Re: Windwos Integrated Authentication using AD and Tomcat (no prompt to the users)
Quick answer : Look at http://www.ioplex.com, Jespa. Derlei Luff wrote: Hi all, I’m new to Tomcat and normally work in a Microsoft Windows world. I’ve stumbled into a problem using Tomcat as a web server, that I’m sure there is a simple solution for though I can’t find it. I’m sure it works if I use a MS IIS server instead of a Tomcat server at least. I hope some of you more experienced users of Tomcat can either point me in the right direction or perhaps come up with the conclusion J My problem is: I have a running Active Directory which holds the users and groups. I have a Windows XP client, which is member of the Active Directory domain. If a users logs into the client using he’s username and password and then open Internet Explore I would like him to gain access to a web page hosted on the Tomcat server. The problem is that the Tomcat server shall validate the user’s Active Directory credentials and the credentials should be sent to Tomcat without user interaction. In other words I want “Windows Integrated Authentication” from the MS world, so that Internet Explore takes the users credentials and send them to the Tomcat server (Kerberos). So far I can only get this to work if Internet Explorer prompts the users for he’s credentials (Basic Authentication). In other words I want to archive this: · Users logs onto the Windows XP computer using he’s username and password · User opens Internet explorer and write the URL to the page hosted on the Tomcat server · Internet Explore sends the users username and password automatically to tomcat (Kerberos) · The Tomcat validates the user’s credentials and accepts the request. This is some form of Single Sign On and I know it works if I use IIS instead of Tomcat. I’ve found several guides on the net, but no one which tells me if this is possible or not. Hope some of you of you can point me in the right direction, but perhaps I have to use a third part application to archive this?? Thanks in advance, Derlei - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Windwos Integrated Authentication using AD and Tomcat (no prompt to the users)
To Martin, Steve and others : Samba's JCIFS works fine, but only for NTLMv1 authentication. (It is also no longer maintained, see http://jcifs.samba.org.) It does NOT work for NTLMv2 authentication, which is fast becoming the norm, and the default from Vista onwards. Jespa works with NTLMv2, and is free for up to 25 users. I have no shares in ioplex or Jespa. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
OT:: Unable to unsubscribe from this list
Hi buddies, OFFTOPIC I thank everyone for your support. I have moved to JBOSS and also the tomcat mails flooded my junk folder as well as my main folder. so i have decided to un subcribe from list. When i send email to users-unsubscr...@tomcat.apache.orgmailto:users-unsubscr...@tomcat.apache.org, I get a reply email with an address. But i am unable to send the second mail,as it is getting failed to deliver. How is it possible to solve this? Thanks, Mohamed
Re: Windwos Integrated Authentication using AD and Tomcat (no prompt to the users)
To Martin, Steve and others : Samba's JCIFS works fine, but only for NTLMv1 authentication. (It is also no longer maintained, see http://jcifs.samba.org.) Yes I saw that on the jcifs website. However I left to up to the OP to see that as well, considering the blue important notice is quite attention grabbing. It does NOT work for NTLMv2 authentication, which is fast becoming the norm, and the default from Vista onwards. Jespa works with NTLMv2, and is free for up to 25 users. I have no shares in ioplex or Jespa. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat 6 Clustering with session replication problem
did you try with path Context path= Filip On 09/10/2009 09:20 AM, Davy NESTOR wrote: Context path=/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
howto add a UDP Listener
hi, I would like to add an UDP Listener to send and receive UDP to my tomcat-webapp. Unfortunately the server does reject Packets when I do try a usual DatagramSocket socket = new DatagramSocket(4445); as soon as I try that I get errors in my application. Is there a way of telling tomcat to receive UDP Packets and forward them to my Handlers? Something like a Servlet that gives me the UDP Packets? thanks Sebastian Wagner -- Sebastian Wagner http://www.webbase-design.de http://openmeetings.googlecode.com http://www.laszlo-forum.de seba.wag...@gmail.com
RE: howto add a UDP Listener
From: Sebastian Wagner [mailto:seba.wag...@gmail.com] Subject: howto add a UDP Listener Is there a way of telling tomcat to receive UDP Packets and forward them to my Handlers? No. Tomcat is a server for HTTP requests running over TCP protocol. You'll need to implement your own UDP handler. You might want to look over this thread, which sounds similar to your situation (ignore the last message of the thread, which is a hijack): http://marc.info/?t=11356216962r=1w=2 You might be able to make use of this within your code: http://mina.apache.org/ - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: howto add a UDP Listener
On 13-Sep-2009, at 14:19, Caldarale, Charles R wrote: From: Sebastian Wagner [mailto:seba.wag...@gmail.com] Subject: howto add a UDP Listener Is there a way of telling tomcat to receive UDP Packets and forward them to my Handlers? No. Tomcat is a server for HTTP requests running over TCP protocol. You'll need to implement your own UDP handler. You might want to look over this thread, which sounds similar to your situation (ignore the last message of the thread, which is a hijack): http://marc.info/?t=11356216962r=1w=2 You might be able to make use of this within your code: http://mina.apache.org/ I am just curious what problem the original poster is trying to address? The approach I would probably take is to make an external proxy application that accepts the UDP requests and then submits the data as an HTTP request to the web server using a GET or POST request. The advantage with this is that it helps keep the webapp focused on HTTP and not stuff that doesn't really fit with web server. André-John - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: howto add a UDP Listener
