Re: Problem with apache tomcat while running load test

2009-07-13 Thread Rainer Jung 
On 10.07.2009 07:31, Aneesha Pant wrote:
 We have configured 2 tomcats with 1 Apache on the same box, but during
 performance testing, we are continuously getting these errors in the
 mod_jk log
 Please help

Since 111 on most OSes is connection refused, I am guessing you got
OutOfmemoryError on your Tomcat and as a result it doesn't listen any
more for incoming requests.

Another possibility is that your thread pool is exhausted. So check your
connector configuration for the number of threads and compare to the
expected concurrency in your load testing scenario. Java thread dumps
will show you, what all those threads are doing (e.g. waiting for).

Regards,

Rainer

 [Thu Jul 09 18:50:53 2009] [13862:50960] [info]
 ajp_send_request::jk_ajp_common.c (1241): (worker2) all endpoints are
 disconnected
 [Thu Jul 09 18:50:53 2009] [13796:50960] [info]
 ajp_connect_to_endpoint::jk_ajp_common.c (876): Failed opening socket to
 (130.11.1.165:8009) (errno=111)
 [Thu Jul 09 18:50:53 2009] [13842:50960] [info]
 ajp_connect_to_endpoint::jk_ajp_common.c (876): Failed opening socket to
 (130.11.1.165:8009) (errno=111)
 [Thu Jul 09 18:50:53 2009] [13807:50960] [info]  service::jk_lb_worker.c
 (1098): service failed, worker worker1 is in error state
 [Thu Jul 09 18:50:53 2009] [14122:50960] [info]  service::jk_lb_worker.c
 (1160): All tomcat instances are busy or in error state
 [Thu Jul 09 18:50:53 2009] [14032:50960] [info]  service::jk_lb_worker.c
 (1160): All tomcat instances are busy or in error state
 [Thu Jul 09 18:50:53 2009] [13500:50960] [info]
 ajp_connect_to_endpoint::jk_ajp_common.c (876): Failed opening socket to
 (130.11.1.165:8009) (errno=111)
 [Thu Jul 09 18:50:53 2009] [13922:50960] [info]
 ajp_connect_to_endpoint::jk_ajp_common.c (876): Failed opening socket to
 (130.11.1.165:8009) (errno=111)
 [Thu Jul 09 18:50:53 2009] [13828:50960] [info]  jk_handler::mod_jk.c
 (2254): Service error=0 for worker=loadbalancer
 [Thu Jul 09 18:50:53 2009] [13908:50960] [info]
 ajp_connect_to_endpoint::jk_ajp_common.c (876): Failed opening socket to
 (130.11.1.165:8009) (errno=111)
 [Thu Jul 09 18:50:53 2009] [13952:50960] [info]
 ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to
 the backend server (errno=111)
 [Thu Jul 09 18:50:53 2009] [14033:50960] [info]
 ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to
 the backend server (errno=111)
 [Thu Jul 09 18:50:53 2009] [13728:50960] [info]
 ajp_connect_to_endpoint::jk_ajp_common.c (876): Failed opening socket to
 (130.11.1.165:8009) (errno=111)
 [Thu Jul 09 18:50:53 2009] [14098:50960] [info]  service::jk_lb_worker.c
 (1160): All tomcat instances are busy or in error state
 [Thu Jul 09 18:50:53 2009] [14082:50960] [info]  service::jk_lb_worker.c
 (1098): service failed, worker worker1 is in error state
 [Thu Jul 09 18:50:53 2009] [14067:50960] [info]
 ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to
 the backend server (errno=111)
 [Thu Jul 09 18:50:53 2009] [14069:50960] [info]
 ajp_service::jk_ajp_common.c (1941): (worker1) sending request to tomcat
 failed,  recoverable operation attempt=2
 [Thu Jul 09 18:50:53 2009] [13973:50960] [info]
 ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to
 the backend server (errno=111)
 [Thu Jul 09 18:50:53 2009] [13902:50960] [info]
 ajp_send_request::jk_ajp_common.c (1241): (worker2) all endpoints are
 disconnected
 [Thu Jul 09 18:50:53 2009] [14050:50960] [info]
 ajp_service::jk_ajp_common.c (1941): (worker1) sending request to tomcat
 failed,  recoverable operation attempt=2
 [Thu Jul 09 18:50:53 2009] [13943:50960] [info]
 ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to
 the backend server (errno=111)
 [Thu Jul 09 18:50:53 2009] [13909:50960] [error]
 ajp_service::jk_ajp_common.c (1953): (worker1) Connecting to tomcat
 failed. Tomcat is probably not started or is listening on the wrong port
 [Thu Jul 09 18:50:53 2009] [14244:50960] [info]
 ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to
 the backend server (errno=111)
 [Thu Jul 09 18:50:53 2009] [14171:50960] [info]
 ajp_service::jk_ajp_common.c (1941): (worker1) sending request to tomcat
 failed,  recoverable operation attempt=2
 [Thu Jul 09 18:50:53 2009] [14114:50960] [info]
 ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to
 the backend server (errno=111)
 [Thu Jul 09 18:50:53 2009] [13849:50960] [info]
 ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to
 the backend server (errno=111)
 [Thu Jul 09 18:50:53 2009] [13970:50960] [info]
 ajp_send_request::jk_ajp_common.c (1241): (worker2) all endpoints are
 disconnected
 [Thu Jul 09 18:50:53 2009] [14168:50960] [info]
 ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to
 the backend server (errno=111)
 [Thu Jul 09 18:50:53 2009] [14014:50960] [info]
 ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to
 the backend

Re: request thread hanging

2009-07-13 Thread Rainer Jung 
On 13.07.2009 02:28, Will Glass-Husain wrote:
 Thanks Christopher,
 
 I'll upgrade to the latest mod_jk and look at the timeout params.
 We'll see if that helps.

Since you can easily reproduce, it would be a interesting and easy test,
to deactivate the tcnative/APR connector and recheck, whether the
problem is still there. Then we would at least have an indication where
to look for the root cause.

There were some fixes between tcnative 1.1.14 and the most recent
1.1.16, but I'm not sure, whether something related was in the list.

Regards,

Rainer

 On Fri, Jul 10, 2009 at 6:05 PM, Christopher
 Schultzch...@christopherschultz.net wrote:
 Will,
 
 On 7/6/2009 4:15 PM, Will Glass-Husain wrote:
 Interestingly - I can easily reproduce this by repeatedly refreshing
 the page when going through httpd

 When I go direct to Tomcat via http, it works fine.

 Maybe it's something about httpd or mod_jk then?
 Perhaps. It's been a few days... let's see if Mladen or Rainer are still
 reading this thread: they may have some thoughts. My mod_jk experience
 is limited to a small-load website that has never really had any problems.
 
 Higher-throughput sites may require some tuning. I would recommend
 (re-)reading the mod_jk documentation for all the settings. Make sure
 everything matches properly (timeouts relative to both mod_jk /and/ your
 Tomcat connector).
 
 -chris

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Blocked threads in Tomcat web app

2009-07-13 Thread Raphael Neve 

Hello all, 

I have a problem with a web application using Tomcat 5.5.27 under Fedora
Linux and database Firebird 2.1.

The application runs fine for a day or so, then I begin getting blocked
threads. Eventually, the heap space runs out and the application grinds to a
halt. 

I realise this may be very difficult to diagnose, but if someone could give
me some pointers as to how to go about getting to the bottom of this I would
be very grateful. 

At the moment I have 5 blocked threads which are : 

TP-Processor16 daemon prio=1 tid=0x09d08310 nid=0x6fc7 waiting for monitor
entry [0x61b25000..0x61b25fb0]
at
org.firebirdsql.gds.impl.wire.AbstractJavaGDSImpl.iscDsqlAllocateStatement(AbstractJavaGDSImpl.java:1047)
- waiting to lock 0x73a71dd0 (a
org.firebirdsql.gds.impl.wire.isc_db_handle_impl)
at
org.firebirdsql.gds.impl.GDSHelper.allocateStatement(GDSHelper.java:119)
at
org.firebirdsql.jdbc.AbstractStatement.prepareFixedStatement(AbstractStatement.java:1112)
at
org.firebirdsql.jdbc.AbstractPreparedStatement.prepareFixedStatement(AbstractPreparedStatement.java:1176)
at
org.firebirdsql.jdbc.AbstractPreparedStatement.init(AbstractPreparedStatement.java:124)
at
org.firebirdsql.jdbc.FBPreparedStatement.init(FBPreparedStatement.java:41)
at sun.reflect.GeneratedConstructorAccessor13.newInstance(Unknown
Source)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
at
org.firebirdsql.jdbc.FBStatementFactory.createPreparedStatement(FBStatementFactory.java:90)
at
org.firebirdsql.jdbc.AbstractConnection.prepareStatement(AbstractConnection.java:869)
- locked 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection)
at
org.firebirdsql.jdbc.AbstractConnection.prepareStatement(AbstractConnection.java:824)
- locked 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection)
at
org.firebirdsql.jdbc.AbstractConnection.prepareStatement(AbstractConnection.java:817)
- locked 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection)
at
org.firebirdsql.jdbc.AbstractConnection.prepareStatement(AbstractConnection.java:293)
- locked 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection)
at fr.microtec.db.Query.prepare(Query.java:119)
at
fr.microtec.artemis.controller.managers.CommandesManager.droitsAcces(CommandesManager.java:3837)
at
fr.microtec.artemis.controller.servlets.secure.ConsultCmd.detailCommande(ConsultCmd.java:188)
at
fr.microtec.artemis.controller.servlets.secure.ConsultCmd.doProcessRequest2(ConsultCmd.java:78)
at
fr.microtec.artemis.controller.servlets.secure.FilterServlet.doProcessRequest(FilterServlet.java:92)
at
fr.microtec.artemis.controller.servlets.secure.SecureServlet.verifSessionOuverte(SecureServlet.java:78)
at
fr.microtec.artemis.controller.servlets.secure.SecureServlet.processRequest(SecureServlet.java:46)
at
fr.microtec.artemis.controller.servlets.secure.SecureServlet.doGet(SecureServlet.java:118)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:627)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at
org.extremecomponents.table.filter.AbstractExportFilter.doFilter(AbstractExportFilter.java:49)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at
org.jstripe.tomcat.probe.Tomcat55AgentValve.invoke(Tomcat55AgentValve.java:20)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
at
org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
at
org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773)
at
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
at
org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:895)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
at

Re: IIS ISAPI redirector help! Attempting to map URI always fail with invalid argument.

2009-07-13 Thread Rainer Jung 
On 11.07.2009 00:41, Dan Ganny wrote:
 I am really desperate to need some help with a weird customer issue.
 The IIS ISAPI redirector log excerpt is posted below.
 
 
 
 The URI printed out in the log is
 '/24.220.76.4http://24.220.76.4/CCPROChat/CPChatRequest.jsp'. This is
 obviously invalid, I know it should be
 '/24.220.76.4/CCPROChat/CPChatRequest.jsp'. I am just confused with
 how this http://24.220.76.4; is inserted in between. I guess that it
 is related to the proxy server Squid that customer uses. But I am not
 that confident to tell customer in case i am wrong. Does anybody have
 seen this problem before?

No I haven't. If you can easily reproduce I would use a network sniffer,
like wireshark, to dump the communication and check, that the wrong URL
is included in the request packet. If so, you need to check the
technical component, that sends the request.

Regards,

Rainer

 Thanks,
 
 Dan
 
 
 
 
 Jul 10 15:05:15 2009]  [jk_isapi_plugin.c (705)]: In HttpFilterProc
 Virtual Host redirection of
 /24.220.76.4http://24.220.76.4/CCPROChat/CPChatRequest.jsp [Fri Jul
 10 15:05:15 2009]  [jk_uri_worker_map.c (447)]: Into
 jk_uri_worker_map_t::map_uri_to_worker [Fri Jul 10 15:05:15 2009]
 [jk_uri_worker_map.c (464)]: Attempting to map URI
 '/24.220.76.4http://24.220.76.4/CCPROChat/CPChatRequest.jsp' [Fri Jul
 10 15:05:15 2009]  [jk_uri_worker_map.c (570)]:
 jk_uri_worker_map_t::map_uri_to_worker, done without a match [Fri Jul
 10 15:05:15 2009]  [jk_isapi_plugin.c (711)]: In HttpFilterProc test
 Default redirection of
 _http://24.220.76.4/CCPROChat/CPChatRequest.jsp [Fri Jul 10 15:05:15
 2009]  [jk_uri_worker_map.c (447)]: Into
 jk_uri_worker_map_t::map_uri_to_worker [Fri Jul 10 15:05:15 2009]
 [jk_uri_worker_map.c (566)]: In
 jk_uri_worker_map_t::map_uri_to_worker, wrong parameters [Fri Jul 10
 15:05:15 2009]  [jk_uri_worker_map.c (570)]:
 jk_uri_worker_map_t::map_uri_to_worker, done without a match

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Any way that scheme and/or proxyPort attributes in server.xml can add significantly to processing time?

2009-07-13 Thread Rainer Jung 
On 13.07.2009 06:51, Shaun Qualheim wrote:
 All --
 
 Is there any way that scheme and/or proxyPort attributes in
 server.xml can add significantly to processing time?  We're noticing
 that 2 identical servers, 1 that is straight http, and 1 that is
 behind an ssl offloader with scheme=https and proxyPort=443
 attributes on the connector's element have significant lag compared
 to one another on high load.

What do you mean by significant? How many percent, how much in absolute
terms? Does it happen for all kind of requests? Is it just an
observation rom using a browser, or did you actually measure something?

