Re: HTTPS after JDK upgrade in Firefox 3 stopped working
Downgrade to JDK 6u7 didn't help, problem occurs in firefox 2 and 3. Maybe problem will be in signing certificate with our company CA. I will try to configure Apache HTTPD and we will see. Jozef On Tue, Nov 4, 2008 at 8:27 PM, Caldarale, Charles R [EMAIL PROTECTED] wrote: From: Jozef Hovan [mailto:[EMAIL PROTECTED] Subject: HTTPS after JDK upgrade in Firefox 3 stopped working Environment: I upgraded Windows 2000 - Windows Server 2003, JDK 5u14 - JDK 6u10, Tomcat 5.5.25-5.5.27. Just for grins, can you replace the JDK 6u10 with 6u7 and try it again? Lots of things changed in 6u10... - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Problems with external libraries
Hello, I've developed a web app which uses two jar files that have been developed by a third party. I've developed it using eclipse IDE which manages the server automatically. I'm now trying to deploy it on localhost (apache tomcat 6.0.17) in a directory like this (inside webapps): mApp --all the .jsp, .html, images etc. --WEB-INF --web.xml (the one created by Eclipse) classes ---smsBulk (name of the pakage of my application classes) all my .class files lib ---two third party .jar files When I run the application via browser it gives me a server error because it cannot find the classes contained into the third party .jar files My enviromental variables for apache are: CATALINA_HOME C:\apache-tomcat-6.0.16 and in the Path variable i've added %CATALINA_HOME%\bin Can someone give me a hint about why the server cannot load the third party classes?? Thanks Best regards Sergio Arrighi -- *I.M.I.N. Holding s.r.l.* Sergio Arrighi [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Cell. 3455805121 Vicolo Molino, 2 21052 Busto Arsizio Varese Tel. +39 0331324679 Fax. +39 0331324678 www.iminholding.com - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Problems with external libraries
I've just noticed that when I run the webapp via browser I get this error in the console of apache startup: GRAVE: error deploying configuration descriptor myapp.xml Sergio Arrighi ha scritto: Hello, I've developed a web app which uses two jar files that have been developed by a third party. I've developed it using eclipse IDE which manages the server automatically. I'm now trying to deploy it on localhost (apache tomcat 6.0.17) in a directory like this (inside webapps): mApp --all the .jsp, .html, images etc. --WEB-INF --web.xml (the one created by Eclipse) classes ---smsBulk (name of the pakage of my application classes) all my .class files lib ---two third party .jar files When I run the application via browser it gives me a server error because it cannot find the classes contained into the third party .jar files My enviromental variables for apache are: CATALINA_HOME C:\apache-tomcat-6.0.16 and in the Path variable i've added %CATALINA_HOME%\bin Can someone give me a hint about why the server cannot load the third party classes?? Thanks Best regards Sergio Arrighi -- *I.M.I.N. Holding s.r.l.* Sergio Arrighi [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Cell. 3455805121 Vicolo Molino, 2 21052 Busto Arsizio Varese Tel. +39 0331324679 Fax. +39 0331324678 www.iminholding.com - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: dbcp error with java.lang.ClassCastException: org.apache.tomcat.dbcp.dbcp.PoolingDataSource
HI, I am using a bit different connection configuration to get OracleConnection: Resource name=poolname auth=Container type=oracle.jdbc.pool.OracleDataSource factory=oracle.jdbc.pool.OracleDataSourceFactory connectionCachingEnabled=true user=DB password=DB driverClassName=oracle.jdbc.OracleDriver url=jdbc:oracle:thin:@192.168.100.1:1521:ORCL removeAbandoned=true removeAbandonedTimeout=30 maxActive=20 maxIdle=10 maxwait=-1/ I am using Tomcat 6. Regards, Zdenek On Fri, Oct 10, 2008 at 1:59 PM, Ziggy [EMAIL PROTECTED] wrote: Hi, I am really stuck with the tomcat connection pool as its the application server that i am using. How does the oracle connection pool work? Could you point me to some info somewhere so that i can read about it. Thanks On Fri, Oct 10, 2008 at 2:51 PM, Christopher Schultz [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ziggy, Ziggy wrote: The problem i am getting now is that i still cannot cast the class properly to get the underlying connection. Your best bet is to use standard JDBC API calls instead of trying to use Oracle's proprietary APIs. You may have to use Oracle's connection pooling instead of Tomcat's. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkjvXeIACgkQ9CaO5/Lv0PB2vQCfb8amv7/X/UPq6VBllTKh/awT CUIAnRTeS2VG3c6ExUUvagIn67tZPJLi =yyGE -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
AW: Issues with Tomcat 5.5.25, isapi_redirect2.dll, IIS6, load balancer setup