Thanks for your answers. I am working on a Desktop Sharing application that is sending the Desktop Images over UDP to Tomcat. As this is quite time-critical I need to integrate the UDP-handler into my webapp. It seems like using MINA does solve my Issues. thanks, sebastian 2009/9/13 Andre-John Mas aj...@sympatico.ca On 13-Sep-2009, at 14:19, Caldarale, Charles R wrote: From: Sebastian Wagner [mailto:seba.wag...@gmail.com] Subject: howto add a UDP Listener Is there a way of telling tomcat to receive UDP Packets and forward them to my Handlers? No. Tomcat is a server for HTTP requests running over TCP protocol. You'll need to implement your own UDP handler. You might want to look over this thread, which sounds similar to your situation (ignore the last message of the thread, which is a hijack): http://marc.info/?t=11356216962r=1w=2 You might be able to make use of this within your code: http://mina.apache.org/ I am just curious what problem the original poster is trying to address? The approach I would probably take is to make an external proxy application that accepts the UDP requests and then submits the data as an HTTP request to the web server using a GET or POST request. The advantage with this is that it helps keep the webapp focused on HTTP and not stuff that doesn't really fit with web server. André-John - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- Sebastian Wagner http://www.webbase-design.de http://openmeetings.googlecode.com http://www.laszlo-forum.de seba.wag...@gmail.com
RE: howto add a UDP Listener
From: Sebastian Wagner [mailto:seba.wag...@gmail.com] Subject: Re: howto add a UDP Listener I am working on a Desktop Sharing application that is sending the Desktop Images over UDP to Tomcat. Why doesn't the Desktop Sharing application use a reliable protocol (e.g., HTTP over TCP) to talk to Tomcat? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Comet high CPU usages on IoEndpoint$Poller.run()
Hi,
I have been battling with the comet event handling for a few weeks. The main
symptom is that the CPU usages may go high (60%), especially from a Firefox
connection. My page flow looks like:
- start firefox
- go to a login page to start a http session
- go to a page with comet subscription, see the comet events flowing
- go to the logout page which does a session.invalidate() and redirect back
to the page
- visit any page of this webapp, the CPU goes way up.
I have done a number of things trying to fix that, including:
- upgrade to JDK 1.6u16 (as there is a mention of socket select bug fixed in
1.6u4 on Windows)
- try both NIO connector and APR (as suggested in one forum comment)
- try to wrap the output stream in a synchronized stream and check for
stream closing.
- flush the output stream before closing (but that always resulting in NPE)
None of these works.
The CPU thread dump shows that it is spinning at either
NioEndPoint$Poller.run() or ArpendPoint$Poller.run() of the comet polling
thread. (In fact, if I suspend the thread in debugger, the CPU usages return
to 0.)
The problem could be triggered in IE as well but much less frequently, so
not sure how to reproduce.
What else I should be looking for?
Thanks
-
My event() handler looks like
if (event.getEventType() == CometEvent.EventType.BEGIN) {
log.info(Begin comet channel session:, httpSession.getId());
response.flushBuffer();
s_connections.put(httpSession.getId(), response);
} else if (event.getEventType() == CometEvent.EventType.ERROR) {
final EventSubType subtype = event.getEventSubType();
if (subtype == CometEvent.EventSubType.TIMEOUT) {
log.info(ignore timeout);
} else if (subtype == CometEvent.EventSubType.CLIENT_DISCONNECT)
{
closeSessionConnection(httpSession.getId(), false);
event.close();
}
} else if (event.getEventType() == CometEvent.EventType.END) {
final EventSubType subtype = event.getEventSubType();
if (subtype == null || subtype ==
CometEvent.EventSubType.SESSION_END) {
// ... unsubscribe all comet topics ...
}
closeSessionConnection(session);
event.close();
} else if (event.getEventType() == CometEvent.EventType.READ) {
InputStream is = request.getInputStream();
byte[] buf = new byte[512];
do {
int n = is.read(buf); // can throw an IOException
if (n 0) {
} else if (n 0) {
closeSessionConnection(httpSession.getId());
event.close();
return;
}
} while (is.available() 0);
}
protected static void closeSessionConnection(String sessionId) throws
IOException {
HttpServletResponse response = s_connections.remove(sessionId);
if (response == null) {
return;
}
synchronized (response) {
PrintWriter writer = response.getWriter();
try {
response.flushBuffer();
log.info(Http response flushed);
} catch (NullPointerException e) { // always happen
} catch (Exception e) {
log.error(Error flushing response, e);
}
try {
writer.close();
} catch (NullPointerException e) { // always happen
} catch (Exception e) {
log.error(Error closing writer, e);
}
}
}
the JavaScript codes (for FF) basically looks like
function cometStart(url) {
var xmlhttp = new XMLHttpRequest();
xmlhttp.onreadystatechange = function() {
if(xmlhttp.readyState == 4 cometSettings.active) {
cometStart(url);
return(false);
}
if(xmlhttp.readyState == 3) {
var data = xmlhttp.responseText;
// process data
}
};
xmlhttp.open('GET', url, true);
xmlhttp.send(null);
cometSettings.active = true;
}
Tomcat Access Control Exception
I am using org.apache.coyote.http11.Http11NioProtocol connector and deployed
a comet application which uses Jini jars.
