Re: Debugging tomcat-apache(mod_jk) bridge
I got busy at work and could not get back with information. Chris, The inconsistencies you have pointed out are my mistake in the email trying to clean up the URLs to shorten the strings and to remove machine specific identifying information. The config files are consistent and I still get the error. André, Thanks for the detailed information. I did not try the SetHandler way of configration and gave up on using mod_jk. I recompiled apache to include the mod_proxy_ajp and got tomcat to respond to the URL request right away in the first try. Then again I have different kinds of problems with this. I could not find any detailed information and so I do not know if I am doing any mistakes. I am worried that I might be serving up files I am not supposed. Do you have any pointers/URLs that gives more information on mod_proxy_ajp? Also as I promised here is the mod_jk.log after running it in debug mode ( please note that I am not looking for an answer but would still be looking to figure out what's happening with mod_jk) -- [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] uri_worker_map_dump::jk_uri_worker_map.c (176): generation 1: size=1 nosize=0 capacity=4 [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] uri_worker_map_dump::jk_uri_worker_map.c (186): NEXT (1) map #0: uri=/test/* worker=A context=/test/* source=JkMount type=Wildchar len=11 [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_set_time_fmt::jk_util.c (458): Pre-processed log time stamp format is '[%a %b %d %H:%M:%S %Y] ' [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] init_jk::mod_jk.c (3123): Setting default connection pool max size to 1 [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'workers.tomcat_home' with value '/usr/share/tomcat6' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'workers.java.home' with value '/usr/lib/jvm/java' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.list' with value 'status, A' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.A.type' with value 'ajp13' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.A.host' with value 'localhost' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.A.port' with value '8009' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.A.lbfactor' with value '50' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [warn] jk_map_validate_property::jk_map.c (411): The attribute 'worker.A.cachesize' is deprecated - please check the documentation for the correct replacement. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.A.cachesize' with value '10' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [warn] jk_map_validate_property::jk_map.c (411): The attribute 'worker.A.cache_timeout' is deprecated - please check the documentation for the correct replacement. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.A.cache_timeout' with value '600' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.A.socket_keepalive' with value '1' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.A.socket_timeout' with value '300' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.status.type' with value 'status' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_resolve_references::jk_map.c (774): Checking for references with prefix worker. with wildcard (recursion 1) [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_shm_calculate_size::jk_shm.c (132): shared memory will contain 1 ajp workers of size 256 and 0 lb workers of size 320 with 0 members of size 320+256 [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] do_shm_open::jk_shm.c (493): Truncated shared memory to 384 [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] do_shm_open::jk_shm.c (538): Initialized shared memory /usr/local/apache2/logs/mod_jk.shm.1680 size=384 free=256 addr=0xb806 [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] do_shm_open_lock::jk_shm.c (412): Opened shared memory lock /usr/local/apache2/logs/mod_jk.shm.1680.lock [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_dump::jk_map.c (589): Dump of map: 'ServerRoot' - '/usr/local/apache2' [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_dump::jk_map.c (589): Dump of map:
Re: Debugging tomcat-apache(mod_jk) bridge
On 04.12.2009 09:31, groupalias v wrote: Also as I promised here is the mod_jk.log after running it in debug mode ( please note that I am not looking for an answer but would still be looking to figure out what's happening with mod_jk) -- Skipping init messages ... [Tue Dec 01 14:13:01 2009] [7270:3083376384] [debug] jk_child_init::mod_jk.c (3068): Initialized mod_jk/1.2.28 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] map_uri_to_worker_ext::jk_uri_worker_map.c (1036): Attempting to map URI '/test/index.jsp' from 1 maps That's the request ... [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/test/*=A' source 'JkMount' [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] find_match::jk_uri_worker_map.c (863): Found a wildchar match '/test/*=A' We know we have to send it via A ... [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_handler::mod_jk.c (2459): Into handler jakarta-servlet worker=A r-proxyreq=0 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] wc_get_worker_for_name::jk_worker.c (116): found a worker A [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] OK, there is a worker named A ... wc_maintain::jk_worker.c (339): Maintaining worker A [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_maintain::jk_ajp_common.c (3081): reached pool min size 5 from 10 cache slots [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] wc_get_name_for_type::jk_worker.c (293): Found worker type 'ajp13' [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] init_ws_service::mod_jk.c (977): Service protocol=HTTP/1.1 method=GET ssl=false host=(null) addr=X.X.X.X name=www.example.com port=80 auth=(null) user=(null) laddr=192.168.2.2 raddr=X.X.X.X uri=/test/index.jsp [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_get_endpoint::jk_ajp_common.c (2977): acquired connection pool slot=0 after 0 retries [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_marshal_into_msgb::jk_ajp_common.c (605): ajp marshaling done [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_service::jk_ajp_common.c (2283): processing A with 2 retries [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_send_request::jk_ajp_common.c (1501): (A) all endpoints are disconnected. We need to connect to A .. [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (452): socket TCP_NODELAY set to On [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (489): socket SO_KEEPALIVE set to On [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (541): timeout 300 set for socket=17 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (576): trying to connect socket 17 to 127.0.0.1:8009 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (602): socket 17 connected to 127.0.0.1:8009 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connect_to_endpoint::jk_ajp_common.c (931): Connected socket 17 to (127.0.0.1:8009) Connected to A as 127.0.0.1 on port 8009 ... [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_send_message::jk_ajp_common.c (1070): sending to ajp13 pos=4 len=450 max=8192 I'm missing the request data here? Did you remove it? [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_send_request::jk_ajp_common.c (1560): (A) request body to send 0 - request body to resend 0 OK, we send the request. [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_get_message::jk_ajp_common.c (1259): received from ajp13 pos=0 len=19 max=8192 We got 19 Bytes of response ... [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_get_message::jk_ajp_common.c (1259): 04 01 90 00 0B 42 61 64 20 52 65 71 75 65 73 74 - .Bad.Request And the response says status = 0x0190 = 400 with status message Bad Request. So whoever or whatever produced this result claims that what it received was a bad request. So maybe the request has inconsistent headers like using content-length together with chunked encoding or similar. [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_get_message::jk_ajp_common.c (1259): 001000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 - [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_unmarshal_response::jk_ajp_common.c (660): status = 400 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_unmarshal_response::jk_ajp_common.c (667): Number of headers is = 0 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_get_message::jk_ajp_common.c (1259): received from ajp13 pos=0 len=2 max=8192 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_get_message::jk_ajp_common.c (1259): 05 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 - [Tue Dec 01 14:13:02 2009] [7267:3083376384]
Tomcat Crashes out of continuous servicing of stuck request
