp13 localhost:8009 127.0.0.1:8009 ACT ERR/FRC 0 1 1 132 43181 691 25970 24M 1.4G100 115 worker410/0 Clearly there seemed to be some catastrophic occurrence that made the Error count rocket and the worker state change. I'm unfamliar with the load balancer - will a state of ERR/FRC be rectified somehow? For now I just restarted IIS Tomcat which appears to be the only method of recovery at present cheers Tim From: Rainer Jung [mailto:[EMAIL PROTECTED] Sent: Mon 10/12/2007 15:39 To: Tomcat Users List Cc: Ludwig,GJA,Graeme,DGE R Subject: Re: ISAPI JK2 ran better than JK, how can that be? Hi Tim, [EMAIL PROTECTED] wrote: Hi Rainer, Thanks for the response. To cover a few points you made - - Yes, I had a hunch long running requests are a problem; because of our appliction design, some pages invoked for the first time take a while (we can't cache them all!). Is there an easy way to correlate (apart from timestamp) the errors in the isapi and the requests made to IIS ? I mean can I get isapi log to show the URL being processed? I'm afraid the answer most liekely is no. You can file an enhancement request in our bugzilla. That way the feature might materialize one day. For Apache httpd, correlation between error an log message is a little better. Even though we don't include the URL, we include the PID and thread ID, and both can be logged in the httpd access log. So having time, process id and thread id, usually makes it possible to correlate successful, although it is still some work and not perfect. - I've now got the %D option in place on Tomcat to figure out from tomorrow which are the heavy pages - Yes, thread dumps on JDK 1.3 TC4.1.x are tricky - I'm looking at the Tomcat JavaWrapper approach as a way forward. The version of the 3rd party product we have in place is only supported on jdk1.3 (this is a pretty ancient set up!) - I agree that my incident traffic load is not huge, and should be supportable by the environment in place. - I'll try a load balancer worker to see if that tells me more info At least it does tell you the number of errors a worker had, and also the number of client errors. That way you can check quickly, if there are more errors than client errors, and by pollling the values, you can find out how often and during which times things are happening. Only counters though, no per incodent information. The page can be configured to return machine readable content. Have al look at: http://tomcat.apache.org/connectors-doc/reference/status.html If possible I'll have some more information in a day or so from this... cheers Tim Regards, Rainer - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED]
Re: AccessControlException in Coyote Http11Processor (Tomcat 6.0.14). Bug in Coyote ?
Delian Krustev wrote: On Tue, 11 Dec 2007 22:35:20 + Mark Thomas wrote: Are you happy to mod the code and build a patched version yourself or do you want some help? I can build a binary with the patch for you to test if you wish. I've not built Tomcat from source before, so I'll take advantage of the help you're offering. Thank you. Snapshot build of trunk available from: http://people.apache.org/~markt/dev/ This is the current 6.0.x trunk with the security manager optimisation reverted for the org.apache.coyote.* packages. *HEALTH WARNING* This is a snapshot for testing of this issue only. It is not a formal release. Happy testing! Mark - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Multiple problems with Tomcat and Struts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Uma, Uma Kalluru wrote: But I am still wondering, if there was connection timeout and the first user gets an error. Why should the whole application go down? It shouldn't (go down). I mean no other user can use the application after the error. Any idea on this? Try setting the validation query for your connection pool and see if that helps. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHYa+B9CaO5/Lv0PARAmtWAJ9uS2jUZxg9U1B/LSSEg5yW4q9OGACfeLpt jXAQ8Gqii6f/fqga6pWZLyg= =gyZk -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Servlets loading issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Shekhar, [EMAIL PROTECTED] wrote: Christopher Schultz wrote: How about: (in /usr/local/apache-tomcat-5.5.25/conf) $ head context.xml [EMAIL PROTECTED] /usr/local/apache-tomcat-5.5.25/conf]: head context.xml ?xml version=1.0 encoding=UTF-8? !-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the License); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Okay, that was worthless. I guess I really wanted you to provide the Context element from your TOMCAT_HOME/conf/context.xml file. This is what I have ,Do I need to modify it to point to test classes /servelets ? No. You should not modify your server-wide context.xml file to point to any servlets. That's what your webapp's deployment descriptor (web.xml) is for. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHYbAy9CaO5/Lv0PARArZYAKCTER7Hwas3/fjbmdewytTDRiwXCACfU32a 5tbrYMoSEWZQpal0Zsrp1cA= =+mfj -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: extra field in form-based authentication