Activate the Tomcat access log and add %D (duration in milliseconds)
to the pattern. Then check, whether Tomcat's idea of response time
matches your observation. If not, then the additional lag might happen
during processing in front of Tomcat.

Regards,

Rainer

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Blocked threads in Tomcat web app

2009-07-13 Thread Rainer Jung 
On 13.07.2009 10:12, Raphael Neve wrote:
 Hello all, 
 
 I have a problem with a web application using Tomcat 5.5.27 under Fedora
 Linux and database Firebird 2.1.
 
 The application runs fine for a day or so, then I begin getting blocked
 threads. Eventually, the heap space runs out and the application grinds to a
 halt. 
 
 I realise this may be very difficult to diagnose, but if someone could give
 me some pointers as to how to go about getting to the bottom of this I would
 be very grateful. 
 
 At the moment I have 5 blocked threads which are : 
 
 TP-Processor16 daemon prio=1 tid=0x09d08310 nid=0x6fc7 waiting for monitor
 entry [0x61b25000..0x61b25fb0]
 at
 org.firebirdsql.gds.impl.wire.AbstractJavaGDSImpl.iscDsqlAllocateStatement(AbstractJavaGDSImpl.java:1047)
 - waiting to lock 0x73a71dd0 (a
 org.firebirdsql.gds.impl.wire.isc_db_handle_impl)
 at
 org.firebirdsql.gds.impl.GDSHelper.allocateStatement(GDSHelper.java:119)
 at
 org.firebirdsql.jdbc.AbstractStatement.prepareFixedStatement(AbstractStatement.java:1112)
 at
 org.firebirdsql.jdbc.AbstractPreparedStatement.prepareFixedStatement(AbstractPreparedStatement.java:1176)
 at
 org.firebirdsql.jdbc.AbstractPreparedStatement.init(AbstractPreparedStatement.java:124)
 at
 org.firebirdsql.jdbc.FBPreparedStatement.init(FBPreparedStatement.java:41)
 at sun.reflect.GeneratedConstructorAccessor13.newInstance(Unknown
 Source)
 at
 sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
 at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
 at
 org.firebirdsql.jdbc.FBStatementFactory.createPreparedStatement(FBStatementFactory.java:90)
 at
 org.firebirdsql.jdbc.AbstractConnection.prepareStatement(AbstractConnection.java:869)
 - locked 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection)
 at
 org.firebirdsql.jdbc.AbstractConnection.prepareStatement(AbstractConnection.java:824)
 - locked 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection)
 at
 org.firebirdsql.jdbc.AbstractConnection.prepareStatement(AbstractConnection.java:817)
 - locked 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection)
 at
 org.firebirdsql.jdbc.AbstractConnection.prepareStatement(AbstractConnection.java:293)
 - locked 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection)
 at fr.microtec.db.Query.prepare(Query.java:119)
 at
 fr.microtec.artemis.controller.managers.CommandesManager.droitsAcces(CommandesManager.java:3837)
 at
 fr.microtec.artemis.controller.servlets.secure.ConsultCmd.detailCommande(ConsultCmd.java:188)
 at
 fr.microtec.artemis.controller.servlets.secure.ConsultCmd.doProcessRequest2(ConsultCmd.java:78)
 at
 fr.microtec.artemis.controller.servlets.secure.FilterServlet.doProcessRequest(FilterServlet.java:92)
 at
 fr.microtec.artemis.controller.servlets.secure.SecureServlet.verifSessionOuverte(SecureServlet.java:78)
 at
 fr.microtec.artemis.controller.servlets.secure.SecureServlet.processRequest(SecureServlet.java:46)
 at
 fr.microtec.artemis.controller.servlets.secure.SecureServlet.doGet(SecureServlet.java:118)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:627)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
 at
 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
 at
 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
 at
 org.extremecomponents.table.filter.AbstractExportFilter.doFilter(AbstractExportFilter.java:49)
 at
 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
 at
 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
 at
 org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
 at
 org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
 at
 org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
 at
 org.jstripe.tomcat.probe.Tomcat55AgentValve.invoke(Tomcat55AgentValve.java:20)
 at
 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
 at
 org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
 at
 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
 at
 org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
 at
 org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
 at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773)
 at
 org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
 at

Re: Blocked threads in Tomcat web app

2009-07-13 Thread Raphael Neve 


Rainer Jung-3 wrote:
 
 TP-Processor16 owns lock at 0x73a71c40 and thus blocks TP12, TP5 and TP1.
 
 TP16 and TP2 both wait for lock 0x73a71dd0. The thread holding this lock
 is not in your dump.
 
 Since the lock is of type
 org.firebirdsql.gds.impl.wire.isc_db_handle_impl, it seems either yet
 another thread uses that lock (in which case it could be either simple
 lock contention, or if that thread wait e.g. on 0x73a71c40 it would be a
 deadlock), or the thread that originally hold the lock didn't free it
 due to a code bug. Check your thread dump for 0x73a71c40.
 
 Also check the firebird bug database and version of your firebird JDBC
 driver.
 

Dear Rainer, 
Thanks for your help. I am sending the complete thread dump just in case. I
looked for the 0x73a71c40 you mentionned and only found the following
thread that mentionned it : 

ContainerBackgroundProcessor[StandardEngine[PSA]] daemon prio=1
tid=0x6a1262a8 nid=0x6f75 waiting for monitor entry [0x6977d000..0x6977deb0]
at
org.firebirdsql.jdbc.AbstractConnection.commit(AbstractConnection.java:435)
- waiting to lock 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection)
at fr.microtec.db.Connection.commit(Connection.java:201)
at
fr.microtec.artemis.model.web.ArtemisParams.closeConnection(ArtemisParams.java:63)
at
fr.microtec.artemis.model.web.ArtemisUserList.removeUser(ArtemisUserList.java:55)
at
fr.microtec.artemis.controller.servlets.ArtemisSessionListener.sessionDestroyed(ArtemisSessionListener.java:58)
at
org.apache.catalina.session.StandardSession.expire(StandardSession.java:697)
- locked 0x73a8f990 (a org.apache.catalina.session.StandardSession)
at
org.apache.catalina.session.StandardSession.isValid(StandardSession.java:581)
at
org.apache.catalina.session.PersistentManagerBase.processExpires(PersistentManagerBase.java:546)
at
org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:664)
at
org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1285)
at
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1570)
at
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1579)
at
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1579)
at
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1559)
at java.lang.Thread.run(Thread.java:595)


If I'm interpreting this correctly, we can see that the container is waiting
to lock the connection 0x73a71c40 because it's trying to commit() at the
time when the user session times out. But it's getting stuck because TP-16
is already locking that connection. If I look at TP16 I can see that it is
waiting on 0x73a71dd0 which is locked by the FINALIZER. 

Finalizer daemon prio=1 tid=0x09a61f68 nid=0x6f3e runnable
[0x6cc7d000..0x6cc7df30]
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:129)
at
org.firebirdsql.gds.impl.wire.XdrInputStream.read(XdrInputStream.java:253)
at
org.firebirdsql.gds.impl.wire.XdrInputStream.readInt(XdrInputStream.java:187)
at
org.firebirdsql.gds.impl.wire.AbstractJavaGDSImpl.nextOperation(AbstractJavaGDSImpl.java:2144)
at
org.firebirdsql.gds.impl.wire.AbstractJavaGDSImpl.receiveResponse(AbstractJavaGDSImpl.java:2098)
at
org.firebirdsql.gds.impl.wire.AbstractJavaGDSImpl.iscDsqlFreeStatement(AbstractJavaGDSImpl.java:1435)
- locked 0x73a71dd0 (a 
org.firebirdsql.gds.impl.wire.isc_db_handle_impl)
at org.firebirdsql.gds.impl.GDSHelper.closeStatement(GDSHelper.java:316)
at
org.firebirdsql.jdbc.FBStatementFetcher.close(FBStatementFetcher.java:223)
at 
org.firebirdsql.jdbc.AbstractResultSet.close(AbstractResultSet.java:291)
at 
org.firebirdsql.jdbc.AbstractResultSet.close(AbstractResultSet.java:276)
at fr.microtec.db.Query.closeResultSet(Query.java:81)
at fr.microtec.db.Query.cleanup(Query.java:68)
at fr.microtec.db.Query.finalize(Query.java:424)
at java.lang.ref.Finalizer.invokeFinalizeMethod(Native Method)
at java.lang.ref.Finalizer.runFinalizer(Finalizer.java:83)
at java.lang.ref.Finalizer.access$100(Finalizer.java:14)
at java.lang.ref.Finalizer$FinalizerThread.run(Finalizer.java:160)

This must explain why my heap eventually runs out, because objects aren't
getting destroyed, is that right ? The next question of course is : what is
making the finalizer keep that lock ?

Thanks for your insight, 
Raphael 


http://www.nabble.com/file/p24458247/thread%2Bdump.txt thread+dump.txt 
-- 
View this message in context: 
http://www.nabble.com/Blocked-threads-in-Tomcat-web-app-tp24457682p24458247.html
Sent from the Tomcat - User mailing list

Re: Blocked threads in Tomcat web app

2009-07-13 Thread Rainer Jung 
On 13.07.2009 11:05, Raphael Neve wrote:
 
 Rainer Jung-3 wrote:
 TP-Processor16 owns lock at 0x73a71c40 and thus blocks TP12, TP5 and TP1.

 TP16 and TP2 both wait for lock 0x73a71dd0. The thread holding this lock
 is not in your dump.

 Since the lock is of type
 org.firebirdsql.gds.impl.wire.isc_db_handle_impl, it seems either yet
 another thread uses that lock (in which case it could be either simple
 lock contention, or if that thread wait e.g. on 0x73a71c40 it would be a
 deadlock), or the thread that originally hold the lock didn't free it
 due to a code bug. Check your thread dump for 0x73a71c40.

 Also check the firebird bug database and version of your firebird JDBC
 driver.

 
 Dear Rainer, 
 Thanks for your help. I am sending the complete thread dump just in case. I
 looked for the 0x73a71c40 you mentionned and only found the following
 thread that mentionned it : 
 
 ContainerBackgroundProcessor[StandardEngine[PSA]] daemon prio=1
 tid=0x6a1262a8 nid=0x6f75 waiting for monitor entry [0x6977d000..0x6977deb0]
   at
 org.firebirdsql.jdbc.AbstractConnection.commit(AbstractConnection.java:435)
   - waiting to lock 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection)
   at fr.microtec.db.Connection.commit(Connection.java:201)
   at
 fr.microtec.artemis.model.web.ArtemisParams.closeConnection(ArtemisParams.java:63)
   at
 fr.microtec.artemis.model.web.ArtemisUserList.removeUser(ArtemisUserList.java:55)
   at
 fr.microtec.artemis.controller.servlets.ArtemisSessionListener.sessionDestroyed(ArtemisSessionListener.java:58)
   at
 org.apache.catalina.session.StandardSession.expire(StandardSession.java:697)
   - locked 0x73a8f990 (a org.apache.catalina.session.StandardSession)
   at
 org.apache.catalina.session.StandardSession.isValid(StandardSession.java:581)
   at
 org.apache.catalina.session.PersistentManagerBase.processExpires(PersistentManagerBase.java:546)
   at
 org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:664)
   at
 org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1285)
   at
 org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1570)
   at
 org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1579)
   at
 org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1579)
   at
 org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1559)
   at java.lang.Thread.run(Thread.java:595)
 
 
 If I'm interpreting this correctly, we can see that the container is waiting
 to lock the connection 0x73a71c40 because it's trying to commit() at the
 time when the user session times out. But it's getting stuck because TP-16
 is already locking that connection. If I look at TP16 I can see that it is
 waiting on 0x73a71dd0 which is locked by the FINALIZER. 
 
 Finalizer daemon prio=1 tid=0x09a61f68 nid=0x6f3e runnable
 [0x6cc7d000..0x6cc7df30]
   at java.net.SocketInputStream.socketRead0(Native Method)
   at java.net.SocketInputStream.read(SocketInputStream.java:129)
   at
 org.firebirdsql.gds.impl.wire.XdrInputStream.read(XdrInputStream.java:253)
   at
 org.firebirdsql.gds.impl.wire.XdrInputStream.readInt(XdrInputStream.java:187)
   at
 org.firebirdsql.gds.impl.wire.AbstractJavaGDSImpl.nextOperation(AbstractJavaGDSImpl.java:2144)
   at
 org.firebirdsql.gds.impl.wire.AbstractJavaGDSImpl.receiveResponse(AbstractJavaGDSImpl.java:2098)
   at
 org.firebirdsql.gds.impl.wire.AbstractJavaGDSImpl.iscDsqlFreeStatement(AbstractJavaGDSImpl.java:1435)
   - locked 0x73a71dd0 (a 
 org.firebirdsql.gds.impl.wire.isc_db_handle_impl)
   at org.firebirdsql.gds.impl.GDSHelper.closeStatement(GDSHelper.java:316)
   at
 org.firebirdsql.jdbc.FBStatementFetcher.close(FBStatementFetcher.java:223)
   at 
 org.firebirdsql.jdbc.AbstractResultSet.close(AbstractResultSet.java:291)
   at 
 org.firebirdsql.jdbc.AbstractResultSet.close(AbstractResultSet.java:276)
   at fr.microtec.db.Query.closeResultSet(Query.java:81)
   at fr.microtec.db.Query.cleanup(Query.java:68)
   at fr.microtec.db.Query.finalize(Query.java:424)
   at java.lang.ref.Finalizer.invokeFinalizeMethod(Native Method)
   at java.lang.ref.Finalizer.runFinalizer(Finalizer.java:83)
   at java.lang.ref.Finalizer.access$100(Finalizer.java:14)
   at java.lang.ref.Finalizer$FinalizerThread.run(Finalizer.java:160)
 
 This must explain why my heap eventually runs out, because objects aren't
 getting destroyed, is that right ? The next question of course is : what is
 making the finalizer keep that lock ?

