Re: Problem with apache tomcat while running load test
On 10.07.2009 07:31, Aneesha Pant wrote: We have configured 2 tomcats with 1 Apache on the same box, but during performance testing, we are continuously getting these errors in the mod_jk log Please help Since 111 on most OSes is connection refused, I am guessing you got OutOfmemoryError on your Tomcat and as a result it doesn't listen any more for incoming requests. Another possibility is that your thread pool is exhausted. So check your connector configuration for the number of threads and compare to the expected concurrency in your load testing scenario. Java thread dumps will show you, what all those threads are doing (e.g. waiting for). Regards, Rainer [Thu Jul 09 18:50:53 2009] [13862:50960] [info] ajp_send_request::jk_ajp_common.c (1241): (worker2) all endpoints are disconnected [Thu Jul 09 18:50:53 2009] [13796:50960] [info] ajp_connect_to_endpoint::jk_ajp_common.c (876): Failed opening socket to (130.11.1.165:8009) (errno=111) [Thu Jul 09 18:50:53 2009] [13842:50960] [info] ajp_connect_to_endpoint::jk_ajp_common.c (876): Failed opening socket to (130.11.1.165:8009) (errno=111) [Thu Jul 09 18:50:53 2009] [13807:50960] [info] service::jk_lb_worker.c (1098): service failed, worker worker1 is in error state [Thu Jul 09 18:50:53 2009] [14122:50960] [info] service::jk_lb_worker.c (1160): All tomcat instances are busy or in error state [Thu Jul 09 18:50:53 2009] [14032:50960] [info] service::jk_lb_worker.c (1160): All tomcat instances are busy or in error state [Thu Jul 09 18:50:53 2009] [13500:50960] [info] ajp_connect_to_endpoint::jk_ajp_common.c (876): Failed opening socket to (130.11.1.165:8009) (errno=111) [Thu Jul 09 18:50:53 2009] [13922:50960] [info] ajp_connect_to_endpoint::jk_ajp_common.c (876): Failed opening socket to (130.11.1.165:8009) (errno=111) [Thu Jul 09 18:50:53 2009] [13828:50960] [info] jk_handler::mod_jk.c (2254): Service error=0 for worker=loadbalancer [Thu Jul 09 18:50:53 2009] [13908:50960] [info] ajp_connect_to_endpoint::jk_ajp_common.c (876): Failed opening socket to (130.11.1.165:8009) (errno=111) [Thu Jul 09 18:50:53 2009] [13952:50960] [info] ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to the backend server (errno=111) [Thu Jul 09 18:50:53 2009] [14033:50960] [info] ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to the backend server (errno=111) [Thu Jul 09 18:50:53 2009] [13728:50960] [info] ajp_connect_to_endpoint::jk_ajp_common.c (876): Failed opening socket to (130.11.1.165:8009) (errno=111) [Thu Jul 09 18:50:53 2009] [14098:50960] [info] service::jk_lb_worker.c (1160): All tomcat instances are busy or in error state [Thu Jul 09 18:50:53 2009] [14082:50960] [info] service::jk_lb_worker.c (1098): service failed, worker worker1 is in error state [Thu Jul 09 18:50:53 2009] [14067:50960] [info] ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to the backend server (errno=111) [Thu Jul 09 18:50:53 2009] [14069:50960] [info] ajp_service::jk_ajp_common.c (1941): (worker1) sending request to tomcat failed, recoverable operation attempt=2 [Thu Jul 09 18:50:53 2009] [13973:50960] [info] ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to the backend server (errno=111) [Thu Jul 09 18:50:53 2009] [13902:50960] [info] ajp_send_request::jk_ajp_common.c (1241): (worker2) all endpoints are disconnected [Thu Jul 09 18:50:53 2009] [14050:50960] [info] ajp_service::jk_ajp_common.c (1941): (worker1) sending request to tomcat failed, recoverable operation attempt=2 [Thu Jul 09 18:50:53 2009] [13943:50960] [info] ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to the backend server (errno=111) [Thu Jul 09 18:50:53 2009] [13909:50960] [error] ajp_service::jk_ajp_common.c (1953): (worker1) Connecting to tomcat failed. Tomcat is probably not started or is listening on the wrong port [Thu Jul 09 18:50:53 2009] [14244:50960] [info] ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to the backend server (errno=111) [Thu Jul 09 18:50:53 2009] [14171:50960] [info] ajp_service::jk_ajp_common.c (1941): (worker1) sending request to tomcat failed, recoverable operation attempt=2 [Thu Jul 09 18:50:53 2009] [14114:50960] [info] ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to the backend server (errno=111) [Thu Jul 09 18:50:53 2009] [13849:50960] [info] ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to the backend server (errno=111) [Thu Jul 09 18:50:53 2009] [13970:50960] [info] ajp_send_request::jk_ajp_common.c (1241): (worker2) all endpoints are disconnected [Thu Jul 09 18:50:53 2009] [14168:50960] [info] ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to the backend server (errno=111) [Thu Jul 09 18:50:53 2009] [14014:50960] [info] ajp_send_request::jk_ajp_common.c (1273): (worker1) error connecting to the backend
Re: request thread hanging
On 13.07.2009 02:28, Will Glass-Husain wrote: Thanks Christopher, I'll upgrade to the latest mod_jk and look at the timeout params. We'll see if that helps. Since you can easily reproduce, it would be a interesting and easy test, to deactivate the tcnative/APR connector and recheck, whether the problem is still there. Then we would at least have an indication where to look for the root cause. There were some fixes between tcnative 1.1.14 and the most recent 1.1.16, but I'm not sure, whether something related was in the list. Regards, Rainer On Fri, Jul 10, 2009 at 6:05 PM, Christopher Schultzch...@christopherschultz.net wrote: Will, On 7/6/2009 4:15 PM, Will Glass-Husain wrote: Interestingly - I can easily reproduce this by repeatedly refreshing the page when going through httpd When I go direct to Tomcat via http, it works fine. Maybe it's something about httpd or mod_jk then? Perhaps. It's been a few days... let's see if Mladen or Rainer are still reading this thread: they may have some thoughts. My mod_jk experience is limited to a small-load website that has never really had any problems. Higher-throughput sites may require some tuning. I would recommend (re-)reading the mod_jk documentation for all the settings. Make sure everything matches properly (timeouts relative to both mod_jk /and/ your Tomcat connector). -chris - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Blocked threads in Tomcat web app
Hello all, I have a problem with a web application using Tomcat 5.5.27 under Fedora Linux and database Firebird 2.1. The application runs fine for a day or so, then I begin getting blocked threads. Eventually, the heap space runs out and the application grinds to a halt. I realise this may be very difficult to diagnose, but if someone could give me some pointers as to how to go about getting to the bottom of this I would be very grateful. At the moment I have 5 blocked threads which are : TP-Processor16 daemon prio=1 tid=0x09d08310 nid=0x6fc7 waiting for monitor entry [0x61b25000..0x61b25fb0] at org.firebirdsql.gds.impl.wire.AbstractJavaGDSImpl.iscDsqlAllocateStatement(AbstractJavaGDSImpl.java:1047) - waiting to lock 0x73a71dd0 (a org.firebirdsql.gds.impl.wire.isc_db_handle_impl) at org.firebirdsql.gds.impl.GDSHelper.allocateStatement(GDSHelper.java:119) at org.firebirdsql.jdbc.AbstractStatement.prepareFixedStatement(AbstractStatement.java:1112) at org.firebirdsql.jdbc.AbstractPreparedStatement.prepareFixedStatement(AbstractPreparedStatement.java:1176) at org.firebirdsql.jdbc.AbstractPreparedStatement.init(AbstractPreparedStatement.java:124) at org.firebirdsql.jdbc.FBPreparedStatement.init(FBPreparedStatement.java:41) at sun.reflect.GeneratedConstructorAccessor13.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:494) at org.firebirdsql.jdbc.FBStatementFactory.createPreparedStatement(FBStatementFactory.java:90) at org.firebirdsql.jdbc.AbstractConnection.prepareStatement(AbstractConnection.java:869) - locked 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection) at org.firebirdsql.jdbc.AbstractConnection.prepareStatement(AbstractConnection.java:824) - locked 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection) at org.firebirdsql.jdbc.AbstractConnection.prepareStatement(AbstractConnection.java:817) - locked 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection) at org.firebirdsql.jdbc.AbstractConnection.prepareStatement(AbstractConnection.java:293) - locked 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection) at fr.microtec.db.Query.prepare(Query.java:119) at fr.microtec.artemis.controller.managers.CommandesManager.droitsAcces(CommandesManager.java:3837) at fr.microtec.artemis.controller.servlets.secure.ConsultCmd.detailCommande(ConsultCmd.java:188) at fr.microtec.artemis.controller.servlets.secure.ConsultCmd.doProcessRequest2(ConsultCmd.java:78) at fr.microtec.artemis.controller.servlets.secure.FilterServlet.doProcessRequest(FilterServlet.java:92) at fr.microtec.artemis.controller.servlets.secure.SecureServlet.verifSessionOuverte(SecureServlet.java:78) at fr.microtec.artemis.controller.servlets.secure.SecureServlet.processRequest(SecureServlet.java:46) at fr.microtec.artemis.controller.servlets.secure.SecureServlet.doGet(SecureServlet.java:118) at javax.servlet.http.HttpServlet.service(HttpServlet.java:627) at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) at org.extremecomponents.table.filter.AbstractExportFilter.doFilter(AbstractExportFilter.java:49) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.jstripe.tomcat.probe.Tomcat55AgentValve.invoke(Tomcat55AgentValve.java:20) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174) at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200) at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283) at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773) at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703) at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:895) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689) at
Re: IIS ISAPI redirector help! Attempting to map URI always fail with invalid argument.
On 11.07.2009 00:41, Dan Ganny wrote: I am really desperate to need some help with a weird customer issue. The IIS ISAPI redirector log excerpt is posted below. The URI printed out in the log is '/24.220.76.4http://24.220.76.4/CCPROChat/CPChatRequest.jsp'. This is obviously invalid, I know it should be '/24.220.76.4/CCPROChat/CPChatRequest.jsp'. I am just confused with how this http://24.220.76.4; is inserted in between. I guess that it is related to the proxy server Squid that customer uses. But I am not that confident to tell customer in case i am wrong. Does anybody have seen this problem before? No I haven't. If you can easily reproduce I would use a network sniffer, like wireshark, to dump the communication and check, that the wrong URL is included in the request packet. If so, you need to check the technical component, that sends the request. Regards, Rainer Thanks, Dan Jul 10 15:05:15 2009] [jk_isapi_plugin.c (705)]: In HttpFilterProc Virtual Host redirection of /24.220.76.4http://24.220.76.4/CCPROChat/CPChatRequest.jsp [Fri Jul 10 15:05:15 2009] [jk_uri_worker_map.c (447)]: Into jk_uri_worker_map_t::map_uri_to_worker [Fri Jul 10 15:05:15 2009] [jk_uri_worker_map.c (464)]: Attempting to map URI '/24.220.76.4http://24.220.76.4/CCPROChat/CPChatRequest.jsp' [Fri Jul 10 15:05:15 2009] [jk_uri_worker_map.c (570)]: jk_uri_worker_map_t::map_uri_to_worker, done without a match [Fri Jul 10 15:05:15 2009] [jk_isapi_plugin.c (711)]: In HttpFilterProc test Default redirection of _http://24.220.76.4/CCPROChat/CPChatRequest.jsp [Fri Jul 10 15:05:15 2009] [jk_uri_worker_map.c (447)]: Into jk_uri_worker_map_t::map_uri_to_worker [Fri Jul 10 15:05:15 2009] [jk_uri_worker_map.c (566)]: In jk_uri_worker_map_t::map_uri_to_worker, wrong parameters [Fri Jul 10 15:05:15 2009] [jk_uri_worker_map.c (570)]: jk_uri_worker_map_t::map_uri_to_worker, done without a match - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Any way that scheme and/or proxyPort attributes in server.xml can add significantly to processing time?
