Re: Debugging tomcat-apache(mod_jk) bridge
I got busy at work and could not get back with information. Chris, The inconsistencies you have pointed out are my mistake in the email trying to clean up the URLs to shorten the strings and to remove machine specific identifying information. The config files are consistent and I still get the error. André, Thanks for the detailed information. I did not try the SetHandler way of configration and gave up on using mod_jk. I recompiled apache to include the mod_proxy_ajp and got tomcat to respond to the URL request right away in the first try. Then again I have different kinds of problems with this. I could not find any detailed information and so I do not know if I am doing any mistakes. I am worried that I might be serving up files I am not supposed. Do you have any pointers/URLs that gives more information on mod_proxy_ajp? Also as I promised here is the mod_jk.log after running it in debug mode ( please note that I am not looking for an answer but would still be looking to figure out what's happening with mod_jk) -- [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] uri_worker_map_dump::jk_uri_worker_map.c (176): generation 1: size=1 nosize=0 capacity=4 [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] uri_worker_map_dump::jk_uri_worker_map.c (186): NEXT (1) map #0: uri=/test/* worker=A context=/test/* source=JkMount type=Wildchar len=11 [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_set_time_fmt::jk_util.c (458): Pre-processed log time stamp format is '[%a %b %d %H:%M:%S %Y] ' [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] init_jk::mod_jk.c (3123): Setting default connection pool max size to 1 [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'workers.tomcat_home' with value '/usr/share/tomcat6' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'workers.java.home' with value '/usr/lib/jvm/java' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.list' with value 'status, A' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.A.type' with value 'ajp13' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.A.host' with value 'localhost' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.A.port' with value '8009' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.A.lbfactor' with value '50' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [warn] jk_map_validate_property::jk_map.c (411): The attribute 'worker.A.cachesize' is deprecated - please check the documentation for the correct replacement. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.A.cachesize' with value '10' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [warn] jk_map_validate_property::jk_map.c (411): The attribute 'worker.A.cache_timeout' is deprecated - please check the documentation for the correct replacement. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.A.cache_timeout' with value '600' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.A.socket_keepalive' with value '1' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.A.socket_timeout' with value '300' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_read_property::jk_map.c (491): Adding property 'worker.status.type' with value 'status' to map. [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_resolve_references::jk_map.c (774): Checking for references with prefix worker. with wildcard (recursion 1) [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_shm_calculate_size::jk_shm.c (132): shared memory will contain 1 ajp workers of size 256 and 0 lb workers of size 320 with 0 members of size 320+256 [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] do_shm_open::jk_shm.c (493): Truncated shared memory to 384 [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] do_shm_open::jk_shm.c (538): Initialized shared memory /usr/local/apache2/logs/mod_jk.shm.1680 size=384 free=256 addr=0xb806 [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] do_shm_open_lock::jk_shm.c (412): Opened shared memory lock /usr/local/apache2/logs/mod_jk.shm.1680.lock [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_dump::jk_map.c (589): Dump of map: 'ServerRoot' - '/usr/local/apache2' [Tue Dec 01 14:13:01 2009] [1680:3083376384] [debug] jk_map_dump::jk_map.c (589): Dump of map:
Re: Debugging tomcat-apache(mod_jk) bridge
On 04.12.2009 09:31, groupalias v wrote: Also as I promised here is the mod_jk.log after running it in debug mode ( please note that I am not looking for an answer but would still be looking to figure out what's happening with mod_jk) -- Skipping init messages ... [Tue Dec 01 14:13:01 2009] [7270:3083376384] [debug] jk_child_init::mod_jk.c (3068): Initialized mod_jk/1.2.28 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] map_uri_to_worker_ext::jk_uri_worker_map.c (1036): Attempting to map URI '/test/index.jsp' from 1 maps That's the request ... [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/test/*=A' source 'JkMount' [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] find_match::jk_uri_worker_map.c (863): Found a wildchar match '/test/*=A' We know we have to send it via A ... [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_handler::mod_jk.c (2459): Into handler jakarta-servlet worker=A r-proxyreq=0 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] wc_get_worker_for_name::jk_worker.c (116): found a worker A [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] OK, there is a worker named A ... wc_maintain::jk_worker.c (339): Maintaining worker A [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_maintain::jk_ajp_common.c (3081): reached pool min size 5 from 10 cache slots [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] wc_get_name_for_type::jk_worker.c (293): Found worker type 'ajp13' [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] init_ws_service::mod_jk.c (977): Service protocol=HTTP/1.1 method=GET ssl=false host=(null) addr=X.X.X.X name=www.example.com port=80 auth=(null) user=(null) laddr=192.168.2.2 raddr=X.X.X.X uri=/test/index.jsp [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_get_endpoint::jk_ajp_common.c (2977): acquired connection pool slot=0 after 0 retries [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_marshal_into_msgb::jk_ajp_common.c (605): ajp marshaling done [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_service::jk_ajp_common.c (2283): processing A with 2 retries [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_send_request::jk_ajp_common.c (1501): (A) all endpoints are disconnected. We need to connect to A .. [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (452): socket TCP_NODELAY set to On [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (489): socket SO_KEEPALIVE set to On [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (541): timeout 300 set for socket=17 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (576): trying to connect socket 17 to 127.0.0.1:8009 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (602): socket 17 connected to 127.0.0.1:8009 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connect_to_endpoint::jk_ajp_common.c (931): Connected socket 17 to (127.0.0.1:8009) Connected to A as 127.0.0.1 on port 8009 ... [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_send_message::jk_ajp_common.c (1070): sending to ajp13 pos=4 len=450 max=8192 I'm missing the request data here? Did you remove it? [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_send_request::jk_ajp_common.c (1560): (A) request body to send 0 - request body to resend 0 OK, we send the request. [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_get_message::jk_ajp_common.c (1259): received from ajp13 pos=0 len=19 max=8192 We got 19 Bytes of response ... [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_get_message::jk_ajp_common.c (1259): 04 01 90 00 0B 42 61 64 20 52 65 71 75 65 73 74 - .Bad.Request And the response says status = 0x0190 = 400 with status message Bad Request. So whoever or whatever produced this result claims that what it received was a bad request. So maybe the request has inconsistent headers like using content-length together with chunked encoding or similar. [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_get_message::jk_ajp_common.c (1259): 001000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 - [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_unmarshal_response::jk_ajp_common.c (660): status = 400 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_unmarshal_response::jk_ajp_common.c (667): Number of headers is = 0 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_get_message::jk_ajp_common.c (1259): received from ajp13 pos=0 len=2 max=8192 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_get_message::jk_ajp_common.c (1259): 05 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 - [Tue Dec 01 14:13:02 2009] [7267:3083376384]