Yup, and the code run by the finalizer makes a network call (likely to
the database), which seems to be a very bad pattern. Finalizers are not
a great idea by themselves, but one needs to keep them as simple as
possible.

Re: Blocked threads in Tomcat web app

2009-07-13 Thread Raphael Neve 


Rainer Jung-3 wrote:
 
 
 [...]
 
 Yup, and the code run by the finalizer makes a network call (likely to
 the database), which seems to be a very bad pattern. Finalizers are not
 a great idea by themselves, but one needs to keep them as simple as
 possible. Doing network communication in a finalizer doesn't sound right.
 
 Looks like you should check the firebird bug database and/or open an
 issue there.
 
 

Well, I must plead guilty, I am the author of the fr.microtec.db.* packages
which are basically wrappers around JDBC concepts to make things a bit
easier (a Query object that handles macros, etc.). 
I ran into trouble once with some database resources that weren't getting
released (java.sql.PreparedStatement and java.sql.ResultSet) so I made sure
that my code always had a finally block in it to close() the statements and
resultset, and as an added caution, I made a call to a cleanup method in
the finalizer of my Query object that released those resources in case they
hadn't been released. I figured this was a good idea in case I ever forgot
to free the resources in my code, then when the garbage collector came
around he would trigger the release of the resources. Is that wrong ? I
suppose I should not rely on the finalizer for this task ? But then what is
the best way to handle this ? How can I put in place a mecanism to securize
my application in this area ?

Thanks for you insights, 
Raphael 
-- 
View this message in context: 
http://www.nabble.com/Blocked-threads-in-Tomcat-web-app-tp24457682p24458570.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Blocked threads in Tomcat web app

2009-07-13 Thread Rainer Jung 
On 13.07.2009 11:31, Raphael Neve wrote:
 
 Rainer Jung-3 wrote:

 [...]

 Yup, and the code run by the finalizer makes a network call (likely to
 the database), which seems to be a very bad pattern. Finalizers are not
 a great idea by themselves, but one needs to keep them as simple as
 possible. Doing network communication in a finalizer doesn't sound right.

 Looks like you should check the firebird bug database and/or open an
 issue there.


 
 Well, I must plead guilty, I am the author of the fr.microtec.db.* packages
 which are basically wrappers around JDBC concepts to make things a bit
 easier (a Query object that handles macros, etc.). 
 I ran into trouble once with some database resources that weren't getting
 released (java.sql.PreparedStatement and java.sql.ResultSet) so I made sure
 that my code always had a finally block in it to close() the statements and
 resultset, and as an added caution, I made a call to a cleanup method in
 the finalizer of my Query object that released those resources in case they
 hadn't been released. I figured this was a good idea in case I ever forgot
 to free the resources in my code, then when the garbage collector came
 around he would trigger the release of the resources. Is that wrong ? I
 suppose I should not rely on the finalizer for this task ? But then what is
 the best way to handle this ? How can I put in place a mecanism to securize
 my application in this area ?
 
 Thanks for you insights, 
 Raphael 

You might want to look at Bloch's book Effective Java, which has a
section called Avoid finalizers. The page

http://java.sun.com/developer/technicalArticles/javase/finalization/

also has some introductory material.

The dbcp pool for instance has a mechanism which checks for non-closed
connections (abanoned connections) and forcibly closes them. The way it
tracks them, is taking a timstamp when they got returned by the pool to
the app and simply checking, whether a connection stays outside of the
pool for to long. In some cases this is adequate.

Regards,

Rainer

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

How to use the error page config of Apache in tomcat?

2009-07-13 Thread acastanheira2001 

Hi,

Apache has an internationalized error page system configured on errors.conf.
I use apache and tomcat on the same machine, so I would like that tomcat use
the same error page config.

Any ideas?

Thanks,
Andre
-- 
View this message in context: 
http://www.nabble.com/How-to-use-the-error-page-config-of-Apache-in-tomcat--tp24460442p24460442.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

ValveContext Replacement in Tomcat 6.0

2009-07-13 Thread Shah, Dhaval 
Hello,

I'm trying to upgrade from Tomcat 5.0 to Tomcat 6.0. The Problem I'm facing is 
that my application uses an interface ValveContext which is missing in Tomcat 
6.0. Any idea how can I get this functionality (provided by ValveContext) in 
Tomcat 6.0.

The invokeNext(request, response) method of ValveContext interface is used to 
invoke next valve in the pipeline.



Regards,
Dhaval
/PREp style=font-family:arial;color:grey style=font-size:13pxThis 
message contains information that may be privileged or confidential and is the 
property of the Capgemini Group. It is intended only for the person to whom it 
is addressed. If you are not the intended recipient, you are not authorized to 
read, print, retain, copy, disseminate, distribute, or use this message or any 
part thereof. If you receive this message in error, please notify the sender 
immediately and delete all copies of this message./pPRE

Re: How to use the error page config of Apache in tomcat?

2009-07-13 Thread Rainer Jung 
On 13.07.2009 13:59, acastanheira2001 wrote:
 Hi,
 
 Apache has an internationalized error page system configured on errors.conf.
 I use apache and tomcat on the same machine, so I would like that tomcat use
 the same error page config.
 
 Any ideas?
 
 Thanks,
 Andre

Likely not exactly what you are looking for, but mod_jk 1.2.28 allows
you to let Apache hhtpd send the error page, so whenever an error status
is returned, the user will get the error page from Apache instead of Tomcat.

Look for use_server_errors on the page

http://tomcat.apache.org/connectors-doc/reference/uriworkermap.html

Regards,

Rainer

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Manipulate other session

2009-07-13 Thread Yves Glodt 
Hello,

is it possible to open a different HttpSession than my own (if
it's session-id is known), and set an attribute in that session?

Best regards,
Yves

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Manipulate other session

2009-07-13 Thread Mikolaj Rydzewski 

Yves Glodt wrote:

is it possible to open a different HttpSession than my own (if
it's session-id is known), and set an attribute in that session?
  

You can perform HTTP request with session cookie explicity set.

--
Mikolaj Rydzewski m...@ceti.pl


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Manipulate other session

2009-07-13 Thread Yves Glodt 
Thanks for telling. I found another way (deprecated) in the mean time:

http://javasolution.blogspot.com/2007/08/getting-session-object-using-session-id.html

2009/7/13 Mikolaj Rydzewski m...@ceti.pl:
 Yves Glodt wrote:

 is it possible to open a different HttpSession than my own (if
 it's session-id is known), and set an attribute in that session?


 You can perform HTTP request with session cookie explicity set.

 --
 Mikolaj Rydzewski m...@ceti.pl


 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Jakarta Connector 1.2.28 with Windows Server 2008 64bit, IIS 7.0 and Tomcat 6.0.18

2009-07-13 Thread Simon Kulessa 

Hello,

I am trying to configure IIS 7.0 and Tomcat 6.0.18 with the JK 1.2.28 
Connector.

OS is Windows Server 2008 64bit.

I have followed the tutorial from http://www.iisadmin.co.uk/?p=72
but all i get is a 404 error. It seems that the isapi_redirector.dll is 
not loaded.



Let me explain what I have done to this point ...

I have installed Tomcat under C:\Tomcat\, replaced the Tomcat 
executables with

the amd 64bit versions from the repository and added a ISAPI directory.
Then I copied the isapi_redirect.dll (the amd64 bit version) into it and 
created a
properties file as described in 
http://tomcat.apache.org/connectors-doc/reference/iis.html.

The workers.properties and uriworkermap.properties were updated accordingly.
Afterwards I added a virtual directory in the IIS with the name jakarta 
pointing to

the ISAPI folder.

The directory structure is like this:

C:\
-Tomcat\
--ISAPI\
--webapps\
---test-webapp\

I can access my sample web application via tomcat, but if I try to 
access it via the IIS I receive a 404 Error.


If I access the webapp via http://localhost/test-webapp I get the 
message that the physical path is

supposed to be C:\inteput\wwwroot\test-webapp.
If I add the virtual folter to the path 
(http://localhost/jakarta/test-webapp) I get the message that

the physical path is supposed to be C:\Tomcat\ISAPI\test-webapp.

The log as described in the isapi_redirector.properties file has not 
been created and
when I execute the command tasklist /m is* no result is found, which 
indicates that

the dll was not loaded.

I have googled for a solution for this problem but found nothing valid 
yet ..

Help is appreciated

Thanks,
Simon.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Blocked threads in Tomcat web app

2009-07-13 Thread Raphael Neve 



Rainer Jung-3 wrote:
 
 
 You might want to look at Bloch's book Effective Java, which has a
 section called Avoid finalizers. The page
 
 http://java.sun.com/developer/technicalArticles/javase/finalization/
 
 also has some introductory material.
 
 The dbcp pool for instance has a mechanism which checks for non-closed
 connections (abanoned connections) and forcibly closes them. The way it
 tracks them, is taking a timstamp when they got returned by the pool to
 the app and simply checking, whether a connection stays outside of the
 pool for to long. In some cases this is adequate.
 
 

Thanks a lot for your help, I'm going to read up about that !
Raphael
-- 
View this message in context: 
http://www.nabble.com/Blocked-threads-in-Tomcat-web-app-tp24457682p24461413.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: RES: Problems downloading files. How to identify the CANCEL b utto n?

2009-07-13 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Siomara,

On 7/11/2009 10:31 PM, siom...@portosdobrasil.gov.br wrote:
 Filef= new File(filename);

 response.setContentType( (mimetype != null) ? mimetype :
 application/octet-stream );

If the content type is text/[anything], then you should also be
setting the response encoding along with the content type like this:

if(mimetype.startsWith(text/))
{
response.setCharacterEncoding(encoding); // whatever you want
response.setContentType(mimetype + ; encoding= + encoding);
}

 response.setContentLength( (int)f.length() );

This is an error. You want:

response.setHeader(Content-Length, String.valueOf(f.length());

This will allow files larger than 4GB to have a correct content length.

 byte[] bbuf = new byte[filename.length()];

As Pid suggested, creating a buffer based upon the file name length is
not particularly useful. Might I suggest a fixed buffer of a few kbytes?
Something like

byte[] bbuf = new byte[8192];

 DataInputStream in = new DataInputStream(new FileInputStream(f));

Again, DataInputStream is inappropriate, but you aren't using any
DataInputStream-specific methods, so it doesn't matter. It does indicate
that you are not choosing appropriate API classes for your purposes, though.

 while ((in != null)  ((length = in.read(bbuf)) != -1))
 {
 op.write(bbuf,0,length);
 }

I'm not sure the null-check is necessary for the 'in' variable, but
otherwise this is fine. Explicitly calling in.read(bbuf, 0, 8192) would
give you a (probably neglegible) performance improvement by avoiding
another method call.

 // The lines bellow will retrieve information from request and
 // register them into the database (interested user ID/file ID/ and
 // licitation ID). The problem, as I said, is that by the time the
 // download manager window (that this code displays) shows up the
 // entire code has been already executed.
 int interessadoID = Integer.parseInt(request.getParameter(int));
 int arquivoID = Integer.parseInt(request.getParameter(arq));
 int licitacaoID = Integer.parseInt(request.getParameter(lic));

I would parse these values /before/ doing anything else. If an error
occurs, here, then the user can get their files without leaving a trace.

 /**
  * Handles the HTTP POST method.
  * @param request servlet request
  * @param response servlet response
  */
 protected void doPost(HttpServletRequest request, HttpServletResponse
 response)

Is it appropriate for a POST to result in a large file download? I
suppose only you can make this decision.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpbNjEACgkQ9CaO5/Lv0PATyACfRALTtxgNHVSknE+QkAfGcJCt
EfQAn31ls4vGLT8U7WqgoA8YQg+vRRqP
=Bq/8
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: ValveContext Replacement in Tomcat 6.0

2009-07-13 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Shah,

On 7/13/2009 8:13 AM, Shah, Dhaval wrote:
 I'm trying to upgrade from Tomcat 5.0 to Tomcat 6.0. The Problem I'm
 facing is that my application uses an interface ValveContext which is
 missing in Tomcat 6.0. Any idea how can I get this functionality
 (provided by ValveContext) in Tomcat 6.0.
 
 The invokeNext(request, response) method of ValveContext interface is
 used to invoke next valve in the pipeline.

It looks like that interface has simply been removed in favor of:

this.getNext().invoke(request, response)

Is that what you're looking for?

The API docs seem to be out of date, as they still tell you to call
context.invokeNext. I have logged a bug against the TC documentation
which you can find here:
https://issues.apache.org/bugzilla/show_bug.cgi?id=47518

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpbOYQACgkQ9CaO5/Lv0PDG/QCgsNAFubsQm47jDy8AfTnFF4TH
AWQAnRfekw4N2RWWDGqYvMiLeITAJ7nn
=yFwF
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Strange delays after about 800 users on a server -- tomcat 4.1.27, apache 2.0.54, LB/SSL on a Cisco ACE

2009-07-13 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Shaun,

On 7/13/2009 1:06 AM, Shaun Qualheim wrote:
 Basically.  We could clear things up a little bit though, just going to 
 https:// right away:
 
 client -- https:443 -- lb -- http:81 -- apache -- mod_jk -- 1 of 3 
 tomcats.

Yeah, this makes more sense to me. I was just wondering why you'd want
to accept HTTP traffic and then proxy it through HTTPS, rather than just
doing a redirect and making the client connect securely in the first place.