Hi all, I have an issue with the isapi_redirect2 setup. I would like to drive the redirector with load balancing. Is it required to have a tomcat cluster for this setup? I have now embedded my workers2.properties. The issue I see is, that as soon as I add a group=lb to anything the EventLog exposes [jk_isapi_plugin.c (496)]: HttpExtensionProc worker is NULL warning and the request is not forwarded to Tomcat. I am using redirect dll from the jk2.0.4-win32-IIS binary distribution. ANY ideas? The logfiles / eventlog do not expose anything unusual up to the point ... is NULL mentioned above. With kind regards, Thomas Strauß [logger.win32] level=DEBUG ver=5 [workerEnv] ver=2 [shm] ver=0 info=Scoreboard. Requried for reconfiguration and status with multiprocess servers. file=${serverRoot}/logs/jk2.shm size=100 debug=10 disabled=0 # Defines a load balancer named lb. Use even if you only have one machine. [lb:ldb] ver=3 debug=10 # Example socket channel, override port and host. [channel.socket:213.188.106.35:18009] ver=5 port=18009 host=213.188.106.35 tomcatId=213.188.106.35:18009 graceful=0 debug=10 group=ldb # define the worker [ajp13:213.188.106.35:18009] ver=2 channel=channel.socket:213.188.106.35:18009 debug=10 group=ldb # Example socket channel, override port and host. [channel.socket:213.188.106.35_2:9009] ver=5 port=9009 host=213.188.106.35 tomcatId=213.188.106.35:9009 graceful=0 debug=10 group=ldb [ajp13:213.188.106.35_2:9009] ver=3 debug=10 channel=channel.socket:213.188.106.35_2:9009 group=ldb # Map the Tomcat examples webapp to the Web server uri space [uri:/axis] ver=1 group=ldb debug=10 [uri:/axis/*] ver=2 group=ldb # Map the Tomcat examples webapp to the Web server uri space [uri:/generic25ASH] ver=0 #group=ldb [uri:/probe/*] ver=0 #group=ldb [uri:/generic25ASH/*] ver=0 #group=ldb [uri:/examples/*] ver=0 #group=ldb [status:] ver=0 info=Status worker, displays runtime information [uri:/jkstatus/*] ver=0 info=The Tomcat /jkstatus handler group=status: -- This message has been scanned for viruses and dangerous content by MailScannerhttp://www.mailscanner.info/, and is believed to be clean.
AW: Issues with Tomcat 5.5.25, isapi_redirect2.dll, IIS6, load balancer setup (solved)
Hi, got it running now. The issue is described in the Bug database. It is actually an issue with the documentation: You need to put everything between [] as the group name. So in my case, replace every group=ldb with group=lb:ldb and balancing works. Now I have to find out how I can avoid a non-working balancer to be used. The redirected application is not started on one tomcat and returns 503. Can the balancer handle that situation on a per redirected context basis? Mit freundlichen Grüßen Thomas Strauß Geschäftsführer Entwicklung SRS PaperDynamix® DIGITAL SCHON AUF DEM PAPIER SRS-Management GmbH Berliner Ring 93 64625 Bensheim T +49 6251 85 424 - 20 F +49 6251 85 424 - 14 M +49 174 2110912 www.srs-management.de www.srs-paperdynamix.de HRB 25262 AG Darmstadt Geschäftsführer: Detlev Homilius, Thomas Strauß -Ursprüngliche Nachricht- Von: Thomas Strauß [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 5. November 2008 14:50 An: Tomcat Users List Betreff: AW: Issues with Tomcat 5.5.25, isapi_redirect2.dll, IIS6, load balancer setup Hi all, I have an issue with the isapi_redirect2 setup. I would like to drive the redirector with load balancing. Is it required to have a tomcat cluster for this setup? I have now embedded my workers2.properties. The issue I see is, that as soon as I add a group=lb to anything the EventLog exposes [jk_isapi_plugin.c (496)]: HttpExtensionProc worker is NULL warning and the request is not forwarded to Tomcat. I am using redirect dll from the jk2.0.4-win32-IIS binary distribution. ANY ideas? The logfiles / eventlog do not expose anything unusual up to the point ... is NULL mentioned above. With kind regards, Thomas Strauß [logger.win32] level=DEBUG ver=5 [workerEnv] ver=2 [shm] ver=0 info=Scoreboard. Requried for reconfiguration and status with multiprocess servers. file=${serverRoot}/logs/jk2.shm size=100 debug=10 disabled=0 # Defines a load balancer named lb. Use even if you only have one machine. [lb:ldb] ver=3 debug=10 # Example socket channel, override port and host. [channel.socket:213.188.106.35:18009] ver=5 port=18009 host=213.188.106.35 tomcatId=213.188.106.35:18009 graceful=0 debug=10 group=ldb # define the worker [ajp13:213.188.106.35:18009] ver=2 channel=channel.socket:213.188.106.35:18009 debug=10 group=ldb # Example socket channel, override port and host. [channel.socket:213.188.106.35_2:9009] ver=5 port=9009 host=213.188.106.35 tomcatId=213.188.106.35:9009 graceful=0 debug=10 group=ldb [ajp13:213.188.106.35_2:9009] ver=3 debug=10 channel=channel.socket:213.188.106.35_2:9009 group=ldb # Map the Tomcat examples webapp to the Web server uri space [uri:/axis] ver=1 group=ldb debug=10 [uri:/axis/*] ver=2 group=ldb # Map the Tomcat examples webapp to the Web server uri space [uri:/generic25ASH] ver=0 #group=ldb [uri:/probe/*] ver=0 #group=ldb [uri:/generic25ASH/*] ver=0 #group=ldb [uri:/examples/*] ver=0 #group=ldb [status:] ver=0 info=Status worker, displays runtime information [uri:/jkstatus/*] ver=0 info=The Tomcat /jkstatus handler group=status: -- This message has been scanned for viruses and dangerous content by MailScannerhttp://www.mailscanner.info/, and is believed to be clean. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Slav, Slav Inger wrote: I saw your reply (on tomcat-user list) to a person who was having trouble with Tomcat and SSL. Please keep on-topic messages on the list. I have cc'd the list for their edification. Could you please elaborate on how to disable the cert validation check? This code has worked for me in the past: import java.security.KeyManagementException; import java.security.NoSuchAlgorithmException; import java.security.cert.X509Certificate; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import javax.net.ssl.HttpsURLConnection; public static void disableSSLCertificateChecking() throws NoSuchAlgorithmException, KeyManagementException { TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; SSLContext sc = SSLContext.getInstance(SSL); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); } Hope that helps, - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkkRquQACgkQ9CaO5/Lv0PC70gCgsxDYnvhDeE4YJSfMJ3rH4pia PIcAoJecl5qN9jrB3l1eYHBATekJVq5z =+G16 -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
how to integrate Shibboleth and Tomcat
Hello, I need to integrate Shibboleth and Tomcat. We are using tomcat 5.5.23, mod_jk connector 1.2.23 and the reference implementation of Shibboleth version 2.0. We're running on a Linux RedHat Enterprise environment. Do you know any JAAS realm open source implementation or any other way to implement authentication in tomcat using shibboleth? Thanks in advance for your help, Lucia - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Issues with Tomcat 5.5.25, isapi_redirect2.dll, IIS6, load balancer setup
Thomas Strauß schrieb: I have an issue with the isapi_redirect2 setup. I would like to drive the redirector with load balancing. Is it required to have a tomcat cluster for this setup? No, but you have to set jvmRoute according to the worker names for all nodes in your Tomcat farm. Cluster in the sense of group membership and session replication is not necessarily needed. Don't use isapi_redirector2 any more. It was deprecated years ago. Use isapi_redrector (tomcat-connectors) instead. See: http://tomcat.apache.org/download-connectors.cgi and http://tomcat.apache.org/connectors-doc/ Regards, Rainer - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: how to integrate Shibboleth and Tomcat
From: Lucia Moreno Lopez [mailto:[EMAIL PROTECTED] I need to integrate Shibboleth and Tomcat. We are using tomcat 5.5.23, mod_jk connector 1.2.23 and the reference implementation of Shibboleth version 2.0. Do you *need* httpd in front? If not, how about http://www.guanxi.uhi.ac.uk/index.php ? It's a pure Java Shibboleth implementation. - Peter - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Multiple IIS sites and ISAPI redirect problem
Thanks for your reply. I double checked the rights for configuration files but they seemed ok. I only added readexecute rights for Local Service in addition to already configured Network service etc. I also renamed workers.properties.minimal to workers.properties and changed the configuration in Windows' Register accordingly. Name of the file was configured correctly to register before so I quess it did not make a difference. Only other (real) change that I made was an update from 1.2.26 to 1.2.27. Once I started site again, everything worked as a charm. So it could be the update that helped. No idea why, and I have no chance to really confirm this, because the site is not mine (it is client's) and it is in production use, so I cant fiddle around with it. For all other people that answered: You could read the whole email from start to end, so you could save yourself from making unnecessary questions (whitch are really already answered in the mail) for the list. Or is this the common behavior on [EMAIL PROTECTED] Best regards, Mikko -Original Message- From: Rainer Jung [mailto:[EMAIL PROTECTED] Sent: 24. lokakuuta 2008 20:11 To: Tomcat Users List Subject: Re: Multiple IIS sites and ISAPI redirect problem Mikko Pukki schrieb: Hi, I have Tomcat installed on a server that already has Default Website configured for other use and I cannot use it to redirect to Tomcat. So I created another website that should listen to port 80 and authenticate users via AD authentication. After authentication it should redirect requests to Tomcat. Previously I have done such installations with one difference. I have been able to use Default Website and generally there have been little or no problems. However with this installation it doesn't work. System is Windows Server 2003, IIS version is 6, tomcat version is 5.5.16, ISAPI redirect version is 1.2.26. I did not use compatibility mode for IIS 5 and first I got 404 (or maybe 403 or something) from IIS, but I figured out that it was because of rights to read and execute dll. I corrected them and now IIS returns internal server error. Both Tomcat and ISAPI redirect filter start ok. Filter has a green arrow in front of it and I can use web application directly from port 8080. All that appears on ISAPI redirctor's log on debug level is as follows: [Tue Oct 07 15:45:52.843 2008] [6728:6948] [debug] jk_util.c (430): Pre-processed log time stamp format is '[%a %b %d %H:%M:%S.000 %Y] ' [Tue Oct 07 15:45:52.843 2008] [6728:6948] [debug] jk_shm.c (169): Initialized shared memory size=28800 free=28672 