Tomcat Crashes out of continuous servicing of stuck request
I am using Apache HTTP Server 2.0.61, Apache Tomcat Server 6.0.14.0 and mod_jk 2.0.46 (AJP V 1.3). Scenario - Client call for heavy Post request from JSP. Tomcat receives the request and starts processing. Before receiving the response, client closes JSP window. Thus there is no one to receive the output. Issue - Tomcat continues processing request indefinitely, causing loss of free heap memory and eventually crashes. When checked in Tomcat Monitor, under header jk-8009, the stage for stuck request is SERVICE and time goes on increasing. I have checked several Time-outs setting for tomcat and AJP connectors, but still of no use. Kindly help. Also let me know if any specific parameterization is to ne mentioned here for this. Note: We cannot avoid client closing window while request processing is in progress. With best regards, Nishant Hadole Tel.: +91 22 2495 7816 Fax: +91 22 6660 8521 Mailto: nishant.had...@siemens.com
Re: Tomcat Crashes out of continuous servicing of stuck request
On 04.12.2009 10:29, Hadole, Nishant IN BOM SISL wrote: I am using Apache HTTP Server 2.0.61, Apache Tomcat Server 6.0.14.0 and mod_jk 2.0.46 (AJP V 1.3). mod_jk 2.0.46 does not exist. Scenario - Client call for heavy Post request from JSP. Tomcat receives the request and starts processing. Before receiving the response, client closes JSP window. Thus there is no one to receive the output. Issue - Tomcat continues processing request indefinitely, causing loss of free heap memory and eventually crashes. When checked in Tomcat Monitor, under header jk-8009, the stage for stuck request is SERVICE and time goes on increasing. I have checked several Time-outs setting for tomcat and AJP connectors, but still of no use. Without trying to send something back to the client, there is no way telling the client closed the window (or pressed reload or switched to another URL). So in order to be able to stop processing long running stuff, you need to try sending something to the client every now and then, and your code working on producing the real response content needs to be stopped by some notification. You will need to implement this yourself. Maybe someone can provide some example code? Kindly help. Also let me know if any specific parameterization is to ne mentioned here for this. Note: We cannot avoid client closing window while request processing is in progress. With best regards, Nishant Hadole Tel.: +91 22 2495 7816 Fax: +91 22 6660 8521 Mailto: nishant.had...@siemens.com Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat Crashes out of continuous servicing of stuck request
Dear Rainer, Thanks for explanation. In this particular case, when client press a button on JSP, it initiates a Database search operation, which may take time up to 30-45 seconds. Meanwhile, we are showing a screen which tell user that his / her request is being processed and no to close the window. But, sometimes users are impatient and still close the window. Yes, as you suggested, it is possible to handle close event / stop processing by some notification, but application is full of such utilities, and it is too much of efforts. I am interested in some parameterization, which detects broken connection and automatically drops stuck request. I have even checked this with requests with STAGE as KEEPALIVE, but not working with STAGE as SERVICE. Also, I am not able to figure out, why the processing is repeated. With best regards, Nishant Hadole Mailto: nishant.had...@siemens.com -Original Message- From: Rainer Jung [mailto:rainer.j...@kippdata.de] Sent: Friday, 04 December, 2009 03:14 PM To: Tomcat Users List Cc: Hadole, Nishant IN BOM SISL Subject: Re: Tomcat Crashes out of continuous servicing of stuck request On 04.12.2009 10:29, Hadole, Nishant IN BOM SISL wrote: I am using Apache HTTP Server 2.0.61, Apache Tomcat Server 6.0.14.0 and mod_jk 2.0.46 (AJP V 1.3). mod_jk 2.0.46 does not exist. Scenario - Client call for heavy Post request from JSP. Tomcat receives the request and starts processing. Before receiving the response, client closes JSP window. Thus there is no one to receive the output. Issue - Tomcat continues processing request indefinitely, causing loss of free heap memory and eventually crashes. When checked in Tomcat Monitor, under header jk-8009, the stage for stuck request is SERVICE and time goes on increasing. I have checked several Time-outs setting for tomcat and AJP connectors, but still of no use. Without trying to send something back to the client, there is no way telling the client closed the window (or pressed reload or switched to another URL). So in order to be able to stop processing long running stuff, you need to try sending something to the client every now and then, and your code working on producing the real response content needs to be stopped by some notification. You will need to implement this yourself. Maybe someone can provide some example code? Kindly help. Also let me know if any specific parameterization is to ne mentioned here for this. Note: We cannot avoid client closing window while request processing is in progress. With best regards, Nishant Hadole Tel.: +91 22 2495 7816 Fax: +91 22 6660 8521 Mailto: nishant.had...@siemens.com Regards, Rainer
Re: Authentication without Authorization ( JNDI Realm )
Hi
The following is the Realm configuration being used:
Realm className=org.apache.catalina.realm.JNDIRealm debug=99
connectionName=cn=Manager,dc=wipro,dc=com
connectionPassword=secret
connectionURL=ldap://ldapprime.pesgrid.wipro.com:389;
userBase=dc=wipro,dc=com
userSubtree=true
userSearch=(mail={0})
roleBase=dc=wipro,dc=com
roleSubtree=true
roleName=objectClass
roleSearch=(mail={0})/
The following is the security constraint specified in web.xml
security-constraint
web-resource-collection
url-pattern/*/url-pattern
/web-resource-collection
auth-constraint
role-name*/role-name
/auth-constraint
/security-constraint
login-config
auth-methodBASIC/auth-method
/login-config
security-role
role-nameinetOrgPerson/role-name
/security-role
The following is an entry added to LDAP for testing:
dn: uid=ccpadmin, dc=wipro,dc=com
mail: ccpad...@wipro.com
uid: ccpadmin
userPassword:: YWRtaW4xMjM=
objectClass: inetOrgPerson
givenName: Cloud
sn: Administrator
cid: cloud
cn: Cloud Administrator
I am able to authenticate but authorization seems to fail ( error 403
forbidden )
Regards
Shashank
On Wed, 2009-12-02 at 19:16 -0800, Robert Koberg wrote:
On Dec 2, 2009, at 6:01 PM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 12/2/2009 5:15 PM, Caldarale, Charles R wrote:
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Subject: Re: Authentication without Authorization ( JNDI Realm )
Technically speaking, this will require authentication but then let
anyone holding any role defined in web.xml to access any page on your
site.
But the valid roles still have to be listed in web.xml to be compliant
with the spec.
Yes. That's why I said technically and practically.
Practically speaking, you don't even need to define the roles in
web.xml because (last time I checked), Tomcat treats '*' as
authenticated, regardless of roles.