I am using Apache HTTP Server 2.0.61, Apache Tomcat Server 6.0.14.0 and mod_jk 2.0.46 (AJP V 1.3). Scenario - Client call for heavy Post request from JSP. Tomcat receives the request and starts processing. Before receiving the response, client closes JSP window. Thus there is no one to receive the output. Issue - Tomcat continues processing request indefinitely, causing loss of free heap memory and eventually crashes. When checked in Tomcat Monitor, under header jk-8009, the stage for stuck request is SERVICE and time goes on increasing. I have checked several Time-outs setting for tomcat and AJP connectors, but still of no use. Kindly help. Also let me know if any specific parameterization is to ne mentioned here for this. Note: We cannot avoid client closing window while request processing is in progress. With best regards, Nishant Hadole Tel.: +91 22 2495 7816 Fax: +91 22 6660 8521 Mailto: nishant.had...@siemens.com
Re: Tomcat Crashes out of continuous servicing of stuck request
On 04.12.2009 10:29, Hadole, Nishant IN BOM SISL wrote: I am using Apache HTTP Server 2.0.61, Apache Tomcat Server 6.0.14.0 and mod_jk 2.0.46 (AJP V 1.3). mod_jk 2.0.46 does not exist. Scenario - Client call for heavy Post request from JSP. Tomcat receives the request and starts processing. Before receiving the response, client closes JSP window. Thus there is no one to receive the output. Issue - Tomcat continues processing request indefinitely, causing loss of free heap memory and eventually crashes. When checked in Tomcat Monitor, under header jk-8009, the stage for stuck request is SERVICE and time goes on increasing. I have checked several Time-outs setting for tomcat and AJP connectors, but still of no use. Without trying to send something back to the client, there is no way telling the client closed the window (or pressed reload or switched to another URL). So in order to be able to stop processing long running stuff, you need to try sending something to the client every now and then, and your code working on producing the real response content needs to be stopped by some notification. You will need to implement this yourself. Maybe someone can provide some example code? Kindly help. Also let me know if any specific parameterization is to ne mentioned here for this. Note: We cannot avoid client closing window while request processing is in progress. With best regards, Nishant Hadole Tel.: +91 22 2495 7816 Fax: +91 22 6660 8521 Mailto: nishant.had...@siemens.com Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat Crashes out of continuous servicing of stuck request
Dear Rainer, Thanks for explanation. In this particular case, when client press a button on JSP, it initiates a Database search operation, which may take time up to 30-45 seconds. Meanwhile, we are showing a screen which tell user that his / her request is being processed and no to close the window. But, sometimes users are impatient and still close the window. Yes, as you suggested, it is possible to handle close event / stop processing by some notification, but application is full of such utilities, and it is too much of efforts. I am interested in some parameterization, which detects broken connection and automatically drops stuck request. I have even checked this with requests with STAGE as KEEPALIVE, but not working with STAGE as SERVICE. Also, I am not able to figure out, why the processing is repeated. With best regards, Nishant Hadole Mailto: nishant.had...@siemens.com -Original Message- From: Rainer Jung [mailto:rainer.j...@kippdata.de] Sent: Friday, 04 December, 2009 03:14 PM To: Tomcat Users List Cc: Hadole, Nishant IN BOM SISL Subject: Re: Tomcat Crashes out of continuous servicing of stuck request On 04.12.2009 10:29, Hadole, Nishant IN BOM SISL wrote: I am using Apache HTTP Server 2.0.61, Apache Tomcat Server 6.0.14.0 and mod_jk 2.0.46 (AJP V 1.3). mod_jk 2.0.46 does not exist. Scenario - Client call for heavy Post request from JSP. Tomcat receives the request and starts processing. Before receiving the response, client closes JSP window. Thus there is no one to receive the output. Issue - Tomcat continues processing request indefinitely, causing loss of free heap memory and eventually crashes. When checked in Tomcat Monitor, under header jk-8009, the stage for stuck request is SERVICE and time goes on increasing. I have checked several Time-outs setting for tomcat and AJP connectors, but still of no use. Without trying to send something back to the client, there is no way telling the client closed the window (or pressed reload or switched to another URL). So in order to be able to stop processing long running stuff, you need to try sending something to the client every now and then, and your code working on producing the real response content needs to be stopped by some notification. You will need to implement this yourself. Maybe someone can provide some example code? Kindly help. Also let me know if any specific parameterization is to ne mentioned here for this. Note: We cannot avoid client closing window while request processing is in progress. With best regards, Nishant Hadole Tel.: +91 22 2495 7816 Fax: +91 22 6660 8521 Mailto: nishant.had...@siemens.com Regards, Rainer
Re: Authentication without Authorization ( JNDI Realm )
Hi The following is the Realm configuration being used: Realm className=org.apache.catalina.realm.JNDIRealm debug=99 connectionName=cn=Manager,dc=wipro,dc=com connectionPassword=secret connectionURL=ldap://ldapprime.pesgrid.wipro.com:389; userBase=dc=wipro,dc=com userSubtree=true userSearch=(mail={0}) roleBase=dc=wipro,dc=com roleSubtree=true roleName=objectClass roleSearch=(mail={0})/ The following is the security constraint specified in web.xml security-constraint web-resource-collection url-pattern/*/url-pattern /web-resource-collection auth-constraint role-name*/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method /login-config security-role role-nameinetOrgPerson/role-name /security-role The following is an entry added to LDAP for testing: dn: uid=ccpadmin, dc=wipro,dc=com mail: ccpad...@wipro.com uid: ccpadmin userPassword:: YWRtaW4xMjM= objectClass: inetOrgPerson givenName: Cloud sn: Administrator cid: cloud cn: Cloud Administrator I am able to authenticate but authorization seems to fail ( error 403 forbidden ) Regards Shashank On Wed, 2009-12-02 at 19:16 -0800, Robert Koberg wrote: On Dec 2, 2009, at 6:01 PM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chuck, On 12/2/2009 5:15 PM, Caldarale, Charles R wrote: From: Christopher Schultz [mailto:ch...@christopherschultz.net] Subject: Re: Authentication without Authorization ( JNDI Realm ) Technically speaking, this will require authentication but then let anyone holding any role defined in web.xml to access any page on your site. But the valid roles still have to be listed in web.xml to be compliant with the spec. Yes. That's why I said technically and practically. Practically speaking, you don't even need to define the roles in web.xml because (last time I checked), Tomcat treats '*' as authenticated, regardless of roles. That was a bug, now fixed: http://marc.info/?l=tomcat-userm=123568422715010w=2 I'll have to look elsewhere in the code, then. What I saw in GenericPrincipal clearly takes, ahem, liberties with the spec. (don't know if this has been mentioned) There is the @PermitAll (and @DenyAll, @RolesAllowed) annotations. It requires a servlet 3.0 container or some framework that allows it (I like Jersey). best, -Rob - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org Please do not print this email unless it is absolutely necessary. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat Crashes out of continuous servicing of stuck request
... Without trying to send something back to the client, there is no way telling the client closed the window (or pressed reload or switched to another URL). I would expect the socket to be closed, which can be detected at the server side. The exceptions I can think of are the client crashing or a network disconnect. Though apache probably detects the socket's close, it has little means of informing the associated servlet because that is blocked waiting for the response from the database. Depending on the database, it is usually also no use to try and stop - the query will continue its work even though the requesting user is gone on most DBMSes. So taking a slot in the webserver is not a big issue, the DB is wasting far more resources on that user. Other options to explore are dividing the big query into multiple smaller ones, so that you can abort sooner. Use INTO TEMP to store intermediates. That would give you the opportiunity to check whether the client is still listening - and you could even give the client some updates on progress, which may be considered a nice to have feature as well. Best of all would be to optimize the database and make those queries faster, but I guess you must have valid reasons for not doing so. M. -- My reply ends here -- This message and attachment(s) are intended solely for use by the addressee and may contain information that is privileged, confidential or otherwise exempt from disclosure under applicable law. If you are not the intended recipient or agent thereof responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by telephone and with a 'reply' message. Thank you for your co-operation. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat Crashes out of continuous servicing of stuck request