On 13.07.2009 06:51, Shaun Qualheim wrote: All -- Is there any way that scheme and/or proxyPort attributes in server.xml can add significantly to processing time? We're noticing that 2 identical servers, 1 that is straight http, and 1 that is behind an ssl offloader with scheme=https and proxyPort=443 attributes on the connector's element have significant lag compared to one another on high load. What do you mean by significant? How many percent, how much in absolute terms? Does it happen for all kind of requests? Is it just an observation rom using a browser, or did you actually measure something? Activate the Tomcat access log and add %D (duration in milliseconds) to the pattern. Then check, whether Tomcat's idea of response time matches your observation. If not, then the additional lag might happen during processing in front of Tomcat. Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Blocked threads in Tomcat web app
On 13.07.2009 10:12, Raphael Neve wrote: Hello all, I have a problem with a web application using Tomcat 5.5.27 under Fedora Linux and database Firebird 2.1. The application runs fine for a day or so, then I begin getting blocked threads. Eventually, the heap space runs out and the application grinds to a halt. I realise this may be very difficult to diagnose, but if someone could give me some pointers as to how to go about getting to the bottom of this I would be very grateful. At the moment I have 5 blocked threads which are : TP-Processor16 daemon prio=1 tid=0x09d08310 nid=0x6fc7 waiting for monitor entry [0x61b25000..0x61b25fb0] at org.firebirdsql.gds.impl.wire.AbstractJavaGDSImpl.iscDsqlAllocateStatement(AbstractJavaGDSImpl.java:1047) - waiting to lock 0x73a71dd0 (a org.firebirdsql.gds.impl.wire.isc_db_handle_impl) at org.firebirdsql.gds.impl.GDSHelper.allocateStatement(GDSHelper.java:119) at org.firebirdsql.jdbc.AbstractStatement.prepareFixedStatement(AbstractStatement.java:1112) at org.firebirdsql.jdbc.AbstractPreparedStatement.prepareFixedStatement(AbstractPreparedStatement.java:1176) at org.firebirdsql.jdbc.AbstractPreparedStatement.init(AbstractPreparedStatement.java:124) at org.firebirdsql.jdbc.FBPreparedStatement.init(FBPreparedStatement.java:41) at sun.reflect.GeneratedConstructorAccessor13.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:494) at org.firebirdsql.jdbc.FBStatementFactory.createPreparedStatement(FBStatementFactory.java:90) at org.firebirdsql.jdbc.AbstractConnection.prepareStatement(AbstractConnection.java:869) - locked 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection) at org.firebirdsql.jdbc.AbstractConnection.prepareStatement(AbstractConnection.java:824) - locked 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection) at org.firebirdsql.jdbc.AbstractConnection.prepareStatement(AbstractConnection.java:817) - locked 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection) at org.firebirdsql.jdbc.AbstractConnection.prepareStatement(AbstractConnection.java:293) - locked 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection) at fr.microtec.db.Query.prepare(Query.java:119) at fr.microtec.artemis.controller.managers.CommandesManager.droitsAcces(CommandesManager.java:3837) at fr.microtec.artemis.controller.servlets.secure.ConsultCmd.detailCommande(ConsultCmd.java:188) at fr.microtec.artemis.controller.servlets.secure.ConsultCmd.doProcessRequest2(ConsultCmd.java:78) at fr.microtec.artemis.controller.servlets.secure.FilterServlet.doProcessRequest(FilterServlet.java:92) at fr.microtec.artemis.controller.servlets.secure.SecureServlet.verifSessionOuverte(SecureServlet.java:78) at fr.microtec.artemis.controller.servlets.secure.SecureServlet.processRequest(SecureServlet.java:46) at fr.microtec.artemis.controller.servlets.secure.SecureServlet.doGet(SecureServlet.java:118) at javax.servlet.http.HttpServlet.service(HttpServlet.java:627) at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) at org.extremecomponents.table.filter.AbstractExportFilter.doFilter(AbstractExportFilter.java:49) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.jstripe.tomcat.probe.Tomcat55AgentValve.invoke(Tomcat55AgentValve.java:20) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174) at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200) at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283) at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773) at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703) at
Re: Blocked threads in Tomcat web app
Rainer Jung-3 wrote: TP-Processor16 owns lock at 0x73a71c40 and thus blocks TP12, TP5 and TP1. TP16 and TP2 both wait for lock 0x73a71dd0. The thread holding this lock is not in your dump. Since the lock is of type org.firebirdsql.gds.impl.wire.isc_db_handle_impl, it seems either yet another thread uses that lock (in which case it could be either simple lock contention, or if that thread wait e.g. on 0x73a71c40 it would be a deadlock), or the thread that originally hold the lock didn't free it due to a code bug. Check your thread dump for 0x73a71c40. Also check the firebird bug database and version of your firebird JDBC driver. Dear Rainer, Thanks for your help. I am sending the complete thread dump just in case. I looked for the 0x73a71c40 you mentionned and only found the following thread that mentionned it : ContainerBackgroundProcessor[StandardEngine[PSA]] daemon prio=1 tid=0x6a1262a8 nid=0x6f75 waiting for monitor entry [0x6977d000..0x6977deb0] at org.firebirdsql.jdbc.AbstractConnection.commit(AbstractConnection.java:435) - waiting to lock 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection) at fr.microtec.db.Connection.commit(Connection.java:201) at fr.microtec.artemis.model.web.ArtemisParams.closeConnection(ArtemisParams.java:63) at fr.microtec.artemis.model.web.ArtemisUserList.removeUser(ArtemisUserList.java:55) at fr.microtec.artemis.controller.servlets.ArtemisSessionListener.sessionDestroyed(ArtemisSessionListener.java:58) at org.apache.catalina.session.StandardSession.expire(StandardSession.java:697) - locked 0x73a8f990 (a org.apache.catalina.session.StandardSession) at org.apache.catalina.session.StandardSession.isValid(StandardSession.java:581) at org.apache.catalina.session.PersistentManagerBase.processExpires(PersistentManagerBase.java:546) at org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:664) at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1285) at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1570) at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1579) at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1579) at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1559) at java.lang.Thread.run(Thread.java:595) If I'm interpreting this correctly, we can see that the container is waiting to lock the connection 0x73a71c40 because it's trying to commit() at the time when the user session times out. But it's getting stuck because TP-16 is already locking that connection. If I look at TP16 I can see that it is waiting on 0x73a71dd0 which is locked by the FINALIZER. Finalizer daemon prio=1 tid=0x09a61f68 nid=0x6f3e runnable [0x6cc7d000..0x6cc7df30] at java.net.SocketInputStream.socketRead0(Native Method) at java.net.SocketInputStream.read(SocketInputStream.java:129) at org.firebirdsql.gds.impl.wire.XdrInputStream.read(XdrInputStream.java:253) at org.firebirdsql.gds.impl.wire.XdrInputStream.readInt(XdrInputStream.java:187) at org.firebirdsql.gds.impl.wire.AbstractJavaGDSImpl.nextOperation(AbstractJavaGDSImpl.java:2144) at org.firebirdsql.gds.impl.wire.AbstractJavaGDSImpl.receiveResponse(AbstractJavaGDSImpl.java:2098) at org.firebirdsql.gds.impl.wire.AbstractJavaGDSImpl.iscDsqlFreeStatement(AbstractJavaGDSImpl.java:1435) - locked 0x73a71dd0 (a org.firebirdsql.gds.impl.wire.isc_db_handle_impl) at org.firebirdsql.gds.impl.GDSHelper.closeStatement(GDSHelper.java:316) at org.firebirdsql.jdbc.FBStatementFetcher.close(FBStatementFetcher.java:223) at org.firebirdsql.jdbc.AbstractResultSet.close(AbstractResultSet.java:291) at org.firebirdsql.jdbc.AbstractResultSet.close(AbstractResultSet.java:276) at fr.microtec.db.Query.closeResultSet(Query.java:81) at fr.microtec.db.Query.cleanup(Query.java:68) at fr.microtec.db.Query.finalize(Query.java:424) at java.lang.ref.Finalizer.invokeFinalizeMethod(Native Method) at java.lang.ref.Finalizer.runFinalizer(Finalizer.java:83) at java.lang.ref.Finalizer.access$100(Finalizer.java:14) at java.lang.ref.Finalizer$FinalizerThread.run(Finalizer.java:160) This must explain why my heap eventually runs out, because objects aren't getting destroyed, is that right ? The next question of course is : what is making the finalizer keep that lock ? Thanks for your insight, Raphael http://www.nabble.com/file/p24458247/thread%2Bdump.txt thread+dump.txt -- View this message in context: http://www.nabble.com/Blocked-threads-in-Tomcat-web-app-tp24457682p24458247.html Sent from the Tomcat - User mailing list
Re: Blocked threads in Tomcat web app
On 13.07.2009 11:05, Raphael Neve wrote: Rainer Jung-3 wrote: TP-Processor16 owns lock at 0x73a71c40 and thus blocks TP12, TP5 and TP1. TP16 and TP2 both wait for lock 0x73a71dd0. The thread holding this lock is not in your dump. Since the lock is of type org.firebirdsql.gds.impl.wire.isc_db_handle_impl, it seems either yet another thread uses that lock (in which case it could be either simple lock contention, or if that thread wait e.g. on 0x73a71c40 it would be a deadlock), or the thread that originally hold the lock didn't free it due to a code bug. Check your thread dump for 0x73a71c40. Also check the firebird bug database and version of your firebird JDBC driver. Dear Rainer, Thanks for your help. I am sending the complete thread dump just in case. I looked for the 0x73a71c40 you mentionned and only found the following thread that mentionned it : ContainerBackgroundProcessor[StandardEngine[PSA]] daemon prio=1 tid=0x6a1262a8 nid=0x6f75 waiting for monitor entry [0x6977d000..0x6977deb0] at org.firebirdsql.jdbc.AbstractConnection.commit(AbstractConnection.java:435) - waiting to lock 0x73a71c40 (a org.firebirdsql.jdbc.FBConnection) at fr.microtec.db.Connection.commit(Connection.java:201) at fr.microtec.artemis.model.web.ArtemisParams.closeConnection(ArtemisParams.java:63) at fr.microtec.artemis.model.web.ArtemisUserList.removeUser(ArtemisUserList.java:55) at fr.microtec.artemis.controller.servlets.ArtemisSessionListener.sessionDestroyed(ArtemisSessionListener.java:58) at org.apache.catalina.session.StandardSession.expire(StandardSession.java:697) - locked 0x73a8f990 (a org.apache.catalina.session.StandardSession) at org.apache.catalina.session.StandardSession.isValid(StandardSession.java:581) at org.apache.catalina.session.PersistentManagerBase.processExpires(PersistentManagerBase.java:546) at org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:664) at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1285) at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1570) at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1579) at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1579) at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1559) at java.lang.Thread.run(Thread.java:595) If I'm interpreting this correctly, we can see that the container is waiting to lock the connection 0x73a71c40 because it's trying to commit() at the time when the user session times out. But it's getting stuck because TP-16 is already locking that connection. If I look at TP16 I can see that it is waiting on 0x73a71dd0 which is locked by the FINALIZER. Finalizer daemon prio=1 tid=0x09a61f68 nid=0x6f3e runnable [0x6cc7d000..0x6cc7df30] at java.net.SocketInputStream.socketRead0(Native Method) at java.net.SocketInputStream.read(SocketInputStream.java:129) at org.firebirdsql.gds.impl.wire.XdrInputStream.read(XdrInputStream.java:253) at org.firebirdsql.gds.impl.wire.XdrInputStream.readInt(XdrInputStream.java:187) at org.firebirdsql.gds.impl.wire.AbstractJavaGDSImpl.nextOperation(AbstractJavaGDSImpl.java:2144) at org.firebirdsql.gds.impl.wire.AbstractJavaGDSImpl.receiveResponse(AbstractJavaGDSImpl.java:2098) at org.firebirdsql.gds.impl.wire.AbstractJavaGDSImpl.iscDsqlFreeStatement(AbstractJavaGDSImpl.java:1435) - locked 0x73a71dd0 (a org.firebirdsql.gds.impl.wire.isc_db_handle_impl) at org.firebirdsql.gds.impl.GDSHelper.closeStatement(GDSHelper.java:316) at org.firebirdsql.jdbc.FBStatementFetcher.close(FBStatementFetcher.java:223) at org.firebirdsql.jdbc.AbstractResultSet.close(AbstractResultSet.java:291) at org.firebirdsql.jdbc.AbstractResultSet.close(AbstractResultSet.java:276) at fr.microtec.db.Query.closeResultSet(Query.java:81) at fr.microtec.db.Query.cleanup(Query.java:68) at fr.microtec.db.Query.finalize(Query.java:424) at java.lang.ref.Finalizer.invokeFinalizeMethod(Native Method) at java.lang.ref.Finalizer.runFinalizer(Finalizer.java:83) at java.lang.ref.Finalizer.access$100(Finalizer.java:14) at java.lang.ref.Finalizer$FinalizerThread.run(Finalizer.java:160) This must explain why my heap eventually runs out, because objects aren't getting destroyed, is that right ? The next question of course is : what is making the finalizer keep that lock ? Yup, and the code run by the finalizer makes a network call (likely to the database), which seems to be a very bad pattern. Finalizers are not a great idea by themselves, but one needs to keep them as simple as possible.