 Also, why have httpd
 forward all traffic to a load-balancer instead of just doing the
 load-balancing itself?
 
 How do you mean?  (Sorry, I can think of a few things that you might mean 
 here, but I don't want to assume.)

I mean, why not just do this:

client -- https:443 - lb - Tomcats 1-3

 What do your elements look like in Tomcat's server.xml?
 
 Here's an example of the connector.  I can provide more if it would help?
 
 Connector className=org.apache.coyote.tomcat4.CoyoteConnector
port=7019 minProcessors=256 maxProcessors=1024
enableLookups=false redirectPort=7443
acceptCount=10 debug=0 connectionTimeout=12
useURIValidationHack=false scheme=https proxyPort=443

 protocolHandlerClassName=org.apache.jk.server.JkCoyoteHandler/

This port number says 7019, so it's either not the Connector you are
actually using, or your setup is not how you've described it. Other than
the port number, this looks fine. A few comments, though:

1. This is supposed to act like an HTTP port, so redirectPort is not
   useful.
2. acceptCount=10 is a little low when you're expecting to serve a
   maximum of 1024 simultaneous connections. Connection #1035 will be
   rejected by the TCP stack. Maybe this is what you want, but I would
   probably have a larger accept queue.
3. Your connectionTimeout is 2 minutes. That means that the server will
   wait up to 2 minutes for the client to make a request on a
   connection. That's a /loong/ time. You might want to consider
   reducing this if you expect high traffic.

 So, does it look like you are hitting a wall (like there aren't enough
 connections allowed) or does the application/server start to experience
 an actual slowdown (like high CPU load, lots of paging, etc.)?

 
 If I had to guess, I'd say the former.  When we're monitoring system 
 resources using nmon during the load tests, everything else seems fine.

I suspect you aren't looking at the right set of Connector elements in
server.xml. You probably just have the request processors incorrectly
allocated for the load you are expecting.

Since everything works fine going directly to Tomcat (using HTTP, which
appears to be the Connector you're showing above), I think you're not
looking at the AJP connector (used to connect httpd - Tomcat) which
needs to be configured separately. Check the maxProcessors attribute of
the /other/ Connector(s) defined in server.xml to see if they have
appropriate values.

Feel free to post /all/ your Connector elements to the list if you
need a bit of help.

Also, remove anything from server.xml that you don't need: it'll
simplify your life, and the lives of your administrators.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpbPMwACgkQ9CaO5/Lv0PDGfQCeIj4NU2Aqqxfia353Ht4/Rs+w
Y80AniBoUzrq+BngJpVMvjDfKXrv5AOS
=fPqU
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: [OT] java.security.NoSuchAlgorithmException: No implementation for AES/CBC/NoPad

2009-07-13 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

To whom it may concern,

(Marked as OT since this is a JVM issue, not a Tomcat issue).

On 7/9/2009 11:01 AM, nitingautam wrote:
 In my web application i am using ldap authentication. I am using tomcat 5.5
 with jdk 1.4. From some days when I try to login it throw the following
 error and rest of the time it works fine. What can be the issue...

[snip]

 Caused by: java.security.NoSuchAlgorithmException: No implementation for
 AES/CBC/NoPadding found
   at com.sun.net.ssl.internal.ssl.SunJSSE_i.d(Unknown Source)
   at com.sun.net.ssl.internal.ssl.SunJSSE_i.a(Unknown Source)

Looks like your JVM doesn't have this cipher, which is weird if it only
happens some times. What is your exact JVM version? You might want to
upgrade, as things like this tend to get fixed. 1.4 is nearly dead.

Try running this code:

String providerName = null;
Provider providers[];
if(null != args  0  args.length)
{
providers = new Provider[args.length];
for(int i = 0; i  args.length; i++)
providers[i] = Security.getProvider(args[i]);

} else
{
providers = Security.getProviders();
}
for(int i = 0; i  providers.length; i++)
{
Provider p = providers[i];
System.out.println(Provider:  + p);
System.out.println(===);
System.out.println(provider properties:);
ArrayList keys = new ArrayList(p.keySet());
Collections.sort(keys);
String key;
for(Iterator j = keys.iterator(); j.hasNext();
System.out.println(key + = + p.get(key)))
key = (String)j.next();

System.out.println(---);
}

This will tell you all the crypto providers, ciphers, etc. that are
supported by your JVM. I ran this against my own JVM:

$ java -version
java version 1.6.0_13
Java(TM) SE Runtime Environment (build 1.6.0_13-b03)
Java HotSpot(TM) Client VM (build 11.3-b02, mixed mode, sharing)
$ java GetProviderInfo | grep AES
Alg.Alias.AlgorithmParameters.Rijndael=AES
Alg.Alias.Cipher.Rijndael=AES
Alg.Alias.KeyGenerator.Rijndael=AES
AlgorithmParameters.AES=com.sun.crypto.provider.AESParameters
Cipher.AES=com.sun.crypto.provider.AESCipher
Cipher.AES SupportedKeyFormats=RAW
Cipher.AES
SupportedModes=ECB|CBC|PCBC|CTR|CTS|CFB|OFB|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64|CFB72|CFB80|CFB88|CFB96|CFB104|CFB112|CFB120|CFB128|OFB72|OFB80|OFB88|OFB96|OFB104|OFB112|OFB120|OFB128
Cipher.AES SupportedPaddings=NOPADDING|PKCS5PADDING|ISO10126PADDING
Cipher.AESWrap=com.sun.crypto.provider.AESWrapCipher
Cipher.AESWrap SupportedKeyFormats=RAW
Cipher.AESWrap SupportedModes=ECB
Cipher.AESWrap SupportedPaddings=NOPADDING
KeyGenerator.AES=com.sun.crypto.provider.AESKeyGenerator
Provider.id info=SunJCE Provider (implements RSA, DES, Triple DES, AES,
Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC)

You can see in there that AES supports the CBC mode as well as the
NOPADDING padding (though I didn't actually try to create an
AES/CBC/NOPADDING cipher just to make sure).

I wonder if your JVM is broken?

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpbREMACgkQ9CaO5/Lv0PAGbwCcDDILqRAT8aIFNl06Lbj7ZmjF
Ur8AnjLGY9QtHl1v7MgdcASjcxduAKGw
=7ff9
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Manipulate other session

2009-07-13 Thread Yves Glodt 
Unfortunately what the blog above describes does not seem to work anymore...:

HttpSessionContext sc = request.getSession().getSessionContext();
HttpSession userSession = sc.getSession(sessionId);
userSession.setAttribute(myObject, cr);

It silently fails with an exception at the last line, an exception
without a message...

2009/7/13 Yves Glodt ygl...@gmail.com:
 Thanks for telling. I found another way (deprecated) in the mean time:

 http://javasolution.blogspot.com/2007/08/getting-session-object-using-session-id.html

 2009/7/13 Mikolaj Rydzewski m...@ceti.pl:
 Yves Glodt wrote:

 is it possible to open a different HttpSession than my own (if
 it's session-id is known), and set an attribute in that session?


 You can perform HTTP request with session cookie explicity set.

 --
 Mikolaj Rydzewski m...@ceti.pl


 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: [OT] java.security.NoSuchAlgorithmException: No implementation for AES/CBC/NoPad

2009-07-13 Thread nitingautam 

I am using JAVA  1.4.2_17-b06
I face this issue sometimes only. Now days coming regularly :(
how to fix then



Christopher Schultz-2 wrote:
 
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 To whom it may concern,
 
 (Marked as OT since this is a JVM issue, not a Tomcat issue).
 
 On 7/9/2009 11:01 AM, nitingautam wrote:
 In my web application i am using ldap authentication. I am using tomcat
 5.5
 with jdk 1.4. From some days when I try to login it throw the following
 error and rest of the time it works fine. What can be the issue...
 
 [snip]
 
 Caused by: java.security.NoSuchAlgorithmException: No implementation for
 AES/CBC/NoPadding found
  at com.sun.net.ssl.internal.ssl.SunJSSE_i.d(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SunJSSE_i.a(Unknown Source)
 
 Looks like your JVM doesn't have this cipher, which is weird if it only
 happens some times. What is your exact JVM version? You might want to
 upgrade, as things like this tend to get fixed. 1.4 is nearly dead.
 
 Try running this code:
 
 String providerName = null;
 Provider providers[];
 if(null != args  0  args.length)
 {
 providers = new Provider[args.length];
 for(int i = 0; i  args.length; i++)
 providers[i] = Security.getProvider(args[i]);
 
 } else
 {
 providers = Security.getProviders();
 }
 for(int i = 0; i  providers.length; i++)
 {
 Provider p = providers[i];
 System.out.println(Provider:  + p);
 System.out.println(===);
 System.out.println(provider properties:);
 ArrayList keys = new ArrayList(p.keySet());
 Collections.sort(keys);
 String key;
 for(Iterator j = keys.iterator(); j.hasNext();
 System.out.println(key + = + p.get(key)))
 key = (String)j.next();
 
 System.out.println(---);
 }
 
 This will tell you all the crypto providers, ciphers, etc. that are
 supported by your JVM. I ran this against my own JVM:
 
 $ java -version
 java version 1.6.0_13
 Java(TM) SE Runtime Environment (build 1.6.0_13-b03)
 Java HotSpot(TM) Client VM (build 11.3-b02, mixed mode, sharing)
 $ java GetProviderInfo | grep AES
 Alg.Alias.AlgorithmParameters.Rijndael=AES
 Alg.Alias.Cipher.Rijndael=AES
 Alg.Alias.KeyGenerator.Rijndael=AES
 AlgorithmParameters.AES=com.sun.crypto.provider.AESParameters
 Cipher.AES=com.sun.crypto.provider.AESCipher
 Cipher.AES SupportedKeyFormats=RAW
 Cipher.AES
 SupportedModes=ECB|CBC|PCBC|CTR|CTS|CFB|OFB|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64|CFB72|CFB80|CFB88|CFB96|CFB104|CFB112|CFB120|CFB128|OFB72|OFB80|OFB88|OFB96|OFB104|OFB112|OFB120|OFB128
 Cipher.AES SupportedPaddings=NOPADDING|PKCS5PADDING|ISO10126PADDING
 Cipher.AESWrap=com.sun.crypto.provider.AESWrapCipher
 Cipher.AESWrap SupportedKeyFormats=RAW
 Cipher.AESWrap SupportedModes=ECB
 Cipher.AESWrap SupportedPaddings=NOPADDING
 KeyGenerator.AES=com.sun.crypto.provider.AESKeyGenerator
 Provider.id info=SunJCE Provider (implements RSA, DES, Triple DES, AES,
 Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC)
 
 You can see in there that AES supports the CBC mode as well as the
 NOPADDING padding (though I didn't actually try to create an
 AES/CBC/NOPADDING cipher just to make sure).
 
 I wonder if your JVM is broken?
 
 - -chris
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.9 (MingW32)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
 
 iEYEARECAAYFAkpbREMACgkQ9CaO5/Lv0PAGbwCcDDILqRAT8aIFNl06Lbj7ZmjF
 Ur8AnjLGY9QtHl1v7MgdcASjcxduAKGw
 =7ff9
 -END PGP SIGNATURE-
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 
 
 

-- 
View this message in context: 
http://www.nabble.com/java.security.NoSuchAlgorithmException%3A-No-implementation-for-AES-CBC-NoPad-tp24410804p24463796.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: [OT] java.security.NoSuchAlgorithmException: No implementation for AES/CBC/NoPad

2009-07-13 Thread Mark Thomas 
nitingautam wrote:
 I am using JAVA  1.4.2_17-b06
 I face this issue sometimes only. Now days coming regularly :(
 how to fix then

How about
a) reading what Chris wrote when you asked this question
b) doing what he suggests
c) posting the results you get

Mark

 Christopher Schultz-2 wrote:
 To whom it may concern,
 
 (Marked as OT since this is a JVM issue, not a Tomcat issue).
 
 On 7/9/2009 11:01 AM, nitingautam wrote:
 In my web application i am using ldap authentication. I am using tomcat
 5.5
 with jdk 1.4. From some days when I try to login it throw the following
 error and rest of the time it works fine. What can be the issue...
 [snip]
 
 Caused by: java.security.NoSuchAlgorithmException: No implementation for
 AES/CBC/NoPadding found
at com.sun.net.ssl.internal.ssl.SunJSSE_i.d(Unknown Source)
at com.sun.net.ssl.internal.ssl.SunJSSE_i.a(Unknown Source)
 Looks like your JVM doesn't have this cipher, which is weird if it only
 happens some times. What is your exact JVM version? You might want to
 upgrade, as things like this tend to get fixed. 1.4 is nearly dead.
 