Just an idea: What happens if you change your DB call into a Sleep(30) or something similar? Does tomcat still misbehave then? (the 'retry' could be related to something else than tomcat). M -Original Message- From: Hadole, Nishant IN BOM SISL [mailto:nishant.had...@siemens.com] Sent: vrijdag 04 december 2009 11:06 To: 'Rainer Jung'; Tomcat Users List Subject: RE: Tomcat Crashes out of continuous servicing of stuck request Dear Rainer, Thanks for explanation. In this particular case, when client press a button on JSP, it initiates a Database search operation, which may take time up to 30-45 seconds. Meanwhile, we are showing a screen which tell user that his / her request is being processed and no to close the window. But, sometimes users are impatient and still close the window. Yes, as you suggested, it is possible to handle close event / stop processing by some notification, but application is full of such utilities, and it is too much of efforts. I am interested in some parameterization, which detects broken connection and automatically drops stuck request. I have even checked this with requests with STAGE as KEEPALIVE, but not working with STAGE as SERVICE. Also, I am not able to figure out, why the processing is repeated. With best regards, Nishant Hadole Mailto: nishant.had...@siemens.com This message and attachment(s) are intended solely for use by the addressee and may contain information that is privileged, confidential or otherwise exempt from disclosure under applicable law. If you are not the intended recipient or agent thereof responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by telephone and with a 'reply' message. Thank you for your co-operation. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat Crashes out of continuous servicing of stuck request
On 04.12.2009 11:41, Looijmans, Mike wrote: ... Without trying to send something back to the client, there is no way telling the client closed the window (or pressed reload or switched to another URL). I would expect the socket to be closed, which can be detected at the server side. The exceptions I can think of are the client crashing or a network disconnect. Though apache probably detects the socket's close, it has little means It detects the close only when trying to send something via the socket. There's no monitoring of unused sockets. Although the server received the FIN or RST packets and changes the state of the socket internally, there'*s no application (=Apache) code checking that state when not actually trying to use the socket. You could write such code, but it's not there. The closed socket is detected once the server tries to read from or write to it. of informing the associated servlet because that is blocked waiting for the response from the database. Exactly. Even if the web server knew, you would still have to forward the information to the naxt hop, e.g. Tomcat (and then also the database). The communication between Apache and Tomcat (either via http or via ajp) doesn't have any notification facility of the form don't proceed working on this request. It can only detect an error on top of request and response communication. So here, once the app actually tries to send something back, Apache will notice the closed socket to the client, and then close the socket to the backend itself (at least in the case of mod_jk) and then Tomcat notices the closed socket to the web server and throws an error itself. Depending on the database, it is usually also no use to try and stop - the query will continue its work even though the requesting user is gone on most DBMSes. So taking a slot in the webserver is not a big issue, the DB is wasting far more resources on that user. Other options to explore are dividing the big query into multiple smaller ones, so that you can abort sooner. Use INTO TEMP to store intermediates. That would give you the opportiunity to check whether the client is still listening - and you could even give the client some updates on progress, which may be considered a nice to have feature as well. Best of all would be to optimize the database and make those queries faster, but I guess you must have valid reasons for not doing so. M. -- My reply ends here -- This message and attachment(s) are intended solely for use by the addressee and may contain information that is privileged, confidential or otherwise exempt from disclosure under applicable law. If you are not the intended recipient or agent thereof responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by telephone and with a 'reply' message. Thank you for your co-operation. Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Logging with Log4J
Hello list, Up until now, I have used simple System.out.println() statements to do the logging of my web applications, but I want to start using a more advanced system with more possibilities. Log4J seemed like a good choice. The most important thing for me is that the log messages are written nicely into a separate file. Based on stuff I found using Google, I have created a log4j.properties file (see bottom of this mail) which is saved under the WEB-INF/classed directory. It seems like things are working *partly*... because although I do specify the file testbart.log, there is no testbart.log file on the tomcat server (i checked this with find / -name testbart.log as root). I *do* however see log messages appearing in /var/log/syslog, but that is not what i want. I want them to be written into a separate logfile. Can somebody point me in the right direction here? All i want is that the logs for my webapp (written using Log4J) are written in to a file /var/log/tomcat/mywebapp.log It is however unclear to me where i have to configure this... is it a Debian config thing? Is it a Tomcat config thing? Is it a log4J config thing? Do I config this in the log4j.properties file? Just for the record: we're using Tomcat 5.5 on a Debian GNU/Linux stable system. Kind regards, Bart --- log4j.properties -- log4j.rootLogger=DEBUG, cons log4j.logger.com.jspservletcookbook=, myAppender # The root logger's appender log4j.appender.cons=org.apache.log4j.ConsoleAppender # The com.jspservletcookbook logger's appender log4j.appender.myAppender=org.apache.log4j.RollingFileAppender log4j.appender.myAppender.File=testbart.log log4j.appender.myAppender.MaxBackupIndex=1 log4j.appender.myAppender.MaxFileSize=1MB # The root logger's layout log4j.appender.cons.layout=org.apache.log4j.SimpleLayout # The com.jspservletcookbook logger's layout log4j.appender.myAppender.layout=org.apache.log4j.PatternLayout log4j.appender.myAppender.layout.ConversionPattern=%-5p Logger:%c{1} Date: %d{ISO8601} - %m%n -- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Logging with Log4J
Change your first line from DEBUG, cons to DEBUG, myAppender -Original Message- From: Bart Vandewoestyne [mailto:bart.vandewoest...@telenet.be] Sent: Friday, December 04, 2009 9:03 AM To: users@tomcat.apache.org Subject: Logging with Log4J Hello list, Up until now, I have used simple System.out.println() statements to do the logging of my web applications, but I want to start using a more advanced system with more possibilities. Log4J seemed like a good choice. The most important thing for me is that the log messages are written nicely into a separate file. Based on stuff I found using Google, I have created a log4j.properties file (see bottom of this mail) which is saved under the WEB-INF/classed directory. It seems like things are working *partly*... because although I do specify the file testbart.log, there is no testbart.log file on the tomcat server (i checked this with find / -name testbart.log as root). I *do* however see log messages appearing in /var/log/syslog, but that is not what i want. I want them to be written into a separate logfile. Can somebody point me in the right direction here? All i want is that the logs for my webapp (written using Log4J) are written in to a file /var/log/tomcat/mywebapp.log It is however unclear to me where i have to configure this... is it a Debian config thing? Is it a Tomcat config thing? Is it a log4J config thing? Do I config this in the log4j.properties file? Just for the record: we're using Tomcat 5.5 on a Debian GNU/Linux stable system. Kind regards, Bart --- log4j.properties -- log4j.rootLogger=DEBUG, cons log4j.logger.com.jspservletcookbook=, myAppender # The root logger's appender log4j.appender.cons=org.apache.log4j.ConsoleAppender # The com.jspservletcookbook logger's appender log4j.appender.myAppender=org.apache.log4j.RollingFileAppender log4j.appender.myAppender.File=testbart.log log4j.appender.myAppender.MaxBackupIndex=1 log4j.appender.myAppender.MaxFileSize=1MB # The root logger's layout log4j.appender.cons.layout=org.apache.log4j.SimpleLayout # The com.jspservletcookbook logger's layout log4j.appender.myAppender.layout=org.apache.log4j.PatternLayout log4j.appender.myAppender.layout.ConversionPattern=%-5p Logger:%c{1} Date: %d{ISO8601} - %m%n -- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org *** NOTICE * This message is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by reply or by telephone (call us collect at 512-343-9100) and immediately delete this message and all its attachments. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