addr=0x1eb [Tue Oct 07 15:45:52.843 2008] [6728:6948] [debug] jk_isapi_plugin.c (1688): Using registry. [Tue Oct 07 15:45:52.843 2008] [6728:6948] [debug] jk_isapi_plugin.c (1691): Using log file C:\foo\Tomcat\isapi\log\isapi_redirect.log. [Tue Oct 07 15:45:52.843 2008] [6728:6948] [debug] jk_isapi_plugin.c (1692): Using log level 1. [Tue Oct 07 15:45:52.843 2008] [6728:6948] [debug] jk_isapi_plugin.c (1693): Using extension uri /jakarta/isapi_redirect.dll. [Tue Oct 07 15:45:52.843 2008] [6728:6948] [debug] jk_isapi_plugin.c (1694): Using worker file C:\foo\Tomcat\conf\workers.properties.minimal. [Tue Oct 07 15:45:52.843 2008] [6728:6948] [debug] jk_isapi_plugin.c (1695): Using worker mount file C:\foo\Tomcat\conf\uriworkermap.properties. [Tue Oct 07 15:45:52.843 2008] [6728:6948] [debug] jk_isapi_plugin.c (1697): Using rewrite rule file . [Tue Oct 07 15:45:52.843 2008] [6728:6948] [debug] jk_isapi_plugin.c (1699): Using uri select 3. So it starts ok? At lest it shows that keys in registery are correct; right property files are found and debug level is on. Should I see some more output here? Yes, it should proceed similar to this: [Fri Oct 24 18:53:14.203 2008] [2536:14028] [debug] jk_map.c (492): Adding property '/*' with value 'wlb' to map. [Fri Oct 24 18:53:14.203 2008] [2536:14028] [debug] jk_map.c (492): Adding property '/jkmanager' with value 'jkmanager' to map. [Fri Oct 24 18:53:14.203 2008] [2536:14028] [debug] jk_uri_worker_map.c (722): Loading urimaps from C:\foo\Tomcat\conf\uriworkermap.properties with reload check interval 60 seconds And later on lots of additional messages during startup but also for each request. I can produce the same behaviour (logging stops to early and forwarding doesn't work), when I rename my uriworkermap.properties file. So please double check, that the file is there under the correct name, and that IIS can read it. For example GET messages? Anyway that's all that filter outputs. Content of workers.properties.minimal: worker.list=wlb,jkstatus worker.ajp13w.type=ajp13 worker.ajp13w.host=localhost worker.ajp13w.port=8009 worker.wlb.type=lb worker.wlb.balance_workers=ajp13w worker.jkstatus.type=status Content of uriworkermap.properties: /*=wlb /jkmanager=jkstatus Looks OK as a vry basic configuration. Same configuration
Re: question : encounter java.net.SocketTimeoutException: Read timed out occasionally
Hi Mark all, After using the Jpcap (java sniffer tool) to watch the http packets, We Finally found out the root cause of this problem is indeed the keep-live BUG of Internet Explorer, below is our finding for your reference : Finding 1 : When using AJAX to make http requests, Internet Explorer always sends http header and body separately in 2 (or more) IP packets. and in our case the header is always sent in the first packet since the header length is never greater than 1460 bytes(Maximum packet data size). Finding 2 : 1) When apache httpd server detects the keep-live timeout, it will send a Fin (finish) Packet to Client (IE) telling it to close the connection, but at meanwhile Client is preparing to send another POST request to Apache, for unknown reasons (IE BUG!) IE still keeps sending the POST head body instead of closing connection immediately. 2) Apache server will ignore the POST request. and send the ACK Packet back to Client. 3) and next, the Client sends a Fin(Finished) Packet to apache server to confirm closing connection. 4) Apache server sends an ACK packet to confirm ending this connection. 5) Next, Client resend the POST header again to Apache server. 6) Apache Server confirm receiving the header. 7) after about 1.5 minutes, Client send a RST (Reset) packet to Apache Server asking reset the connection. In this case the POST body is never sent to Apache server that causes the request parameters is missing. Following is the Packet flow for your reference : (Time format hhms.S) Time Fromto SEQ ACK Flagremark == == === = 071249.751 Client Apache 1088748537 1807070026 previous conversion sent from Client 071304.243 Apache Client 1807070026 1088748537 FIN time-out(idle 15 seconds) 071304.467 Client Apache 1088748537 1807070026 PSH Client still sends POST header 1807070027 Apache Client 1807070027 1088749235 1088749235 Client Apache 1088749235 1807070026 PSH Client still sends POST body 071304.479 Apache Client 1807070027 1088749316 071304.720 Client Apache 1088749316 1807070027 071304.721 Client Apache 1088749316 1807070027 Fin Finish the connection 071304.722 Apache Client 1807070027 1088749317Server confirm ending the connection 071304.737 Client Apache 1959299521 1807484246 PSH Client resend the Post header in another connection 071304.737 Apache Client 1807484246 1959300219Apache confirm receiving this header 071425.235 Client Apache 1959300219 1807484246 RST after about 1.5 minutes, Client request to reset the connection In conclusion, the problem only happens when Keep-Alive is timeout, that's why it's related to the apache keep-alive setting, smaller keep-alive timeout will raise the timeout frequency and cause more missing body part errors as well. Unfortunately, so far there is no solution yet unless Microsoft fix the BUG. Thanks James.