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David, David Delbecq wrote: Login form should contains only login informations (cf J2EE specs). I agree that login forms should only contain login information, but I question the J2EE spec's interpretation of what should be considered login information. Username + password is often not enough, and the servlet spec makes it completely non-portable to do anything differently. If you want to play with customization of login form that go beyond what is allowed by j2EE security model, just forget container managed [authentication and authorization] and provide your own one. One such option is to use securityfilter (http://securityfilter.sourceforge.net), which allows you to (IMO) more easily write your own authentication module, including direct access to the HttpServletRequest object where you can set up some configuration information. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHYbIo9CaO5/Lv0PARAlj6AKCl2P0o7ei+ObLEj8vPMgSXeE//zgCfUrZp /VzjSHBhvfKCHkXGJrYBv8g= =FLAD -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Intermittent blank page after log-n
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Steve, Steve Mitchell wrote: I'm using a JDBC realm with a site and sometimes when you try to access a secured resource you get a blank page after logging in. You have to refresh the page to get the secured resource to appear. After that everything works great. Does it happen to be a POST request that initiates the login? Tomcat has a certain maximum size (can't remember off the top of my head) for POST requests that it will properly re-process after a login. This appears to only happen on the first login. First login when? After a server restart? Ever on a given browser? First login for whom? The first user to hit the server at all after a restart, or the first time a particular user logs in from anywhere? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHYbOO9CaO5/Lv0PARAgPfAJ9vboUTDnGi5MpEZAEs4+dyTl3+AgCfWlN0 1UeUL2GD9RxCq2H7kXAD7H4= =rtvW -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HttpSessionActivationListener not getting called in the Tomcat 5.5.20 clustered mode.
Jess Holle wrote: I sent the patch quite some time back now, so I'm not sure where it is. Being similarly lazy I'm attaching an excerpt of the patched StandardSession.java (from 5.5.23) with changes embedded in it. Thanks for that. I checked the archives and the patch was e-mailed to dev but I couldn't find a bugzilla entry. Chances are it just got forgotten about. I've looked at your patch and I see what you are doing but don't understand why you should need to (or why it then works). The current code should do what the spec requires. I'll put together a test case and see if I can figure out what is going on. I have a busy few days ahead so it might be the middle of next week until I have some results. Mark - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Servlets loading issue
[EMAIL PROTECTED] /usr/local/apache-tomcat-5.5.25/conf]: ls -lrt total 224 drwxr-xr-x 3 root system 256 Aug 24 19:34 Catalina/ -rw--- 1 root system19626 Aug 24 19:35 server.xml -rw--- 1 root system 1678 Aug 24 19:35 server-minimal.xml -rw--- 1 root system 3606 Aug 24 19:35 logging.properties -rw--- 1 root system 3114 Aug 24 19:35 catalina.properties -rw--- 1 root system 7656 Aug 24 19:35 catalina.policy drwxrwxr-x 11 root system 4096 Dec 12 12:29 ../ -rw-rw-r-- 1 root system 310 Dec 12 12:46 tomcat-users.xml.org -rw-rw-r-- 1 root system 397 Dec 12 12:48 tomcat-users.xml drwxr-xr-x 3 root system 4096 Dec 12 12:48 ./ -rw--- 1 root system 1175 Dec 12 12:51 context.xml -rw--- 1 root system50739 Dec 12 12:54 web.xml [EMAIL PROTECTED] /usr/local/apache-tomcat-5.5.25/conf]: cat context.xml ?xml version=1.0 encoding=UTF-8? !-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the License); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an AS IS BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. -- !