tomcat not accepting requests
Hello, my config Ubuntu 9.10 Server AMD 64 RAM 512 Tomcat 6 running with native libraries and XMX=400M Maybe once a day, or each 2 days tomcat stops handling requests. Error 101 (net::ERR_CONNECTION_RESET): Unknown error at the browser. 1. Service is UP 2. telnet to 80 port works OK 3. netstat -a is listening @ por 80 perfectly 4. nothing in the logs. NOTHING. (logs as default installation) I checked and I'm not being DOS attacked. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat not accepting requests
On 04/12/2009 15:42, Rodrigo Asensio wrote: Hello, my config Ubuntu 9.10 Server AMD 64 RAM 512 Tomcat 6 running with native libraries and XMX=400M Sub version Tomcat 6.0.?? Maybe once a day, or each 2 days tomcat stops handling requests. Permanently, or temporarily? Error 101 (net::ERR_CONNECTION_RESET): Unknown error at the browser. Where does this error come from, a client? If so, what? 1. Service is UP 2. telnet to 80 port works OK 3. netstat -a is listening @ por 80 perfectly 4. nothing in the logs. NOTHING. (logs as default installation) default apache.org install or Ubuntu package? p I checked and I'm not being DOS attacked. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat not accepting requests
1. Apache Tomcat/6.0.20 JVM 1.6.0_0-b16 Sun Microsystems Inc.Linux 2.6.31-302-rs amd64 2. seems permanently (its a production server, it has been up to 1 hour and we restarted the service) 3. error comes from a browser, just that, site site is just offline 4. 100% ubuntu package On Fri, Dec 4, 2009 at 12:48, Pid p...@pidster.com wrote: On 04/12/2009 15:42, Rodrigo Asensio wrote: Hello, my config Ubuntu 9.10 Server AMD 64 RAM 512 Tomcat 6 running with native libraries and XMX=400M Sub version Tomcat 6.0.?? Maybe once a day, or each 2 days tomcat stops handling requests. Permanently, or temporarily? Error 101 (net::ERR_CONNECTION_RESET): Unknown error at the browser. Where does this error come from, a client? If so, what? 1. Service is UP 2. telnet to 80 port works OK 3. netstat -a is listening @ por 80 perfectly 4. nothing in the logs. NOTHING. (logs as default installation) default apache.org install or Ubuntu package? p I checked and I'm not being DOS attacked. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: TLS only
mark smith wrote: Hi All, I have a requirement to configure tomcat to make use of TLS only for all the secure communication from browser. SSLProtocol=TLS in Connector tag in server.xml supports both SSLv3 and TLSv1. Please help to disable SSLv3 and have only TLSv1 enabled. Use the ciphers attribute on the connector to limit the cipher suites to just the ones you want. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat 5 vs 6 Context useNaming Behavior
Caldarale, Charles R wrote: From: Scott Dudley [mailto:sc...@telesoft.com] Subject: Tomcat 5 vs 6 Context useNaming Behavior We have a legacy application that's been running on the 5.5.X versions for several years. Under what JVM? And platform? I've tested under both Windows (2000) and a couple of current Linux variants both running a current 1.6 VM - same behavior. 5.5.X works, 6.X doesn't. The application instantiates the context, creates and binds it's own JDBC pool, etc. with no relevant edits to any of Tomcat's configuration files. What does it do with exceptions during the context instantiation? They're thrown and reported - er go the exception excerpt included in my post. In 6.0.20, no matter the setting (true/false), we get the same Exception as when useNaming is set to true in 5.5.X: What JVM for 6.0.20? As mentioned earlier, current 1.6 release. Is there a known/related useNaming bug or have I missed some new configuration nugget? Can't say. Can you post your server.xml and relevant Context element? http://sdudley.com/files/server.xml http://sdudley.com/files/accountaccess-dev.xml You'll see we use a custom ClassLoader, FileDirContext, and LifecycleListener but like XML JNDI configuration, don't want to make them part of this conversation as they're not relevant. I'm simply trying to find out why useNaming works in 5.5.X and not 6 and hoped someone was already aware of the answer. In the meantime, I'm already looking through the source and doing some testing on my own. Thanks. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- Scott Dudley Senior Developer Telesoft Corp. | 3443 N. Central Ave., 18th Floor | Phoenix, AZ, 85012 o: (602) 308-1115 | f: (602) 308-1300 | w: www.telesoft.com
Re: tomcat not accepting requests
On 04/12/2009 15:53, Rodrigo Asensio wrote: 1. Apache Tomcat/6.0.20 JVM 1.6.0_0-b16 Sun Microsystems Inc.Linux 2.6.31-302-rs amd64 2. seems permanently (its a production server, it has been up to 1 hour and we restarted the service) 3. error comes from a browser, just that, site site is just offline 4. 100% ubuntu package Are you able to take a thread dump when it appears to stop accepting connections? p On Fri, Dec 4, 2009 at 12:48, Pidp...@pidster.com wrote: On 04/12/2009 15:42, Rodrigo Asensio wrote: Hello, my config Ubuntu 9.10 Server AMD 64 RAM 512 Tomcat 6 running with native libraries and XMX=400M Sub version Tomcat 6.0.?? Maybe once a day, or each 2 days tomcat stops handling requests. Permanently, or temporarily? Error 101 (net::ERR_CONNECTION_RESET): Unknown error at the browser. Where does this error come from, a client? If so, what? 1. Service is UP 2. telnet to 80 port works OK 3. netstat -a is listening @ por 80 perfectly 4. nothing in the logs. NOTHING. (logs as default installation) default apache.org install or Ubuntu package? p I checked and I'm not being DOS attacked. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Custom URL handlers in Tomcat web app
Hi I've resolved this issue in this way: URLStreamHandlerFactoryImpl.termspecProtocolHandler = handlerClass; try { for (final Field field : URL.class.getDeclaredFields()) { if (factory.equalsIgnoreCase(field.getName()) ) { field.setAccessible(true); field.set(null, new URLStreamHandlerFactoryImpl((URLStreamHandlerFactory) field.get(null))); } } } catch (Throwable e) { logger.error(e); } -- View this message in context: http://old.nabble.com/Custom-URL-handlers-in-Tomcat-web-app-tp15629476p26636133.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat not accepting requests
you mean something like Thread.dumpStack() ? not really. And I don't have any monitoring tool there. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. On Fri, Dec 4, 2009 at 13:46, Pid p...@pidster.com wrote: On 04/12/2009 15:53, Rodrigo Asensio wrote: 1. Apache Tomcat/6.0.20 JVM 1.6.0_0-b16 Sun Microsystems Inc. Linux 2.6.31-302-rs amd64 2. seems permanently (its a production server, it has been up to 1 hour and we restarted the service) 3. error comes from a browser, just that, site site is just offline 4. 100% ubuntu package Are you able to take a thread dump when it appears to stop accepting connections? p On Fri, Dec 4, 2009 at 12:48, Pidp...@pidster.com wrote: On 04/12/2009 15:42, Rodrigo Asensio wrote: Hello, my config Ubuntu 9.10 Server AMD 64 RAM 512 Tomcat 6 running with native libraries and XMX=400M Sub version Tomcat 6.0.?? Maybe once a day, or each 2 days tomcat stops handling requests. Permanently, or temporarily? Error 101 (net::ERR_CONNECTION_RESET): Unknown error at the browser. Where does this error come from, a client? If so, what? 1. Service is UP 2. telnet to 80 port works OK 3. netstat -a is listening @ por 80 perfectly 4. nothing in the logs. NOTHING. (logs as default installation) default apache.org install or Ubuntu package? p I checked and I'm not being DOS attacked. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat not accepting requests