RE: how to integrate Shibboleth and Tomcat
Hi! Yes, I am using httpd in front. To perform Shibboleth authentication, we are using Apache httpd to front the Tomcat servlet environment. The Shibboleth service provider installs as an Apache module (mod_shib) and a supporting daemon process (shibd). The Apache server communicates with Tomcat using AJP/1.3 protocol via the JK connector. The above configuration is sufficient for Tomcat servlets to be able to retrieve the authenticated username using request.getRemoteUser(), but does not of itself establish servlet invocation as being authenticated. For this, it is necessary to place a security-constraint on the context URI that is used to invoke the servlet. This is done in the web applications web.xml file. I was wondering if there is already something developed for this (JASS realm, etc). Thanks again, Lucia -Original Message- From: Lucia Moreno Lopez Sent: Wednesday, November 05, 2008 3:23 PM To: 'users@tomcat.apache.org' Subject: how to integrate Shibboleth and Tomcat Hello, I need to integrate Shibboleth and Tomcat. We are using tomcat 5.5.23, mod_jk connector 1.2.23 and the reference implementation of Shibboleth version 2.0. We're running on a Linux RedHat Enterprise environment. Do you know any JAAS realm open source implementation or any other way to implement authentication in tomcat using shibboleth? Thanks in advance for your help, Lucia - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
SSL setup help
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'm trying to setup SSL on a web app that I have running on a server. I created my keystore.key file and then uncommented this section in my server.xml file: Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true keystoreFile=${/usr/local/jre1.6.0_06/bin/keystore.key}/.keystore keystorePass=changeit clientAuth=false sslProtocol=TLS Now when I go to https://localhost:8443/ I get failed to connect page load error. I think I'm not doing something wrong in the server.xml file, but I'm not sure what. I already have another program running on 443 so could that interfere? I also don't know what APR means in the SSL doc. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJEbv2iSj9VAB3NO8RAkyLAJ0ZhVqiOz0cKuZILoYMYQTjojD8awCfXjHY pI7vAxr3JZan3Mq87uzrhMU= =8iED -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
tomcat 6.0.18 static cluster confugation
Hi , i'am tring to configurer a static member ship tomcat 6 cluster(i can't use multicat) but i'am not confident in the configuration here is may configuration for the cluster Tomcat start but i cannot see JMX cluster bean does sombedody have a sample config for a two machine static cluster regards Marc Engine name=Catalina defaultHost=localhost jvmRoute=tomcat2 !-- For clustering, please take a look at documentation at: /docs/cluster-howto.html (simple how to) /docs/config/cluster.html (reference documentation) -- Cluster channelSendOptions=8 className=org.apache.catalina.ha.tcp.SimpleTcpCluster Manager className=org.apache.catalina.ha.session.DeltaManager expireSessionsOnShutdown=false domainReplication=true notifyListenersOnReplication=true/ Channel className=org.apache.catalina.tribes.group.GroupChannel Receiver address=localhost autoBind=100 className=org.apache.catalina.tribes.transport.nio.NioReceiver maxThreads=6 port=4000 selectorTimeout=5000/ Sender className=org.apache.catalina.tribes.transport.ReplicationTransmitter Transport className=org.apache.catalina.tribes.transport.nio.PooledParallelSender/ /Sender Interceptor className=org.apache.geronimo.tomcat.interceptor.DisableMcastInterceptor/ Interceptor className=org.apache.catalina.tribes.group.interceptors.TcpPingInterceptor staticOnly=true/ Interceptor className=org.apache.catalina.tribes.group.interceptors.TcpFailureDetector/ Interceptor className=org.apache.catalina.tribes.group.interceptors.StaticMembershipInterceptor Member className=org.apache.catalina.tribes.membership.StaticMember port=4000 host=10.154.0.166 uniqueId={10,154,0,166}/ Member className=org.apache.catalina.tribes.membership.StaticMember port=4000 host=10.154.0.167 uniqueId={10,154,0,167}/ s /Interceptor Interceptor className=org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor/ /Channel Valve className=org.apache.catalina.ha.tcp.ReplicationValve filter=/ Valve className=org.apache.catalina.ha.session.JvmRouteBinderValve/ ClusterListener className=org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener/ ClusterListener className=org.apache.catalina.ha.session.ClusterSessionListener/ /Cluster Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ Host name=localhost appBase=webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false -- /Host /Engine -- View this message in context: http://www.nabble.com/tomcat-6.0.18-static-cluster-confugation-tp20343212p20343212.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL setup help