-- The contents of this file will be loaded for each web application -- Context reloadable=true !-- Default set of monitored resources -- WatchedResourceWEB-INF/web.xml/WatchedResource !-- Uncomment this to disable session persistence across Tomcat restarts -- !-- Manager pathname= / -- /Context [EMAIL PROTECTED] /usr/local/apache-tomcat-5.5.25/conf]: Christopher Schultz [EMAIL PROTECTED] 12/13/2007 05:20 PM Please respond to Tomcat Users List users@tomcat.apache.org To Tomcat Users List users@tomcat.apache.org cc Subject Re: Servlets loading issue -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Shekhar, [EMAIL PROTECTED] wrote: Christopher Schultz wrote: How about: (in /usr/local/apache-tomcat-5.5.25/conf) $ head context.xml [EMAIL PROTECTED] /usr/local/apache-tomcat-5.5.25/conf]: head context.xml ?xml version=1.0 encoding=UTF-8? !-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the License); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Okay, that was worthless. I guess I really wanted you to provide the Context element from your TOMCAT_HOME/conf/context.xml file. This is what I have ,Do I need to modify it to point to test classes /servelets ? No. You should not modify your server-wide context.xml file to point to any servlets. That's what your webapp's deployment descriptor (web.xml) is for. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHYbAy9CaO5/Lv0PARArZYAKCTER7Hwas3/fjbmdewytTDRiwXCACfU32a 5tbrYMoSEWZQpal0Zsrp1cA= =+mfj -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HttpSessionActivationListener not getting called in the Tomcat 5.5.20 clustered mode.
Mark Thomas wrote: Jess Holle wrote: I sent the patch quite some time back now, so I'm not sure where it is. Being similarly lazy I'm attaching an excerpt of the patched StandardSession.java (from 5.5.23) with changes embedded in it. Thanks for that. I checked the archives and the patch was e-mailed to dev but I couldn't find a bugzilla entry. Chances are it just got forgotten about. I've looked at your patch and I see what you are doing but don't understand why you should need to (or why it then works). The current code should do what the spec requires. I'll put together a test case and see if I can figure out what is going on. I have a busy few days ahead so it might be the middle of next week until I have some results. As luck would have it, I had an old test case lying around. I've tested the 6.0.x trunk (same code as 5.5.x) and the behaviour is as per the spec. If an attribute implements HttpSessionActivationListener then it gets called on session persistence and activation. My test causes this by restarting the app. There might be a problem in clustered mode. That will take longer to test because I know I don't have a test case ready to go. Mark - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: ISAPI JK2 ran better than JK, how can that be?
Hi Tim, [EMAIL PROTECTED] wrote: But now I have a load balancer in place, with one worker. A status is shown below after about 6hrs of traffic. As you can see the client errors make up about 6% of all incident traffic, though they dwarf server errors. Acc Err CE RE Wr Rd BusyMax 4224597 25560 24M 1.4G18 60 OK, first of all we have 42245 requests forwarded since last restart of the web server, if this is 6 hours, it's about 2 requests per second (mean value, not peak). Your busyness (see also below) is 18. If your busyness is often that high, it means that your medium response time should be something like busyness / load = 18 requests / (2 requests per second) = 9 seconds. 2556 client errors, i.e. either the request could not be read completely, or more likely the response could not be returned completely is pretty much (more than 5%). Also: 97 errors really mean, that 97 times there was a serious problem between the web server and tomcat. We don't know though, how often there was a rot cause. Maybe it was only a problem once, and 97 requests ran into it very quickly after each other. But then just as I'm writing this my site falls over - I get the Service Temporarily Unavailable consistently on my pages. I grabbed a snapshot of the status worker - Good, so you know at least, that the web server is still able to respond :) StateAcc Err CE RE Wr Rd BusyMax ERR/FRC 43181 691 25970 24M 1.4G100 115 OK, so the plugin detected an error (ERR), when talking to Tomcat. Details on this error should be in the log file. Since the load balancer only has one member, it doesn't take the only member out of service (what it would