On 04/12/2009 17:12, Rodrigo Asensio wrote: you mean something like Thread.dumpStack() ? not really. And I don't have any monitoring tool there. kill -3 java_process_id or use the tools (jps,jmap,jstack etc) that come with your JDK. p Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. On Fri, Dec 4, 2009 at 13:46, Pidp...@pidster.com wrote: On 04/12/2009 15:53, Rodrigo Asensio wrote: 1. Apache Tomcat/6.0.20 JVM 1.6.0_0-b16 Sun Microsystems Inc.Linux 2.6.31-302-rs amd64 2. seems permanently (its a production server, it has been up to 1 hour and we restarted the service) 3. error comes from a browser, just that, site site is just offline 4. 100% ubuntu package Are you able to take a thread dump when it appears to stop accepting connections? p On Fri, Dec 4, 2009 at 12:48, Pidp...@pidster.comwrote: On 04/12/2009 15:42, Rodrigo Asensio wrote: Hello, my config Ubuntu 9.10 Server AMD 64 RAM 512 Tomcat 6 running with native libraries and XMX=400M Sub version Tomcat 6.0.?? Maybe once a day, or each 2 days tomcat stops handling requests. Permanently, or temporarily? Error 101 (net::ERR_CONNECTION_RESET): Unknown error at the browser. Where does this error come from, a client? If so, what? 1. Service is UP 2. telnet to 80 port works OK 3. netstat -a is listening @ por 80 perfectly 4. nothing in the logs. NOTHING. (logs as default installation) default apache.org install or Ubuntu package? p I checked and I'm not being DOS attacked. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat not accepting requests
nop, but I will read about these tools and use them next time. do you have idea what it can be ? is really weird. Is not heavy load, because I saw it die 11pm with 1 session opened at the server. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. On Fri, Dec 4, 2009 at 14:21, Pid p...@pidster.com wrote: On 04/12/2009 17:12, Rodrigo Asensio wrote: you mean something like Thread.dumpStack() ? not really. And I don't have any monitoring tool there. kill -3 java_process_id or use the tools (jps,jmap,jstack etc) that come with your JDK. p Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. On Fri, Dec 4, 2009 at 13:46, Pidp...@pidster.com wrote: On 04/12/2009 15:53, Rodrigo Asensio wrote: 1. Apache Tomcat/6.0.20 JVM 1.6.0_0-b16 Sun Microsystems Inc. Linux 2.6.31-302-rs amd64 2. seems permanently (its a production server, it has been up to 1 hour and we restarted the service) 3. error comes from a browser, just that, site site is just offline 4. 100% ubuntu package Are you able to take a thread dump when it appears to stop accepting connections? p On Fri, Dec 4, 2009 at 12:48, Pidp...@pidster.com wrote: On 04/12/2009 15:42, Rodrigo Asensio wrote: Hello, my config Ubuntu 9.10 Server AMD 64 RAM 512 Tomcat 6 running with native libraries and XMX=400M Sub version Tomcat 6.0.?? Maybe once a day, or each 2 days tomcat stops handling requests. Permanently, or temporarily? Error 101 (net::ERR_CONNECTION_RESET): Unknown error at the browser. Where does this error come from, a client? If so, what? 1. Service is UP 2. telnet to 80 port works OK 3. netstat -a is listening @ por 80 perfectly 4. nothing in the logs. NOTHING. (logs as default installation) default apache.org install or Ubuntu package? p I checked and I'm not being DOS attacked. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
server.xml formatting guide
Hi Just wondering if there is any standard or recommendation for the formatting of server.xml config file for tomcat. Configuring properties for mysql jdbc driver is a good case in point: Resource auth=Container description=MySQL Datasource name=jdbc/MySqlDataSource type=javax.sql.DataSource driverClassName=com.mysql.jdbc.Driver url=jdbc:mysql://10.10.10.10,20.20.20.20:3306/database1?failOverReadOnl y=falseamp;autoCommit=trueamp;secondsBeforeRetryMaster=30 username=user password=password initialSize=40 You have the standard properties that can be set as above but then the mysql specific properties requires to be appended to the connection string as above or in the following format: ResourceParams name=jdbc/gtaMySqlDataSource parameter nameuseUsageAdvisor/name valuetrue/value /parameter /ResourceParams The above format is in a lot less readable in my opinion but I prefer it over appending values to a connection string. The following format also seems to be quite readable: Connector port=8080 maxHttpHeaderSize=8192 maxThreads=1000 minSpareThreads=25 maxSpareThreads=75 enableLookups=false redirectPort=8443 acceptCount=100 connectionTimeout=2 disableUploadTimeout=true / Regards __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __
[/jakarta/isapi_redirect.dll] is not a servlet url
Hello all, This is my first post here. I hope someone can help. I've been searching high and low for days to resolve a problem I am having with the jakarta redirector. My JAVA application is BMC Remedy MidTier I am running: IIS 6 Tomcat 5.5.26 Jakarta isapi_redirect.dll v1.2.28 Win 2K3 SP2 I have never been able to get the application to work through IIS. The redirector seems to fail at the last step. Please see the isapt_redirect log below: *** [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (805): Filter started [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (872): Virtual Host redirection of /WEBAPP001/arsys/shared/login.jsp [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] map_uri_to_worker::jk_uri_worker_map.c (542): enter [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] uri_worker_map_update::jk_uri_worker_map.c (712): File C:\Program Files\Apache Software Foundation\Jakarta Isapi Redirector\conf\uriworkermap.properties is not modified [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (575): Attempting to map URI '/WEBAPP001/arsys/shared/login.jsp' from 1 maps [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (587): Attempting to map context URI '/arsys/*=ars' source 'uriworkermap' [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] map_uri_to_worker::jk_uri_worker_map.c (623): exit [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (879): Default redirection of /arsys/shared/login.jsp [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] map_uri_to_worker::jk_uri_worker_map.c (542): enter [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (575): Attempting to map URI '/arsys/shared/login.jsp' from 1 maps [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (587): Attempting to map context URI '/arsys/*=ars' source 'uriworkermap' [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (602): Found a wildchar match '/arsys/*=ars' [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] map_uri_to_worker::jk_uri_worker_map.c (605): exit [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (889): check if [/arsys/shared/login.jsp] is points to the web-inf directory [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (907): [/arsys/shared/login.jsp] is a servlet url - should redirect to ars [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (919): fowarding original URI [/arsys/shared/login.jsp] [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (805): Filter started [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (872): Virtual Host redirection of /WEBAPP001/jakarta/isapi_redirect.dll [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] map_uri_to_worker::jk_uri_worker_map.c (542): enter [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (575): Attempting to map URI '/WEBAPP001/jakarta/isapi_redirect.dll' from 1 maps [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (587): Attempting to map context URI '/arsys/*=ars' source 'uriworkermap' [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] map_uri_to_worker::jk_uri_worker_map.c (623): exit [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (879): Default redirection of /jakarta/isapi_redirect.dll [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] map_uri_to_worker::jk_uri_worker_map.c (542): enter [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (575): Attempting to map URI '/jakarta/isapi_redirect.dll' from 1 maps [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (587): Attempting to map context URI '/arsys/*=ars' source 'uriworkermap' [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] map_uri_to_worker::jk_uri_worker_map.c (623): exit [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (889): check if [/jakarta/isapi_redirect.dll] is points to the web-inf directory [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (1008): [/jakarta/isapi_redirect.dll] is not a servlet url [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] HttpExtensionProc::jk_isapi_plugin.c (1045): enter [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] wc_maintain::jk_worker.c (307): enter [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] wc_maintain::jk_worker.c (321): Maintaining worker ars [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] ajp_maintain::jk_ajp_common.c (2349): enter [Fri Dec 04 12:56:25 2009] [0160:3124] [trace]
Re: server.xml formatting guide