 Try running this code:
 
 String providerName = null;
 Provider providers[];
 if(null != args  0  args.length)
 {
 providers = new Provider[args.length];
 for(int i = 0; i  args.length; i++)
 providers[i] = Security.getProvider(args[i]);
 
 } else
 {
 providers = Security.getProviders();
 }
 for(int i = 0; i  providers.length; i++)
 {
 Provider p = providers[i];
 System.out.println(Provider:  + p);
 System.out.println(===);
 System.out.println(provider properties:);
 ArrayList keys = new ArrayList(p.keySet());
 Collections.sort(keys);
 String key;
 for(Iterator j = keys.iterator(); j.hasNext();
 System.out.println(key + = + p.get(key)))
 key = (String)j.next();
 
 System.out.println(---);
 }
 
 This will tell you all the crypto providers, ciphers, etc. that are
 supported by your JVM. I ran this against my own JVM:
 
 $ java -version
 java version 1.6.0_13
 Java(TM) SE Runtime Environment (build 1.6.0_13-b03)
 Java HotSpot(TM) Client VM (build 11.3-b02, mixed mode, sharing)
 $ java GetProviderInfo | grep AES
 Alg.Alias.AlgorithmParameters.Rijndael=AES
 Alg.Alias.Cipher.Rijndael=AES
 Alg.Alias.KeyGenerator.Rijndael=AES
 AlgorithmParameters.AES=com.sun.crypto.provider.AESParameters
 Cipher.AES=com.sun.crypto.provider.AESCipher
 Cipher.AES SupportedKeyFormats=RAW
 Cipher.AES
 SupportedModes=ECB|CBC|PCBC|CTR|CTS|CFB|OFB|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64|CFB72|CFB80|CFB88|CFB96|CFB104|CFB112|CFB120|CFB128|OFB72|OFB80|OFB88|OFB96|OFB104|OFB112|OFB120|OFB128
 Cipher.AES SupportedPaddings=NOPADDING|PKCS5PADDING|ISO10126PADDING
 Cipher.AESWrap=com.sun.crypto.provider.AESWrapCipher
 Cipher.AESWrap SupportedKeyFormats=RAW
 Cipher.AESWrap SupportedModes=ECB
 Cipher.AESWrap SupportedPaddings=NOPADDING
 KeyGenerator.AES=com.sun.crypto.provider.AESKeyGenerator
 Provider.id info=SunJCE Provider (implements RSA, DES, Triple DES, AES,
 Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC)
 
 You can see in there that AES supports the CBC mode as well as the
 NOPADDING padding (though I didn't actually try to create an
 AES/CBC/NOPADDING cipher just to make sure).
 
 I wonder if your JVM is broken?
 
 -chris

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org






-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Jakarta Connector 1.2.28 with Windows Server 2008 64bit, IIS 7.0 and Tomcat 6.0.18

2009-07-13 Thread Rainer Jung 
On 13.07.2009 15:04, Simon Kulessa wrote:
 Hello,
 
 I am trying to configure IIS 7.0 and Tomcat 6.0.18 with the JK 1.2.28
 Connector.
 OS is Windows Server 2008 64bit.
 
 I have followed the tutorial from http://www.iisadmin.co.uk/?p=72
 but all i get is a 404 error. It seems that the isapi_redirector.dll is
 not loaded.
 
 
 Let me explain what I have done to this point ...
 
 I have installed Tomcat under C:\Tomcat\, replaced the Tomcat
 executables with
 the amd 64bit versions from the repository and added a ISAPI directory.

You are sure, that not only your windows is 64 Bit but also IIS runs in
64 Bit mode?

 Then I copied the isapi_redirect.dll (the amd64 bit version) into it and
 created a
 properties file as described in
 http://tomcat.apache.org/connectors-doc/reference/iis.html.

Did you also allow the extension as indicated by number 9. in

http://tomcat.apache.org/connectors-doc/webserver_howto/iis.html#Configuring%20the%20ISAPI%20Redirector

 The workers.properties and uriworkermap.properties were updated
 accordingly.
 Afterwards I added a virtual directory in the IIS with the name jakarta
 pointing to
 the ISAPI folder.
 
 The directory structure is like this:
 
 C:\
 -Tomcat\
 --ISAPI\
 --webapps\
 ---test-webapp\
 
 I can access my sample web application via tomcat, but if I try to
 access it via the IIS I receive a 404 Error.
 
 If I access the webapp via http://localhost/test-webapp I get the
 message that the physical path is
 supposed to be C:\inteput\wwwroot\test-webapp.
 If I add the virtual folter to the path
 (http://localhost/jakarta/test-webapp) I get the message that
 the physical path is supposed to be C:\Tomcat\ISAPI\test-webapp.
 
 The log as described in the isapi_redirector.properties file has not
 been created and
 when I execute the command tasklist /m is* no result is found, which
 indicates that
 the dll was not loaded.

That's indeed bad. Just to make sure: did you set your log level to
something reasonable verbose (like debug)? Even with info, there should
at least be a line giving the version of the redirector used. For
debugging debug would be better (for production switch back to info).

Regards,

Rainer

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Manipulate other session

2009-07-13 Thread Daniel Henrique Alves Lima 
I don't know if you can/should change other HttpSession directly. As
Mikolaj Rydzewski said, you could perform a HTTP request using a
different JSESSIONID cookie or a ;jsessionid URL rewriting.



On Mon, 2009-07-13 at 16:33 +0200, Yves Glodt wrote:
 Unfortunately what the blog above describes does not seem to work anymore...:
 
 HttpSessionContext sc = request.getSession().getSessionContext();
 HttpSession userSession = sc.getSession(sessionId);
 userSession.setAttribute(myObject, cr);
 
 It silently fails with an exception at the last line, an exception
 without a message...
 
 2009/7/13 Yves Glodt ygl...@gmail.com:
  Thanks for telling. I found another way (deprecated) in the mean time:
 
  http://javasolution.blogspot.com/2007/08/getting-session-object-using-session-id.html
 
  2009/7/13 Mikolaj Rydzewski m...@ceti.pl:
  Yves Glodt wrote:
 
  is it possible to open a different HttpSession than my own (if
  it's session-id is known), and set an attribute in that session?
 
 
  You can perform HTTP request with session cookie explicity set.
 
  --
  Mikolaj Rydzewski m...@ceti.pl
 
 

 


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Manipulate other session

2009-07-13 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Daniel,

On 7/13/2009 12:16 PM, Daniel Henrique Alves Lima wrote:
   I don't know if you can/should change other HttpSession directly.

You might be able to on an older servlet container, but this portion of
the API has been deprecated and will cause modern containers to throw
exceptions. I'm not sure if a webapp specifies an old version of the
spec, whether this API will be supported or not (by a new container
which will enforce this prohibition on newer webapps).

 As
 Mikolaj Rydzewski said, you could perform a HTTP request using a
 different JSESSIONID cookie or a ;jsessionid URL rewriting.

This is possible.

It's also possible to use a SessionListener to maintain your own list of
sessions and then you can do whatever you want.

The real question is why you want to do this in the first place.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpbaBsACgkQ9CaO5/Lv0PC+RgCfUEoAJwWB+/4jgDCzJgK/4eDb
YhsAnA8DXWpTkOQdg7vMursGAg5dWfPx
=g3Tk
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: FTPSClient running under Tomcat 5.5 - SSLException

2009-07-13 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Evan,

On 7/10/2009 4:43 PM, Evan Smith wrote:
 What's puzzling is that I have tested this exact code inside and outside
 Tomcat, on several different machines. On every machine, it connects and
 lists files on the FTP server successfully every time, provided that
 it's not running under Tomcat. On every machine, when I run the same
 code under Tomcat, I get the same exception.

I suspect it's a SecurityManager. Are you running under a SecurityManager?

 - re-evaluated Calatina policy: From what I can tell in the docs, if
 there's an issue with policy permissions, a policy exception should be
 logged, along with a FAILED message. I find neither of these in my logs;
 just the exception mentioned above.

I wouldn't be surprised of the SSLSocket is swallowing the security
exception and just throwing it's own exception instead.

If you are running under a SecurityManager, try disabling it temporarily
to see if your code works without those constraints. If it does, then
you need to fiddle with your catalina.policy.

Do you have anything in your catalina.policy already to account for this
connection?

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpbaacACgkQ9CaO5/Lv0PB1qACfbr2U+YxTk5dwYcgG30u7+gAD
YdIAoJ+yCHYivgXWw8l/uYnphyU7/tVP
=lZSy
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Failed to start Tomcat service

2009-07-13 Thread Bui, Hung (CDPH-DDWEM) 
Hi,

 

I am using Tomcat 6.0.18. This morning I found that the Tomcat server
was not running.  I tried to start the service and got this error.
Please help.  Thank you.

 

[2009-07-13 11:02:57] [994  prunsrv.c] [error] Failed creating java
C:\Program Files\Java\jre1.6.0_07\bin\client\jvm.dll

[2009-07-13 11:02:57] [1269 prunsrv.c] [error] ServiceStart returned 1

[2009-07-13 11:02:57] [info] Run service finished.

[2009-07-13 11:02:57] [info] Procrun finished.

 

Please call us at 714-558-6720 if you have any further questions.

 

Sincerely, 

 

 

Hung M. Bui, P.E.

Logging of memory / thread activity

2009-07-13 Thread Lucas Vickers 
Hello,

I have an issue where Tomcat shuts down without reason.  When receiving a
light to moderate load that involves MySql database work tomcat shuts down
without error.

I get the message
INFO main org.apache.coyote.http11. Http11BaseProtocol - Pausing Coyote
HTTP/1.1 on http-8080

This is consistent after 2-4 minutes of simple stress testing.

I am not very sure where the issue lies.  I am aware of profilers (which I
will eventually use) but for now I would like some way of logging Tomcat
vitals so I can see if something is spiking (memory use, thread use, etc).

I know the tomcat status page gives me a good deal of the information I
would like.  Is there any product / methodology for periodically logging
this information?

I am using:
Java: 1.6.0_14-b08
Tomcat: 5.5.25
OS: Linux 2.6.18-028stab060.8

Regards,
Lucas

Re: Filter RequestWrapper

2009-07-13 Thread Ivo Silva 
Hello, Christopher!

I cannot use a request parameter because the legacy application is
inside an iframe.
If I passed it as a request parameter in the iframe it would only work
the first time, because once you click a link inside the iframe the
parameter wouldn't be there.

Remember that the tricky part here is that the legacy application is
not to be changed.

When setting an URL like [/context/_session_id_/page1.jsp] for the
iframe, any link will be automatically relative to
[/context/_session_id_/] except in the cases were getContextPath() is
used. For these cases my request wrapper should provide the same dummy
url when getContextPath() is called.

btw, I'm with you on the PITA thing :)

Best regards!

On Sat, Jul 11, 2009 at 9:45 PM, Christopher
Schultzch...@christopherschultz.net wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 Ivo,

 On 7/9/2009 6:32 AM, Ivo Silva wrote:
 To both browser and Tomcat it's only one session. My filter is what
 manages the nested sessions distribution and that's why an
 identifier is required.

 Each iframe should have it's own session since the application stores
 data on session. If I do not provide different sessions the variables
 would overwrite each other and each iframe would have the same
 information.

 What if you used a request parameter instead of request path info?

 So, to re-state, you want to take the following URLs and make them serve
 a single page, after unwrapping a special session that is stored in
 the main session:

 /context/X/page_1.jsp
 /context/Y/page_1.jsp
 /context/Z/page_1.jsp

 ??

 I still don't understand why the URL rewriting is necessary, though I
 *do* understand the session multiplexing (which is a total PITA, BTW).

 - -chris
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.9 (MingW32)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

 iEYEARECAAYFAkpY+gEACgkQ9CaO5/Lv0PBBSgCePoHoEKENfgUJGLdQe4O90Zjr
 xcYAn11zYGYzlnlWHwib0bA8O7O8RtYy
 =XEcl
 -END PGP SIGNATURE-

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Tomcat processes running on system, understanding what they are

2009-07-13 Thread Lucas Vickers 
I am troubleshooting an issue with Tomcat unexpectedly shutting down.

I am analyzing the running processes on my system.

I see two jsvc instances of Tomcat that are identical.
I see multiple httpd processes.

I believe httpd are worker threads, is this true?
Why would there be two identical instances of Tomcat running via jsvc?  Is
this correct?

Details below.

Thank you,
Lucas



TOMCAT:

3150(jsvc)/usr/local/jakarta/apache-tomcat-5.5.25/bin/jsvc
/usr/local/jakarta/apache-tomcat-5.5.25/binjsvc.exec -user tomcat -cp
./bootstrap.jar -Djava.endorsed.dirs=../common/endorsed -Xms384M -Xmx1024M
-XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled -outfile
../logs/catalina.out -errfile ../logs/catalina.err -verbose
org.apache.catalina.startup.Bootstrap -security 3151(jsvc)
/usr/local/jakarta/apache-tomcat-5.5.25/bin/jsvc
/usr/local/jakarta/apache-tomcat-5.5.25/binjsvc.exec -user tomcat -cp
./bootstrap.jar -Djava.endorsed.dirs=../common/endorsed -Xms384M -Xmx1024M
-XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled -outfile
../logs/catalina.out -errfile ../logs/catalina.err -verbose
org.apache.catalina.startup.Bootstrap -security
HTTPD:

22251(httpd)/usr/local/apache/bin/httpd//usr/local/apache/bin/httpd -k start
-DSSL

Re: Filter RequestWrapper

2009-07-13 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Ivo,

On 7/13/2009 2:28 PM, Ivo Silva wrote:
 I cannot use a request parameter because the legacy application is
 inside an iframe.
 If I passed it as a request parameter in the iframe it would only work
 the first time, because once you click a link inside the iframe the
 parameter wouldn't be there.

Hmm... what about deploying a separate application into a sub-URI of
your main application. Something like this:

mainapp.war - /mainApp
legacy.war  - /mainApp/X
legacy.war  - /mainApp/Y
legacy.war  - /mainApp/Z

This will actually give you separate sessions and getContextPath will
always work correctly, even when called from the legacy webapp.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpbhAkACgkQ9CaO5/Lv0PAdJQCfdEJuPGVinHBl76jaQA9bNaRV
nPQAn0R2Ip3/S19j5Xyoa4lyA0c0Y/Gz
=2hKX
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Tomcat processes running on system, understanding what they are

2009-07-13 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Lucas,

On 7/13/2009 2:37 PM, Lucas Vickers wrote:
 I see two jsvc instances of Tomcat that are identical.