While running the comet application it is throwing errors. There is a
security access code in my application:
if (System.getSecurityManager() == null)
System.setSecurityManager(new RMISecurityManager());
I have set the following security policy for the comet application in
catalina.policy file.
grant codeBase file:${catalina.home}/webapps/comet/- {
permission java.security.AllPermission;
};
The catalina log file is as follows: Any help will be appreciated.
Sep 15, 2009 12:10:08 AM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal
performance in production environments was not found on the
java.library.path:
/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/i386/server:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/i386:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/../lib/i386:/usr/java/packages/lib/i386:/lib:/usr/lib
Sep 15, 2009 12:10:08 AM org.apache.tomcat.util.net.NioSelectorPool
getSharedSelector
INFO: Using a shared selector for servlet write/read
Sep 15, 2009 12:10:08 AM org.apache.coyote.http11.Http11NioProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
Sep 15, 2009 12:10:08 AM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 553 ms
Sep 15, 2009 12:10:08 AM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Sep 15, 2009 12:10:08 AM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/6.0.20
Sep 15, 2009 12:10:09 AM org.apache.coyote.http11.Http11NioProtocol start
INFO: Starting Coyote HTTP/1.1 on http-8080
Sep 15, 2009 12:10:09 AM org.apache.catalina.startup.Catalina start
INFO: Server startup in 667 ms
Sep 15, 2009 12:10:17 AM org.apache.catalina.mbeans.ServerLifecycleListener
lifecycleEvent
SEVERE: destroyMBeans: Throwable
java.security.AccessControlException: access denied
(javax.management.MBeanPermission
org.apache.catalina.mbeans.ContextResourceMBean#-[Catalina:class=org.apache.catalina.UserDatabase,name=UserDatabase,resourcetype=Global,type=Resource]
unregisterMBean)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:342)
at
java.security.AccessController.checkPermission(AccessController.java:553)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.checkMBeanPermission(DefaultMBeanServerInterceptor.java:1850)
at
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.checkMBeanPermission(DefaultMBeanServerInterceptor.java:1833)
at
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.exclusiveUnregisterMBean(DefaultMBeanServerInterceptor.java:436)
at
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.unregisterMBean(DefaultMBeanServerInterceptor.java:421)
at
com.sun.jmx.mbeanserver.JmxMBeanServer.unregisterMBean(JmxMBeanServer.java:540)
at
org.apache.catalina.mbeans.MBeanUtils.destroyMBean(MBeanUtils.java:1499)
at
org.apache.catalina.mbeans.ServerLifecycleListener.destroyMBeans(ServerLifecycleListener.java:772)
at
org.apache.catalina.mbeans.ServerLifecycleListener.destroyMBeans(ServerLifecycleListener.java:923)
at
org.apache.catalina.mbeans.ServerLifecycleListener.destroyMBeans(ServerLifecycleListener.java:961)
at
org.apache.catalina.mbeans.ServerLifecycleListener.lifecycleEvent(ServerLifecycleListener.java:154)
at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
at org.apache.catalina.core.StandardServer.stop(StandardServer.java:738)
at org.apache.catalina.startup.Catalina.stop(Catalina.java:633)
at
org.apache.catalina.startup.Catalina$CatalinaShutdownHook.run(Catalina.java:676)
Sep 15, 2009 12:10:17 AM org.apache.coyote.http11.Http11NioProtocol pause
INFO: Pausing Coyote HTTP/1.1 on http-8080
Sep 15, 2009 12:10:18 AM org.apache.catalina.core.StandardService stop
INFO: Stopping service Catalina
Sep 15, 2009 12:10:18 AM org.apache.catalina.core.StandardPipeline
unregisterValve
INFO: Can't unregister valve
org.apache.catalina.core.StandardEngineValve[Catalina]
java.security.AccessControlException: access denied
(javax.management.MBeanPermission
org.apache.tomcat.util.modeler.BaseModelMBean#-[Catalina:name=StandardEngineValve,type=Valve]
unregisterMBean)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:342)
at
java.security.AccessController.checkPermission(AccessController.java:553)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.checkMBeanPermission(DefaultMBeanServerInterceptor.java:1850)
at
Re: howto add a UDP Listener
I think you mean why it does NOT use a reliable protocol ... ? Iit is not that important if some packages are lost in this case and I hope to gain some performance by using UDP. sebastian 2009/9/13 Caldarale, Charles R chuck.caldar...@unisys.com From: Sebastian Wagner [mailto:seba.wag...@gmail.com] Subject: Re: howto add a UDP Listener I am working on a Desktop Sharing application that is sending the Desktop Images over UDP to Tomcat. Why doesn't the Desktop Sharing application use a reliable protocol (e.g., HTTP over TCP) to talk to Tomcat? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- Sebastian Wagner http://www.webbase-design.de http://openmeetings.googlecode.com http://www.laszlo-forum.de seba.wag...@gmail.com