gerhardus.geldenh...@gta-travel.com wrote: Hi Just wondering if there is any standard or recommendation for the formatting of server.xml config file for tomcat. You know, there are some XML editors which really are nice, and they allow you to choose the fonts and colors for each type of syntactic element. So you can have the tags in helvetica pink, the attributes in arial blue, things like that. Unfortunately, you cannot easily save this. But you can always edit it on the screen, and then use of these nifty graphic utilities that allow you to take screenshots and save them a jpegs or so. :-) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [/jakarta/isapi_redirect.dll] is not a servlet url
magillagorilla wrote: ... [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpExtensionProc::jk_isapi_plugin.c (1084): could not get a worker for name ajp13 [Fri Dec 04 12:56:25 2009] [0160:3124] [error] HttpExtensionProc::jk_isapi_plugin.c (1109): could not get a worker for name ajp13 ... I don't really know what the problem is, but I am intrigued by the above 2 lines in your logs. It looks as if mod_jk is looking for a worker whose /name/ is ajp13, but that does not seem to be reflected in the configuration files that you quoted. Are you sure that the configuration files you listed are really the ones that are being used ? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installing SSL connector for Tomcat on Linux/Debian
hi, I've been running into almost the same issue you've described here. just wondering if you've discovered a solution. I tried to upgrade to the latest version of tomcat-native-1.1.18 src, but that didn't help. any insights would be appreciated! in my context...i'm converting from redhat supported version of tomcat6 to open source tomcat6. SSL connector works fine when i use the redhat's version of the jar files... see diff of the lib dir between redhat's tomcat vs open source tomcat below: [r...@localhost srv]# diff redhat-tomcat/lib opensrc-tomcat/lib Binary files redhat-tomcat/lib/annotations-api.jar and opensrc-tomcat/lib/annotations-api.jar differ Binary files redhat-tomcat/lib/catalina-ant.jar and opensrc-tomcat/lib/catalina-ant.jar differ Binary files redhat-tomcat/lib/catalina-ha.jar and opensrc-tomcat/lib/catalina-ha.jar differ Binary files redhat-tomcat/lib/catalina.jar and opensrc-tomcat/lib/catalina.jar differ Only in opensrc-tomcat/lib: catalina-tribes.jar Binary files redhat-tomcat/lib/el-api.jar and opensrc-tomcat/lib/el-api.jar differ Only in redhat-tomcat/lib: gid-jmx-listener.jar Binary files redhat-tomcat/lib/jasper-el.jar and opensrc-tomcat/lib/jasper-el.jar differ Binary files redhat-tomcat/lib/jasper.jar and opensrc-tomcat/lib/jasper.jar differ Binary files redhat-tomcat/lib/jasper-jdt.jar and opensrc-tomcat/lib/jasper-jdt.jar differ Binary files redhat-tomcat/lib/jsp-api.jar and opensrc-tomcat/lib/jsp-api.jar differ Only in redhat-tomcat/lib: libapr-1.so.0 Only in opensrc-tomcat/lib: libtcnative-1.a Only in opensrc-tomcat/lib: libtcnative-1.la Only in opensrc-tomcat/lib: libtcnative-1.lai Binary files redhat-tomcat/lib/libtcnative-1.so and opensrc-tomcat/lib/libtcnative-1.so differ Only in opensrc-tomcat/lib: libtcnative-1.so.0 Only in opensrc-tomcat/lib: libtcnative-1.so.0.1.18 Only in opensrc-tomcat/lib: pkgconfig Binary files redhat-tomcat/lib/servlet-api.jar and opensrc-tomcat/lib/servlet-api.jar differ Binary files redhat-tomcat/lib/tomcat-coyote.jar and opensrc-tomcat/lib/tomcat-coyote.jar differ Binary files redhat-tomcat/lib/tomcat-dbcp.jar and opensrc-tomcat/lib/tomcat-dbcp.jar differ Binary files redhat-tomcat/lib/tomcat-i18n-es.jar and opensrc-tomcat/lib/tomcat-i18n-es.jar differ Binary files redhat-tomcat/lib/tomcat-i18n-fr.jar and opensrc-tomcat/lib/tomcat-i18n-fr.jar differ Binary files redhat-tomcat/lib/tomcat-i18n-ja.jar and opensrc-tomcat/lib/tomcat-i18n-ja.jar differ Only in redhat-tomcat/lib: tomcat-juli-adapters.jar --steve (Release Engineer) Daniele Development-ML wrote: Hello everybody, I'm trying to set up a SSL transport layer, but I'm coming up against some difficulties. Specifically, I followed all the steps requires and specified as in the Tomcat guide - adding some suggestions I found around on several web site for the installation of APR libraries - but still it doesn't work. I'm using Tomcat 6.0.20 with the last version of APR library, on a Lenny/Debian distribution. The output I get in catalina.out is: 18-Aug-2009 18:05:55 org.apache.catalina.startup.SetAllPropertiesRule begin WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'clientAuth' to 'false' did not find a matching property. 18-Aug-2009 18:05:55 org.apache.catalina.startup.SetAllPropertiesRule begin WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'SSLEngine' to 'on' did not find a matching property. 18-Aug-2009 18:05:55 org.apache.catalina.core.AprLifecycleListener init INFO: Loaded APR based Apache Tomcat Native library 1.1.16. 18-Aug-2009 18:05:55 org.apache.catalina.core.AprLifecycleListener init INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true]. 18-Aug-2009 18:05:55 org.apache.catalina.core.AprLifecycleListener lifecycleEvent INFO: Failed to initialize the SSLEngine. 18-Aug-2009 18:05:55 org.apache.coyote.http11.Http11AprProtocol init INFO: Initializing Coyote HTTP/1.1 on http-8080 18-Aug-2009 18:05:55 org.apache.coyote.http11.Http11AprProtocol init INFO: Initializing Coyote HTTP/1.1 on http-8443 18-Aug-2009 18:05:55 org.apache.coyote.ajp.AjpAprProtocol init INFO: Initializing Coyote AJP/1.3 on ajp-8009 18-Aug-2009 18:05:55 org.apache.catalina.startup.Catalina load INFO: Initialization processed in 656 ms While my server configuration is: !-- Define a SSL HTTP/1.1 Connector on port 8443 -- Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=false sslProtocol=TLS enableLookups=false disableUploadTimeout=true SSLEngine=on SSLCertificateFile=${catalina.base}/config/certs/self-signed-cert.pem SSLCertificateKeyFile=${catalina.base}/config/certs/rsa-private-key.pem/ Where the certificates where generated with OpenSLL on a Windows Platform. In addition, I included the following lines at the beginning of setclass file CATALINA_OPTS=$CATALINA_OPTS
Re: Debugging tomcat-apache(mod_jk) bridge
I too saw that mod_jk thinks it is talking to tomcat. But I do not see any logs in tomcat to indicate that. Also with the same parameters mod_proxy_ajp is able to fetch my page. Could be some nasty machine specific thing. On Fri, Dec 4, 2009 at 12:45 AM, Rainer Jung rainer.j...@kippdata.de wrote: On 04.12.2009 09:31, groupalias v wrote: Also as I promised here is the mod_jk.log after running it in debug mode ( please note that I am not looking for an answer but would still be looking to figure out what's happening with mod_jk) -- Skipping init messages ... [Tue Dec 01 14:13:01 2009] [7270:3083376384] [debug] jk_child_init::mod_jk.c (3068): Initialized mod_jk/1.2.28 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] map_uri_to_worker_ext::jk_uri_worker_map.c (1036): Attempting to map URI '/test/index.jsp' from 1 maps That's the request ... [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/test/*=A' source 'JkMount' [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] find_match::jk_uri_worker_map.c (863): Found a wildchar match '/test/*=A' We know we have to send it via A ... [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_handler::mod_jk.c (2459): Into handler jakarta-servlet worker=A r-proxyreq=0 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] wc_get_worker_for_name::jk_worker.c (116): found a worker A [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] OK, there is a worker named A ... wc_maintain::jk_worker.c (339): Maintaining worker A [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_maintain::jk_ajp_common.c (3081): reached pool min size 5 from 10 cache slots [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] wc_get_name_for_type::jk_worker.c (293): Found worker type 'ajp13' [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] init_ws_service::mod_jk.c (977): Service protocol=HTTP/1.1 method=GET ssl=false host=(null) addr=X.X.X.X name=www.example.com port=80 auth=(null) user=(null) laddr=192.168.2.2 raddr=X.X.X.X uri=/test/index.jsp [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_get_endpoint::jk_ajp_common.c (2977): acquired connection pool slot=0 after 0 retries [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_marshal_into_msgb::jk_ajp_common.c (605): ajp marshaling done [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_service::jk_ajp_common.c (2283): processing A with 2 retries [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_send_request::jk_ajp_common.c (1501): (A) all endpoints are disconnected. We need to connect to A .. [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (452): socket TCP_NODELAY set to On [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (489): socket SO_KEEPALIVE set to On [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (541): timeout 