Re: Blocked threads in Tomcat web app
Rainer Jung-3 wrote: [...] Yup, and the code run by the finalizer makes a network call (likely to the database), which seems to be a very bad pattern. Finalizers are not a great idea by themselves, but one needs to keep them as simple as possible. Doing network communication in a finalizer doesn't sound right. Looks like you should check the firebird bug database and/or open an issue there. Well, I must plead guilty, I am the author of the fr.microtec.db.* packages which are basically wrappers around JDBC concepts to make things a bit easier (a Query object that handles macros, etc.). I ran into trouble once with some database resources that weren't getting released (java.sql.PreparedStatement and java.sql.ResultSet) so I made sure that my code always had a finally block in it to close() the statements and resultset, and as an added caution, I made a call to a cleanup method in the finalizer of my Query object that released those resources in case they hadn't been released. I figured this was a good idea in case I ever forgot to free the resources in my code, then when the garbage collector came around he would trigger the release of the resources. Is that wrong ? I suppose I should not rely on the finalizer for this task ? But then what is the best way to handle this ? How can I put in place a mecanism to securize my application in this area ? Thanks for you insights, Raphael -- View this message in context: http://www.nabble.com/Blocked-threads-in-Tomcat-web-app-tp24457682p24458570.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Blocked threads in Tomcat web app
On 13.07.2009 11:31, Raphael Neve wrote: Rainer Jung-3 wrote: [...] Yup, and the code run by the finalizer makes a network call (likely to the database), which seems to be a very bad pattern. Finalizers are not a great idea by themselves, but one needs to keep them as simple as possible. Doing network communication in a finalizer doesn't sound right. Looks like you should check the firebird bug database and/or open an issue there. Well, I must plead guilty, I am the author of the fr.microtec.db.* packages which are basically wrappers around JDBC concepts to make things a bit easier (a Query object that handles macros, etc.). I ran into trouble once with some database resources that weren't getting released (java.sql.PreparedStatement and java.sql.ResultSet) so I made sure that my code always had a finally block in it to close() the statements and resultset, and as an added caution, I made a call to a cleanup method in the finalizer of my Query object that released those resources in case they hadn't been released. I figured this was a good idea in case I ever forgot to free the resources in my code, then when the garbage collector came around he would trigger the release of the resources. Is that wrong ? I suppose I should not rely on the finalizer for this task ? But then what is the best way to handle this ? How can I put in place a mecanism to securize my application in this area ? Thanks for you insights, Raphael You might want to look at Bloch's book Effective Java, which has a section called Avoid finalizers. The page http://java.sun.com/developer/technicalArticles/javase/finalization/ also has some introductory material. The dbcp pool for instance has a mechanism which checks for non-closed connections (abanoned connections) and forcibly closes them. The way it tracks them, is taking a timstamp when they got returned by the pool to the app and simply checking, whether a connection stays outside of the pool for to long. In some cases this is adequate. Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
How to use the error page config of Apache in tomcat?
Hi, Apache has an internationalized error page system configured on errors.conf. I use apache and tomcat on the same machine, so I would like that tomcat use the same error page config. Any ideas? Thanks, Andre -- View this message in context: http://www.nabble.com/How-to-use-the-error-page-config-of-Apache-in-tomcat--tp24460442p24460442.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
ValveContext Replacement in Tomcat 6.0
Hello, I'm trying to upgrade from Tomcat 5.0 to Tomcat 6.0. The Problem I'm facing is that my application uses an interface ValveContext which is missing in Tomcat 6.0. Any idea how can I get this functionality (provided by ValveContext) in Tomcat 6.0. The invokeNext(request, response) method of ValveContext interface is used to invoke next valve in the pipeline. Regards, Dhaval /PREp style=font-family:arial;color:grey style=font-size:13pxThis message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message./pPRE
Re: How to use the error page config of Apache in tomcat?
On 13.07.2009 13:59, acastanheira2001 wrote: Hi, Apache has an internationalized error page system configured on errors.conf. I use apache and tomcat on the same machine, so I would like that tomcat use the same error page config. Any ideas? Thanks, Andre Likely not exactly what you are looking for, but mod_jk 1.2.28 allows you to let Apache hhtpd send the error page, so whenever an error status is returned, the user will get the error page from Apache instead of Tomcat. Look for use_server_errors on the page http://tomcat.apache.org/connectors-doc/reference/uriworkermap.html Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Manipulate other session
Hello, is it possible to open a different HttpSession than my own (if it's session-id is known), and set an attribute in that session? Best regards, Yves - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Manipulate other session
Yves Glodt wrote: is it possible to open a different HttpSession than my own (if it's session-id is known), and set an attribute in that session? You can perform HTTP request with session cookie explicity set. -- Mikolaj Rydzewski m...@ceti.pl - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Manipulate other session
Thanks for telling. I found another way (deprecated) in the mean time: http://javasolution.blogspot.com/2007/08/getting-session-object-using-session-id.html 2009/7/13 Mikolaj Rydzewski m...@ceti.pl: Yves Glodt wrote: is it possible to open a different HttpSession than my own (if it's session-id is known), and set an attribute in that session? You can perform HTTP request with session cookie explicity set. -- Mikolaj Rydzewski m...@ceti.pl - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Jakarta Connector 1.2.28 with Windows Server 2008 64bit, IIS 7.0 and Tomcat 6.0.18
Hello, I am trying to configure IIS 7.0 and Tomcat 6.0.18 with the JK 1.2.28 Connector. OS is Windows Server 2008 64bit. I have followed the tutorial from http://www.iisadmin.co.uk/?p=72 but all i get is a 404 error. It seems that the isapi_redirector.dll is not loaded. Let me explain what I have done to this point ... I have installed Tomcat under C:\Tomcat\, replaced the Tomcat executables with the amd 64bit versions from the repository and added a ISAPI directory. Then I copied the isapi_redirect.dll (the amd64 bit version) into it and created a properties file as described in http://tomcat.apache.org/connectors-doc/reference/iis.html. The workers.properties and uriworkermap.properties were updated accordingly. Afterwards I added a virtual directory in the IIS with the name jakarta pointing to the ISAPI folder. The directory structure is like this: C:\ -Tomcat\ --ISAPI\ --webapps\ ---test-webapp\ I can access my sample web application via tomcat, but if I try to access it via the IIS I receive a 404 Error. If I access the webapp via http://localhost/test-webapp I get the message that the physical path is supposed to be C:\inteput\wwwroot\test-webapp. If I add the virtual folter to the path (http://localhost/jakarta/test-webapp) I get the message that the physical path is supposed to be C:\Tomcat\ISAPI\test-webapp. The log as described in the isapi_redirector.properties file has not been created and when I execute the command tasklist /m is* no result is found, which indicates that the dll was not loaded. I have googled for a solution for this problem but found nothing valid yet .. Help is appreciated Thanks, Simon. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Blocked threads in Tomcat web app
Rainer Jung-3 wrote: You might want to look at Bloch's book Effective Java, which has a section called Avoid finalizers. The page http://java.sun.com/developer/technicalArticles/javase/finalization/ also has some introductory material. The dbcp pool for instance has a mechanism which checks for non-closed connections (abanoned connections) and forcibly closes them. The way it tracks them, is taking a timstamp when they got returned by the pool to the app and simply checking, whether a connection stays outside of the pool for to long. In some cases this is adequate. Thanks a lot for your help, I'm going to read up about that ! Raphael -- View this message in context: http://www.nabble.com/Blocked-threads-in-Tomcat-web-app-tp24457682p24461413.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: RES: Problems downloading files. How to identify the CANCEL b utto n?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Siomara, On 7/11/2009 10:31 PM, siom...@portosdobrasil.gov.br wrote: Filef= new File(filename); response.setContentType( (mimetype != null) ? mimetype : application/octet-stream ); If the content type is text/[anything], then you should also be setting the response encoding along with the content type like this: if(mimetype.startsWith(text/)) { response.setCharacterEncoding(encoding); // whatever you want response.setContentType(mimetype + ; encoding= + encoding); } response.setContentLength( (int)f.length() ); This is an error. You want: response.setHeader(Content-Length, String.valueOf(f.length()); This will allow files larger than 4GB to have a correct content length. byte[] bbuf = new byte[filename.length()]; As Pid suggested, creating a buffer based upon the file name length is not particularly useful. Might I suggest a fixed buffer of a few kbytes? Something like byte[] bbuf = new byte[8192]; DataInputStream in = new DataInputStream(new FileInputStream(f)); Again, DataInputStream is inappropriate, but you aren't using any DataInputStream-specific methods, so it doesn't matter. It does indicate that you are not choosing appropriate API classes for your purposes, though. while ((in != null) ((length = in.read(bbuf)) != -1)) { op.write(bbuf,0,length); } I'm not sure the null-check is necessary for the 'in' variable, but otherwise this is fine. Explicitly calling in.read(bbuf, 0, 8192) would give you a (probably neglegible) performance improvement by avoiding another method call. // The lines bellow will retrieve information from request and // register them into the database (interested user ID/file ID/ and // licitation ID). The problem, as I said, is that by the time the // download manager window (that this code displays) shows up the // entire code has been already executed. int interessadoID = Integer.parseInt(request.getParameter(int)); int arquivoID = Integer.parseInt(request.getParameter(arq)); int licitacaoID = Integer.parseInt(request.getParameter(lic)); I would parse these values /before/ doing anything else. If an error occurs, here, then the user can get their files without leaving a trace. /** * Handles the HTTP POST method. * @param request servlet request * @param response servlet response */ protected void doPost(HttpServletRequest request, HttpServletResponse response) Is it appropriate for a POST to result in a large file download? I suppose only you can make this decision. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbNjEACgkQ9CaO5/Lv0PATyACfRALTtxgNHVSknE+QkAfGcJCt EfQAn31ls4vGLT8U7WqgoA8YQg+vRRqP =Bq/8 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: ValveContext Replacement in Tomcat 6.0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Shah, On 7/13/2009 8:13 AM, Shah, Dhaval wrote: I'm trying to upgrade from Tomcat 5.0 to Tomcat 6.0. The Problem I'm facing is that my application uses an interface ValveContext which is missing in Tomcat 6.0. Any idea how can I get this functionality (provided by ValveContext) in Tomcat 6.0. The invokeNext(request, response) method of ValveContext interface is used to invoke next valve in the pipeline. It looks like that interface has simply been removed in favor of: this.getNext().invoke(request, response) Is that what you're looking for? The API docs seem to be out of date, as they still tell you to call context.invokeNext. I have logged a bug against the TC documentation which you can find here: https://issues.apache.org/bugzilla/show_bug.cgi?id=47518 - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbOYQACgkQ9CaO5/Lv0PDG/QCgsNAFubsQm47jDy8AfTnFF4TH AWQAnRfekw4N2RWWDGqYvMiLeITAJ7nn =yFwF -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Strange delays after about 800 users on a server -- tomcat 4.1.27, apache 2.0.54, LB/SSL on a Cisco ACE