RE: howto add a UDP Listener
From: Sebastian Wagner [mailto:seba.wag...@gmail.com] Subject: Re: howto add a UDP Listener I think you mean why it does NOT use a reliable protocol ... ? Which is what I said: Why *doesn't* the Desktop Sharing application use a reliable protocol I hope to gain some performance by using UDP. Simply by eliminating the ACKs? I think you'd be hard pressed to measure a real-world difference. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: howto add a UDP Listener
You might be right, I will have to try different approaches till the final release. thanks, sebastian 2009/9/13 Caldarale, Charles R chuck.caldar...@unisys.com From: Sebastian Wagner [mailto:seba.wag...@gmail.com] Subject: Re: howto add a UDP Listener I think you mean why it does NOT use a reliable protocol ... ? Which is what I said: Why *doesn't* the Desktop Sharing application use a reliable protocol I hope to gain some performance by using UDP. Simply by eliminating the ACKs? I think you'd be hard pressed to measure a real-world difference. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- Sebastian Wagner http://www.webbase-design.de http://openmeetings.googlecode.com http://www.laszlo-forum.de seba.wag...@gmail.com
Re: Tomcat Access Control Exception
I have placed the Jini jars under CATALINE_HOME/lib
I am getting the following errors now:
java.security.AccessControlException: access denied (java.io.FilePermission
\C:\
softwares\tomcat\apache-tomcat-6.0.20\apache-tomcat-6.0.20\lib\jsk-platform.jar
read)
at
java.security.AccessControlContext.checkPermission(AccessControlConte
xt.java:323)
at
java.security.AccessController.checkPermission(AccessController.java:
546)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.net.URLClassLoader$4.run(URLClassLoader.java:494)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.getPermissions(URLClassLoader.java:492)
at
java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader
.java:192)
at
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:12
4)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:260)
at java.net.URLClassLoader.access$000(URLClassLoader.java:56)
at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
at java.lang.ClassLoader.loadClass(ClassLoader.java:251)
at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319)
at
com.truedataindia.comet.feed.FeedProcessor.run(FeedProcessor.java:59)
at java.lang.Thread.run(Thread.java:619)
Exception in thread ContainerBackgroundProcessor[StandardEngine[Catalina]]
jav
a.security.AccessControlException: access denied
(java.lang.RuntimePermission se
tContextClassLoader)
at
java.security.AccessControlContext.checkPermission(AccessControlConte
xt.java:323)
at
java.security.AccessController.checkPermission(AccessController.java:
546)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.Thread.setContextClassLoader(Thread.java:1351)
at
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.p
rocessChildren(ContainerBase.java:1605)
at
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.r
un(ContainerBase.java:1590)
at java.lang.Thread.run(Thread.java:619)
14 Sep, 2009 1:21:16 AM org.apache.catalina.connector.CoyoteAdapter event
SEVERE: An exception or error occurred in the container during the request
proce
ssing
java.security.AccessControlException: access denied
(java.lang.RuntimePermission
setContextClassLoader)
at
java.security.AccessControlContext.checkPermission(AccessControlConte
xt.java:323)
at
java.security.AccessController.checkPermission(AccessController.java:
546)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.Thread.setContextClassLoader(Thread.java:1351)
at
org.apache.catalina.core.StandardHostValve.event(StandardHostValve.ja
va:174)
at org.apache.catalina.valves.ValveBase.event(ValveBase.java:200)
at
org.apache.catalina.core.StandardEngineValve.event(StandardEngineValv
e.java:128)
at
org.apache.catalina.connector.CoyoteAdapter.event(CoyoteAdapter.java:
198)
at
org.apache.coyote.http11.Http11NioProcessor.event(Http11NioProcessor.
java:750)
at
org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.ev
ent(Http11NioProtocol.java:656)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoin
t.java:2214)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec
utor.java:885)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:907)
at java.lang.Thread.run(Thread.java:619)
abhilashk_cse wrote:
I am using org.apache.coyote.http11.Http11NioProtocol connector and
deployed a comet application which uses Jini jars.
While running the comet application it is throwing errors. There is a
security access code in my application:
if (System.getSecurityManager() == null)
System.setSecurityManager(new RMISecurityManager());
I have set the following security policy for the comet application in
catalina.policy file.
grant codeBase file:${catalina.home}/webapps/comet/- {
permission java.security.AllPermission;
};
The catalina log file is as follows: Any help will be appreciated.