Hi, To configure tomcat using SSL on Windows I use: multi-host tomcat ssl on windows download and install java 1.5 jdk set JAVA_HOME to the root of the JDK directory add JAVA_HOME\bin to the path install Visual C++ 2008 redistributable download and install openssl http://www.openssl.org -- related --binaries (at the top) place the files in c:\program files\openssl set OPENSSL_HOME to c:\program files\openssl add OPENSSL_HOME\bin to the path search for an openssl.cnf on google download and install tomcat download tomcat and extract to c:\program files\apache software foundation\tomcat set CATALINE_HOME to c:\program files\apache software foundation\tomcat download tomcat native and extract to CATALINA_HOME\bin add CATALINA_HOME\bin to the path set CLASSPATH to .;%CATALINA_HOME%\libservlet-api.jar;%CATALINA_HOME%\lib\jsp-api.jar cd %CATALINA_HOME\conf mkdir ssl cd ssl genrsa -aes256 -out key.pem 8192 Enter pass phrase for key.pem: proactix req -new -key key.pem -sha1 -x509 -out cert.pem Connector protocol=org.apache.coyote.http11.Http11AprProtocol port=443 enableLookups=true disableUploadTimeout=true acceptCount=100 maxThreads=200 scheme=https secure=true SSLEnabled=true SSLCertificateFile=${catalina.home}/conf/ssl/cert.pem SSLCertificateKeyFile=${catalina.home}/conf/ssl/key.pem SSLPassword=proactix sslProtocol=TLSv1/ The same should be similar on Linux Regards, Serge Fonville On Wed, Nov 5, 2008 at 4:29 PM, Michael A. Tucker [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'm trying to setup SSL on a web app that I have running on a server. I created my keystore.key file and then uncommented this section in my server.xml file: Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true keystoreFile=${/usr/local/jre1.6.0_06/bin/keystore.key}/.keystore keystorePass=changeit clientAuth=false sslProtocol=TLS Now when I go to https://localhost:8443/ I get failed to connect page load error. I think I'm not doing something wrong in the server.xml file, but I'm not sure what. I already have another program running on 443 so could that interfere? I also don't know what APR means in the SSL doc. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJEbv2iSj9VAB3NO8RAkyLAJ0ZhVqiOz0cKuZILoYMYQTjojD8awCfXjHY pI7vAxr3JZan3Mq87uzrhMU= =8iED -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HTTPS after JDK upgrade in Firefox 3 stopped working
Configuration in Apache HTTPD works fine and it is sufficient for me. I was unable to find a reason, why it doesn't work in JDK 6 and Firefox. Good luck when you have same problem :) Jozef
Designing tomcat failover
Hello, I have to design a failover setup and I am looking for rough ideas/pointers. Here is our scenario... TomcatServer1 ---/Cannot communicate to one another/- TomcatServer2(hot backup) ^ ^ ^ | \ | | \ --- TO DO: Switch to TomcatServer2 if server 1 is down---| | \ / TomcatClient1 TomcatClient2 (Following text simply puts the above picture in words, in case it doesnt show up aligned on some email clients) - TomcatServer1 is a 5.5 tomcat that provides services. Its clients are other tomcat instances (say TomcatClient1, TomcatClient2). - We have a redundant TomcatServer2 that is a hot backup for server1. - For simplicity sake, we can assume that there is no need to share session information among TomcatServer1 and TomcatServer2. Also, for practical reasons, we cannot have any communication between them (our clients would resist opening up ports). Our applications on TomcatClient1 and TomcatClient2 are configured to talk to TomcatServer1. The task at hand is, the client tomcat instances should automatically switch to TomcatServer2 if they detect that TomcatServer1 is down. So, I am looking for a failover solution for outgoing requests from TomcatClient1 and TomcatClient2. The only option I have right now is for our apps to handle the failover. I wanted to check if there is some module that I can use (filter/valve/apache module) that would handle the failover. I appreciate any ideas you might suggest. Thanks! Hari
Re: Multiple IIS sites and ISAPI redirect problem
Mikko Pukki schrieb: Only other (real) change that I made was an update from 1.2.26 to 1.2.27. Once I started site again, everything worked as a charm. So it could be the update that helped. No idea why, and I have no chance to really confirm this, because the site is not mine (it is client's) and it is in production use, so I cant fiddle around with it. No idea as well, 1.2.27 contains a lot of improvements, but that should've been none of them ;) Regards, Rainer - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Can't start tomcat 5.5.26 service on windows
The stderr log says: java.lang.ClassNotFoundException: org.apache.catalina.startup.Catalina That's in server/lib/catalina.jar; you apparently have discovered your missing parameters. I am having this problem when trying to start tomcat as a service on windows. The problem is i can add this jar file on the jvm classpath option. but then after that its another file and then another. and then if i try to put all of them i run out of maximum string length that this value allows. i am sure i am getting this wrong. does anyone have any idea. thanks - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Does the Server element have a listen address?
Interesting. Thank you. It was really just an academic question. I was thinking of using 127.0.0.2 for one instance and 127.0.0.1 for the other. This would keep the ports of my two instances the same. I'll just choose different shutdown ports. My two instances have the same http listen ports so I was just thinking of keeping them as close as possible to each other but it isn't strictly necessary. Fu-Tung --- On Tue, 11/4/08, Caldarale, Charles R [EMAIL PROTECTED] wrote: From: Caldarale, Charles R [EMAIL PROTECTED] Subject: RE: Does the Server element have a listen address? To: Tomcat Users List users@tomcat.apache.org Date: Tuesday, November 4, 2008, 6:45 PM From: Fu-Tung Cheng [mailto:[EMAIL PROTECTED] Subject: Does the Server element have a listen address? I have two ip addresses and I would like the server element with the shutdown port to listen on only one. The shutdown listener uses only 127.0.0.1, nothing else, which is why the doc says: This connection must be initiated from the same server computer that is running this instance of Tomcat. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat Manager problem..