That was a bug, now fixed:
http://marc.info/?l=tomcat-userm=123568422715010w=2
I'll have to look elsewhere in the code, then. What I saw in
GenericPrincipal clearly takes, ahem, liberties with the spec.
(don't know if this has been mentioned)
There is the @PermitAll (and @DenyAll, @RolesAllowed) annotations. It
requires a servlet 3.0 container or some framework that allows it (I like
Jersey).
best,
-Rob
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Please do not print this email unless it is absolutely necessary.
The information contained in this electronic message and any attachments to
this message are intended for the exclusive use of the addressee(s) and may
contain proprietary, confidential or privileged information. If you are not the
intended recipient, you should not disseminate, distribute or copy this e-mail.
Please notify the sender immediately and destroy all copies of this message and
any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient should
check this email and any attachments for the presence of viruses. The company
accepts no liability for any damage caused by any virus transmitted by this
email.
www.wipro.com
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat Crashes out of continuous servicing of stuck request
... Without trying to send something back to the client, there is no way telling the client closed the window (or pressed reload or switched to another URL). I would expect the socket to be closed, which can be detected at the server side. The exceptions I can think of are the client crashing or a network disconnect. Though apache probably detects the socket's close, it has little means of informing the associated servlet because that is blocked waiting for the response from the database. Depending on the database, it is usually also no use to try and stop - the query will continue its work even though the requesting user is gone on most DBMSes. So taking a slot in the webserver is not a big issue, the DB is wasting far more resources on that user. Other options to explore are dividing the big query into multiple smaller ones, so that you can abort sooner. Use INTO TEMP to store intermediates. That would give you the opportiunity to check whether the client is still listening - and you could even give the client some updates on progress, which may be considered a nice to have feature as well. Best of all would be to optimize the database and make those queries faster, but I guess you must have valid reasons for not doing so. M. -- My reply ends here -- This message and attachment(s) are intended solely for use by the addressee and may contain information that is privileged, confidential or otherwise exempt from disclosure under applicable law. If you are not the intended recipient or agent thereof responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by telephone and with a 'reply' message. Thank you for your co-operation. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat Crashes out of continuous servicing of stuck request
Just an idea: What happens if you change your DB call into a Sleep(30) or something similar? Does tomcat still misbehave then? (the 'retry' could be related to something else than tomcat). M -Original Message- From: Hadole, Nishant IN BOM SISL [mailto:nishant.had...@siemens.com] Sent: vrijdag 04 december 2009 11:06 To: 'Rainer Jung'; Tomcat Users List Subject: RE: Tomcat Crashes out of continuous servicing of stuck request Dear Rainer, Thanks for explanation. In this particular case, when client press a button on JSP, it initiates a Database search operation, which may take time up to 30-45 seconds. Meanwhile, we are showing a screen which tell user that his / her request is being processed and no to close the window. But, sometimes users are impatient and still close the window. Yes, as you suggested, it is possible to handle close event / stop processing by some notification, but application is full of such utilities, and it is too much of efforts. I am interested in some parameterization, which detects broken connection and automatically drops stuck request. I have even checked this with requests with STAGE as KEEPALIVE, but not working with STAGE as SERVICE. Also, I am not able to figure out, why the processing is repeated. With best regards, Nishant Hadole Mailto: nishant.had...@siemens.com This message and attachment(s) are intended solely for use by the addressee and may contain information that is privileged, confidential or otherwise exempt from disclosure under applicable law. If you are not the intended recipient or agent thereof responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by telephone and with a 'reply' message. Thank you for your co-operation. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat Crashes out of continuous servicing of stuck request
On 04.12.2009 11:41, Looijmans, Mike wrote: ... Without trying to send something back to the client, there is no way telling the client closed the window (or pressed reload or switched to another URL). I would expect the socket to be closed, which can be detected at the server side. The exceptions I can think of are the client crashing or a network disconnect. Though apache probably detects the socket's close, it has little means It detects the close only when trying to send something via the socket. There's no monitoring of unused sockets. Although the server received the FIN or RST packets and changes the state of the socket internally, there'*s no application (=Apache) code checking that state when not actually trying to use the socket. You could write such code, but it's not there. The closed socket is detected once the server tries to read from or write to it. of informing the associated servlet because that is blocked waiting for the response from the database. Exactly. Even if the web server knew, you would still have to forward the information to the naxt hop, e.g. Tomcat (and then also the database). The communication between Apache and Tomcat (either via http or via ajp) doesn't have any notification facility of the form don't proceed working on this request. It can only detect an error on top of request and response communication. So here, once the app actually tries to send something back, Apache will notice the closed socket to the client, and then close the socket to the backend itself (at least in the case of mod_jk) and then Tomcat notices the closed socket to the web server and throws an error itself. Depending on the database, it is usually also no use to try and stop - the query will continue its work even though the requesting user is gone on most DBMSes. So taking a slot in the webserver is not a big issue, the DB is wasting far more resources on that user. Other options to explore are dividing the big query into multiple smaller ones, so that you can abort sooner. Use INTO TEMP to store intermediates. That would give you the opportiunity to check whether the client is still listening - and you could even give the client some updates on progress, which may be considered a nice to have feature as well. Best of all would be to optimize the database and make those queries faster, but I guess you must have valid reasons for not doing so. M. -- My reply ends here -- This message and attachment(s) are intended solely for use by the addressee and may contain information that is privileged, confidential or otherwise exempt from disclosure under applicable law. If you are not the intended recipient or agent thereof responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by telephone and with a 'reply' message. Thank you for your co-operation. Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Logging with Log4J
Hello list,
Up until now, I have used simple System.out.println() statements
to do the logging of my web applications, but I want to start
using a more advanced system with more possibilities. Log4J
seemed like a good choice. The most important thing for me is that the
log messages are written nicely into a separate file.
Based on stuff I found using Google, I have created a
log4j.properties file (see bottom of this mail) which is saved under
the WEB-INF/classed directory.
It seems like things are working *partly*... because although I
do specify the file testbart.log, there is no testbart.log file
on the tomcat server (i checked this with find / -name
testbart.log as root). I *do* however see log messages appearing
in /var/log/syslog, but that is not what i want. I want them to be written
into a separate logfile.
Can somebody point me in the right direction here? All i want is
that the logs for my webapp (written using Log4J) are written in to a
file
/var/log/tomcat/mywebapp.log
It is however unclear to me where i have to configure this... is
it a Debian config thing? Is it a Tomcat config thing? Is it a
log4J config thing? Do I config this in the log4j.properties
file?
Just for the record: we're using Tomcat 5.5 on a Debian GNU/Linux
stable system.