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Shaun, On 7/13/2009 1:06 AM, Shaun Qualheim wrote: Basically. We could clear things up a little bit though, just going to https:// right away: client -- https:443 -- lb -- http:81 -- apache -- mod_jk -- 1 of 3 tomcats. Yeah, this makes more sense to me. I was just wondering why you'd want to accept HTTP traffic and then proxy it through HTTPS, rather than just doing a redirect and making the client connect securely in the first place. Also, why have httpd forward all traffic to a load-balancer instead of just doing the load-balancing itself? How do you mean? (Sorry, I can think of a few things that you might mean here, but I don't want to assume.) I mean, why not just do this: client -- https:443 - lb - Tomcats 1-3 What do your elements look like in Tomcat's server.xml? Here's an example of the connector. I can provide more if it would help? Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=7019 minProcessors=256 maxProcessors=1024 enableLookups=false redirectPort=7443 acceptCount=10 debug=0 connectionTimeout=12 useURIValidationHack=false scheme=https proxyPort=443 protocolHandlerClassName=org.apache.jk.server.JkCoyoteHandler/ This port number says 7019, so it's either not the Connector you are actually using, or your setup is not how you've described it. Other than the port number, this looks fine. A few comments, though: 1. This is supposed to act like an HTTP port, so redirectPort is not useful. 2. acceptCount=10 is a little low when you're expecting to serve a maximum of 1024 simultaneous connections. Connection #1035 will be rejected by the TCP stack. Maybe this is what you want, but I would probably have a larger accept queue. 3. Your connectionTimeout is 2 minutes. That means that the server will wait up to 2 minutes for the client to make a request on a connection. That's a /loong/ time. You might want to consider reducing this if you expect high traffic. So, does it look like you are hitting a wall (like there aren't enough connections allowed) or does the application/server start to experience an actual slowdown (like high CPU load, lots of paging, etc.)? If I had to guess, I'd say the former. When we're monitoring system resources using nmon during the load tests, everything else seems fine. I suspect you aren't looking at the right set of Connector elements in server.xml. You probably just have the request processors incorrectly allocated for the load you are expecting. Since everything works fine going directly to Tomcat (using HTTP, which appears to be the Connector you're showing above), I think you're not looking at the AJP connector (used to connect httpd - Tomcat) which needs to be configured separately. Check the maxProcessors attribute of the /other/ Connector(s) defined in server.xml to see if they have appropriate values. Feel free to post /all/ your Connector elements to the list if you need a bit of help. Also, remove anything from server.xml that you don't need: it'll simplify your life, and the lives of your administrators. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbPMwACgkQ9CaO5/Lv0PDGfQCeIj4NU2Aqqxfia353Ht4/Rs+w Y80AniBoUzrq+BngJpVMvjDfKXrv5AOS =fPqU -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] java.security.NoSuchAlgorithmException: No implementation for AES/CBC/NoPad
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 To whom it may concern, (Marked as OT since this is a JVM issue, not a Tomcat issue). On 7/9/2009 11:01 AM, nitingautam wrote: In my web application i am using ldap authentication. I am using tomcat 5.5 with jdk 1.4. From some days when I try to login it throw the following error and rest of the time it works fine. What can be the issue... [snip] Caused by: java.security.NoSuchAlgorithmException: No implementation for AES/CBC/NoPadding found at com.sun.net.ssl.internal.ssl.SunJSSE_i.d(Unknown Source) at com.sun.net.ssl.internal.ssl.SunJSSE_i.a(Unknown Source) Looks like your JVM doesn't have this cipher, which is weird if it only happens some times. What is your exact JVM version? You might want to upgrade, as things like this tend to get fixed. 1.4 is nearly dead. Try running this code: String providerName = null; Provider providers[]; if(null != args 0 args.length) { providers = new Provider[args.length]; for(int i = 0; i args.length; i++) providers[i] = Security.getProvider(args[i]); } else { providers = Security.getProviders(); } for(int i = 0; i providers.length; i++) { Provider p = providers[i]; System.out.println(Provider: + p); System.out.println(===); System.out.println(provider properties:); ArrayList keys = new ArrayList(p.keySet()); Collections.sort(keys); String key; for(Iterator j = keys.iterator(); j.hasNext(); System.out.println(key + = + p.get(key))) key = (String)j.next(); System.out.println(---); } This will tell you all the crypto providers, ciphers, etc. that are supported by your JVM. I ran this against my own JVM: $ java -version java version 1.6.0_13 Java(TM) SE Runtime Environment (build 1.6.0_13-b03) Java HotSpot(TM) Client VM (build 11.3-b02, mixed mode, sharing) $ java GetProviderInfo | grep AES Alg.Alias.AlgorithmParameters.Rijndael=AES Alg.Alias.Cipher.Rijndael=AES Alg.Alias.KeyGenerator.Rijndael=AES AlgorithmParameters.AES=com.sun.crypto.provider.AESParameters Cipher.AES=com.sun.crypto.provider.AESCipher Cipher.AES SupportedKeyFormats=RAW Cipher.AES SupportedModes=ECB|CBC|PCBC|CTR|CTS|CFB|OFB|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64|CFB72|CFB80|CFB88|CFB96|CFB104|CFB112|CFB120|CFB128|OFB72|OFB80|OFB88|OFB96|OFB104|OFB112|OFB120|OFB128 Cipher.AES SupportedPaddings=NOPADDING|PKCS5PADDING|ISO10126PADDING Cipher.AESWrap=com.sun.crypto.provider.AESWrapCipher Cipher.AESWrap SupportedKeyFormats=RAW Cipher.AESWrap SupportedModes=ECB Cipher.AESWrap SupportedPaddings=NOPADDING KeyGenerator.AES=com.sun.crypto.provider.AESKeyGenerator Provider.id info=SunJCE Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC) You can see in there that AES supports the CBC mode as well as the NOPADDING padding (though I didn't actually try to create an AES/CBC/NOPADDING cipher just to make sure). I wonder if your JVM is broken? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbREMACgkQ9CaO5/Lv0PAGbwCcDDILqRAT8aIFNl06Lbj7ZmjF Ur8AnjLGY9QtHl1v7MgdcASjcxduAKGw =7ff9 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Manipulate other session
Unfortunately what the blog above describes does not seem to work anymore...: HttpSessionContext sc = request.getSession().getSessionContext(); HttpSession userSession = sc.getSession(sessionId); userSession.setAttribute(myObject, cr); It silently fails with an exception at the last line, an exception without a message... 2009/7/13 Yves Glodt ygl...@gmail.com: Thanks for telling. I found another way (deprecated) in the mean time: http://javasolution.blogspot.com/2007/08/getting-session-object-using-session-id.html 2009/7/13 Mikolaj Rydzewski m...@ceti.pl: Yves Glodt wrote: is it possible to open a different HttpSession than my own (if it's session-id is known), and set an attribute in that session? You can perform HTTP request with session cookie explicity set. -- Mikolaj Rydzewski m...@ceti.pl - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] java.security.NoSuchAlgorithmException: No implementation for AES/CBC/NoPad
I am using JAVA 1.4.2_17-b06 I face this issue sometimes only. Now days coming regularly :( how to fix then Christopher Schultz-2 wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 To whom it may concern, (Marked as OT since this is a JVM issue, not a Tomcat issue). On 7/9/2009 11:01 AM, nitingautam wrote: In my web application i am using ldap authentication. I am using tomcat 5.5 with jdk 1.4. From some days when I try to login it throw the following error and rest of the time it works fine. What can be the issue... [snip] Caused by: java.security.NoSuchAlgorithmException: No implementation for AES/CBC/NoPadding found at com.sun.net.ssl.internal.ssl.SunJSSE_i.d(Unknown Source) at com.sun.net.ssl.internal.ssl.SunJSSE_i.a(Unknown Source) Looks like your JVM doesn't have this cipher, which is weird if it only happens some times. What is your exact JVM version? You might want to upgrade, as things like this tend to get fixed. 1.4 is nearly dead. Try running this code: String providerName = null; Provider providers[]; if(null != args 0 args.length) { providers = new Provider[args.length]; for(int i = 0; i args.length; i++) providers[i] = Security.getProvider(args[i]); } else { providers = Security.getProviders(); } for(int i = 0; i providers.length; i++) { Provider p = providers[i]; System.out.println(Provider: + p); System.out.println(===); System.out.println(provider properties:); ArrayList keys = new ArrayList(p.keySet()); Collections.sort(keys); String key; for(Iterator j = keys.iterator(); j.hasNext(); System.out.println(key + = + p.get(key))) key = (String)j.next(); System.out.println(---); } This will tell you all the crypto providers, ciphers, etc. that are supported by your JVM. I ran this against my own JVM: $ java -version java version 1.6.0_13 Java(TM) SE Runtime Environment (build 1.6.0_13-b03) Java HotSpot(TM) Client VM (build 11.3-b02, mixed mode, sharing) $ java GetProviderInfo | grep AES Alg.Alias.AlgorithmParameters.Rijndael=AES Alg.Alias.Cipher.Rijndael=AES Alg.Alias.KeyGenerator.Rijndael=AES AlgorithmParameters.AES=com.sun.crypto.provider.AESParameters Cipher.AES=com.sun.crypto.provider.AESCipher Cipher.AES SupportedKeyFormats=RAW Cipher.AES SupportedModes=ECB|CBC|PCBC|CTR|CTS|CFB|OFB|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64|CFB72|CFB80|CFB88|CFB96|CFB104|CFB112|CFB120|CFB128|OFB72|OFB80|OFB88|OFB96|OFB104|OFB112|OFB120|OFB128 Cipher.AES SupportedPaddings=NOPADDING|PKCS5PADDING|ISO10126PADDING Cipher.AESWrap=com.sun.crypto.provider.AESWrapCipher Cipher.AESWrap SupportedKeyFormats=RAW Cipher.AESWrap SupportedModes=ECB Cipher.AESWrap SupportedPaddings=NOPADDING KeyGenerator.AES=com.sun.crypto.provider.AESKeyGenerator Provider.id info=SunJCE Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC) You can see in there that AES supports the CBC mode as well as the NOPADDING padding (though I didn't actually try to create an AES/CBC/NOPADDING cipher just to make sure). I wonder if your JVM is broken? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbREMACgkQ9CaO5/Lv0PAGbwCcDDILqRAT8aIFNl06Lbj7ZmjF Ur8AnjLGY9QtHl1v7MgdcASjcxduAKGw =7ff9 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://www.nabble.com/java.security.NoSuchAlgorithmException%3A-No-implementation-for-AES-CBC-NoPad-tp24410804p24463796.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] java.security.NoSuchAlgorithmException: No implementation for AES/CBC/NoPad
nitingautam wrote: I am using JAVA 1.4.2_17-b06 I face this issue sometimes only. Now days coming regularly :( how to fix then How about a) reading what Chris wrote when you asked this question b) doing what he suggests c) posting the results you get Mark Christopher Schultz-2 wrote: To whom it may concern, (Marked as OT since this is a JVM issue, not a Tomcat issue). On 7/9/2009 11:01 AM, nitingautam wrote: In my web application i am using ldap authentication. I am using tomcat 5.5 with jdk 1.4. From some days when I try to login it throw the following error and rest of the time it works fine. What can be the issue... [snip] Caused by: java.security.NoSuchAlgorithmException: No implementation for AES/CBC/NoPadding found at com.sun.net.ssl.internal.ssl.SunJSSE_i.d(Unknown Source) at com.sun.net.ssl.internal.ssl.SunJSSE_i.a(Unknown Source) Looks like your JVM doesn't have this cipher, which is weird if it only happens some times. What is your exact JVM version? You might want to upgrade, as things like this tend to get fixed. 1.4 is nearly dead. Try running this code: String providerName = null; Provider providers[]; if(null != args 0 args.length) { providers = new Provider[args.length]; for(int i = 0; i args.length; i++) providers[i] = Security.getProvider(args[i]); } else { providers = Security.getProviders(); } for(int i = 0; i providers.length; i++) { Provider p = providers[i]; System.out.println(Provider: + p); System.out.println(===); System.out.println(provider properties:); ArrayList keys = new ArrayList(p.keySet()); Collections.sort(keys); String key; for(Iterator j = keys.iterator(); j.hasNext(); System.out.println(key + = + p.get(key))) key = (String)j.next(); System.out.println(---); } This will tell you all the crypto providers, ciphers, etc. that are supported by your JVM. I ran this against my own JVM: $ java -version java version 1.6.0_13 Java(TM) SE Runtime Environment (build 1.6.0_13-b03) Java HotSpot(TM) Client VM (build 11.3-b02, mixed mode, sharing) $ java GetProviderInfo | grep AES Alg.Alias.AlgorithmParameters.Rijndael=AES Alg.Alias.Cipher.Rijndael=AES Alg.Alias.KeyGenerator.Rijndael=AES AlgorithmParameters.AES=com.sun.crypto.provider.AESParameters Cipher.AES=com.sun.crypto.provider.AESCipher Cipher.AES SupportedKeyFormats=RAW Cipher.AES SupportedModes=ECB|CBC|PCBC|CTR|CTS|CFB|OFB|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64|CFB72|CFB80|CFB88|CFB96|CFB104|CFB112|CFB120|CFB128|OFB72|OFB80|OFB88|OFB96|OFB104|OFB112|OFB120|OFB128 Cipher.AES SupportedPaddings=NOPADDING|PKCS5PADDING|ISO10126PADDING Cipher.AESWrap=com.sun.crypto.provider.AESWrapCipher Cipher.AESWrap SupportedKeyFormats=RAW Cipher.AESWrap SupportedModes=ECB Cipher.AESWrap SupportedPaddings=NOPADDING KeyGenerator.AES=com.sun.crypto.provider.AESKeyGenerator Provider.id info=SunJCE Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC) You can see in there that AES supports the CBC mode as well as the NOPADDING padding (though I didn't actually try to create an AES/CBC/NOPADDING cipher just to make sure). I wonder if your JVM is broken? -chris - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Jakarta Connector 1.2.28 with Windows Server 2008 64bit, IIS 7.0 and Tomcat 6.0.18