Sep 15, 2009 12:10:08 AM org.apache.catalina.core.AprLifecycleListener
init
INFO: The APR based Apache Tomcat Native library which allows optimal
performance in production environments was not found on the
java.library.path:
/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/i386/server:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/i386:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/../lib/i386:/usr/java/packages/lib/i386:/lib:/usr/lib
Sep 15, 2009 12:10:08 AM org.apache.tomcat.util.net.NioSelectorPool
Re: howto add a UDP Listener
On 13-Sep-2009, at 15:04, Sebastian Wagner wrote: Thanks for your answers. I am working on a Desktop Sharing application that is sending the Desktop Images over UDP to Tomcat. As this is quite time-critical I need to integrate the UDP-handler into my webapp. It seems like using MINA does solve my Issues. thanks, sebastian Will you be sending images to a single host and is the solution send only? André-John - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: howto add a UDP Listener
yes it is a solution send only ... or receive only. sebastian 2009/9/13 Andre-John Mas aj...@sympatico.ca On 13-Sep-2009, at 15:04, Sebastian Wagner wrote: Thanks for your answers. I am working on a Desktop Sharing application that is sending the Desktop Images over UDP to Tomcat. As this is quite time-critical I need to integrate the UDP-handler into my webapp. It seems like using MINA does solve my Issues. thanks, sebastian Will you be sending images to a single host and is the solution send only? André-John - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- Sebastian Wagner http://www.webbase-design.de http://openmeetings.googlecode.com http://www.laszlo-forum.de seba.wag...@gmail.com
Re: Comet high CPU usages on IoEndpoint$Poller.run()
Whis is the event.close conditional when there is an error, what if you
get a Comet report that says
Type=CometEvent.EventType.ERROR
Subtype=null
?
Filip
On 09/13/2009 01:25 PM, Hacking Bear wrote:
} else if (event.getEventType() == CometEvent.EventType.ERROR) {
final EventSubType subtype = event.getEventSubType();
if (subtype == CometEvent.EventSubType.TIMEOUT) {
log.info(ignore timeout);
} else if (subtype == CometEvent.EventSubType.CLIENT_DISCONNECT)
{
closeSessionConnection(httpSession.getId(), false);
event.close();
}
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: howto add a UDP Listener
You may want to look at the Java VNC Viewer: http://www.realvnc.com/support/javavncviewer.html or TightVNC: http://www.tightvnc.com/download.html it may save you repeating work which has already been done elsewhere. André-John On 13-Sep-2009, at 16:10, Sebastian Wagner wrote: yes it is a solution send only ... or receive only. sebastian 2009/9/13 Andre-John Mas aj...@sympatico.ca On 13-Sep-2009, at 15:04, Sebastian Wagner wrote: Thanks for your answers. I am working on a Desktop Sharing application that is sending the Desktop Images over UDP to Tomcat. As this is quite time-critical I need to integrate the UDP-handler into my webapp. It seems like using MINA does solve my Issues. thanks, sebastian Will you be sending images to a single host and is the solution send only? André-John - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- Sebastian Wagner http://www.webbase-design.de http://openmeetings.googlecode.com http://www.laszlo-forum.de seba.wag...@gmail.com - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
tomcat mysql dbcp Communications link failure
Hello guys,
If you can help with this problem.
I have an application deployed on tomcat V6.18. It uses a mysql database.
The problem is that after some hours the applicatiion throws an exception when
trying to connect to the data base.
com.mysql.jdbc.CommunicationsException: Communications link failure due to
underlying exception
I cofigured a data source using dbcp :
Resource name=jdbc/${database.datasource}
auth=Container
type=javax.sql.DataSource
factory=org.apache.commons.dbcp.BasicDataSourceFactory
driverClassName=${database.driver}
url=${database.url}
username=${database.user}
password=${database.password}
removeAbandoned=true
removeAbandonedTimeout=300
logAbandoned=true
maxActive=20
maxIdle=20
maxWait=1
validationQuery=SELECT 1
testOnBorrow=true
testOnReturn=true
testWhileIdle=true/
I did some searches and it seems that the problem is that the connection pool
keeps the connections for a long time even if they are considered dead by mysql
So if you can help
Thanks
RE: directory structure
If you're referring to during the development phase Yes, during the development phase. the IDEs I've worked with such as NetBeans and Eclipse does it for you automatically. I don't remember if NetBeans actually make a war or not but it does autodeploy. Eclipse will auto synchronize and sometimes it will auto-redeploy the app or restart TC depending on what was changed. What IDE are you using? Hmm... I tend to use Eclipse primarily as a Java-aware text editor (control-click to get to a declaration is invaluable), but my build is done using ant. My old solution was to simply do all of my development inside the tomcat webapps directory. This worked all right, except that it was incredibly ugly and caused bizarre problems from time to time (e.g., when allowing tomcat to autoload altered classes). I'm trying to get everything set up right. The only way I can see to do it is to play weird tricks with symbolic links, but this seems like a bad solution. Thoughts? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Comet high CPU usages on IoEndpoint$Poller.run()
On ERROR with subtype other than DISCONNECT, I just ignore it, i.e. no call
to event.close() nor trying to close the streams. I also tried to do both on
any error but it seems not doing better. Besides, I didn't see any ERROR
other than TIMEOUT which repeats every few seconds.
Another note is that in my session listener, I need to close the connection.
If I don't, then the CPU usage problem would occur as easily in IE as in FF.
public void sessionDestroyed(HttpSessionEvent event) {
closeSessionConnection(session.getId());
Thanks
On Sun, Sep 13, 2009 at 2:00 PM, Filip Hanik - Dev Lists devli...@hanik.com
wrote:
Whis is the event.close conditional when there is an error, what if you get
a Comet report that says
Type=CometEvent.EventType.ERROR
Subtype=null
?