Kind regards,
Bart
--- log4j.properties --
log4j.rootLogger=DEBUG, cons
log4j.logger.com.jspservletcookbook=, myAppender
# The root logger's appender
log4j.appender.cons=org.apache.log4j.ConsoleAppender
# The com.jspservletcookbook logger's appender
log4j.appender.myAppender=org.apache.log4j.RollingFileAppender
log4j.appender.myAppender.File=testbart.log
log4j.appender.myAppender.MaxBackupIndex=1
log4j.appender.myAppender.MaxFileSize=1MB
# The root logger's layout
log4j.appender.cons.layout=org.apache.log4j.SimpleLayout
# The com.jspservletcookbook logger's layout
log4j.appender.myAppender.layout=org.apache.log4j.PatternLayout
log4j.appender.myAppender.layout.ConversionPattern=%-5p Logger:%c{1} Date:
%d{ISO8601} - %m%n
--
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Logging with Log4J
Change your first line from DEBUG, cons to DEBUG, myAppender
-Original Message-
From: Bart Vandewoestyne [mailto:bart.vandewoest...@telenet.be]
Sent: Friday, December 04, 2009 9:03 AM
To: users@tomcat.apache.org
Subject: Logging with Log4J
Hello list,
Up until now, I have used simple System.out.println() statements
to do the logging of my web applications, but I want to start
using a more advanced system with more possibilities. Log4J
seemed like a good choice. The most important thing for me is that the
log messages are written nicely into a separate file.
Based on stuff I found using Google, I have created a
log4j.properties file (see bottom of this mail) which is saved under
the WEB-INF/classed directory.
It seems like things are working *partly*... because although I
do specify the file testbart.log, there is no testbart.log file
on the tomcat server (i checked this with find / -name
testbart.log as root). I *do* however see log messages appearing
in /var/log/syslog, but that is not what i want. I want them to be
written
into a separate logfile.
Can somebody point me in the right direction here? All i want is
that the logs for my webapp (written using Log4J) are written in to a
file
/var/log/tomcat/mywebapp.log
It is however unclear to me where i have to configure this... is
it a Debian config thing? Is it a Tomcat config thing? Is it a
log4J config thing? Do I config this in the log4j.properties
file?
Just for the record: we're using Tomcat 5.5 on a Debian GNU/Linux
stable system.
Kind regards,
Bart
--- log4j.properties --
log4j.rootLogger=DEBUG, cons
log4j.logger.com.jspservletcookbook=, myAppender
# The root logger's appender
log4j.appender.cons=org.apache.log4j.ConsoleAppender
# The com.jspservletcookbook logger's appender
log4j.appender.myAppender=org.apache.log4j.RollingFileAppender
log4j.appender.myAppender.File=testbart.log
log4j.appender.myAppender.MaxBackupIndex=1
log4j.appender.myAppender.MaxFileSize=1MB
# The root logger's layout
log4j.appender.cons.layout=org.apache.log4j.SimpleLayout
# The com.jspservletcookbook logger's layout
log4j.appender.myAppender.layout=org.apache.log4j.PatternLayout
log4j.appender.myAppender.layout.ConversionPattern=%-5p Logger:%c{1}
Date: %d{ISO8601} - %m%n
--
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
*** NOTICE *
This message is intended for the use of the individual or entity to which
it is addressed and may contain information that is privileged,
confidential, and exempt from disclosure under applicable law. If the
reader of this message is not the intended recipient or the employee or
agent responsible for delivering this message to the intended recipient,
you are hereby notified that any dissemination, distribution, or copying
of this communication is strictly prohibited. If you have received this
communication in error, please notify us immediately by reply or by
telephone (call us collect at 512-343-9100) and immediately delete this
message and all its attachments.
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
tomcat not accepting requests
Hello, my config Ubuntu 9.10 Server AMD 64 RAM 512 Tomcat 6 running with native libraries and XMX=400M Maybe once a day, or each 2 days tomcat stops handling requests. Error 101 (net::ERR_CONNECTION_RESET): Unknown error at the browser. 1. Service is UP 2. telnet to 80 port works OK 3. netstat -a is listening @ por 80 perfectly 4. nothing in the logs. NOTHING. (logs as default installation) I checked and I'm not being DOS attacked. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat not accepting requests
On 04/12/2009 15:42, Rodrigo Asensio wrote: Hello, my config Ubuntu 9.10 Server AMD 64 RAM 512 Tomcat 6 running with native libraries and XMX=400M Sub version Tomcat 6.0.?? Maybe once a day, or each 2 days tomcat stops handling requests. Permanently, or temporarily? Error 101 (net::ERR_CONNECTION_RESET): Unknown error at the browser. Where does this error come from, a client? If so, what? 1. Service is UP 2. telnet to 80 port works OK 3. netstat -a is listening @ por 80 perfectly 4. nothing in the logs. NOTHING. (logs as default installation) default apache.org install or Ubuntu package? p I checked and I'm not being DOS attacked. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat not accepting requests
1. Apache Tomcat/6.0.20 JVM 1.6.0_0-b16 Sun Microsystems Inc.Linux 2.6.31-302-rs amd64 2. seems permanently (its a production server, it has been up to 1 hour and we restarted the service) 3. error comes from a browser, just that, site site is just offline 4. 100% ubuntu package On Fri, Dec 4, 2009 at 12:48, Pid p...@pidster.com wrote: On 04/12/2009 15:42, Rodrigo Asensio wrote: Hello, my config Ubuntu 9.10 Server AMD 64 RAM 512 Tomcat 6 running with native libraries and XMX=400M Sub version Tomcat 6.0.?? Maybe once a day, or each 2 days tomcat stops handling requests. Permanently, or temporarily? Error 101 (net::ERR_CONNECTION_RESET): Unknown error at the browser. Where does this error come from, a client? If so, what? 1. Service is UP 2. telnet to 80 port works OK 3. netstat -a is listening @ por 80 perfectly 4. nothing in the logs. NOTHING. (logs as default installation) default apache.org install or Ubuntu package? p I checked and I'm not being DOS attacked. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: TLS only
mark smith wrote: Hi All, I have a requirement to configure tomcat to make use of TLS only for all the secure communication from browser. SSLProtocol=TLS in Connector tag in server.xml supports both SSLv3 and TLSv1. Please help to disable SSLv3 and have only TLSv1 enabled. Use the ciphers attribute on the connector to limit the cipher suites to just the ones you want. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat 5 vs 6 Context useNaming Behavior
Caldarale, Charles R wrote: From: Scott Dudley [mailto:sc...@telesoft.com] Subject: Tomcat 5 vs 6 Context useNaming Behavior We have a legacy application that's been running on the 5.5.X versions for several years. Under what JVM? And platform? I've tested under both Windows (2000) and a couple of current Linux variants both running a current 1.6 VM - same behavior. 5.5.X works, 6.X doesn't. The application instantiates the context, creates and binds it's own JDBC pool, etc. with no relevant edits to any of Tomcat's configuration files. What does it do with exceptions during the context instantiation? They're thrown and reported - er go the exception excerpt included in my post. In 6.0.20, no matter the setting (true/false), we get the same Exception as when useNaming is set to true in 5.5.X: What JVM for 6.0.20? As mentioned earlier, current 1.6 release. Is there a known/related useNaming bug or have I missed some new configuration nugget? Can't say. Can you post your server.xml and relevant Context element? http://sdudley.com/files/server.xml http://sdudley.com/files/accountaccess-dev.xml You'll see we use a custom ClassLoader, FileDirContext, and LifecycleListener but like XML JNDI configuration, don't want to make them part of this conversation as they're not relevant. I'm simply trying to find out why useNaming works in 5.5.X and not 6 and hoped someone was already aware of the answer. In the meantime, I'm already looking through the source and doing some testing on my own. Thanks. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- Scott Dudley Senior Developer Telesoft Corp. | 3443 N. Central Ave., 18th Floor | Phoenix, AZ, 85012 o: (602) 308-1115 | f: (602) 308-1300 | w: www.telesoft.com