On 13.07.2009 15:04, Simon Kulessa wrote: Hello, I am trying to configure IIS 7.0 and Tomcat 6.0.18 with the JK 1.2.28 Connector. OS is Windows Server 2008 64bit. I have followed the tutorial from http://www.iisadmin.co.uk/?p=72 but all i get is a 404 error. It seems that the isapi_redirector.dll is not loaded. Let me explain what I have done to this point ... I have installed Tomcat under C:\Tomcat\, replaced the Tomcat executables with the amd 64bit versions from the repository and added a ISAPI directory. You are sure, that not only your windows is 64 Bit but also IIS runs in 64 Bit mode? Then I copied the isapi_redirect.dll (the amd64 bit version) into it and created a properties file as described in http://tomcat.apache.org/connectors-doc/reference/iis.html. Did you also allow the extension as indicated by number 9. in http://tomcat.apache.org/connectors-doc/webserver_howto/iis.html#Configuring%20the%20ISAPI%20Redirector The workers.properties and uriworkermap.properties were updated accordingly. Afterwards I added a virtual directory in the IIS with the name jakarta pointing to the ISAPI folder. The directory structure is like this: C:\ -Tomcat\ --ISAPI\ --webapps\ ---test-webapp\ I can access my sample web application via tomcat, but if I try to access it via the IIS I receive a 404 Error. If I access the webapp via http://localhost/test-webapp I get the message that the physical path is supposed to be C:\inteput\wwwroot\test-webapp. If I add the virtual folter to the path (http://localhost/jakarta/test-webapp) I get the message that the physical path is supposed to be C:\Tomcat\ISAPI\test-webapp. The log as described in the isapi_redirector.properties file has not been created and when I execute the command tasklist /m is* no result is found, which indicates that the dll was not loaded. That's indeed bad. Just to make sure: did you set your log level to something reasonable verbose (like debug)? Even with info, there should at least be a line giving the version of the redirector used. For debugging debug would be better (for production switch back to info). Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Manipulate other session
I don't know if you can/should change other HttpSession directly. As Mikolaj Rydzewski said, you could perform a HTTP request using a different JSESSIONID cookie or a ;jsessionid URL rewriting. On Mon, 2009-07-13 at 16:33 +0200, Yves Glodt wrote: Unfortunately what the blog above describes does not seem to work anymore...: HttpSessionContext sc = request.getSession().getSessionContext(); HttpSession userSession = sc.getSession(sessionId); userSession.setAttribute(myObject, cr); It silently fails with an exception at the last line, an exception without a message... 2009/7/13 Yves Glodt ygl...@gmail.com: Thanks for telling. I found another way (deprecated) in the mean time: http://javasolution.blogspot.com/2007/08/getting-session-object-using-session-id.html 2009/7/13 Mikolaj Rydzewski m...@ceti.pl: Yves Glodt wrote: is it possible to open a different HttpSession than my own (if it's session-id is known), and set an attribute in that session? You can perform HTTP request with session cookie explicity set. -- Mikolaj Rydzewski m...@ceti.pl - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Manipulate other session
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel, On 7/13/2009 12:16 PM, Daniel Henrique Alves Lima wrote: I don't know if you can/should change other HttpSession directly. You might be able to on an older servlet container, but this portion of the API has been deprecated and will cause modern containers to throw exceptions. I'm not sure if a webapp specifies an old version of the spec, whether this API will be supported or not (by a new container which will enforce this prohibition on newer webapps). As Mikolaj Rydzewski said, you could perform a HTTP request using a different JSESSIONID cookie or a ;jsessionid URL rewriting. This is possible. It's also possible to use a SessionListener to maintain your own list of sessions and then you can do whatever you want. The real question is why you want to do this in the first place. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbaBsACgkQ9CaO5/Lv0PC+RgCfUEoAJwWB+/4jgDCzJgK/4eDb YhsAnA8DXWpTkOQdg7vMursGAg5dWfPx =g3Tk -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: FTPSClient running under Tomcat 5.5 - SSLException
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Evan, On 7/10/2009 4:43 PM, Evan Smith wrote: What's puzzling is that I have tested this exact code inside and outside Tomcat, on several different machines. On every machine, it connects and lists files on the FTP server successfully every time, provided that it's not running under Tomcat. On every machine, when I run the same code under Tomcat, I get the same exception. I suspect it's a SecurityManager. Are you running under a SecurityManager? - re-evaluated Calatina policy: From what I can tell in the docs, if there's an issue with policy permissions, a policy exception should be logged, along with a FAILED message. I find neither of these in my logs; just the exception mentioned above. I wouldn't be surprised of the SSLSocket is swallowing the security exception and just throwing it's own exception instead. If you are running under a SecurityManager, try disabling it temporarily to see if your code works without those constraints. If it does, then you need to fiddle with your catalina.policy. Do you have anything in your catalina.policy already to account for this connection? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbaacACgkQ9CaO5/Lv0PB1qACfbr2U+YxTk5dwYcgG30u7+gAD YdIAoJ+yCHYivgXWw8l/uYnphyU7/tVP =lZSy -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Failed to start Tomcat service
Hi, I am using Tomcat 6.0.18. This morning I found that the Tomcat server was not running. I tried to start the service and got this error. Please help. Thank you. [2009-07-13 11:02:57] [994 prunsrv.c] [error] Failed creating java C:\Program Files\Java\jre1.6.0_07\bin\client\jvm.dll [2009-07-13 11:02:57] [1269 prunsrv.c] [error] ServiceStart returned 1 [2009-07-13 11:02:57] [info] Run service finished. [2009-07-13 11:02:57] [info] Procrun finished. Please call us at 714-558-6720 if you have any further questions. Sincerely, Hung M. Bui, P.E.
Logging of memory / thread activity
Hello, I have an issue where Tomcat shuts down without reason. When receiving a light to moderate load that involves MySql database work tomcat shuts down without error. I get the message INFO main org.apache.coyote.http11. Http11BaseProtocol - Pausing Coyote HTTP/1.1 on http-8080 This is consistent after 2-4 minutes of simple stress testing. I am not very sure where the issue lies. I am aware of profilers (which I will eventually use) but for now I would like some way of logging Tomcat vitals so I can see if something is spiking (memory use, thread use, etc). I know the tomcat status page gives me a good deal of the information I would like. Is there any product / methodology for periodically logging this information? I am using: Java: 1.6.0_14-b08 Tomcat: 5.5.25 OS: Linux 2.6.18-028stab060.8 Regards, Lucas
Re: Filter RequestWrapper
Hello, Christopher! I cannot use a request parameter because the legacy application is inside an iframe. If I passed it as a request parameter in the iframe it would only work the first time, because once you click a link inside the iframe the parameter wouldn't be there. Remember that the tricky part here is that the legacy application is not to be changed. When setting an URL like [/context/_session_id_/page1.jsp] for the iframe, any link will be automatically relative to [/context/_session_id_/] except in the cases were getContextPath() is used. For these cases my request wrapper should provide the same dummy url when getContextPath() is called. btw, I'm with you on the PITA thing :) Best regards! On Sat, Jul 11, 2009 at 9:45 PM, Christopher Schultzch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ivo, On 7/9/2009 6:32 AM, Ivo Silva wrote: To both browser and Tomcat it's only one session. My filter is what manages the nested sessions distribution and that's why an identifier is required. Each iframe should have it's own session since the application stores data on session. If I do not provide different sessions the variables would overwrite each other and each iframe would have the same information. What if you used a request parameter instead of request path info? So, to re-state, you want to take the following URLs and make them serve a single page, after unwrapping a special session that is stored in the main session: /context/X/page_1.jsp /context/Y/page_1.jsp /context/Z/page_1.jsp ?? I still don't understand why the URL rewriting is necessary, though I *do* understand the session multiplexing (which is a total PITA, BTW). - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpY+gEACgkQ9CaO5/Lv0PBBSgCePoHoEKENfgUJGLdQe4O90Zjr xcYAn11zYGYzlnlWHwib0bA8O7O8RtYy =XEcl -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tomcat processes running on system, understanding what they are
I am troubleshooting an issue with Tomcat unexpectedly shutting down. I am analyzing the running processes on my system. I see two jsvc instances of Tomcat that are identical. I see multiple httpd processes. I believe httpd are worker threads, is this true? Why would there be two identical instances of Tomcat running via jsvc? Is this correct? Details below. Thank you, Lucas TOMCAT: 3150(jsvc)/usr/local/jakarta/apache-tomcat-5.5.25/bin/jsvc /usr/local/jakarta/apache-tomcat-5.5.25/binjsvc.exec -user tomcat -cp ./bootstrap.jar -Djava.endorsed.dirs=../common/endorsed -Xms384M -Xmx1024M -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled -outfile ../logs/catalina.out -errfile ../logs/catalina.err -verbose org.apache.catalina.startup.Bootstrap -security 3151(jsvc) /usr/local/jakarta/apache-tomcat-5.5.25/bin/jsvc /usr/local/jakarta/apache-tomcat-5.5.25/binjsvc.exec -user tomcat -cp ./bootstrap.jar -Djava.endorsed.dirs=../common/endorsed -Xms384M -Xmx1024M -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled -outfile ../logs/catalina.out -errfile ../logs/catalina.err -verbose org.apache.catalina.startup.Bootstrap -security HTTPD: 22251(httpd)/usr/local/apache/bin/httpd//usr/local/apache/bin/httpd -k start -DSSL
Re: Filter RequestWrapper
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ivo, On 7/13/2009 2:28 PM, Ivo Silva wrote: I cannot use a request parameter because the legacy application is inside an iframe. If I passed it as a request parameter in the iframe it would only work the first time, because once you click a link inside the iframe the parameter wouldn't be there. Hmm... what about deploying a separate application into a sub-URI of your main application. Something like this: mainapp.war - /mainApp legacy.war - /mainApp/X legacy.war - /mainApp/Y legacy.war - /mainApp/Z This will actually give you separate sessions and getContextPath will always work correctly, even when called from the legacy webapp. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbhAkACgkQ9CaO5/Lv0PAdJQCfdEJuPGVinHBl76jaQA9bNaRV nPQAn0R2Ip3/S19j5Xyoa4lyA0c0Y/Gz =2hKX -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat processes running on system, understanding what they are
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Lucas, On 7/13/2009 2:37 PM, Lucas Vickers wrote: I see two jsvc instances of Tomcat that are identical. Why would there be two identical instances of Tomcat running via jsvc? Is this correct? What happens if you look at the processes as a tree (where you can see parent/child relationships)? Try reading the How jsvc works section on this page: http://commons.apache.org/daemon/jsvc.html - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbh7EACgkQ9CaO5/Lv0PA3hACeMRc34KQVmfbZ00yLYd3NoxfW 1BcAniAo7mXf4pHJCKo3ouNFubkp2kQj =kXl4 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Logging of memory / thread activity