Filip
On 09/13/2009 01:25 PM, Hacking Bear wrote:
} else if (event.getEventType() == CometEvent.EventType.ERROR) {
final EventSubType subtype = event.getEventSubType();
if (subtype == CometEvent.EventSubType.TIMEOUT) {
log.info(ignore timeout);
} else if (subtype ==
CometEvent.EventSubType.CLIENT_DISCONNECT)
{
closeSessionConnection(httpSession.getId(), false);
event.close();
}
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: directory structure
Daniel Blumenthal wrote: If you're referring to during the development phase Yes, during the development phase. the IDEs I've worked with such as NetBeans and Eclipse does it for you automatically. I don't remember if NetBeans actually make a war or not but it does autodeploy. Eclipse will auto synchronize and sometimes it will auto-redeploy the app or restart TC depending on what was changed. What IDE are you using? Hmm... I tend to use Eclipse primarily as a Java-aware text editor (control-click to get to a declaration is invaluable), but my build is done using ant. My old solution was to simply do all of my development inside the tomcat webapps directory. This worked all right, except that it was incredibly ugly and caused bizarre problems from time to time (e.g., when allowing tomcat to autoload altered classes). I'm trying to get everything set up right. The only way I can see to do it is to play weird tricks with symbolic links, but this seems like a bad solution. Thoughts? Yes: use the full power of Eclipse, and let it do your builds, debugging and deployments. D - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat url rewrite
I think look up the url in database is not a Immediately way to me. Because most of item not have the / char in name. My original url would like http://myDomain/getItemPage?itemName=xxx After the url rewrite rule, url become http://myDomain/item_xxx.html If the item name like abc/def, http://myDomain/item_abc/def.html will get error. Because tomcat explain there is a directory named item_abc. I think the tomcat is right. -- View this message in context: http://www.nabble.com/tomcat---url-rewrite-tp25395691p25429315.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat mysql dbcp Communications link failure
Could you provide the full stack trace? And if possible, can you
describe time it takes as it relates to the timeout of your MySQL
server? The default timeout in MySQL is 8 hours, but is configurable.
Also I'm assuming all the ${...} stuff is just you sanitizing the
Resource ... / block. One last question ... is there any chance your
code is holding on to connections as opposed to closing them when done?
Closing from the app's point of view is just returning the connection to
the pool for another request later.
--David
Chetouani wrote:
Hello guys,
If you can help with this problem.
I have an application deployed on tomcat V6.18. It uses a mysql database.
The problem is that after some hours the applicatiion throws an exception
when trying to connect to the data base.
com.mysql.jdbc.CommunicationsException: Communications link failure due to
underlying exception
I cofigured a data source using dbcp :
Resource name=jdbc/${database.datasource}
auth=Container
type=javax.sql.DataSource
factory=org.apache.commons.dbcp.BasicDataSourceFactory
driverClassName=${database.driver}
url=${database.url}
username=${database.user}
password=${database.password}
removeAbandoned=true
removeAbandonedTimeout=300
logAbandoned=true
maxActive=20
maxIdle=20
maxWait=1
validationQuery=SELECT 1
testOnBorrow=true
testOnReturn=true
testWhileIdle=true/
I did some searches and it seems that the problem is that the connection pool
keeps the connections for a long time even if they are considered dead by
mysql
So if you can help
Thanks
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
help with tomcat manager
Downloaded and uncompressed apache-tomcat-6.0.20.tar.gz Started Tomcat using bin/catalina.sh start Connected to http://servername:8080 and see the getting started page Click on Tomcat Manager Get prompted for a username/password with the following message: A username and password are being requested by http://tomcat2.campee.net:8080. The site says: Tomcat Manager Application I use campee for the username and password for the password. I get prompted again for a username/password. I repeat the same username/password. I get prompted again and again and again. If I click cancel, I get 401 Unauthorized and the following message: You are not authorized to view this page. If you have not changed any configuration files, please examine the file conf/tomcat-users.xml in your installation. That file will contain the credentials to let you use this webapp. You will need to add manager role to the config file listed above. For example: role rolename=manager/ user username=tomcat password=s3cret roles=manager/ I've already done this in my tomcat-users.xml file: tomcat-users !-- role rolename=tomcat/ role rolename=role1/ role rolename=manager/ user username=tomcat password=tomcat roles=tomcat/ user username=both password=tomcat roles=tomcat,role1/ user username=role1 password=tomcat roles=role1/ user username=campee password=password roles=manager/ -- /tomcat-users From my server.xml, which is still in its default state: GlobalNamingResources !-- Editable user database that can also be used by UserDatabaseRealm to authenticate users -- Resource name=UserDatabase auth=Container type=org.apache.catalina.UserDatabase description=User database that can be updated and saved factory=org.apache.catalina.users.MemoryUserDatabaseFactory pathname=conf/tomcat-users.xml / /GlobalNamingResources That means I should be using conf/tomcat-users.xml for usernames/passwords. Where did I go wrong?