Re: tomcat not accepting requests
On 04/12/2009 15:53, Rodrigo Asensio wrote: 1. Apache Tomcat/6.0.20 JVM 1.6.0_0-b16 Sun Microsystems Inc.Linux 2.6.31-302-rs amd64 2. seems permanently (its a production server, it has been up to 1 hour and we restarted the service) 3. error comes from a browser, just that, site site is just offline 4. 100% ubuntu package Are you able to take a thread dump when it appears to stop accepting connections? p On Fri, Dec 4, 2009 at 12:48, Pidp...@pidster.com wrote: On 04/12/2009 15:42, Rodrigo Asensio wrote: Hello, my config Ubuntu 9.10 Server AMD 64 RAM 512 Tomcat 6 running with native libraries and XMX=400M Sub version Tomcat 6.0.?? Maybe once a day, or each 2 days tomcat stops handling requests. Permanently, or temporarily? Error 101 (net::ERR_CONNECTION_RESET): Unknown error at the browser. Where does this error come from, a client? If so, what? 1. Service is UP 2. telnet to 80 port works OK 3. netstat -a is listening @ por 80 perfectly 4. nothing in the logs. NOTHING. (logs as default installation) default apache.org install or Ubuntu package? p I checked and I'm not being DOS attacked. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Custom URL handlers in Tomcat web app
Hi
I've resolved this issue in this way:
URLStreamHandlerFactoryImpl.termspecProtocolHandler = handlerClass;
try {
for (final Field field : URL.class.getDeclaredFields()) {
if (factory.equalsIgnoreCase(field.getName()) ) {
field.setAccessible(true);
field.set(null, new
URLStreamHandlerFactoryImpl((URLStreamHandlerFactory) field.get(null)));
}
}
} catch (Throwable e) {
logger.error(e);
}
--
View this message in context:
http://old.nabble.com/Custom-URL-handlers-in-Tomcat-web-app-tp15629476p26636133.html
Sent from the Tomcat - User mailing list archive at Nabble.com.
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat not accepting requests
you mean something like Thread.dumpStack() ? not really. And I don't have any monitoring tool there. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. On Fri, Dec 4, 2009 at 13:46, Pid p...@pidster.com wrote: On 04/12/2009 15:53, Rodrigo Asensio wrote: 1. Apache Tomcat/6.0.20 JVM 1.6.0_0-b16 Sun Microsystems Inc. Linux 2.6.31-302-rs amd64 2. seems permanently (its a production server, it has been up to 1 hour and we restarted the service) 3. error comes from a browser, just that, site site is just offline 4. 100% ubuntu package Are you able to take a thread dump when it appears to stop accepting connections? p On Fri, Dec 4, 2009 at 12:48, Pidp...@pidster.com wrote: On 04/12/2009 15:42, Rodrigo Asensio wrote: Hello, my config Ubuntu 9.10 Server AMD 64 RAM 512 Tomcat 6 running with native libraries and XMX=400M Sub version Tomcat 6.0.?? Maybe once a day, or each 2 days tomcat stops handling requests. Permanently, or temporarily? Error 101 (net::ERR_CONNECTION_RESET): Unknown error at the browser. Where does this error come from, a client? If so, what? 1. Service is UP 2. telnet to 80 port works OK 3. netstat -a is listening @ por 80 perfectly 4. nothing in the logs. NOTHING. (logs as default installation) default apache.org install or Ubuntu package? p I checked and I'm not being DOS attacked. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat not accepting requests
On 04/12/2009 17:12, Rodrigo Asensio wrote: you mean something like Thread.dumpStack() ? not really. And I don't have any monitoring tool there. kill -3 java_process_id or use the tools (jps,jmap,jstack etc) that come with your JDK. p Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. On Fri, Dec 4, 2009 at 13:46, Pidp...@pidster.com wrote: On 04/12/2009 15:53, Rodrigo Asensio wrote: 1. Apache Tomcat/6.0.20 JVM 1.6.0_0-b16 Sun Microsystems Inc.Linux 2.6.31-302-rs amd64 2. seems permanently (its a production server, it has been up to 1 hour and we restarted the service) 3. error comes from a browser, just that, site site is just offline 4. 100% ubuntu package Are you able to take a thread dump when it appears to stop accepting connections? p On Fri, Dec 4, 2009 at 12:48, Pidp...@pidster.comwrote: On 04/12/2009 15:42, Rodrigo Asensio wrote: Hello, my config Ubuntu 9.10 Server AMD 64 RAM 512 Tomcat 6 running with native libraries and XMX=400M Sub version Tomcat 6.0.?? Maybe once a day, or each 2 days tomcat stops handling requests. Permanently, or temporarily? Error 101 (net::ERR_CONNECTION_RESET): Unknown error at the browser. Where does this error come from, a client? If so, what? 1. Service is UP 2. telnet to 80 port works OK 3. netstat -a is listening @ por 80 perfectly 4. nothing in the logs. NOTHING. (logs as default installation) default apache.org install or Ubuntu package? p I checked and I'm not being DOS attacked. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat not accepting requests
nop, but I will read about these tools and use them next time. do you have idea what it can be ? is really weird. Is not heavy load, because I saw it die 11pm with 1 session opened at the server. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. On Fri, Dec 4, 2009 at 14:21, Pid p...@pidster.com wrote: On 04/12/2009 17:12, Rodrigo Asensio wrote: you mean something like Thread.dumpStack() ? not really. And I don't have any monitoring tool there. kill -3 java_process_id or use the tools (jps,jmap,jstack etc) that come with your JDK. p Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. On Fri, Dec 4, 2009 at 13:46, Pidp...@pidster.com wrote: On 04/12/2009 15:53, Rodrigo Asensio wrote: 1. Apache Tomcat/6.0.20 JVM 1.6.0_0-b16 Sun Microsystems Inc. Linux 2.6.31-302-rs amd64 2. seems permanently (its a production server, it has been up to 1 hour and we restarted the service) 3. error comes from a browser, just that, site site is just offline 4. 100% ubuntu package Are you able to take a thread dump when it appears to stop accepting connections? p On Fri, Dec 4, 2009 at 12:48, Pidp...@pidster.com wrote: On 04/12/2009 15:42, Rodrigo Asensio wrote: Hello, my config Ubuntu 9.10 Server AMD 64 RAM 512 Tomcat 6 running with native libraries and XMX=400M Sub version Tomcat 6.0.?? Maybe once a day, or each 2 days tomcat stops handling requests. Permanently, or temporarily? Error 101 (net::ERR_CONNECTION_RESET): Unknown error at the browser. Where does this error come from, a client? If so, what? 1. Service is UP 2. telnet to 80 port works OK 3. netstat -a is listening @ por 80 perfectly 4. nothing in the logs. NOTHING. (logs as default installation) default apache.org install or Ubuntu package? p I checked and I'm not being DOS attacked. Rodrigo Asensio rasen...@gmail.com http://www.rodrigoasensio.com To err is human, but to really screw up requires the root password. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
server.xml formatting guide