From: Lucas Vickers [mailto:lucasvick...@gmail.com] Subject: Logging of memory / thread activity I have an issue where Tomcat shuts down without reason. So this is in some universe without causality? Must be quantum effects. Is there any product / methodology for periodically logging this information? You can take a look this: http://moskito.anotheria.net/ You probably should also turn on -verbose:gc and -Xloggc to monitor activity on the Java heap. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Logging of memory / thread activity
well, tomcat shows no logged errors :) There is a reason, I just have not yet figured it out. I will take a look, thank you! On Mon, Jul 13, 2009 at 3:47 PM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Lucas Vickers [mailto:lucasvick...@gmail.com] Subject: Logging of memory / thread activity I have an issue where Tomcat shuts down without reason. So this is in some universe without causality? Must be quantum effects. Is there any product / methodology for periodically logging this information? You can take a look this: http://moskito.anotheria.net/ You probably should also turn on -verbose:gc and -Xloggc to monitor activity on the Java heap. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Filter RequestWrapper
Hi again, Christopher! Yes, but that is the last resort! We are still testing this approach but all is working as expected. The main reason to adopt this is to provide the possibility to deploy the legacy application in a portal environment (as a portlet) and to allow instatiation whitout requiring the deployment of new portlet for each instance. Best regards! On 7/13/09, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ivo, On 7/13/2009 2:28 PM, Ivo Silva wrote: I cannot use a request parameter because the legacy application is inside an iframe. If I passed it as a request parameter in the iframe it would only work the first time, because once you click a link inside the iframe the parameter wouldn't be there. Hmm... what about deploying a separate application into a sub-URI of your main application. Something like this: mainapp.war - /mainApp legacy.war - /mainApp/X legacy.war - /mainApp/Y legacy.war - /mainApp/Z This will actually give you separate sessions and getContextPath will always work correctly, even when called from the legacy webapp. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbhAkACgkQ9CaO5/Lv0PAdJQCfdEJuPGVinHBl76jaQA9bNaRV nPQAn0R2Ip3/S19j5Xyoa4lyA0c0Y/Gz =2hKX -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Logging of memory / thread activity
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Lucas, On 7/13/2009 2:22 PM, Lucas Vickers wrote: I have an issue where Tomcat shuts down without reason. When receiving a light to moderate load that involves MySql database work tomcat shuts down without error. I get the message INFO main org.apache.coyote.http11. Http11BaseProtocol - Pausing Coyote HTTP/1.1 on http-8080 This is consistent after 2-4 minutes of simple stress testing. What happens if you don't even stress-test the app? Does Tomcat go down with /no/ load on it? I am not very sure where the issue lies. Try this: $ grep System.exit `find src -name *.java` I know the tomcat status page gives me a good deal of the information I would like. Is there any product / methodology for periodically logging this information? I would write a script that does roughly this: while true ; do wget -O status.`date` http://localhost/path/to/tomcat/status sleep 1000 done Then you can see a history of the statuses of your server. If some thread is calling System.exit, though, then you probably won't see anything useful. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbkEgACgkQ9CaO5/Lv0PBkGQCgqBtEM50zA0adK0aTdLLnR5kv 82UAn2ZCgDJWKZOUlulYL7Tl8xETXSDD =6YP5 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tuniing Apache-Tomcap
Hi All We have a application running on Apache Tomcat, but the performance is very slow, the application was developer in netbeans, but now is runing in the server is very slow. We need suggestion to make tuning en the apache tomcat. Regards. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: FTPSClient running under Tomcat 5.5 - SSLException
Thanks for the response, Chris. No security manager, as I'm running into the errors in dev. I will try running it under a security manager, and explicitly configure catalina.policy to account for this connection. I'll let you know what I find. Evan On Jul 13, 2009, at 10:06 AM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Evan, On 7/10/2009 4:43 PM, Evan Smith wrote: What's puzzling is that I have tested this exact code inside and outside Tomcat, on several different machines. On every machine, it connects and lists files on the FTP server successfully every time, provided that it's not running under Tomcat. On every machine, when I run the same code under Tomcat, I get the same exception. I suspect it's a SecurityManager. Are you running under a SecurityManager? - re-evaluated Calatina policy: From what I can tell in the docs, if there's an issue with policy permissions, a policy exception should be logged, along with a FAILED message. I find neither of these in my logs; just the exception mentioned above. I wouldn't be surprised of the SSLSocket is swallowing the security exception and just throwing it's own exception instead. If you are running under a SecurityManager, try disabling it temporarily to see if your code works without those constraints. If it does, then you need to fiddle with your catalina.policy. Do you have anything in your catalina.policy already to account for this connection? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbaacACgkQ9CaO5/Lv0PB1qACfbr2U+YxTk5dwYcgG30u7+gAD YdIAoJ+yCHYivgXWw8l/uYnphyU7/tVP =lZSy -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Filter RequestWrapper
On 13/7/09 20:51, Ivo Silva wrote: Hi again, Christopher! Yes, but that is the last resort! We are still testing this approach but all is working as expected. The main reason to adopt this is to provide the possibility to deploy the legacy application in a portal environment (as a portlet) and to allow instatiation whitout requiring the deployment of new portlet for each instance. I hate to say this, but you'll soon be approaching the point where you might as well have rewritten a (or, the URL) portion of the legacy app to cope with the new use case, given the time you're expending trying to solve a problem with two conflicting requirements. p Best regards! On 7/13/09, Christopher Schultzch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ivo, On 7/13/2009 2:28 PM, Ivo Silva wrote: I cannot use a request parameter because the legacy application is inside an iframe. If I passed it as a request parameter in the iframe it would only work the first time, because once you click a link inside the iframe the parameter wouldn't be there. Hmm... what about deploying a separate application into a sub-URI of your main application. Something like this: mainapp.war - /mainApp legacy.war - /mainApp/X legacy.war - /mainApp/Y legacy.war - /mainApp/Z This will actually give you separate sessions and getContextPath will always work correctly, even when called from the legacy webapp. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbhAkACgkQ9CaO5/Lv0PAdJQCfdEJuPGVinHBl76jaQA9bNaRV nPQAn0R2Ip3/S19j5Xyoa4lyA0c0Y/Gz =2hKX -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tuniing Apache-Tomcap
On 13/7/09 20:57, Vida Luz Arista wrote: Hi All We have a application running on Apache Tomcat, but the performance is very slow, the application was developer in netbeans, but now is runing in the server is very slow. Which versions of: Tomcat, OS? How much memory on your dev machine, how much on the server? Using a DB? Which one? Using a web server? Which one? If applicable, are all or any of the above on the same box? If applicable, what resources are each of the above using? What are your heap settings? What does your GC log say? I can probably think of some more questions, but these'll keep you going for a bit. We need suggestion to make tuning en the apache tomcat. How do you know that Tomcat is the source of the problem? p Regards. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Filter RequestWrapper
Hi, Pid! How are you? As I said, we now have a working solution, currently in tests, but so far so good. Nevertheless this is always a good exercice to better understand the inner workings of our fellow Tom, the cat! Cheers! On 7/13/09, Pid p...@pidster.com wrote: On 13/7/09 20:51, Ivo Silva wrote: Hi again, Christopher! Yes, but that is the last resort! We are still testing this approach but all is working as expected. The main reason to adopt this is to provide the possibility to deploy the legacy application in a portal environment (as a portlet) and to allow instatiation whitout requiring the deployment of new portlet for each instance. I hate to say this, but you'll soon be approaching the point where you might as well have rewritten a (or, the URL) portion of the legacy app to cope with the new use case, given the time you're expending trying to solve a problem with two conflicting requirements. p Best regards! On 7/13/09, Christopher Schultzch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ivo, On 7/13/2009 2:28 PM, Ivo Silva wrote: I cannot use a request parameter because the legacy application is inside an iframe. If I passed it as a request parameter in the iframe it would only work the first time, because once you click a link inside the iframe the parameter wouldn't be there. Hmm... what about deploying a separate application into a sub-URI of your main application. Something like this: mainapp.war - /mainApp legacy.war - /mainApp/X legacy.war - /mainApp/Y legacy.war - /mainApp/Z This will actually give you separate sessions and getContextPath will always work correctly, even when called from the legacy webapp. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbhAkACgkQ9CaO5/Lv0PAdJQCfdEJuPGVinHBl76jaQA9bNaRV nPQAn0R2Ip3/S19j5Xyoa4lyA0c0Y/Gz =2hKX -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: chunked encoding
I debated putting this in a separate thread, but there seems to be so much expertise focused on this thread: What if I WANT chunked? I have a device that sends http POST header and xml request payload in one packet. Tomcat responds chunked. However when an intervening router decides to split the http POST header and xml request into two packets, Tomcat responds non-chunked. My device wants chunked response. Any way to force Tomcat to respond chunked? -- View this message in context: http://www.nabble.com/chunked-encoding-tp23986311p24469028.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Logging of memory / thread activity
On Jul 13, 2009, at 3:47 PM, Caldarale, Charles R wrote: From: Lucas Vickers [mailto:lucasvick...@gmail.com] Subject: Logging of memory / thread activity I have an issue where Tomcat shuts down without reason. So this is in some universe without causality? Must be quantum effects. Someone replaced Schrödinger's cat with tomcat in a gedanke experiment :) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: FTPSClient running under Tomcat 5.5 - SSLException
Holy smokes, the thing doesn't run at all if I turn the security manager on. No doubt I should be running with one, but I'm afraid that's chasing after an altogether different problem, at the moment. I'm hesitant to go fix that until I've figured out this issue first. Any other ideas? Thanks again, Evan On Jul 13, 2009, at 1:26 PM, Evan Smith wrote: Thanks for the response, Chris. No security manager, as I'm running into the errors in dev. I will try running it under a security manager, and explicitly configure catalina.policy to account for this connection. I'll let you know what I find. Evan On Jul 13, 2009, at 10:06 AM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Evan, On 7/10/2009 4:43 PM, Evan Smith wrote: What's puzzling is that I have tested this exact code inside and outside Tomcat, on several different machines. On every machine, it connects and lists files on the FTP server successfully every time, provided that it's not running under Tomcat. On every machine, when I run the same code under Tomcat, I get the same exception. I suspect it's a SecurityManager. Are you running under a SecurityManager? - re-evaluated Calatina policy: From what I can tell in the docs, if there's an issue with policy permissions, a policy exception should be logged, along with a FAILED message. I find neither of these in my logs; just the exception mentioned above. I wouldn't be surprised of the SSLSocket is swallowing the security exception and just throwing it's own exception instead. If you are running under a SecurityManager, try disabling it temporarily to see if your code works without those constraints. If it does, then you need to fiddle with your catalina.policy. Do you have anything in your catalina.policy already to account for this connection? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbaacACgkQ9CaO5/Lv0PB1qACfbr2U+YxTk5dwYcgG30u7+gAD YdIAoJ+yCHYivgXWw8l/uYnphyU7/tVP =lZSy -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: FTPSClient running under Tomcat 5.5 - SSLException