 Why would there be two identical instances of Tomcat running via jsvc?  Is
 this correct?

What happens if you look at the processes as a tree (where you can see
parent/child relationships)?

Try reading the How jsvc works section on this page:
http://commons.apache.org/daemon/jsvc.html

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpbh7EACgkQ9CaO5/Lv0PA3hACeMRc34KQVmfbZ00yLYd3NoxfW
1BcAniAo7mXf4pHJCKo3ouNFubkp2kQj
=kXl4
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Logging of memory / thread activity

2009-07-13 Thread Caldarale, Charles R 
 From: Lucas Vickers [mailto:lucasvick...@gmail.com]
 Subject: Logging of memory / thread activity
 
 I have an issue where Tomcat shuts down without reason.

So this is in some universe without causality?  Must be quantum effects.

 Is there any product / methodology for periodically
 logging this information?

You can take a look this:
http://moskito.anotheria.net/

You probably should also turn on -verbose:gc and -Xloggc to monitor activity on 
the Java heap.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Logging of memory / thread activity

2009-07-13 Thread Lucas Vickers 
well, tomcat shows no logged errors :)  There is a reason, I just have not
yet figured it out.

I will take a look, thank you!

On Mon, Jul 13, 2009 at 3:47 PM, Caldarale, Charles R 
chuck.caldar...@unisys.com wrote:

  From: Lucas Vickers [mailto:lucasvick...@gmail.com]
  Subject: Logging of memory / thread activity
 
  I have an issue where Tomcat shuts down without reason.

 So this is in some universe without causality?  Must be quantum effects.

  Is there any product / methodology for periodically
  logging this information?

 You can take a look this:
 http://moskito.anotheria.net/

 You probably should also turn on -verbose:gc and -Xloggc to monitor
 activity on the Java heap.

  - Chuck


 THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
 MATERIAL and is thus for use only by the intended recipient. If you received
 this in error, please contact the sender and delete the e-mail and its
 attachments from all computers.


 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Filter RequestWrapper

2009-07-13 Thread Ivo Silva 
Hi again, Christopher!

Yes, but that is the last resort!

We are still testing this approach but all is working as expected.
The main reason to adopt this is to provide the possibility to deploy
the legacy application in a portal environment (as a portlet) and to
allow instatiation whitout requiring the deployment of new portlet for
each instance.

Best regards!

On 7/13/09, Christopher Schultz ch...@christopherschultz.net wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 Ivo,

 On 7/13/2009 2:28 PM, Ivo Silva wrote:
 I cannot use a request parameter because the legacy application is
 inside an iframe.
 If I passed it as a request parameter in the iframe it would only work
 the first time, because once you click a link inside the iframe the
 parameter wouldn't be there.

 Hmm... what about deploying a separate application into a sub-URI of
 your main application. Something like this:

 mainapp.war - /mainApp
 legacy.war  - /mainApp/X
 legacy.war  - /mainApp/Y
 legacy.war  - /mainApp/Z

 This will actually give you separate sessions and getContextPath will
 always work correctly, even when called from the legacy webapp.

 - -chris
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.9 (MingW32)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

 iEYEARECAAYFAkpbhAkACgkQ9CaO5/Lv0PAdJQCfdEJuPGVinHBl76jaQA9bNaRV
 nPQAn0R2Ip3/S19j5Xyoa4lyA0c0Y/Gz
 =2hKX
 -END PGP SIGNATURE-

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Logging of memory / thread activity

2009-07-13 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Lucas,

On 7/13/2009 2:22 PM, Lucas Vickers wrote:
 I have an issue where Tomcat shuts down without reason.  When receiving a
 light to moderate load that involves MySql database work tomcat shuts down
 without error.
 
 I get the message
 INFO main org.apache.coyote.http11. Http11BaseProtocol - Pausing Coyote
 HTTP/1.1 on http-8080
 
 This is consistent after 2-4 minutes of simple stress testing.

What happens if you don't even stress-test the app? Does Tomcat go down
with /no/ load on it?

 I am not very sure where the issue lies.

Try this:

$ grep System.exit `find src -name *.java`

 I know the tomcat status page gives me a good deal of the information I
 would like.  Is there any product / methodology for periodically logging
 this information?

I would write a script that does roughly this:

while true ; do
  wget -O status.`date` http://localhost/path/to/tomcat/status
  sleep 1000
done

Then you can see a history of the statuses of your server. If some
thread is calling System.exit, though, then you probably won't see
anything useful.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpbkEgACgkQ9CaO5/Lv0PBkGQCgqBtEM50zA0adK0aTdLLnR5kv
82UAn2ZCgDJWKZOUlulYL7Tl8xETXSDD
=6YP5
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Tuniing Apache-Tomcap

2009-07-13 Thread Vida Luz Arista 
Hi All

We have a application running on Apache Tomcat, but the performance is very 
slow, the application was developer in netbeans, but now is runing in the 
server is very slow.

We need suggestion to make tuning en the apache tomcat.

Regards.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: FTPSClient running under Tomcat 5.5 - SSLException

2009-07-13 Thread Evan Smith 

Thanks for the response, Chris.

No security manager, as I'm running into the errors in dev. I will try  
running it under a security manager, and explicitly configure  
catalina.policy to account for this connection. I'll let you know what  
I find.


Evan


On Jul 13, 2009, at 10:06 AM, Christopher Schultz wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Evan,

On 7/10/2009 4:43 PM, Evan Smith wrote:
What's puzzling is that I have tested this exact code inside and  
outside
Tomcat, on several different machines. On every machine, it connects  
and

lists files on the FTP server successfully every time, provided that
it's not running under Tomcat. On every machine, when I run the same
code under Tomcat, I get the same exception.


I suspect it's a SecurityManager. Are you running under a  
SecurityManager?



- re-evaluated Calatina policy: From what I can tell in the docs, if
there's an issue with policy permissions, a policy exception should be
logged, along with a FAILED message. I find neither of these in my  
logs;

just the exception mentioned above.


I wouldn't be surprised of the SSLSocket is swallowing the security
exception and just throwing it's own exception instead.

If you are running under a SecurityManager, try disabling it temporarily
to see if your code works without those constraints. If it does, then
you need to fiddle with your catalina.policy.

Do you have anything in your catalina.policy already to account for this
connection?

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpbaacACgkQ9CaO5/Lv0PB1qACfbr2U+YxTk5dwYcgG30u7+gAD
YdIAoJ+yCHYivgXWw8l/uYnphyU7/tVP
=lZSy
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Filter RequestWrapper

2009-07-13 Thread Pid 

On 13/7/09 20:51, Ivo Silva wrote:

Hi again, Christopher!

Yes, but that is the last resort!

We are still testing this approach but all is working as expected.
The main reason to adopt this is to provide the possibility to deploy
the legacy application in a portal environment (as a portlet) and to
allow instatiation whitout requiring the deployment of new portlet for
each instance.


I hate to say this, but you'll soon be approaching the point where you 
might as well have rewritten a (or, the URL) portion of the legacy app 
to cope with the new use case, given the time you're expending trying to 
solve a problem with two conflicting requirements.


p



Best regards!

On 7/13/09, Christopher Schultzch...@christopherschultz.net  wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Ivo,

On 7/13/2009 2:28 PM, Ivo Silva wrote:

I cannot use a request parameter because the legacy application is
inside an iframe.
If I passed it as a request parameter in the iframe it would only work
the first time, because once you click a link inside the iframe the
parameter wouldn't be there.

Hmm... what about deploying a separate application into a sub-URI of
your main application. Something like this:

mainapp.war -  /mainApp
legacy.war  -  /mainApp/X
legacy.war  -  /mainApp/Y
legacy.war  -  /mainApp/Z

This will actually give you separate sessions and getContextPath will
always work correctly, even when called from the legacy webapp.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpbhAkACgkQ9CaO5/Lv0PAdJQCfdEJuPGVinHBl76jaQA9bNaRV
nPQAn0R2Ip3/S19j5Xyoa4lyA0c0Y/Gz
=2hKX
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Tuniing Apache-Tomcap

2009-07-13 Thread Pid 

On 13/7/09 20:57, Vida Luz Arista wrote:

Hi All

We have a application running on Apache Tomcat, but the performance is very 
slow, the application was developer in netbeans, but now is runing in the 
server is very slow.


Which versions of: Tomcat, OS?
How much memory on your dev machine, how much on the server?
Using a DB?  Which one?
Using a web server?  Which one?
If applicable, are all or any of the above on the same box?
If applicable, what resources are each of the above using?
What are your heap settings?
What does your GC log say?

I can probably think of some more questions, but these'll keep you going 
for a bit.



We need suggestion to make tuning en the apache tomcat.


How do you know that Tomcat is the source of the problem?

p


Regards.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Filter RequestWrapper

2009-07-13 Thread Ivo Silva 
Hi, Pid! How are you?

As I said, we now have a working solution, currently in tests, but so
far so good.

Nevertheless this is always a good exercice to better understand the
inner workings of our fellow Tom, the cat!

Cheers!

On 7/13/09, Pid p...@pidster.com wrote:
 On 13/7/09 20:51, Ivo Silva wrote:
 Hi again, Christopher!

 Yes, but that is the last resort!

 We are still testing this approach but all is working as expected.
 The main reason to adopt this is to provide the possibility to deploy
 the legacy application in a portal environment (as a portlet) and to
 allow instatiation whitout requiring the deployment of new portlet for
 each instance.

 I hate to say this, but you'll soon be approaching the point where you
 might as well have rewritten a (or, the URL) portion of the legacy app
 to cope with the new use case, given the time you're expending trying to
 solve a problem with two conflicting requirements.

 p


 Best regards!

 On 7/13/09, Christopher Schultzch...@christopherschultz.net  wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 Ivo,

 On 7/13/2009 2:28 PM, Ivo Silva wrote:
 I cannot use a request parameter because the legacy application is
 inside an iframe.
 If I passed it as a request parameter in the iframe it would only work
 the first time, because once you click a link inside the iframe the
 parameter wouldn't be there.
 Hmm... what about deploying a separate application into a sub-URI of
 your main application. Something like this:

 mainapp.war -  /mainApp
 legacy.war  -  /mainApp/X
 legacy.war  -  /mainApp/Y
 legacy.war  -  /mainApp/Z

 This will actually give you separate sessions and getContextPath will
 always work correctly, even when called from the legacy webapp.

 - -chris
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.9 (MingW32)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

 iEYEARECAAYFAkpbhAkACgkQ9CaO5/Lv0PAdJQCfdEJuPGVinHBl76jaQA9bNaRV
 nPQAn0R2Ip3/S19j5Xyoa4lyA0c0Y/Gz
 =2hKX
 -END PGP SIGNATURE-

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org



 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org




 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: chunked encoding

2009-07-13 Thread charliehnabble 

I debated putting this in a separate thread, but there seems to be so much
expertise focused on this thread:

What if I WANT chunked?

I have a device that sends http POST header and xml request payload in one
packet. Tomcat responds chunked. However when an intervening router decides
to split the http POST header and xml request into two packets, Tomcat
responds non-chunked. My device wants chunked response.

Any way to force Tomcat to respond chunked?
-- 
View this message in context: 
http://www.nabble.com/chunked-encoding-tp23986311p24469028.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Logging of memory / thread activity

2009-07-13 Thread János Löbb 


On Jul 13, 2009, at 3:47 PM, Caldarale, Charles R wrote:


From: Lucas Vickers [mailto:lucasvick...@gmail.com]
Subject: Logging of memory / thread activity

I have an issue where Tomcat shuts down without reason.


So this is in some universe without causality?  Must be quantum  
effects.


Someone replaced Schrödinger's cat with tomcat in a gedanke  
experiment :)



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: FTPSClient running under Tomcat 5.5 - SSLException

2009-07-13 Thread Evan Smith 
Holy smokes, the thing doesn't run at all if I turn the security  
manager on. No doubt I should be running with one, but I'm afraid  
that's chasing after an altogether different problem, at the moment.  
I'm hesitant to go fix that until I've figured out this issue first.


Any other ideas?

Thanks again,
Evan


On Jul 13, 2009, at 1:26 PM, Evan Smith wrote:

Thanks for the response, Chris.

No security manager, as I'm running into the errors in dev. I will try
running it under a security manager, and explicitly configure
catalina.policy to account for this connection. I'll let you know what
I find.

Evan


On Jul 13, 2009, at 10:06 AM, Christopher Schultz wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Evan,

On 7/10/2009 4:43 PM, Evan Smith wrote:

What's puzzling is that I have tested this exact code inside and
outside
Tomcat, on several different machines. On every machine, it connects
and
lists files on the FTP server successfully every time, provided that
it's not running under Tomcat. On every machine, when I run the same
code under Tomcat, I get the same exception.


I suspect it's a SecurityManager. Are you running under a
SecurityManager?


- re-evaluated Calatina policy: From what I can tell in the docs, if
there's an issue with policy permissions, a policy exception should be
logged, along with a FAILED message. I find neither of these in my
logs;
just the exception mentioned above.


I wouldn't be surprised of the SSLSocket is swallowing the security
exception and just throwing it's own exception instead.

If you are running under a SecurityManager, try disabling it temporarily
to see if your code works without those constraints. If it does, then
you need to fiddle with your catalina.policy.

Do you have anything in your catalina.policy already to account for this
connection?

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpbaacACgkQ9CaO5/Lv0PB1qACfbr2U+YxTk5dwYcgG30u7+gAD
YdIAoJ+yCHYivgXWw8l/uYnphyU7/tVP
=lZSy
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: FTPSClient running under Tomcat 5.5 - SSLException

2009-07-13 Thread Evan Smith 
Case closed. Turns out my build was churning out both commons-net-1.4  
AND commons-net-2.0, resulting in a conflict. Hence, when I ran it  
from Tomcat I saw the problem, and when I ran it from my test in  
eclipse, I did not.