Hi Just wondering if there is any standard or recommendation for the formatting of server.xml config file for tomcat. Configuring properties for mysql jdbc driver is a good case in point: Resource auth=Container description=MySQL Datasource name=jdbc/MySqlDataSource type=javax.sql.DataSource driverClassName=com.mysql.jdbc.Driver url=jdbc:mysql://10.10.10.10,20.20.20.20:3306/database1?failOverReadOnl y=falseamp;autoCommit=trueamp;secondsBeforeRetryMaster=30 username=user password=password initialSize=40 You have the standard properties that can be set as above but then the mysql specific properties requires to be appended to the connection string as above or in the following format: ResourceParams name=jdbc/gtaMySqlDataSource parameter nameuseUsageAdvisor/name valuetrue/value /parameter /ResourceParams The above format is in a lot less readable in my opinion but I prefer it over appending values to a connection string. The following format also seems to be quite readable: Connector port=8080 maxHttpHeaderSize=8192 maxThreads=1000 minSpareThreads=25 maxSpareThreads=75 enableLookups=false redirectPort=8443 acceptCount=100 connectionTimeout=2 disableUploadTimeout=true / Regards __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __
[/jakarta/isapi_redirect.dll] is not a servlet url
Hello all, This is my first post here. I hope someone can help. I've been searching high and low for days to resolve a problem I am having with the jakarta redirector. My JAVA application is BMC Remedy MidTier I am running: IIS 6 Tomcat 5.5.26 Jakarta isapi_redirect.dll v1.2.28 Win 2K3 SP2 I have never been able to get the application to work through IIS. The redirector seems to fail at the last step. Please see the isapt_redirect log below: *** [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (805): Filter started [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (872): Virtual Host redirection of /WEBAPP001/arsys/shared/login.jsp [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] map_uri_to_worker::jk_uri_worker_map.c (542): enter [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] uri_worker_map_update::jk_uri_worker_map.c (712): File C:\Program Files\Apache Software Foundation\Jakarta Isapi Redirector\conf\uriworkermap.properties is not modified [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (575): Attempting to map URI '/WEBAPP001/arsys/shared/login.jsp' from 1 maps [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (587): Attempting to map context URI '/arsys/*=ars' source 'uriworkermap' [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] map_uri_to_worker::jk_uri_worker_map.c (623): exit [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (879): Default redirection of /arsys/shared/login.jsp [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] map_uri_to_worker::jk_uri_worker_map.c (542): enter [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (575): Attempting to map URI '/arsys/shared/login.jsp' from 1 maps [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (587): Attempting to map context URI '/arsys/*=ars' source 'uriworkermap' [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (602): Found a wildchar match '/arsys/*=ars' [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] map_uri_to_worker::jk_uri_worker_map.c (605): exit [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (889): check if [/arsys/shared/login.jsp] is points to the web-inf directory [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (907): [/arsys/shared/login.jsp] is a servlet url - should redirect to ars [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (919): fowarding original URI [/arsys/shared/login.jsp] [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (805): Filter started [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (872): Virtual Host redirection of /WEBAPP001/jakarta/isapi_redirect.dll [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] map_uri_to_worker::jk_uri_worker_map.c (542): enter [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (575): Attempting to map URI '/WEBAPP001/jakarta/isapi_redirect.dll' from 1 maps [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (587): Attempting to map context URI '/arsys/*=ars' source 'uriworkermap' [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] map_uri_to_worker::jk_uri_worker_map.c (623): exit [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (879): Default redirection of /jakarta/isapi_redirect.dll [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] map_uri_to_worker::jk_uri_worker_map.c (542): enter [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (575): Attempting to map URI '/jakarta/isapi_redirect.dll' from 1 maps [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] map_uri_to_worker::jk_uri_worker_map.c (587): Attempting to map context URI '/arsys/*=ars' source 'uriworkermap' [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] map_uri_to_worker::jk_uri_worker_map.c (623): exit [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (889): check if [/jakarta/isapi_redirect.dll] is points to the web-inf directory [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpFilterProc::jk_isapi_plugin.c (1008): [/jakarta/isapi_redirect.dll] is not a servlet url [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] HttpExtensionProc::jk_isapi_plugin.c (1045): enter [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] wc_maintain::jk_worker.c (307): enter [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] wc_maintain::jk_worker.c (321): Maintaining worker ars [Fri Dec 04 12:56:25 2009] [0160:3124] [trace] ajp_maintain::jk_ajp_common.c (2349): enter [Fri Dec 04 12:56:25 2009] [0160:3124] [trace]
Re: server.xml formatting guide
gerhardus.geldenh...@gta-travel.com wrote: Hi Just wondering if there is any standard or recommendation for the formatting of server.xml config file for tomcat. You know, there are some XML editors which really are nice, and they allow you to choose the fonts and colors for each type of syntactic element. So you can have the tags in helvetica pink, the attributes in arial blue, things like that. Unfortunately, you cannot easily save this. But you can always edit it on the screen, and then use of these nifty graphic utilities that allow you to take screenshots and save them a jpegs or so. :-) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [/jakarta/isapi_redirect.dll] is not a servlet url
magillagorilla wrote: ... [Fri Dec 04 12:56:25 2009] [0160:3124] [debug] HttpExtensionProc::jk_isapi_plugin.c (1084): could not get a worker for name ajp13 [Fri Dec 04 12:56:25 2009] [0160:3124] [error] HttpExtensionProc::jk_isapi_plugin.c (1109): could not get a worker for name ajp13 ... I don't really know what the problem is, but I am intrigued by the above 2 lines in your logs. It looks as if mod_jk is looking for a worker whose /name/ is ajp13, but that does not seem to be reflected in the configuration files that you quoted. Are you sure that the configuration files you listed are really the ones that are being used ? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installing SSL connector for Tomcat on Linux/Debian
hi,
I've been running into almost the same issue you've described here. just
wondering if you've discovered a solution. I tried to upgrade to the latest
version of tomcat-native-1.1.18 src, but that didn't help.
any insights would be appreciated!
in my context...i'm converting from redhat supported version of tomcat6 to
open source tomcat6.