Case closed. Turns out my build was churning out both commons-net-1.4 AND commons-net-2.0, resulting in a conflict. Hence, when I ran it from Tomcat I saw the problem, and when I ran it from my test in eclipse, I did not. Thanks for your help Chris. Evan On Jul 13, 2009, at 2:10 PM, Evan Smith wrote: Holy smokes, the thing doesn't run at all if I turn the security manager on. No doubt I should be running with one, but I'm afraid that's chasing after an altogether different problem, at the moment. I'm hesitant to go fix that until I've figured out this issue first. Any other ideas? Thanks again, Evan On Jul 13, 2009, at 1:26 PM, Evan Smith wrote: Thanks for the response, Chris. No security manager, as I'm running into the errors in dev. I will try running it under a security manager, and explicitly configure catalina.policy to account for this connection. I'll let you know what I find. Evan On Jul 13, 2009, at 10:06 AM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Evan, On 7/10/2009 4:43 PM, Evan Smith wrote: What's puzzling is that I have tested this exact code inside and outside Tomcat, on several different machines. On every machine, it connects and lists files on the FTP server successfully every time, provided that it's not running under Tomcat. On every machine, when I run the same code under Tomcat, I get the same exception. I suspect it's a SecurityManager. Are you running under a SecurityManager? - re-evaluated Calatina policy: From what I can tell in the docs, if there's an issue with policy permissions, a policy exception should be logged, along with a FAILED message. I find neither of these in my logs; just the exception mentioned above. I wouldn't be surprised of the SSLSocket is swallowing the security exception and just throwing it's own exception instead. If you are running under a SecurityManager, try disabling it temporarily to see if your code works without those constraints. If it does, then you need to fiddle with your catalina.policy. Do you have anything in your catalina.policy already to account for this connection? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbaacACgkQ9CaO5/Lv0PB1qACfbr2U+YxTk5dwYcgG30u7+gAD YdIAoJ+yCHYivgXWw8l/uYnphyU7/tVP =lZSy -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: chunked encoding
charliehnabble wrote: I debated putting this in a separate thread, but there seems to be so much expertise focused on this thread: What if I WANT chunked? I have a device that sends http POST header and xml request payload in one packet. Tomcat responds chunked. However when an intervening router decides to split the http POST header and xml request into two packets, Tomcat responds non-chunked. On the face of it, that does not seem to make any sense. Whether Tomcat sends the response chunked or not, shouldn't have anything to do with the way the request comes in. At least not with whether it comes in as one or two packets (definition of packet needed here). It could have something to do with an accept-encoding HTTP request header however. My device wants chunked response. Hate to say this, but your device is wrong. It should be able to accept a response chunked or not. Any way to force Tomcat to respond chunked? I believe Tomcat will send the response chunked, if it doesn't know how long the response will be when it sends out the first response headers. If your app tells Tomcat by setting a Content-length header, then you're cooked. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Symlinks inside WEB-INF/classes not working for me
Tomcat 6.0.16 Linux 2.6.18 JDK 1.6.0_05 Imagine a webapp like this: /index.jsp /WEB-INF -web.xml (of course) -/classes --ConfigFile.txt -/lib --MyConfigLoader.class If I want to load ConfigFile.txt into an InputStream from inside my webapp, all I have to do is this: InputStream configStream = this.getClass().getClassLoader().getResource(/ConfigFile.txt); In some cases, I may want to run multiple instances of the application but have them share one copy of the configuration file. The idea is that I only want to have to maintain one version of the config file per Tomcat and have all the webapps use the same copy. If I put ConfigFile.txt inside /tmp, for instance, this works fine: InputStream configStream = new FileInputStream(/tmp/ConfigFile.txt); But what I tried doing was, symbolically linking all the different webapps to one copy of the file. In other words, tomcat/webapps/myapp1/WEB-INF/classes/ConfigFile.txt and tomcat/webapps/myapp2/WEB-INF/classes/ConfigFile.txt would just be symlinks to /tmp/ConfigFile.txt. When I do this, the input stream comes up null: InputStream configStream = this.getClass().getClassLoader().getResource(/ConfigFile.txt); I thought that symlinks were just treated like files, and that this should just work. I stepped through org.apache.catalina.loader.WebappClassLoader in the Eclipse debugger and I can't see anything that would obviously prevent symlinks from working. But the only time that the ConfigFile.txt shows up in the resourceEntries Map as a ResourceEntry is when I have the file physically inside WEB-INF/classes - never when it is only a symlink. I have googled many combinations of java/linux/classloader/tomcat/symlink/symbolic link/classpath and not found anything quite like this yet. Any ideas? Thanks! - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Symlinks inside WEB-INF/classes not working for me
Tomcat 6.0.16 Linux 2.6.18 JDK 1.6.0_05 Imagine a webapp like this: /index.jsp /WEB-INF -web.xml (of course) -/classes --ConfigFile.txt -/lib --MyConfigLoader.class ... and imagine that .class file is inside a .jar file :) Sorry about that. John - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tomcat 5.5.23 keeps starting threads until OS runs out of memory
Hi I am having an issue with Tomcat starting too many selector threads. I have got some stack trace info about these threads as below: SelectorThread sun.nio.ch.PollArrayWrapper.poll0 ( native code ) sun.nio.ch.PollArrayWrapper.poll ( PollArrayWrapper.java:74 ) sun.nio.ch.WindowsSelectorImpl.doSelect ( WindowsSelectorImpl.java:61 ) sun.nio.ch.SelectorImpl.lockAndDoSelect ( SelectorImpl.java:69 ) sun.nio.ch.SelectorImpl.select ( SelectorImpl.java:80 ) com.sun.corba.se.impl.transport.SelectorImpl.run ( SelectorImpl.java:249 ) When Tomcat starts approx 1800-1900 hundred of these selector threads, Windows runs out of memory and we have to restart tomcat to restore the website. I think these are started by our webapp, but not sure how to trace this back to the bit of code that is doing this. Any suggestions would be appreciated. Best Regards, Akik Rahman - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Symlinks inside WEB-INF/classes not working for me
John Willemin wrote: Tomcat 6.0.16 Linux 2.6.18 JDK 1.6.0_05 Imagine a webapp like this: /index.jsp /WEB-INF -web.xml (of course) -/classes --ConfigFile.txt -/lib --MyConfigLoader.class If I want to load ConfigFile.txt into an InputStream from inside my webapp, all I have to do is this: InputStream configStream = this.getClass().getClassLoader().getResource(/ConfigFile.txt); In some cases, I may want to run multiple instances of the application but have them share one copy of the configuration file. The idea is that I only want to have to maintain one version of the config file per Tomcat and have all the webapps use the same copy. If I put ConfigFile.txt inside /tmp, for instance, this works fine: InputStream configStream = new FileInputStream(/tmp/ConfigFile.txt); But what I tried doing was, symbolically linking all the different webapps to one copy of the file. In other words, tomcat/webapps/myapp1/WEB-INF/classes/ConfigFile.txt and tomcat/webapps/myapp2/WEB-INF/classes/ConfigFile.txt would just be symlinks to /tmp/ConfigFile.txt. When I do this, the input stream comes up null: InputStream configStream = this.getClass().getClassLoader().getResource(/ConfigFile.txt); I thought that symlinks were just treated like files, and that this should just work. I stepped through org.apache.catalina.loader.WebappClassLoader in the Eclipse debugger and I can't see anything that would obviously prevent symlinks from working. But the only time that the ConfigFile.txt shows up in the resourceEntries Map as a ResourceEntry is when I have the file physically inside WEB-INF/classes - never when it is only a symlink. I have googled many combinations of java/linux/classloader/tomcat/symlink/symbolic link/classpath and not found anything quite like this yet. Any ideas? Thanks! - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org If you look at all the third party repackages of tomcat that fail, you'll see a theme -- symlinks cause problems in java. I would highly recommend you find a way to maintain that config file via the build system and have a copy in each of the webapps. Either that or put a copy in tomcat's lib folder where it becomes accessible to all webapps in the environment. --David - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Symlinks inside WEB-INF/classes not working for me
David Smith wrote: John Willemin wrote: Tomcat 6.0.16 Linux 2.6.18 JDK 1.6.0_05 Imagine a webapp like this: /index.jsp /WEB-INF -web.xml (of course) -/classes --ConfigFile.txt -/lib --MyConfigLoader.class If I want to load ConfigFile.txt into an InputStream from inside my webapp, all I have to do is this: InputStream configStream = this.getClass().getClassLoader().getResource(/ConfigFile.txt); In some cases, I may want to run multiple instances of the application but have them share one copy of the configuration file. The idea is that I only want to have to maintain one version of the config file per Tomcat and have all the webapps use the same copy. If I put ConfigFile.txt inside /tmp, for instance, this works fine: InputStream configStream = new FileInputStream(/tmp/ConfigFile.txt); But what I tried doing was, symbolically linking all the different webapps to one copy of the file. In other words, tomcat/webapps/myapp1/WEB-INF/classes/ConfigFile.txt and tomcat/webapps/myapp2/WEB-INF/classes/ConfigFile.txt would just be symlinks to /tmp/ConfigFile.txt. When I do this, the input stream comes up null: InputStream configStream = this.getClass().getClassLoader().getResource(/ConfigFile.txt); I thought that symlinks were just treated like files, and that this should just work. I stepped through org.apache.catalina.loader.WebappClassLoader in the Eclipse debugger and I can't see anything that would obviously prevent symlinks from working. But the only time that the ConfigFile.txt shows up in the resourceEntries Map as a ResourceEntry is when I have the file physically inside WEB-INF/classes - never when it is only a symlink. I have googled many combinations of java/linux/classloader/tomcat/symlink/symbolic link/classpath and not found anything quite like this yet. Any ideas? Thanks! - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org If you look at all the third party repackages of tomcat that fail, you'll see a theme -- symlinks cause problems in java. I would highly recommend you find a way to maintain that config file via the build system and have a copy in each of the webapps. Either that or put a copy in tomcat's lib folder where it becomes accessible to all webapps in the environment. --David Ooops ... I mean tomcat's common classes folder. See the classloader docs for your version of tomcat for details of where that is and/or what needs to be configured to enable it. --David - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
reply timeout, connect_timeout and preprost_timeout values
Hi, What should be the practical values for connect_timeout, prepost_timeout and reply_timeout in a production environment where traffic is considerable and a load balancer is used with 19 workers? Thanks, Madhuri - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Symlinks inside WEB-INF/classes not working for me
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David, On 7/13/2009 8:50 PM, David Smith wrote: If you look at all the third party repackages of tomcat that fail, you'll see a theme -- symlinks cause problems in java. I would highly recommend you find a way to maintain that config file via the build system and have a copy in each of the webapps. Either that or put a copy in tomcat's lib folder where it becomes accessible to all webapps in the environment. While I agree with your recommendation for using a more sophisticated build/deployment process, I disagree with your reasoning. Java and/or Tomcat should not have any problem reading files via symlinks. As far as I know, Java's I/O API does not have the ability to distinguish between symbolic and hard links. I suspect the problem lies elsewhere. It's possible that the native part of the ClassLoader has some objection to symlinked files, but I can't imagine that to be true. I have never had any problems with symlinks from Java programs in the past. That doesn't mean that I've seen everything, though. John, what is the actual error when the file cannot be found? What happens if you try to open the file using a FileInputStream instead of the ClassLoader? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpb4DwACgkQ9CaO5/Lv0PA3MACdERUerLlhWtgnMlI6ruGLor4/ UHgAn1myPgqBIMbvMoWJylPdi1fdCteQ =t8RA -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: reply timeout, connect_timeout and preprost_timeout values