Hi there.. My tomcat was working perfectly and also my Tomcat manager.. Then I decide to switch from just 1 site to host (mine) to virtual hosting... Everything works except my tomcat manager... when I type http://domain.com/manager/html I get the username and password box and I enter it and it won't let me pass further... my server.xml is : ps. I changed my real domain to domain.com. Server port=8005 shutdown=SHUTDOWN debug=0 !-- Define the Tomcat Stand-Alone Service -- Service name=Catalina !-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8080 -- Connector port=80 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false redirectPort=8443 acceptCount=100 debug=0 connectionTimeout=2 disableUploadTimeout=true / Engine name=Catalina defaultHost=localhost debug=0 !-- Define the default virtual host Note: XML Schema validation will not work with Xerces 2.2. -- Host name=localhost debug=0 appBase=webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Logger className=org.apache.catalina.logger.FileLogger directory=logs prefix=localhost_log. suffix=.txt timestamp=true/ /Host Host name=www.domain.com appBase=webapps/www.domain.com unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Aliasdomain.com/Alias Valve className=org.apache.catalina.valves.AccessLogValve directory=logs prefix=www.domain_access. suffix=.log pattern=common resolveHosts=false/ /Host /Engine /Service /Server my website is in webapps which works... in the Catalina folder I have Catalina/localhost/manager.xml Catalina/www.domain.com/manager.xml manager.xml : Context path=/manager debug=0 privileged=true docBase=/opt/tomcat/webapps/manager /Context tomcat-users.xml : ?xml version='1.0' encoding='utf-8'? tomcat-users role rolename=manager/ role rolename=tomcat/ role rolename=admin/ role rolename=role1/ user username=tomcat password=tomcat roles=tomcat/ user username=both password=tomcat roles=tomcat,role1/ user username=admin password=adminpassword roles=admin,manager/ user username=role1 password=tomcat roles=role1/ /tomcat-users What AM I doing wrong??? -- View this message in context: http://www.nabble.com/Tomcat-Manager-problem..-tp20343461p20343461.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Thread Names..Which in Important?
Hi All, I am relatively new to Tomcat. I was looking at thread dumps which we took from Tomcat and I see lots of thread names. Now, I am not sure which one is important to look at. Some of threads I see are as follows: http-8080-Processor15 TP-Processor1 WorkerThread(receive_transaction_complete_stage,0) Timer-4 message-bus-1 Thanks in Advance for your help -- View this message in context: http://www.nabble.com/Thread-Names..Which-in-Important--tp20348819p20348819.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat Manager problem..
From: slytheman [mailto:[EMAIL PROTECTED] Subject: Tomcat Manager problem.. Don't suppose you'd care to tell us your Tomcat version? It makes a significant difference. Host name=localhost debug=0 appBase=webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Logger className=org.apache.catalina.logger.FileLogger directory=logs prefix=localhost_log. suffix=.txt timestamp=true/ There is no Logger element in any recent version of Tomcat, but then, you didn't tell us what you're using. /Host Host name=www.domain.com appBase=webapps/www.domain.com You must not nest one appBase within another - keep them entirely separate. unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false /Host my website is in webapps which works... No, your webapps are stored in webapps for the default Host, and must be in a completely separate directory for the www.domain.com Host. in the Catalina folder I have Catalina/localhost/manager.xml Catalina/www.domain.com/manager.xml manager.xml : Context path=/manager debug=0 privileged=true docBase=/opt/tomcat/webapps/manager /Context The path attribute is not allowed, again assuming you're running a 5.5 or 6.0 version of Tomcat. Also, if the webapps directory in your docBase is the same as the default Host appBase directory, that's not allowed - it confuses the webapp deployment process by having such overlap. The proper way to do this depends on what version of Tomcat you're using (which you didn't tell us). What AM I doing wrong??? Not telling us your Tomcat version. Wouldn't hurt to include other environmental information, such as OS and JDK versions. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Is it possible to hide tomcat resource from outside?
Hello, I have an admin area in my application I want to secure. I know I can define a security constraint to set a basic or digest authentication for a url pattern. But, I don't want the /admin area to be shown outside at all. The basic authentication is extremely weak and digest auth. also doesn't provide enough security. Is it possible to hide an url pattern on the outside, but have it available when accessing from the server machine? thanks.. -- View this message in context: http://www.nabble.com/Is-it-possible-to-%22hide%22-tomcat-resource-from-outside--tp20349038p20349038.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Classes in tomcat\server\lib folder sometimes are visible to web application
Hi Chuck, Thank you very much for your feedback. Your comments about reflection were right on the money and have helped me resolve the underlying issue. It turns out that my initial assertion about our server/lib classes being visible to our web app was incorrect -- it was just that our custom classloader was SOMETIMES loading these classes from a different location, and therefore no error was reported. This situation was the result of other problems we had, but your comments have helped me develop a much cleaner solution. In order to help others, here is our resolution: Background: We have a simple custom ClassLoader that uses a number of helper classes to determine which jars on our system should be loaded from some well-known location (instead of just using jars in the WEB-INF/lib folder). We bundle the custom ClassLoader and the helper classes in a jar together. The custom ClassLoader obviously needs to be loaded by Tomcat, and the helper classes are used not only by our custom ClassLoader, but by our web app as well. First attempt: Since the helper classes are also used by the web-app itself, our initial plan was to place this jar in common/lib. However, this results in Tomcat errors because the custom class loader can't exist in common/lib because it extends WebappClassLoader, which exists in server/lib and is not visible to common/lib. Second attempt: So we moved the combined jar to server/lib. Tomcat now uses the custom ClassLoader fine, but our web app can't see the helper classes, because they are in the Tomcat-private shared/lib folder. Third attempt: We place a duplicate of the combined jar in the well-known location for our custom ClassLoader to find. For the most part, this works okay, but it is very klugey, sometimes leads to errors, and is hard to debug. This is because we now have the same helper classes being loaded twice by different ClassLoaders. Final solution: Break the custom ClassLoader and helper classes into two jars. The custom ClassLoader goes in server/lib, and the helper classes go in common/lib. We now no longer need to duplicate the jars -- all classes are loaded by only one ClassLoader. And the one part of our system where the wep-abb needs to call a custom ClassLoader-specific method is handled by reflection rather than by casting the ClassLoader and making a direct call. Once again, thanks for spending the time to respond so thoroughly and accurately. Regards, Gary -Original Message- From: Caldarale, Charles R [mailto:[EMAIL PROTECTED] Sent: Friday, October 17, 2008 11:27 AM To: Tomcat Users List Subject: RE: Classes in tomcat\server\lib folder sometimes are visible to web application From: Gary Hirschhorn [mailto:[EMAIL PROTECTED] Subject: RE: Classes in tomcat\server\lib folder sometimes are visible to web application The Catalina ClassLoader in server/lib creates Webapp1 ClassLoader specifically for webapp1. It's actually org.apache.catalina.loader.WebappLoader that creates each webapp's classloader, but the result is the same as you surmised. the only way for this to work in practice is that these specific implementations are referenced in Webapp1 as Interfaces which are defined NOT in server/lib, but rather by jars higher up in hierarchy, such as common/lib. Essentially correct; in addition to Interface classes, there are also abstract classes in the top-level jars. a) if my webapp code has any specific reference (e.g. the Class name is in my code as a variable or parameter type) to a class in server/lib, I should get a ClassDefNotFoundError. Correct. b) however, if my webapp has a reference to an Interface defined in common/lib and at runtime is handed a Class that implements this class, I may not get a ClassDefNotFoundError. Not just may not, but should not. Be aware that Tomcat uses a fair amount of reflection to avoid having direct references at compile and load time; depending on what your code needs, you may have to do something similar. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Is it possible to hide tomcat resource from outside?