Thanks for your help Chris.

Evan


On Jul 13, 2009, at 2:10 PM, Evan Smith wrote:

Holy smokes, the thing doesn't run at all if I turn the security
manager on. No doubt I should be running with one, but I'm afraid
that's chasing after an altogether different problem, at the moment.
I'm hesitant to go fix that until I've figured out this issue first.

Any other ideas?

Thanks again,
Evan


On Jul 13, 2009, at 1:26 PM, Evan Smith wrote:

Thanks for the response, Chris.

No security manager, as I'm running into the errors in dev. I will try
running it under a security manager, and explicitly configure
catalina.policy to account for this connection. I'll let you know what
I find.

Evan


On Jul 13, 2009, at 10:06 AM, Christopher Schultz wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Evan,

On 7/10/2009 4:43 PM, Evan Smith wrote:

What's puzzling is that I have tested this exact code inside and
outside
Tomcat, on several different machines. On every machine, it connects
and
lists files on the FTP server successfully every time, provided that
it's not running under Tomcat. On every machine, when I run the same
code under Tomcat, I get the same exception.


I suspect it's a SecurityManager. Are you running under a
SecurityManager?


- re-evaluated Calatina policy: From what I can tell in the docs, if
there's an issue with policy permissions, a policy exception should be
logged, along with a FAILED message. I find neither of these in my
logs;
just the exception mentioned above.


I wouldn't be surprised of the SSLSocket is swallowing the security
exception and just throwing it's own exception instead.

If you are running under a SecurityManager, try disabling it temporarily
to see if your code works without those constraints. If it does, then
you need to fiddle with your catalina.policy.

Do you have anything in your catalina.policy already to account for this
connection?

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpbaacACgkQ9CaO5/Lv0PB1qACfbr2U+YxTk5dwYcgG30u7+gAD
YdIAoJ+yCHYivgXWw8l/uYnphyU7/tVP
=lZSy
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: chunked encoding

2009-07-13 Thread André Warnier 

charliehnabble wrote:

I debated putting this in a separate thread, but there seems to be so much
expertise focused on this thread:

What if I WANT chunked?

I have a device that sends http POST header and xml request payload in one
packet. Tomcat responds chunked. However when an intervening router decides
to split the http POST header and xml request into two packets, Tomcat
responds non-chunked.


On the face of it, that does not seem to make any sense.  Whether Tomcat 
sends the response chunked or not, shouldn't have anything to do with 
the way the request comes in.  At least not with whether it comes in as 
one or two packets (definition of packet needed here).
It could have something to do with an accept-encoding HTTP request 
header however.


 My device wants chunked response.

Hate to say this, but your device is wrong. It should be able to accept 
a response chunked or not.




Any way to force Tomcat to respond chunked?


I believe Tomcat will send the response chunked, if it doesn't know how 
long the response will be when it sends out the first response headers.
If your app tells Tomcat by setting a Content-length header, then you're 
cooked.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Symlinks inside WEB-INF/classes not working for me

2009-07-13 Thread John Willemin 
Tomcat 6.0.16
Linux 2.6.18
JDK 1.6.0_05

Imagine a webapp like this:
/index.jsp
/WEB-INF
-web.xml (of course)
-/classes
--ConfigFile.txt
-/lib
--MyConfigLoader.class

If I want to load ConfigFile.txt into an InputStream from inside my
webapp, all I have to do is this:

InputStream configStream =
this.getClass().getClassLoader().getResource(/ConfigFile.txt);

In some cases, I may want to run multiple instances of the application but
have them share one copy of the configuration file. The idea is that I
only want to have to maintain one version of the config file per Tomcat
and have all the webapps use the same copy. If I put ConfigFile.txt inside
/tmp, for instance, this works fine:

InputStream configStream = new FileInputStream(/tmp/ConfigFile.txt);

But what I tried doing was, symbolically linking all the different webapps
to one copy of the file. In other words,
tomcat/webapps/myapp1/WEB-INF/classes/ConfigFile.txt and
tomcat/webapps/myapp2/WEB-INF/classes/ConfigFile.txt would just be
symlinks to /tmp/ConfigFile.txt.

When I do this, the input stream comes up null:
InputStream configStream =
this.getClass().getClassLoader().getResource(/ConfigFile.txt);

I thought that symlinks were just treated like files, and that this should
just work. I stepped through org.apache.catalina.loader.WebappClassLoader
in the Eclipse debugger and I can't see anything that would obviously
prevent symlinks from working. But the only time that the ConfigFile.txt
shows up in the resourceEntries Map as a ResourceEntry is when I have the
file physically inside WEB-INF/classes - never when it is only a symlink.

I have googled many combinations of
java/linux/classloader/tomcat/symlink/symbolic link/classpath and not
found anything quite like this yet.

Any ideas?

Thanks!


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Symlinks inside WEB-INF/classes not working for me

2009-07-13 Thread John W 
 Tomcat 6.0.16
 Linux 2.6.18
 JDK 1.6.0_05

 Imagine a webapp like this:
 /index.jsp
 /WEB-INF
 -web.xml (of course)
 -/classes
 --ConfigFile.txt
 -/lib
 --MyConfigLoader.class

... and imagine that .class file is inside a .jar file :) Sorry about that.

John





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Tomcat 5.5.23 keeps starting threads until OS runs out of memory

2009-07-13 Thread Rahman Akhlaqur 

Hi

I am having an issue with Tomcat starting too many selector threads. I have got 
some stack trace info about these threads as below:

SelectorThread 
sun.nio.ch.PollArrayWrapper.poll0 ( native code ) 
sun.nio.ch.PollArrayWrapper.poll ( PollArrayWrapper.java:74 ) 
sun.nio.ch.WindowsSelectorImpl.doSelect ( WindowsSelectorImpl.java:61 ) 
sun.nio.ch.SelectorImpl.lockAndDoSelect ( SelectorImpl.java:69 ) 
sun.nio.ch.SelectorImpl.select ( SelectorImpl.java:80 ) 
com.sun.corba.se.impl.transport.SelectorImpl.run ( SelectorImpl.java:249 ) 

When Tomcat starts approx 1800-1900 hundred of these selector threads, Windows 
runs out of memory and we have to restart tomcat to restore the website.

I think these are started by our webapp, but not sure how to trace this back to 
the bit of code that is doing this. Any suggestions would be appreciated.

Best Regards,
Akik Rahman




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Symlinks inside WEB-INF/classes not working for me

2009-07-13 Thread David Smith 
John Willemin wrote:
 Tomcat 6.0.16
 Linux 2.6.18
 JDK 1.6.0_05

 Imagine a webapp like this:
 /index.jsp
 /WEB-INF
 -web.xml (of course)
 -/classes
 --ConfigFile.txt
 -/lib
 --MyConfigLoader.class

 If I want to load ConfigFile.txt into an InputStream from inside my
 webapp, all I have to do is this:

 InputStream configStream =
 this.getClass().getClassLoader().getResource(/ConfigFile.txt);

 In some cases, I may want to run multiple instances of the application but
 have them share one copy of the configuration file. The idea is that I
 only want to have to maintain one version of the config file per Tomcat
 and have all the webapps use the same copy. If I put ConfigFile.txt inside
 /tmp, for instance, this works fine:

 InputStream configStream = new FileInputStream(/tmp/ConfigFile.txt);

 But what I tried doing was, symbolically linking all the different webapps
 to one copy of the file. In other words,
 tomcat/webapps/myapp1/WEB-INF/classes/ConfigFile.txt and
 tomcat/webapps/myapp2/WEB-INF/classes/ConfigFile.txt would just be
 symlinks to /tmp/ConfigFile.txt.

 When I do this, the input stream comes up null:
 InputStream configStream =
 this.getClass().getClassLoader().getResource(/ConfigFile.txt);

 I thought that symlinks were just treated like files, and that this should
 just work. I stepped through org.apache.catalina.loader.WebappClassLoader
 in the Eclipse debugger and I can't see anything that would obviously
 prevent symlinks from working. But the only time that the ConfigFile.txt
 shows up in the resourceEntries Map as a ResourceEntry is when I have the
 file physically inside WEB-INF/classes - never when it is only a symlink.

 I have googled many combinations of
 java/linux/classloader/tomcat/symlink/symbolic link/classpath and not
 found anything quite like this yet.

 Any ideas?

 Thanks!


 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org

   
If you look at all the third party repackages of tomcat that fail,
you'll see a theme -- symlinks cause problems in java.  I would highly
recommend you find a way to maintain that config file via the build
system and have a copy in each of the webapps.  Either that or put a
copy in tomcat's lib folder where it becomes accessible to all webapps
in the environment.

--David


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Symlinks inside WEB-INF/classes not working for me

2009-07-13 Thread David Smith 
David Smith wrote:
 John Willemin wrote:
   
 Tomcat 6.0.16
 Linux 2.6.18
 JDK 1.6.0_05

 Imagine a webapp like this:
 /index.jsp
 /WEB-INF
 -web.xml (of course)
 -/classes
 --ConfigFile.txt
 -/lib
 --MyConfigLoader.class

 If I want to load ConfigFile.txt into an InputStream from inside my
 webapp, all I have to do is this:

 InputStream configStream =
 this.getClass().getClassLoader().getResource(/ConfigFile.txt);

 In some cases, I may want to run multiple instances of the application but
 have them share one copy of the configuration file. The idea is that I
 only want to have to maintain one version of the config file per Tomcat
 and have all the webapps use the same copy. If I put ConfigFile.txt inside
 /tmp, for instance, this works fine:

 InputStream configStream = new FileInputStream(/tmp/ConfigFile.txt);

 But what I tried doing was, symbolically linking all the different webapps
 to one copy of the file. In other words,
 tomcat/webapps/myapp1/WEB-INF/classes/ConfigFile.txt and
 tomcat/webapps/myapp2/WEB-INF/classes/ConfigFile.txt would just be
 symlinks to /tmp/ConfigFile.txt.

 When I do this, the input stream comes up null:
 InputStream configStream =
 this.getClass().getClassLoader().getResource(/ConfigFile.txt);

 I thought that symlinks were just treated like files, and that this should
 just work. I stepped through org.apache.catalina.loader.WebappClassLoader
 in the Eclipse debugger and I can't see anything that would obviously
 prevent symlinks from working. But the only time that the ConfigFile.txt
 shows up in the resourceEntries Map as a ResourceEntry is when I have the
 file physically inside WEB-INF/classes - never when it is only a symlink.

 I have googled many combinations of
 java/linux/classloader/tomcat/symlink/symbolic link/classpath and not
 found anything quite like this yet.

 Any ideas?

 Thanks!


 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org

   
 
 If you look at all the third party repackages of tomcat that fail,
 you'll see a theme -- symlinks cause problems in java.  I would highly
 recommend you find a way to maintain that config file via the build
 system and have a copy in each of the webapps.  Either that or put a
 copy in tomcat's lib folder where it becomes accessible to all webapps
 in the environment.

 --David


   

Ooops ... I mean tomcat's common classes folder.   See the classloader
docs for your version of tomcat for details of where that is and/or what
needs to be configured to enable it.

--David


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

reply timeout, connect_timeout and preprost_timeout values

2009-07-13 Thread Madhuri Patwardhan 

Hi,

What should be the practical values for connect_timeout, prepost_timeout and 
reply_timeout in a production environment where traffic is considerable and a 
load balancer is used with 19 workers?

Thanks,
Madhuri


  

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Symlinks inside WEB-INF/classes not working for me

2009-07-13 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

David,

On 7/13/2009 8:50 PM, David Smith wrote:
 If you look at all the third party repackages of tomcat that fail,
 you'll see a theme -- symlinks cause problems in java.  I would highly
 recommend you find a way to maintain that config file via the build
 system and have a copy in each of the webapps.  Either that or put a
 copy in tomcat's lib folder where it becomes accessible to all webapps
 in the environment.

While I agree with your recommendation for using a more sophisticated
build/deployment process, I disagree with your reasoning. Java and/or
Tomcat should not have any problem reading files via symlinks. As far as
I know, Java's I/O API does not have the ability to distinguish between
symbolic and hard links. I suspect the problem lies elsewhere.

It's possible that the native part of the ClassLoader has some objection
to symlinked files, but I can't imagine that to be true.

I have never had any problems with symlinks from Java programs in the
past. That doesn't mean that I've seen everything, though.

John, what is the actual error when the file cannot be found? What
happens if you try to open the file using a FileInputStream instead of
the ClassLoader?

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpb4DwACgkQ9CaO5/Lv0PA3MACdERUerLlhWtgnMlI6ruGLor4/
UHgAn1myPgqBIMbvMoWJylPdi1fdCteQ
=t8RA
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: reply timeout, connect_timeout and preprost_timeout values

2009-07-13 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Madhuri,

On 7/13/2009 9:09 PM, Madhuri Patwardhan wrote:
 What should be the practical values for connect_timeout,
 prepost_timeout and reply_timeout in a production environment where
 traffic is considerable and a load balancer is used with 19 workers?

That depends on your requirements.

How long should a connection be allowed to sit idle before a request is
made on it in your environment?