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Madhuri, On 7/13/2009 9:09 PM, Madhuri Patwardhan wrote: What should be the practical values for connect_timeout, prepost_timeout and reply_timeout in a production environment where traffic is considerable and a load balancer is used with 19 workers? That depends on your requirements. How long should a connection be allowed to sit idle before a request is made on it in your environment? 19 workers, eh? That's an odd (ha!) number of workers to have. Do you mean back-end servers? Or do you mean mod_jk workers. Or do you mean worker threads. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpb4QcACgkQ9CaO5/Lv0PD+fACeJQJ63Yj7s2DIMZBToLmdHY3V dggAoLMuVfX5+nsJnVFQsiwzCr9zs7qd =35+S -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: FTPSClient running under Tomcat 5.5 - SSLException
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Evan, On 7/13/2009 7:08 PM, Evan Smith wrote: Case closed. Turns out my build was churning out both commons-net-1.4 AND commons-net-2.0, resulting in a conflict. That'll do it. Good luck configuring all those security allowances :) - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpb4U4ACgkQ9CaO5/Lv0PDkQACgoWyB/Hcu0KH/gIKokOzo0uA/ 5dYAn0oeiaICCkoqm4ShazHLZFsm30QF =yiwN -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat 5.5.23 keeps starting threads until OS runs out of memory
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rahman, On 7/13/2009 9:13 AM, Rahman Akhlaqur wrote: Hi I am having an issue with Tomcat starting too many selector threads. I have got some stack trace info about these threads as below: SelectorThread sun.nio.ch.PollArrayWrapper.poll0 ( native code ) sun.nio.ch.PollArrayWrapper.poll ( PollArrayWrapper.java:74 ) sun.nio.ch.WindowsSelectorImpl.doSelect ( WindowsSelectorImpl.java:61 ) sun.nio.ch.SelectorImpl.lockAndDoSelect ( SelectorImpl.java:69 ) sun.nio.ch.SelectorImpl.select ( SelectorImpl.java:80 ) com.sun.corba.se.impl.transport.SelectorImpl.run ( SelectorImpl.java:249 ) CORBA, eh? Are you starting an RMI server per request? When Tomcat starts approx 1800-1900 hundred of these selector threads, Windows runs out of memory and we have to restart tomcat to restore the website. 1900 hundred? That's a whole lotta threads. I'm surprised you're not hitting a thread maximum in the OS and halting the JVM. I think these are started by our webapp, but not sure how to trace this back to the bit of code that is doing this. Any suggestions would be appreciated. Showing more of the stack trace will certainly help reveal the problem. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpb4jkACgkQ9CaO5/Lv0PD8+wCdEyIQGJ6y4QR0QAuUFgrIsk5w rvcAoIrxIdO4yg0nP9Oo/7IX+HFQlNV7 =ALeE -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Failed to start Tomcat service
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hung, On 7/13/2009 2:21 PM, Bui, Hung (CDPH-DDWEM) wrote: I am using Tomcat 6.0.18. This morning I found that the Tomcat server was not running. I tried to start the service and got this error. Please help. Thank you. [2009-07-13 11:02:57] [994 prunsrv.c] [error] Failed creating java C:\Program Files\Java\jre1.6.0_07\bin\client\jvm.dll Someone moved your cheese. I'll bet that someone recently upgraded the JVM on your server from 1.6.0_07 to 1.6.0_13 and removed the old version. If this is a production application, that person should be fired. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpb4qMACgkQ9CaO5/Lv0PDeqgCfbshL9nB4U08GR8WGpZC0grBg Bw8AoK60fDUDKomEYItcesWa9D+jBay/ =mU+W -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Solaris 10 mod_jk problems...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 André, On 7/7/2009 2:44 PM, André Warnier wrote: Dunno, but I have this nagging not-quite-sure memory tidbit : running ./configure --with-apxs=/usr/apache2/bin/apxs I have not compiled mod_jk very often, but isn't there something like apxs2 for Apache2 ? Nah, apxs is apxs. Sometimes, the script itself is called apxs2 to differentiate it, but configure and/or apxs itself can figure everything out. You need to build mod_jk using that same compiler. Yes. You probably need httpd and mod_jk built with the same compiler. Any idea where httpd came from? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpb5HMACgkQ9CaO5/Lv0PCPAQCcCw8yMg1kNd9zOcGF0qjOY/Yk 0b4An07PoWIyHUaAQ4ezB6erAVF3ZbNi =KU8l -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat 5.5.23 keeps starting threads until OS runs out of memory
From: Christopher Schultz [mailto:ch...@christopherschultz.net] Subject: Re: Tomcat 5.5.23 keeps starting threads until OS runs out of memory I'm surprised you're not hitting a thread maximum in the OS and halting the JVM. I'm not aware of any hard limit in Windows; regardless, hitting such a limit just returns an error status on the system call, not a process abort. Showing more of the stack trace will certainly help reveal the problem. Not likely; that will only show the stack of the started thread, not where it was started from. A heap profiler should show who created the Thread objects, if the profiler captures enough of the call stack at object creation time. One would think a grep of the webapp source for calls to start() would be a rather quick first cut if a profiler can't be used. If the source isn't available, then one possible way to trap the origin of the Thread.start() call is to enable a security manager and only allow start() calls from Tomcat, not webapp, code. This would probably require several iterations and would be somewhat tedious. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
Re: reply timeout, connect_timeout and preprost_timeout values
Hi, Thanks for the prompt reply. I mean 19 tomcat instances (mod_jk workers) managed with load balancer worker. I want to configure the timeout values so that hung tomcat is detected and failover happens without users suffering. I completely understand that this would be dependent on the application. However, I just wanted to know the typical values that would be used for these. Thanks, Madhuri --- On Mon, 7/13/09, Christopher Schultz ch...@christopherschultz.net wrote: From: Christopher Schultz ch...@christopherschultz.net Subject: Re: reply timeout, connect_timeout and preprost_timeout values To: Tomcat Users List users@tomcat.apache.org Date: Monday, July 13, 2009, 9:36 PM -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Madhuri, On 7/13/2009 9:09 PM, Madhuri Patwardhan wrote: What should be the practical values for connect_timeout, prepost_timeout and reply_timeout in a production environment where traffic is considerable and a load balancer is used with 19 workers? That depends on your requirements. How long should a connection be allowed to sit idle before a request is made on it in your environment? 19 workers, eh? That's an odd (ha!) number of workers to have. Do you mean back-end servers? Or do you mean mod_jk workers. Or do you mean worker threads. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpb4QcACgkQ9CaO5/Lv0PD+fACeJQJ63Yj7s2DIMZBToLmdHY3V dggAoLMuVfX5+nsJnVFQsiwzCr9zs7qd =35+S -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Failed to start Tomcat service
i faced same problem... i'm now ok... i'm not sure, if it works for you.. try once it- put msvcr71.dll into bin directory of your tomcat.. i hope it would be useful to you.. On Tue, Jul 14, 2009 at 10:42 AM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hung, On 7/13/2009 2:21 PM, Bui, Hung (CDPH-DDWEM) wrote: I am using Tomcat 6.0.18. This morning I found that the Tomcat server was not running. I tried to start the service and got this error. Please help. Thank you. [2009-07-13 11:02:57] [994 prunsrv.c] [error] Failed creating java C:\Program Files\Java\jre1.6.0_07\bin\client\jvm.dll Someone moved your cheese. I'll bet that someone recently upgraded the JVM on your server from 1.6.0_07 to 1.6.0_13 and removed the old version. If this is a production application, that person should be fired. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpb4qMACgkQ9CaO5/Lv0PDeqgCfbshL9nB4U08GR8WGpZC0grBg Bw8AoK60fDUDKomEYItcesWa9D+jBay/ =mU+W -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Symlinks inside WEB-INF/classes not working for me
While I agree with your recommendation for using a more sophisticated build/deployment process, I disagree with your reasoning. Java and/or Tomcat should not have any problem reading files via symlinks. As far as I know, Java's I/O API does not have the ability to distinguish between symbolic and hard links. and some OS does not have the ability to distinguish lowercase and uppercase names. (joking...). See how allowLinking and caseSensitive options are implemented in StandardContext. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: reply timeout, connect_timeout and preprost_timeout values
Thanks for the prompt reply. What is APR? (please pardon my ignorance. I am new to this.) connect_timeout and preprost_timeout what would be the typical values? something like 5000 or less/more? I also wonder if I specify prepost_timeout then it would mean now each request would take that much additional time? Before serving each request cping/cpong would be tried with timeout value of prepost_timeout so that adds little delay to serving the request?? Also, a typical value for recovery_options would be 3. Thanks, Madhuri --- On Mon, 7/13/09, Martin Gainty mgai...@hotmail.com wrote: From: Martin Gainty mgai...@hotmail.com Subject: RE: reply timeout, connect_timeout and preprost_timeout values To: madhuri_patward...@yahoo.com Date: Monday, July 13, 2009, 10:05 PM #yiv2065840069 .hmmessage P { margin:0px;padding:0px;} #yiv2065840069 { font-size:10pt;font-family:Verdana;} assume No APR worker.template.reply-timeout=2 worker.template.socket-connect-timeout=5000 worker.template.ping-mode=A worker.template.ping-timeout=25000 http://www.pubbs.net/tomcat/200902/18677 Martin Gainty __ Verzicht und Vertraulichkeitanmerkung Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. Date: Mon, 13 Jul 2009 18:09:39 -0700 From: madhuri_patward...@yahoo.com Subject: reply timeout, connect_timeout and preprost_timeout values To: users@tomcat.apache.org Hi, What should be the practical values for connect_timeout, prepost_timeout and reply_timeout in a production environment where traffic is considerable and a load balancer is used with 19 workers? Thanks, Madhuri - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org Windows Live™ Hotmail®: Spread the word when you add celeb photos to your e-mails. Check it out. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Symlinks inside WEB-INF/classes not working for me
Christopher Schultz ch...@christopherschultz.net wrote in message news:4a5be03c.7050...@christopherschultz.net... -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David, On 7/13/2009 8:50 PM, David Smith wrote: If you look at all the third party repackages of tomcat that fail, you'll see a theme -- symlinks cause problems in java. I would highly recommend you find a way to maintain that config file via the build system and have a copy in each of the webapps. Either that or put a copy in tomcat's lib folder where it becomes accessible to all webapps in the environment. While I agree with your recommendation for using a more sophisticated build/deployment process, I disagree with your reasoning. Java and/or Tomcat should not have any problem reading files via symlinks. As far as I know, Java's I/O API does not have the ability to distinguish between symbolic and hard links. I suspect the problem lies elsewhere. My first guess is that there is a SecurityManager lurking somewhere to stop the OP from doing: ln -s /etc/passwd It's possible that the native part of the ClassLoader has some objection to symlinked files, but I can't imagine that to be true. I have never had any problems with symlinks from Java programs in the past. That doesn't mean that I've seen everything, though. John, what is the actual error when the file cannot be found? What happens if you try to open the file using a FileInputStream instead of the ClassLoader? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpb4DwACgkQ9CaO5/Lv0PA3MACdERUerLlhWtgnMlI6ruGLor4/ UHgAn1myPgqBIMbvMoWJylPdi1fdCteQ =t8RA -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Manipulate other session
On Mon, 2009-07-13 at 13:00 -0400, Christopher Schultz wrote: As Mikolaj Rydzewski said, you could perform a HTTP request using a different JSESSIONID cookie or a ;jsessionid URL rewriting. This is possible. It's also possible to use a SessionListener to maintain your own list of sessions and then you can do whatever you want. The real question is why you want to do this in the first place. I don't. It is Yves' question. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org