SSL connector works fine when i use the redhat's version of the jar files...
see diff of the lib dir between redhat's tomcat vs open source tomcat below:
[r...@localhost srv]# diff redhat-tomcat/lib opensrc-tomcat/lib
Binary files redhat-tomcat/lib/annotations-api.jar and
opensrc-tomcat/lib/annotations-api.jar differ
Binary files redhat-tomcat/lib/catalina-ant.jar and
opensrc-tomcat/lib/catalina-ant.jar differ
Binary files redhat-tomcat/lib/catalina-ha.jar and
opensrc-tomcat/lib/catalina-ha.jar differ
Binary files redhat-tomcat/lib/catalina.jar and
opensrc-tomcat/lib/catalina.jar differ
Only in opensrc-tomcat/lib: catalina-tribes.jar
Binary files redhat-tomcat/lib/el-api.jar and opensrc-tomcat/lib/el-api.jar
differ
Only in redhat-tomcat/lib: gid-jmx-listener.jar
Binary files redhat-tomcat/lib/jasper-el.jar and
opensrc-tomcat/lib/jasper-el.jar differ
Binary files redhat-tomcat/lib/jasper.jar and opensrc-tomcat/lib/jasper.jar
differ
Binary files redhat-tomcat/lib/jasper-jdt.jar and
opensrc-tomcat/lib/jasper-jdt.jar differ
Binary files redhat-tomcat/lib/jsp-api.jar and
opensrc-tomcat/lib/jsp-api.jar differ
Only in redhat-tomcat/lib: libapr-1.so.0
Only in opensrc-tomcat/lib: libtcnative-1.a
Only in opensrc-tomcat/lib: libtcnative-1.la
Only in opensrc-tomcat/lib: libtcnative-1.lai
Binary files redhat-tomcat/lib/libtcnative-1.so and
opensrc-tomcat/lib/libtcnative-1.so differ
Only in opensrc-tomcat/lib: libtcnative-1.so.0
Only in opensrc-tomcat/lib: libtcnative-1.so.0.1.18
Only in opensrc-tomcat/lib: pkgconfig
Binary files redhat-tomcat/lib/servlet-api.jar and
opensrc-tomcat/lib/servlet-api.jar differ
Binary files redhat-tomcat/lib/tomcat-coyote.jar and
opensrc-tomcat/lib/tomcat-coyote.jar differ
Binary files redhat-tomcat/lib/tomcat-dbcp.jar and
opensrc-tomcat/lib/tomcat-dbcp.jar differ
Binary files redhat-tomcat/lib/tomcat-i18n-es.jar and
opensrc-tomcat/lib/tomcat-i18n-es.jar differ
Binary files redhat-tomcat/lib/tomcat-i18n-fr.jar and
opensrc-tomcat/lib/tomcat-i18n-fr.jar differ
Binary files redhat-tomcat/lib/tomcat-i18n-ja.jar and
opensrc-tomcat/lib/tomcat-i18n-ja.jar differ
Only in redhat-tomcat/lib: tomcat-juli-adapters.jar
--steve (Release Engineer)
Daniele Development-ML wrote:
Hello everybody,
I'm trying to set up a SSL transport layer, but I'm coming up against some
difficulties.
Specifically, I followed all the steps requires and specified as in the
Tomcat guide - adding some suggestions I found around on several web site
for the installation of APR libraries - but still it doesn't work.
I'm using Tomcat 6.0.20 with the last version of APR library, on a
Lenny/Debian distribution.
The output I get in catalina.out is:
18-Aug-2009 18:05:55 org.apache.catalina.startup.SetAllPropertiesRule
begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property
'clientAuth' to 'false' did not find a matching property.
18-Aug-2009 18:05:55 org.apache.catalina.startup.SetAllPropertiesRule
begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property
'SSLEngine' to 'on' did not find a matching property.
18-Aug-2009 18:05:55 org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.1.16.
18-Aug-2009 18:05:55 org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters
[false], random [true].
18-Aug-2009 18:05:55 org.apache.catalina.core.AprLifecycleListener
lifecycleEvent
INFO: Failed to initialize the SSLEngine.
18-Aug-2009 18:05:55 org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
18-Aug-2009 18:05:55 org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8443
18-Aug-2009 18:05:55 org.apache.coyote.ajp.AjpAprProtocol init
INFO: Initializing Coyote AJP/1.3 on ajp-8009
18-Aug-2009 18:05:55 org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 656 ms
While my server configuration is:
!-- Define a SSL HTTP/1.1 Connector on port 8443 --
Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true
maxThreads=150 scheme=https secure=true clientAuth=false
sslProtocol=TLS enableLookups=false disableUploadTimeout=true
SSLEngine=on
SSLCertificateFile=${catalina.base}/config/certs/self-signed-cert.pem
SSLCertificateKeyFile=${catalina.base}/config/certs/rsa-private-key.pem/
Where the certificates where generated with OpenSLL on a Windows Platform.