RE: help with tomcat manager
From: Eric [mailto:cam...@gmail.com] Subject: help with tomcat manager tomcat-users !-- role rolename=tomcat/ role rolename=role1/ role rolename=manager/ user username=tomcat password=tomcat roles=tomcat/ user username=both password=tomcat roles=tomcat,role1/ user username=role1 password=tomcat roles=role1/ user username=campee password=password roles=manager/ -- /tomcat-users Where did I go wrong? You left the comment markers in. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: help with tomcat manager
UserDatabase Realm acquires authentication credentials from a jdbc Database source use org.apache.catalina.realm.MemoryRealm details at http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#MemoryRealm greets Martin __ Verzicht und Vertraulichkeitanmerkung Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. Date: Sun, 13 Sep 2009 19:57:38 -0700 Subject: help with tomcat manager From: cam...@gmail.com To: users@tomcat.apache.org Downloaded and uncompressed apache-tomcat-6.0.20.tar.gz Started Tomcat using bin/catalina.sh start Connected to http://servername:8080 and see the getting started page Click on Tomcat Manager Get prompted for a username/password with the following message: A username and password are being requested by http://tomcat2.campee.net:8080. The site says: Tomcat Manager Application I use campee for the username and password for the password. I get prompted again for a username/password. I repeat the same username/password. I get prompted again and again and again. If I click cancel, I get 401 Unauthorized and the following message: You are not authorized to view this page. If you have not changed any configuration files, please examine the file conf/tomcat-users.xml in your installation. That file will contain the credentials to let you use this webapp. You will need to add manager role to the config file listed above. For example: role rolename=manager/ user username=tomcat password=s3cret roles=manager/ I've already done this in my tomcat-users.xml file: tomcat-users !-- role rolename=tomcat/ role rolename=role1/ role rolename=manager/ user username=tomcat password=tomcat roles=tomcat/ user username=both password=tomcat roles=tomcat,role1/ user username=role1 password=tomcat roles=role1/ user username=campee password=password roles=manager/ -- /tomcat-users From my server.xml, which is still in its default state: GlobalNamingResources !-- Editable user database that can also be used by UserDatabaseRealm to authenticate users -- Resource name=UserDatabase auth=Container type=org.apache.catalina.UserDatabase description=User database that can be updated and saved factory=org.apache.catalina.users.MemoryUserDatabaseFactory pathname=conf/tomcat-users.xml / /GlobalNamingResources That means I should be using conf/tomcat-users.xml for usernames/passwords. Where did I go wrong? _ Hotmail: Powerful Free email with security by Microsoft. http://clk.atdmt.com/GBL/go/171222986/direct/01/
RE: help with tomcat manager
From: Martin Gainty [mailto:mgai...@hotmail.com] Subject: RE: help with tomcat manager UserDatabase Realm acquires authentication credentials from a jdbc Database source That's completely wrong. The UserDatabaseRealm works perfectly well with tomcat-users.xml - it's the Tomcat default. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: help with tomcat manager
Comments.. I guess I'm just used to Apache's # symbols for comments. What part do I need to remove to remove the comments? I tried changing it to the following and restarting Tomcat but I got the same result: tomcat-users role rolename=tomcat/ role rolename=role1/ role rolename=manager/ user username=tomcat password=tomcat roles=tomcat/ user username=both password=tomcat roles=tomcat,role1/ user username=role1 password=tomcat roles=role1/ user username=campee password=password roles=manager/ /tomcat-users On Sun, Sep 13, 2009 at 8:23 PM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Martin Gainty [mailto:mgai...@hotmail.com] Subject: RE: help with tomcat manager UserDatabase Realm acquires authentication credentials from a jdbc Database source That's completely wrong. The UserDatabaseRealm works perfectly well with tomcat-users.xml - it's the Tomcat default. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: help with tomcat manager
From: Eric [mailto:cam...@gmail.com] Subject: Re: help with tomcat manager I tried changing it to the following and restarting Tomcat but I got the same result: tomcat-users role rolename=tomcat/ role rolename=role1/ role rolename=manager/ user username=tomcat password=tomcat roles=tomcat/ user username=both password=tomcat roles=tomcat,role1/ user username=role1 password=tomcat roles=role1/ user username=campee password=password roles=manager/ /tomcat-users That should suffice. Are you sure you're running Tomcat from the place you edited? Here's my files (comments removed for readability): tomcat-users role rolename=manager/ role rolename=admin/ user username=admin password=** roles=admin,manager/ /tomcat-users Server port=8005 shutdown=SHUTDOWN Listener className=org.apache.catalina.core.AprLifecycleListener SSLEngine=on / Listener className=org.apache.catalina.core.JasperListener / Listener className=org.apache.catalina.mbeans.ServerLifecycleListener / Listener className=org.apache.catalina.mbeans.GlobalResourcesLifecycleListener / GlobalNamingResources Resource name=UserDatabase auth=Container type=org.apache.catalina.UserDatabase description=User database that can be updated and saved factory=org.apache.catalina.users.MemoryUserDatabaseFactory pathname=conf/tomcat-users.xml / /GlobalNamingResources Service name=Catalina Connector port=8080 protocol=org.apache.coyote.http11.Http11Protocol connectionTimeout=2 redirectPort=8443 / Connector port=8081 protocol=org.apache.coyote.http11.Http11NioProtocol connectionTimeout=2 redirectPort=8443 / Engine name=Catalina defaultHost=localhost Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ Host name=localhost appBase=webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Valve className=org.apache.catalina.authenticator.SingleSignOn / Valve className=org.apache.catalina.valves.AccessLogValve directory=logs prefix=localhost_access. suffix=.log pattern=common resolveHosts=false/ /Host /Engine /Service /Server - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: help with tomcat manager