300 set for socket=17 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (576): trying to connect socket 17 to 127.0.0.1:8009 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (602): socket 17 connected to 127.0.0.1:8009 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connect_to_endpoint::jk_ajp_common.c (931): Connected socket 17 to (127.0.0.1:8009) Connected to A as 127.0.0.1 on port 8009 ... [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_send_message::jk_ajp_common.c (1070): sending to ajp13 pos=4 len=450 max=8192 I'm missing the request data here? Did you remove it? [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_send_request::jk_ajp_common.c (1560): (A) request body to send 0 - request body to resend 0 OK, we send the request. [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_get_message::jk_ajp_common.c (1259): received from ajp13 pos=0 len=19 max=8192 We got 19 Bytes of response ... [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_get_message::jk_ajp_common.c (1259): 04 01 90 00 0B 42 61 64 20 52 65 71 75 65 73 74 - .Bad.Request And the response says status = 0x0190 = 400 with status message Bad Request. So whoever or whatever produced this result claims that what it received was a bad request. So maybe the request has inconsistent headers like using content-length together with chunked encoding or similar. [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_get_message::jk_ajp_common.c (1259): 0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 - [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_unmarshal_response::jk_ajp_common.c (660): status = 400 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_unmarshal_response::jk_ajp_common.c (667): Number of headers is = 0 [Tue Dec 01
Re: Installing SSL connector for Tomcat on Linux/Debian
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniele, On 8/18/2009 2:01 PM, Daniele Development-ML wrote: 18-Aug-2009 18:05:55 org.apache.catalina.core.AprLifecycleListener init INFO: Loaded APR based Apache Tomcat Native library 1.1.16. 18-Aug-2009 18:05:55 org.apache.catalina.core.AprLifecycleListener init INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true]. So you are successfully using APR. 18-Aug-2009 18:05:55 org.apache.catalina.startup.SetAllPropertiesRule begin WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'clientAuth' to 'false' did not find a matching property. clientAuth is not a valid attribute for the APR SSL connector (though it /is/ valid for the non-APR connector). See http://tomcat.apache.org/tomcat-6.0-doc/config/http.html versus http://tomcat.apache.org/tomcat-6.0-doc/apr.html You want to use SSLVerifyClient instead of clientAuth, though the default (none) is what it looks like you want. 18-Aug-2009 18:05:55 org.apache.catalina.startup.SetAllPropertiesRule begin WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'SSLEngine' to 'on' did not find a matching property. SSLEngine is not a valid attribute for the APR SSL connector (nor is it valid for the non-APR connector; that should be SSLEnabled). Instead, the SSLEngine attribute should appear in your APR lifecycle listener, like this: Listener className=org.apache.catalina.core.AprLifecycleListener SSLEngine=on / Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=false sslProtocol=TLS enableLookups=false disableUploadTimeout=true SSLEngine=on SSLCertificateFile=${catalina.base}/config/certs/self-signed-cert.pem SSLCertificateKeyFile=${catalina.base}/config/certs/rsa-private-key.pem/ Your value for sslProtocol does not match the list of acceptable values in http://tomcat.apache.org/tomcat-6.0-doc/apr.html. You might want to check again. In addition, I included the following lines at the beginning of setclass file CATALINA_OPTS=$CATALINA_OPTS -Djava.library.path=/home/daniele/tomcat-6.0.20/bin/tomcat-native-1.1.16-src/jni/native/.libs It appears that this has correctly enabled tcnative. Congratulations, although you probably should go ahead and upgrade to 1.1.18. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAksZg5IACgkQ9CaO5/Lv0PDDgQCdFsVwmgo3oPsMx6RiH46kowVr nqoAniosyxODmp2y+8PNGSrTryDUyoqH =U6du -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat Crashes out of continuous servicing of stuck request
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Nishant, On 12/4/2009 4:29 AM, Hadole, Nishant IN BOM SISL wrote: Tomcat continues processing request indefinitely, causing loss of free heap memory and eventually crashes. When you say crashes, what exactly to you mean? OOME? JVM failure? When checked in Tomcat Monitor, under header jk-8009, the stage for stuck request is SERVICE and time goes on increasing. As others have said, without attempting to send data to the client, you can't know that they have disappeared. :( My question is why your code causes a crash when the client disappears, but works just fine when the client gets a proper response. That suggests a mismanagement of resources by your webapp. You might consider reviewing your code to find out why your loss of free heap memory is occurring, because Tomcat surely isn't causing that to happen. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAksZh0sACgkQ9CaO5/Lv0PBGfwCfVjYr8P9A0iFm6hLKkG7gxKx6 zsoAn2s5Box8os9g0dE6uFgB4TXJWPdr =ssOC -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Logging with Log4J
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bart, On 12/4/2009 10:02 AM, Bart Vandewoestyne wrote: I *do* however see log messages appearing in /var/log/syslog, but that is not what i want. That's very weird: you have no configuration whatsoever that would lead me to believe that your webapp's messages are going to syslog. Are you sure you don't have something else logging to syslog? /var/log/tomcat/mywebapp.log [snip] log4j.rootLogger=DEBUG, cons See Jeffrey's suggestion in his post. log4j.appender.myAppender.File=testbart.log I would have done: log4j.appender.myAppender.File=/var/log/tomcat/mywebapp.log Make sure that the user running Tomcat has rights to write to that file/directory. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAksZiEUACgkQ9CaO5/Lv0PDuAACgr9akSt+bLoUK66POxEq275/x IucAoKz1XnMtclmhigcgSajbx9vkg7Lb =vq1l -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: how to change the url,username and password connection pooling
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Carsten, On 11/2/2009 12:05 PM, Carsten Pohl wrote: I wrote a webapp, that is using tomcats connection pooling. I was wondering how I can change URL / username or password of the connection pool, without redeploying the webapp. I tried the following: 1. putting the configuration in the $CATALINA_BASE/conf/[enginename]/[hostname]/[webappname].xml and then changing the ressource entries. This works (in 6.0.18) but a redeploy happens. Which means, that the application is unavailable for some time. This is expected behavior. 2. Using JMX to connect to the tomcat. Under catalina - datasource - webappname - localhost- javax.sql.datasource - jdbc/postgres - attributes i see the URL, but when i change that, nothing happens. You are only changing the configuration, you aren't changing the DataSource that was created using that configuration. If you want to switch-out the DataSource in the JNDI context during runtime, you'll have to actually create a new instance of a DataSource and stuff it into the JNDI context. I'm not sure if Tomcat will let you do that, though. Perhaps there is a way, using JMX, to trigger a re-load of the DataSource configuration so that your above change actually has an effect. I'm sorry, I don't have any experience with JMX in Tomcat (nor anywhere else for that matter) so I can't really advise you. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAksZivAACgkQ9CaO5/Lv0PA4YQCfQwdR+U/bz/FVBYfw/Dtdaek3 lQwAn0b/bQcm2GmGS4zUXOAzX4GjBaGQ =dtku -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Can service output be redirected to the terminal window?
I am new to Tomcat. 1. I have several services written under axis2. I deployed them statically into Tomcat but don't seem to be able to list those services. 2. I have noticed that startup.bat (under Windows) starts the separate terminal for the service output in oppose to startup.sh (in Unix). Is there way to direct my service output into the separate terminal window? I was using the apache axis2 server until now, but have to switch to Tomcat because I do not know how to make apache server to use SSL (how to configure it?) My service uses println output, it is a test utility and I want to keep it simple even if it is not most beautiful or optimal solution. Thanks Vadim. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
JSSE question
I am confused. Can Tomcat use only JKS keystore or it can also use pem or some other certificate storages? Thanks Vadim. (310)765-3812
Re: Can service output be redirected to the terminal window?