19 workers, eh? That's an odd (ha!) number of workers to have. Do you
mean back-end servers? Or do you mean mod_jk workers. Or do you mean
worker threads.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpb4QcACgkQ9CaO5/Lv0PD+fACeJQJ63Yj7s2DIMZBToLmdHY3V
dggAoLMuVfX5+nsJnVFQsiwzCr9zs7qd
=35+S
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: FTPSClient running under Tomcat 5.5 - SSLException

2009-07-13 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Evan,

On 7/13/2009 7:08 PM, Evan Smith wrote:
 Case closed. Turns out my build was churning out both commons-net-1.4
 AND commons-net-2.0, resulting in a conflict.

That'll do it.

Good luck configuring all those security allowances :)

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpb4U4ACgkQ9CaO5/Lv0PDkQACgoWyB/Hcu0KH/gIKokOzo0uA/
5dYAn0oeiaICCkoqm4ShazHLZFsm30QF
=yiwN
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Tomcat 5.5.23 keeps starting threads until OS runs out of memory

2009-07-13 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Rahman,

On 7/13/2009 9:13 AM, Rahman Akhlaqur wrote:
 Hi
 
 I am having an issue with Tomcat starting too many selector threads.
 I have got some stack trace info about these threads as below:
 
 SelectorThread 
 sun.nio.ch.PollArrayWrapper.poll0 ( native code ) 
 sun.nio.ch.PollArrayWrapper.poll ( PollArrayWrapper.java:74 ) 
 sun.nio.ch.WindowsSelectorImpl.doSelect ( WindowsSelectorImpl.java:61 ) 
 sun.nio.ch.SelectorImpl.lockAndDoSelect ( SelectorImpl.java:69 ) 
 sun.nio.ch.SelectorImpl.select ( SelectorImpl.java:80 ) 
 com.sun.corba.se.impl.transport.SelectorImpl.run ( SelectorImpl.java:249 ) 

CORBA, eh? Are you starting an RMI server per request?

 When Tomcat starts approx 1800-1900 hundred of these selector 
 threads, Windows runs out of memory and we have to restart tomcat to
 restore the website.

1900 hundred? That's a whole lotta threads. I'm surprised you're not
hitting a thread maximum in the OS and halting the JVM.

 I think these are started by our webapp, but not sure how to trace 
 this back to the bit of code that is doing this. Any suggestions
 would be appreciated.

Showing more of the stack trace will certainly help reveal the problem.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpb4jkACgkQ9CaO5/Lv0PD8+wCdEyIQGJ6y4QR0QAuUFgrIsk5w
rvcAoIrxIdO4yg0nP9Oo/7IX+HFQlNV7
=ALeE
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Failed to start Tomcat service

2009-07-13 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hung,

On 7/13/2009 2:21 PM, Bui, Hung (CDPH-DDWEM) wrote:
 I am using Tomcat 6.0.18. This morning I found that the Tomcat server
 was not running.  I tried to start the service and got this error.
 Please help.  Thank you.
 
 [2009-07-13 11:02:57] [994  prunsrv.c] [error] Failed creating java
 C:\Program Files\Java\jre1.6.0_07\bin\client\jvm.dll

Someone moved your cheese.

I'll bet that someone recently upgraded the JVM on your server from
1.6.0_07 to 1.6.0_13 and removed the old version. If this is a
production application, that person should be fired.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpb4qMACgkQ9CaO5/Lv0PDeqgCfbshL9nB4U08GR8WGpZC0grBg
Bw8AoK60fDUDKomEYItcesWa9D+jBay/
=mU+W
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Solaris 10 mod_jk problems...

2009-07-13 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

André,

On 7/7/2009 2:44 PM, André Warnier wrote:
 Dunno, but I have this nagging not-quite-sure memory tidbit :
 
 running ./configure --with-apxs=/usr/apache2/bin/apxs
 
 I have not compiled mod_jk very often, but isn't there something like
 apxs2 for Apache2 ?

Nah, apxs is apxs. Sometimes, the script itself is called apxs2 to
differentiate it, but configure and/or apxs itself can figure everything
out.

 You need to build mod_jk using that same compiler.

Yes. You probably need httpd and mod_jk built with the same compiler.
Any idea where httpd came from?

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpb5HMACgkQ9CaO5/Lv0PCPAQCcCw8yMg1kNd9zOcGF0qjOY/Yk
0b4An07PoWIyHUaAQ4ezB6erAVF3ZbNi
=KU8l
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Tomcat 5.5.23 keeps starting threads until OS runs out of memory

2009-07-13 Thread Caldarale, Charles R 
 From: Christopher Schultz [mailto:ch...@christopherschultz.net]
 Subject: Re: Tomcat 5.5.23 keeps starting threads until OS runs out of
 memory
 
 I'm surprised you're not hitting a thread maximum in the OS
 and halting the JVM.

I'm not aware of any hard limit in Windows; regardless, hitting such a limit 
just returns an error status on the system call, not a process abort.

 Showing more of the stack trace will certainly help reveal the problem.

Not likely; that will only show the stack of the started thread, not where it 
was started from.  A heap profiler should show who created the Thread objects, 
if the profiler captures enough of the call stack at object creation time.

One would think a grep of the webapp source for calls to start() would be a 
rather quick first cut if a profiler can't be used.
 
If the source isn't available, then one possible way to trap the origin of the 
Thread.start() call is to enable a security manager and only allow start() 
calls from Tomcat, not webapp, code.  This would probably require several 
iterations and would be somewhat tedious.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.

Re: reply timeout, connect_timeout and preprost_timeout values

2009-07-13 Thread Madhuri Patwardhan 

Hi,

Thanks for the prompt reply. I mean 19 tomcat instances (mod_jk workers) 
managed with load balancer worker. 

I want to configure the timeout values so that hung tomcat is detected and 
failover happens without users suffering. I completely understand that this 
would be dependent on the application. However, I just wanted to know the 
typical values that would be used for these.

Thanks,
Madhuri





--- On Mon, 7/13/09, Christopher Schultz ch...@christopherschultz.net wrote:

 From: Christopher Schultz ch...@christopherschultz.net
 Subject: Re: reply timeout, connect_timeout and preprost_timeout values
 To: Tomcat Users List users@tomcat.apache.org
 Date: Monday, July 13, 2009, 9:36 PM
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 Madhuri,
 
 On 7/13/2009 9:09 PM, Madhuri Patwardhan wrote:
  What should be the practical values for
 connect_timeout,
  prepost_timeout and reply_timeout in a production
 environment where
  traffic is considerable and a load balancer is used
 with 19 workers?
 
 That depends on your requirements.
 
 How long should a connection be allowed to sit idle before
 a request is
 made on it in your environment?
 
 19 workers, eh? That's an odd (ha!) number of workers to
 have. Do you
 mean back-end servers? Or do you mean mod_jk workers. Or do
 you mean
 worker threads.
 
 - -chris
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.9 (MingW32)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
 
 iEYEARECAAYFAkpb4QcACgkQ9CaO5/Lv0PD+fACeJQJ63Yj7s2DIMZBToLmdHY3V
 dggAoLMuVfX5+nsJnVFQsiwzCr9zs7qd
 =35+S
 -END PGP SIGNATURE-
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 
 


  

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Failed to start Tomcat service

2009-07-13 Thread Kham Mulman 
i faced same problem...

i'm now ok...
i'm not sure, if it works for you.. try once it- put msvcr71.dll into bin
directory of your tomcat..

i hope it would be useful to you..



On Tue, Jul 14, 2009 at 10:42 AM, Christopher Schultz 
ch...@christopherschultz.net wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 Hung,

 On 7/13/2009 2:21 PM, Bui, Hung (CDPH-DDWEM) wrote:
  I am using Tomcat 6.0.18. This morning I found that the Tomcat server
  was not running.  I tried to start the service and got this error.
  Please help.  Thank you.
 
  [2009-07-13 11:02:57] [994  prunsrv.c] [error] Failed creating java
  C:\Program Files\Java\jre1.6.0_07\bin\client\jvm.dll

 Someone moved your cheese.

 I'll bet that someone recently upgraded the JVM on your server from
 1.6.0_07 to 1.6.0_13 and removed the old version. If this is a
 production application, that person should be fired.

 - -chris
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.9 (MingW32)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

 iEYEARECAAYFAkpb4qMACgkQ9CaO5/Lv0PDeqgCfbshL9nB4U08GR8WGpZC0grBg
 Bw8AoK60fDUDKomEYItcesWa9D+jBay/
 =mU+W
 -END PGP SIGNATURE-

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Symlinks inside WEB-INF/classes not working for me

2009-07-13 Thread Konstantin Kolinko 
 While I agree with your recommendation for using a more sophisticated
 build/deployment process, I disagree with your reasoning. Java and/or
 Tomcat should not have any problem reading files via symlinks. As far as
 I know, Java's I/O API does not have the ability to distinguish between
 symbolic and hard links.

and some OS does not have the ability to distinguish lowercase and
uppercase names. (joking...).

See how allowLinking and caseSensitive options are implemented in
StandardContext.


Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: reply timeout, connect_timeout and preprost_timeout values

2009-07-13 Thread Madhuri Patwardhan 

Thanks for the prompt reply. What is APR? (please pardon my ignorance. I am new 
to this.)

connect_timeout and preprost_timeout what would be the typical values? 
something like 5000 or less/more? 

I also wonder if I specify prepost_timeout then it would mean now each request 
would take that much additional time? Before serving each request cping/cpong 
would be tried with timeout value of prepost_timeout so that adds little delay 
to serving the request??

Also, a typical value for recovery_options would be 3.

Thanks,
Madhuri

--- On Mon, 7/13/09, Martin Gainty mgai...@hotmail.com wrote:

 From: Martin Gainty mgai...@hotmail.com
 Subject: RE: reply timeout, connect_timeout and preprost_timeout values
 To: madhuri_patward...@yahoo.com
 Date: Monday, July 13, 2009, 10:05 PM
 
 
 
 #yiv2065840069 .hmmessage P
 {
 margin:0px;padding:0px;}
 #yiv2065840069 {
 font-size:10pt;font-family:Verdana;}
 
 
  
 assume No APR
 worker.template.reply-timeout=2
 worker.template.socket-connect-timeout=5000
 worker.template.ping-mode=A
 worker.template.ping-timeout=25000
 http://www.pubbs.net/tomcat/200902/18677
 
 Martin Gainty 
 __ 
 Verzicht und Vertraulichkeitanmerkung
  
 Diese Nachricht ist vertraulich. Sollten Sie nicht der
 vorgesehene Empfaenger sein, so bitten wir hoeflich um eine
 Mitteilung. Jede unbefugte Weiterleitung oder Fertigung
 einer Kopie ist unzulaessig. Diese Nachricht dient lediglich
 dem Austausch von Informationen und entfaltet keine
 rechtliche Bindungswirkung. Aufgrund der leichten
 Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer
 den Inhalt uebernehmen.
 
 
 
 
 
 
  Date: Mon, 13 Jul 2009 18:09:39 -0700
  From: madhuri_patward...@yahoo.com
  Subject: reply timeout, connect_timeout and
 preprost_timeout values
  To: users@tomcat.apache.org
  
  
  Hi,
  
  What should be the practical values for
 connect_timeout, prepost_timeout and reply_timeout in a
 production environment where traffic is considerable and a
 load balancer is used with 19 workers?
  
  Thanks,
  Madhuri
  
  

  
 
 -
  To unsubscribe, e-mail:
 users-unsubscr...@tomcat.apache.org
  For additional commands, e-mail:
 users-h...@tomcat.apache.org
  
 
 Windows Live™ Hotmail®: Spread the word when
 you add celeb photos to your e-mails. Check
 it out. 
 




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Symlinks inside WEB-INF/classes not working for me

2009-07-13 Thread Bill Barker 

Christopher Schultz ch...@christopherschultz.net wrote in message 
news:4a5be03c.7050...@christopherschultz.net...
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 David,

 On 7/13/2009 8:50 PM, David Smith wrote:
 If you look at all the third party repackages of tomcat that fail,
 you'll see a theme -- symlinks cause problems in java.  I would highly
 recommend you find a way to maintain that config file via the build
 system and have a copy in each of the webapps.  Either that or put a
 copy in tomcat's lib folder where it becomes accessible to all webapps
 in the environment.

 While I agree with your recommendation for using a more sophisticated
 build/deployment process, I disagree with your reasoning. Java and/or
 Tomcat should not have any problem reading files via symlinks. As far as
 I know, Java's I/O API does not have the ability to distinguish between
 symbolic and hard links. I suspect the problem lies elsewhere.


My first guess is that there is a SecurityManager lurking somewhere to stop 
the OP from doing:
  ln -s /etc/passwd


 It's possible that the native part of the ClassLoader has some objection
 to symlinked files, but I can't imagine that to be true.

 I have never had any problems with symlinks from Java programs in the
 past. That doesn't mean that I've seen everything, though.

 John, what is the actual error when the file cannot be found? What
 happens if you try to open the file using a FileInputStream instead of
 the ClassLoader?

 - -chris
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.9 (MingW32)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

 iEYEARECAAYFAkpb4DwACgkQ9CaO5/Lv0PA3MACdERUerLlhWtgnMlI6ruGLor4/
 UHgAn1myPgqBIMbvMoWJylPdi1fdCteQ
 =t8RA
 -END PGP SIGNATURE- 




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Manipulate other session

2009-07-13 Thread Daniel Henrique Alves Lima 

On Mon, 2009-07-13 at 13:00 -0400, Christopher Schultz wrote:
 
  As
  Mikolaj Rydzewski said, you could perform a HTTP request using a
  different JSESSIONID cookie or a ;jsessionid URL rewriting.
 
 This is possible.
 
 It's also possible to use a SessionListener to maintain your own list of
 sessions and then you can do whatever you want.
 
 The real question is why you want to do this in the first place.

I don't. It is Yves' question.





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org