Your example inspired me to create a role named admin and add that role to the username campee. I can login just fine now. The documentation makes no mention of needing to add an admin role and associating a user with it. It just mentions the manager role: To enable access to the Manager web application, you must either create a new username/password combination and associate the role name *manager* with it, or add the *manager* role to some existing username/password combination. :( On Sun, Sep 13, 2009 at 8:36 PM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Eric [mailto:cam...@gmail.com] Subject: Re: help with tomcat manager I tried changing it to the following and restarting Tomcat but I got the same result: tomcat-users role rolename=tomcat/ role rolename=role1/ role rolename=manager/ user username=tomcat password=tomcat roles=tomcat/ user username=both password=tomcat roles=tomcat,role1/ user username=role1 password=tomcat roles=role1/ user username=campee password=password roles=manager/ /tomcat-users That should suffice. Are you sure you're running Tomcat from the place you edited? Here's my files (comments removed for readability): tomcat-users role rolename=manager/ role rolename=admin/ user username=admin password=** roles=admin,manager/ /tomcat-users Server port=8005 shutdown=SHUTDOWN Listener className=org.apache.catalina.core.AprLifecycleListener SSLEngine=on / Listener className=org.apache.catalina.core.JasperListener / Listener className=org.apache.catalina.mbeans.ServerLifecycleListener / Listener className=org.apache.catalina.mbeans.GlobalResourcesLifecycleListener / GlobalNamingResources Resource name=UserDatabase auth=Container type=org.apache.catalina.UserDatabase description=User database that can be updated and saved factory=org.apache.catalina.users.MemoryUserDatabaseFactory pathname=conf/tomcat-users.xml / /GlobalNamingResources Service name=Catalina Connector port=8080 protocol=org.apache.coyote.http11.Http11Protocol connectionTimeout=2 redirectPort=8443 / Connector port=8081 protocol=org.apache.coyote.http11.Http11NioProtocol connectionTimeout=2 redirectPort=8443 / Engine name=Catalina defaultHost=localhost Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ Host name=localhost appBase=webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Valve className=org.apache.catalina.authenticator.SingleSignOn / Valve className=org.apache.catalina.valves.AccessLogValve directory=logs prefix=localhost_access. suffix=.log pattern=common resolveHosts=false/ /Host /Engine /Service /Server - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: help with tomcat manager
From: Eric [mailto:cam...@gmail.com] Subject: Re: help with tomcat manager Your example inspired me to create a role named admin and add that role to the username campee. I can login just fine now. That shouldn't have made a difference. My admin role is just left over from older versions of Tomcat that included an admin webapp in addition to the manager. Look in WEB-INF/web.xml for each app of interest to see what role(s) it requires. I removed the admin role from my tomcat-users.xml and can successfully use the manager app. tomcat-users role rolename=manager/ user username=admin password=testing roles=manager/ /tomcat-users I suspect you either didn't really restart Tomcat the first time, or perhaps hadn't written the updated tomcat-users.xml file back with whatever editor your were using. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Does CVE-2007-0450 (Directory Traversal) affect standalone Tomcat
Right! :-) Thanks. Gaurav -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: Friday, September 11, 2009 2:02 PM To: Tomcat Users List Subject: Re: Does CVE-2007-0450 (Directory Traversal) affect standalone Tomcat Tadelkar, Gauravsagar (Gaurav) wrote: Thanks for the reply, Mark. If possible, can you please point to any references/docs which would help me convince others about the directory traversal vulnerability not impacting a standalone tomcat? Even an explanation would help. I would have thought the phrase When Tomcat is used behind a proxy... was pretty self explanatory. Mark I personally do agree that upgrading the tomcat is surely the thing to do rather than looking for alternatives, but this is something beyond my powers in this case :-) Thanks once again. Gaurav -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: Wednesday, September 09, 2009 1:49 PM To: Tomcat Users List Subject: Re: Does CVE-2007-0450 (Directory Traversal) affect standalone Tomcat Tadelkar, Gauravsagar (Gaurav) wrote: I have a tomcat at version 5.5.15 in a standalone mode and due to some compulsions cannot upgrade it. Does the directory traversal vulnerability affect tomcat in a standalone mode (the 5.5.15 ver does not have a fix to this vulnerability)? No it doesn't. However, there are plenty of other vulnerabilities (eg CVE-2008-5515) that do. Alternately, is there a way I can secure/work around this vulnerability without upgrading? You'd have to look at each vulnerability on a case by case basis. Upgrading to 5.5.28 is likely to be less painful than any of the alternatives. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