Can't you just block the port ? That's what I do on my machine : the port 8080 is unavailable from the outside, just from localhost. So my manager webapp is almost flawlessly protected. I only redirect those apps that I need to port 80 using apache / mod_jk. HTH, Pierre On Wed, Nov 5, 2008 at 10:54 PM, einojah [EMAIL PROTECTED] wrote: Hello, I have an admin area in my application I want to secure. I know I can define a security constraint to set a basic or digest authentication for a url pattern. But, I don't want the /admin area to be shown outside at all. The basic authentication is extremely weak and digest auth. also doesn't provide enough security. Is it possible to hide an url pattern on the outside, but have it available when accessing from the server machine? thanks.. -- View this message in context: http://www.nabble.com/Is-it-possible-to-%22hide%22-tomcat-resource-from-outside--tp20349038p20349038.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Parce que c'est la nuit qu'il est beau de croire en la lumière.
Re: tomcat 6.0.18 static cluster confugation
what do your logs say? Filip killbulle wrote: Hi , i'am tring to configurer a static member ship tomcat 6 cluster(i can't use multicat) but i'am not confident in the configuration here is may configuration for the cluster Tomcat start but i cannot see JMX cluster bean does sombedody have a sample config for a two machine static cluster regards Marc Engine name=Catalina defaultHost=localhost jvmRoute=tomcat2 !-- For clustering, please take a look at documentation at: /docs/cluster-howto.html (simple how to) /docs/config/cluster.html (reference documentation) -- Cluster channelSendOptions=8 className=org.apache.catalina.ha.tcp.SimpleTcpCluster Manager className=org.apache.catalina.ha.session.DeltaManager expireSessionsOnShutdown=false domainReplication=true notifyListenersOnReplication=true/ Channel className=org.apache.catalina.tribes.group.GroupChannel Receiver address=localhost autoBind=100 className=org.apache.catalina.tribes.transport.nio.NioReceiver maxThreads=6 port=4000 selectorTimeout=5000/ Sender className=org.apache.catalina.tribes.transport.ReplicationTransmitter Transport className=org.apache.catalina.tribes.transport.nio.PooledParallelSender/ /Sender Interceptor className=org.apache.geronimo.tomcat.interceptor.DisableMcastInterceptor/ Interceptor className=org.apache.catalina.tribes.group.interceptors.TcpPingInterceptor staticOnly=true/ Interceptor className=org.apache.catalina.tribes.group.interceptors.TcpFailureDetector/ Interceptor className=org.apache.catalina.tribes.group.interceptors.StaticMembershipInterceptor Member className=org.apache.catalina.tribes.membership.StaticMember port=4000 host=10.154.0.166 uniqueId={10,154,0,166}/ Member className=org.apache.catalina.tribes.membership.StaticMember port=4000 host=10.154.0.167 uniqueId={10,154,0,167}/ s /Interceptor Interceptor className=org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor/ /Channel Valve className=org.apache.catalina.ha.tcp.ReplicationValve filter=/ Valve className=org.apache.catalina.ha.session.JvmRouteBinderValve/ ClusterListener className=org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener/ ClusterListener className=org.apache.catalina.ha.session.ClusterSessionListener/ /Cluster Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ Host name=localhost appBase=webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false -- /Host /Engine - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
a cookie question of one Server with two tomcat server
Hi all, In my environment there are two tomcat server runing with different port in one server , and both two must set its own cookies into client, now, when I open a browser and browe both site and I can find two site write their own cookie into my computer, but when I logout from both two sites (they will expire their own cookies) with same browser, but the cookies of on site did not be removed, does anyone know what is it going on? and how can I solve this problem? Bon -- View this message in context: http://www.nabble.com/a-cookie-question-of-one-Server-with-two-tomcat-server-tp20355052p20355052.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]