Vadim Letitchevski wrote: I am new to Tomcat. 1. I have several services written under axis2. I deployed them statically into Tomcat but don't seem to be able to list those services. 2. I have noticed that startup.bat (under Windows) starts the separate terminal for the service output in oppose to startup.sh (in Unix). Is there way to direct my service output into the separate terminal window? I was using the apache axis2 server until now, but have to switch to Tomcat because I do not know how to make apache server to use SSL (how to configure it?) My service uses println output, it is a test utility and I want to keep it simple even if it is not most beautiful or optimal solution. Vadim, I cannot really answer your question; but it is not very clear here if your question relates to Tomcat under Windows, or under Unix. Maybe this is due to the fact that the word service under Windows can be confusing. Under Windows, startup.bat is used to run Tomcat in a console window, not as a Windows Service. Running Tomcat as a Windows Service happens through another mechanism, which does not use startup.bat. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Can service output be redirected to the terminal window?
I am working under Linux actually. Thanks Vadim. -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Friday, December 04, 2009 3:46 PM To: Tomcat Users List Subject: Re: Can service output be redirected to the terminal window? Vadim Letitchevski wrote: I am new to Tomcat. 1. I have several services written under axis2. I deployed them statically into Tomcat but don't seem to be able to list those services. 2. I have noticed that startup.bat (under Windows) starts the separate terminal for the service output in oppose to startup.sh (in Unix). Is there way to direct my service output into the separate terminal window? I was using the apache axis2 server until now, but have to switch to Tomcat because I do not know how to make apache server to use SSL (how to configure it?) My service uses println output, it is a test utility and I want to keep it simple even if it is not most beautiful or optimal solution. Vadim, I cannot really answer your question; but it is not very clear here if your question relates to Tomcat under Windows, or under Unix. Maybe this is due to the fact that the word service under Windows can be confusing. Under Windows, startup.bat is used to run Tomcat in a console window, not as a Windows Service. Running Tomcat as a Windows Service happens through another mechanism, which does not use startup.bat. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installing SSL connector for Tomcat on Linux/Debian
fyi, i finally figured out what i was doing wrong. When building the tomcat native connector i didn't include the '--with-ssl=yes' option ... see below the correct command configure command: # Build the Tomcat native connector. cd tomcat-native-*-src/jni/native JAVA_HOME=%{java_home} ./configure \ --prefix=%{home} \ --with-apr=/usr/bin/apr-1-config \ --with-ssl=yes make Hope this helps others with similar issue I had! --skim Daniele Development-ML wrote: Hello everybody, I'm trying to set up a SSL transport layer, but I'm coming up against some difficulties. Specifically, I followed all the steps requires and specified as in the Tomcat guide - adding some suggestions I found around on several web site for the installation of APR libraries - but still it doesn't work. I'm using Tomcat 6.0.20 with the last version of APR library, on a Lenny/Debian distribution. The output I get in catalina.out is: 18-Aug-2009 18:05:55 org.apache.catalina.startup.SetAllPropertiesRule begin WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'clientAuth' to 'false' did not find a matching property. 18-Aug-2009 18:05:55 org.apache.catalina.startup.SetAllPropertiesRule begin WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'SSLEngine' to 'on' did not find a matching property. 18-Aug-2009 18:05:55 org.apache.catalina.core.AprLifecycleListener init INFO: Loaded APR based Apache Tomcat Native library 1.1.16. 18-Aug-2009 18:05:55 org.apache.catalina.core.AprLifecycleListener init INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true]. 18-Aug-2009 18:05:55 org.apache.catalina.core.AprLifecycleListener lifecycleEvent INFO: Failed to initialize the SSLEngine. 18-Aug-2009 18:05:55 org.apache.coyote.http11.Http11AprProtocol init INFO: Initializing Coyote HTTP/1.1 on http-8080 18-Aug-2009 18:05:55 org.apache.coyote.http11.Http11AprProtocol init INFO: Initializing Coyote HTTP/1.1 on http-8443 18-Aug-2009 18:05:55 org.apache.coyote.ajp.AjpAprProtocol init INFO: Initializing Coyote AJP/1.3 on ajp-8009 18-Aug-2009 18:05:55 org.apache.catalina.startup.Catalina load INFO: Initialization processed in 656 ms While my server configuration is: !-- Define a SSL HTTP/1.1 Connector on port 8443 -- Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=false sslProtocol=TLS enableLookups=false disableUploadTimeout=true SSLEngine=on SSLCertificateFile=${catalina.base}/config/certs/self-signed-cert.pem SSLCertificateKeyFile=${catalina.base}/config/certs/rsa-private-key.pem/ Where the certificates where generated with OpenSLL on a Windows Platform. In addition, I included the following lines at the beginning of setclass file CATALINA_OPTS=$CATALINA_OPTS -Djava.library.path=/home/daniele/tomcat-6.0.20/bin/tomcat-native-1.1.16-src/jni/native/.libs Where the APR libraries are deposed after the installation. Any hints or suggestions? Daniele -- View this message in context: http://old.nabble.com/Installing-SSL-connector-for-Tomcat-on-Linux-Debian-tp25030389p26651674.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Control character in cookie value
Hi all, I'm using seam on tomcat 6.0.20 and encounter problem in my security module. Basically, i try to add cookie with base64 encoding of the username which is email address. The encoding works and no exception is thrown. But when seam try adding the cookie an exception is thrown: 05/12/2009 02:23:00 com.sun.faces.lifecycle.Phase doPhase SEVERE: JSF1054: (Phase ID: INVOKE_APPLICATION 5, View ID: /login.xhtml) Exception thrown during phase execution: javax.faces.event.phaseevent[source=com.sun.faces.lifecycle.lifecyclei...@7d5 05/12/2009 02:23:00 org.ajax4jsf.webapp.BaseXMLFilter doXmlFilter SEVERE: Exception in the filter chain javax.servlet.ServletException: #{identity.login}: java.lang.IllegalArgumentException: Control character in cookie value, consider BASE64 encoding your value at javax.faces.webapp.FacesServlet.service(FacesServlet.java:277) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83) at org.jboss.seam.web.IdentityFilter.doFilter(IdentityFilter.java:40) at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:90) at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64) at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45) at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:178) at org.ajax4jsf.webapp.BaseFilter.handleRequest(BaseFilter.java:290) at org.ajax4jsf.webapp.BaseFilter.processUploadsAndHandleRequest(BaseFilter.java:390) at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:517) at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:56) at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454) at java.lang.Thread.run(Thread.java:595) Caused by: javax.faces.FacesException: #{identity.login}: java.lang.IllegalArgumentException: Control character in cookie value, consider BASE64 encoding your value at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:118) at javax.faces.component.UICommand.broadcast(UICommand.java:387) at org.ajax4jsf.component.AjaxViewRoot.processEvents(AjaxViewRoot.java:321) at org.ajax4jsf.component.AjaxViewRoot.broadcastEvents(AjaxViewRoot.java:296) at org.ajax4jsf.component.AjaxViewRoot.processPhase(AjaxViewRoot.java:253) at org.ajax4jsf.component.AjaxViewRoot.processApplication(AjaxViewRoot.java:466) at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:82) at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100) at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265) ... 30 more Caused by: javax.faces.el.EvaluationException: java.lang.IllegalArgumentException: Control character in cookie value, consider BASE64 encoding your value at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:102) at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102) ... 39 more Caused by: java.lang.IllegalArgumentException: Control character in cookie value,
Re: JSSE question
Vadim Letitchevski vletitchev...@teledyne.com wrote in message news:e17da276f9a0c84fad22739de29c389005dafc3...@entmail01.tad.teledyne.com... I am confused. Can Tomcat use only JKS keystore or it can also use pem or some other certificate storages? In the Tomcat docs (http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html), it shows how to use a PKCS12 keystore. At some point that should be updated to include an example for using a PKCS11 keystore. The actual answer is that the JSSE Connector can use any keystore format that is supported by your Java vendor. In particular, with the Sun JVM, you can't use PEM (however the APR Connector does use PEM). However, it is usually pretty easy to convert PEM to PKCS12 (see the link above for an example). Thanks Vadim. (310)765-3812 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org