do, if it had more members), instead it does forced recovery (FRC), i.e. it still sends requests there, although it failed with the requests before. We can see, that from the 936 requests forwarded since the last snapshot, 691 ran into an error, and from the remaining 245 requests 39 into got a client error, even more than the 5% we had over 6 hours. The most important thing though is, that the busyness went up to 100 with a max of 115. Busyness is the number of requests, which are currently being processed by the backend (more precisely those, that have been forwarded by this web server and not fully returned yet). The fact, that your busyness went up that far usually means, that something in your backend got very slow. If this is true, and what is slow, can be analyzed best using java thread dumps of the backend process. Clearly there seemed to be some catastrophic occurrence that made the Error count rocket and the worker state change. I'm unfamliar with the load balancer - will a state of ERR/FRC be rectified somehow? For now I just restarted IIS Tomcat which appears to be the only method of recovery at present To check the theory, that the problem lies within the backend, and not IIS, you could try to find out what's happening, if you only restart tomcat. If it's really the backend, the isapi redirector should be able to forward traffic again without IIS restart. In order to prevent issues from long TC timeouts when you shutdown the backend, you could first take the status of the backend to Stop in the load balancer. Then the load balancer will immediately answer all requests with an error and not stack them up in frnt of the backend. Then resart Tomcat and after full Tomcat startup, take the load balancer again to Active. If your service runs again, then it's likely a backend problem. Diagnosing without thread dumps might be hard. Have a look at the log files. cheers Tim Regards, Rainer - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: stdout.log size is increasing
Date sent: Tue, 11 Dec 2007 01:13:11 -0800 (PST) Hi Steve, thanks, OS is windows 2003. How can I archive stdout.log in a production environment without stopping tomcat? Hmm, sorry, I don't know how to rotate logs on windows. On unix you can use cronolog. I want that tomcat automatically archives the stdout.log file and creates a new one once a certains size is reached. Otherwise the log file size raises everyday ! How can I configure logrotate as you mentioned? is it applicable on windows as well? thank you Steve Ochani [EMAIL PROTECTED] wrote: On 10 Dec 2007 at 1:16, Stefano Martines wrote: Hi All, Although the log level is low, the stdout.log size is increasing in production day by day. I want that tomcat automatically archives the stdout.log file and creates a new one once a certains size is reached. How can I do that? You didn't mention what OS you're using (or Tomcat version for that matter) but if you're using unix, try logrotate. I want somethink like this: stdout.log 12 MB stdout_1.log 50 MB stdout_2.log 50 MB stdout_3.log 50 MB thank you Stefano Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. - Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Help with java Lists
Date sent: Tue, 11 Dec 2007 18:16:12 -0500 From: Christopher Schultz [EMAIL PROTECTED] Subject:Re: Help with java Lists To: Tomcat Users List users@tomcat.apache.org Send reply to: Tomcat Users List users@tomcat.apache.org -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Steve, Steve Ochani wrote: Keeping less data in each node should make searching the list fast. Huh? I'm pretty sure that pointer dereferencing performance does not depend on memory size (ignoring memory paging, of course). Yes correct but as I understood the OP he was searching the CONTENTS/DATA of each node. If for ex. you have 100 nodes each having 10MB of data, searching through this list will be slower than searching through a list of lets say 100 nodes with each node only having 1 MB of data. -Steve O. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Help with java Lists
Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David, David kerber wrote: My primary job is database design and management; the java side is where I'm weak, and I've spent a LOT of time on these queries, including pushing through some design changes that have helped a lot, but not enough. Okay. Forgive my comments about proper database care and feeding... usually this list attracts programmers that don't know much about databases. No problem; I took it in the spirit it was intended (trying to be helpful). map.put(myDataObj, myDataObj)? I thought of that, but there is a lot more data in the object than just the stuff I need to search on. Once I identify the particular object instance I need (which only needs those 3 fields), there are about a dozen other fields I need to retrieve from it to process each record. That's fine. If you only use 3 fields for identification, there's no harm in keeping all that data together in a single object. It's not like it uses up any more memory. Actually, you might be saving a bit of memory since you won't need separate key and value objects. When in doubt, abstract: write yourself a helper class that bundles all this odd logic together. Then, your business code will be a lot simpler to read, and you can separately unit test your SpecializedTreeSetHashMapLinkedList class (or whatever). ;) Yeah, that's what I'm working on right now. It's coming together, though somewhat slowly since I'm still getting my head around the different kinds of maps and lists, and what each of them is good for. It's always worth it to read though the entire java.util API. There are some great classes in there. Yeah, I'm discovering that. It seems like every time I ask for suggestions about how to do something that I'm struggling with in my app, somebody suggests something from java.util, and it ends up working great. This time around, it was TreeMap, which led me to SortedMap, which so far (about 80% done) looks like it's going to work great. After a couple of false starts, I'm using hash maps with the Key being the pKey of my db objects (which I already have available from other objects in the app), and the Value being a SortedMap of the data for each object. This gives me instant access to the map I need, and a separate HashMap keeps the pointer to the key I need to track my place in each SortedMap. I'll post back when I'm done as to how it goes, but so far it's looking good. If I were using java 6, I would have some even more helpful navigation methods, such as higherKey(), but what I've got isn't bad. D - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat and IIS losing their link
Hello, I've got IIS 6.0 linked with Tomcat 5.5.25 (with JDK 1.5.0_14-b03 and AJP dll) via the ISAPI connector (JK 1.2.25) on Windows 2003 Server, and during high traffic periods, the connection between IIS and Tomcat is being severed. This has been occurring in the mid-afternoon every day since this server went live and to get it running again, I've had to restart Tomcat. The peak connections to IIS during one of the days was just under 100, so this isn't really all that high of traffic. The isapi_redirect.log isn't much help. It has only been logging errors after the connection to Tomcat has been broken. Tomcat itself hasn't logged anything of relevance and I don't actually think that Tomcat is affected when the link is broken, but as I mentioned earlier, I have to restart Tomcat to get it to reconnect with IIS. Most of my configuration settings came from this website: http://wiki.jboss.org/wiki/Wiki.jsp?page=OptimalMod_jk1.2Configuration Here are the relevant workers.properties settings: worker.ajp13w.type=ajp13 worker.ajp13w.host=localhost worker.ajp13w.port=8009 worker.ajp13w.lbfactor=1 worker.ajp13w.connect_timeout=1 worker.ajp13w.prepost_timeout=1 worker.ajp13w.socket_timeout=10 worker.ajp13w.connection_pool_timeout=600 worker.ajp13w.connection_pool_size=350 Here are the relevant server.xml settings: Connector port=8443 maxHttpHeaderSize=8192 maxThreads=400 minSpareThreads=50 maxSpareThreads=150 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=https secure=true SSLEngine=on SSLPassword=removed SSLCertificateFile=removed SSLCertificateKeyFile=removed / Connector port=8009 redirectPort=8444 protocol=AJP/1.3 connectionTimeout=60 enableLookups=false maxThreads=400 minSpareThreads=50 maxSpareThreads=150 / I just configured IIS 6.0 to run in IIS 5.0 isolation mode and that's the end of my ideas for fixing this issue. The only other ISAPI filters that I'm running are ASP.NET_1.1.4322.2307 and ISAPI_Rewrite3 (for URL rewriting). IIS web site connections is set to 'unlimited', connection timeout is 120 seconds, HTTP Keep-Alives is enabled. Until the crazy thing stops working, everything is fine. Any help will be greatly appreciated. Thanks, Travis
New Mail Id
Hello all, Please note my new maild ID [EMAIL PROTECTED] , and also please send test mail as well... -- Suresh Babu, Software Engineer, Computer Associates-India