In addition, I included the following lines at the beginning of setclass
file
CATALINA_OPTS=$CATALINA_OPTS
Re: Debugging tomcat-apache(mod_jk) bridge
I too saw that mod_jk thinks it is talking to tomcat. But I do not see any logs in tomcat to indicate that. Also with the same parameters mod_proxy_ajp is able to fetch my page. Could be some nasty machine specific thing. On Fri, Dec 4, 2009 at 12:45 AM, Rainer Jung rainer.j...@kippdata.de wrote: On 04.12.2009 09:31, groupalias v wrote: Also as I promised here is the mod_jk.log after running it in debug mode ( please note that I am not looking for an answer but would still be looking to figure out what's happening with mod_jk) -- Skipping init messages ... [Tue Dec 01 14:13:01 2009] [7270:3083376384] [debug] jk_child_init::mod_jk.c (3068): Initialized mod_jk/1.2.28 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] map_uri_to_worker_ext::jk_uri_worker_map.c (1036): Attempting to map URI '/test/index.jsp' from 1 maps That's the request ... [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/test/*=A' source 'JkMount' [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] find_match::jk_uri_worker_map.c (863): Found a wildchar match '/test/*=A' We know we have to send it via A ... [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_handler::mod_jk.c (2459): Into handler jakarta-servlet worker=A r-proxyreq=0 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] wc_get_worker_for_name::jk_worker.c (116): found a worker A [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] OK, there is a worker named A ... wc_maintain::jk_worker.c (339): Maintaining worker A [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_maintain::jk_ajp_common.c (3081): reached pool min size 5 from 10 cache slots [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] wc_get_name_for_type::jk_worker.c (293): Found worker type 'ajp13' [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] init_ws_service::mod_jk.c (977): Service protocol=HTTP/1.1 method=GET ssl=false host=(null) addr=X.X.X.X name=www.example.com port=80 auth=(null) user=(null) laddr=192.168.2.2 raddr=X.X.X.X uri=/test/index.jsp [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_get_endpoint::jk_ajp_common.c (2977): acquired connection pool slot=0 after 0 retries [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_marshal_into_msgb::jk_ajp_common.c (605): ajp marshaling done [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_service::jk_ajp_common.c (2283): processing A with 2 retries [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_send_request::jk_ajp_common.c (1501): (A) all endpoints are disconnected. We need to connect to A .. [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (452): socket TCP_NODELAY set to On [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (489): socket SO_KEEPALIVE set to On [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (541): timeout 300 set for socket=17 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (576): trying to connect socket 17 to 127.0.0.1:8009 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] jk_open_socket::jk_connect.c (602): socket 17 connected to 127.0.0.1:8009 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connect_to_endpoint::jk_ajp_common.c (931): Connected socket 17 to (127.0.0.1:8009) Connected to A as 127.0.0.1 on port 8009 ... [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_send_message::jk_ajp_common.c (1070): sending to ajp13 pos=4 len=450 max=8192 I'm missing the request data here? Did you remove it? [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_send_request::jk_ajp_common.c (1560): (A) request body to send 0 - request body to resend 0 OK, we send the request. [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_get_message::jk_ajp_common.c (1259): received from ajp13 pos=0 len=19 max=8192 We got 19 Bytes of response ... [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_get_message::jk_ajp_common.c (1259): 04 01 90 00 0B 42 61 64 20 52 65 71 75 65 73 74 - .Bad.Request And the response says status = 0x0190 = 400 with status message Bad Request. So whoever or whatever produced this result claims that what it received was a bad request. So maybe the request has inconsistent headers like using content-length together with chunked encoding or similar. [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_connection_tcp_get_message::jk_ajp_common.c (1259): 0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 - [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_unmarshal_response::jk_ajp_common.c (660): status = 400 [Tue Dec 01 14:13:02 2009] [7267:3083376384] [debug] ajp_unmarshal_response::jk_ajp_common.c (667): Number of headers is = 0 [Tue Dec 01
Re: Installing SSL connector for Tomcat on Linux/Debian
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Daniele,
On 8/18/2009 2:01 PM, Daniele Development-ML wrote:
18-Aug-2009 18:05:55 org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.1.16.
18-Aug-2009 18:05:55 org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters
[false], random [true].
So you are successfully using APR.
18-Aug-2009 18:05:55 org.apache.catalina.startup.SetAllPropertiesRule begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property
'clientAuth' to 'false' did not find a matching property.
clientAuth is not a valid attribute for the APR SSL connector (though
it /is/ valid for the non-APR connector).
See
http://tomcat.apache.org/tomcat-6.0-doc/config/http.html
versus
http://tomcat.apache.org/tomcat-6.0-doc/apr.html
You want to use SSLVerifyClient instead of clientAuth, though the
default (none) is what it looks like you want.
18-Aug-2009 18:05:55 org.apache.catalina.startup.SetAllPropertiesRule begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property
'SSLEngine' to 'on' did not find a matching property.
SSLEngine is not a valid attribute for the APR SSL connector (nor is
it valid for the non-APR connector; that should be SSLEnabled).
Instead, the SSLEngine attribute should appear in your APR lifecycle
listener, like this:
Listener className=org.apache.catalina.core.AprLifecycleListener
SSLEngine=on /
Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true
maxThreads=150 scheme=https secure=true clientAuth=false
sslProtocol=TLS enableLookups=false disableUploadTimeout=true
SSLEngine=on
SSLCertificateFile=${catalina.base}/config/certs/self-signed-cert.pem
SSLCertificateKeyFile=${catalina.base}/config/certs/rsa-private-key.pem/
Your value for sslProtocol does not match the list of acceptable values
in http://tomcat.apache.org/tomcat-6.0-doc/apr.html. You might want to
check again.
In addition, I included the following lines at the beginning of setclass
file
CATALINA_OPTS=$CATALINA_OPTS
-Djava.library.path=/home/daniele/tomcat-6.0.20/bin/tomcat-native-1.1.16-src/jni/native/.libs
It appears that this has correctly enabled tcnative. Congratulations,
although you probably should go ahead and upgrade to 1.1.18.
- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAksZg5IACgkQ9CaO5/Lv0PDDgQCdFsVwmgo3oPsMx6RiH46kowVr
nqoAniosyxODmp2y+8PNGSrTryDUyoqH
=U6du
-END PGP SIGNATURE-
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat Crashes out of continuous servicing of stuck request
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Nishant, On 12/4/2009 4:29 AM, Hadole, Nishant IN BOM SISL wrote: Tomcat continues processing request indefinitely, causing loss of free heap memory and eventually crashes. When you say crashes, what exactly to you mean? OOME? JVM failure? When checked in Tomcat Monitor, under header jk-8009, the stage for stuck request is SERVICE and time goes on increasing. As others have said, without attempting to send data to the client, you can't know that they have disappeared. :( My question is why your code causes a crash when the client disappears, but works just fine when the client gets a proper response. That suggests a mismanagement of resources by your webapp. You might consider reviewing your code to find out why your loss of free heap memory is occurring, because Tomcat surely isn't causing that to happen. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAksZh0sACgkQ9CaO5/Lv0PBGfwCfVjYr8P9A0iFm6hLKkG7gxKx6 zsoAn2s5Box8os9g0dE6uFgB4TXJWPdr =ssOC -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Logging with Log4J
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bart, On 12/4/2009 10:02 AM, Bart Vandewoestyne wrote: I *do* however see log messages appearing in /var/log/syslog, but that is not what i want. That's very weird: you have no configuration whatsoever that would lead me to believe that your webapp's messages are going to syslog. Are you sure you don't have something else logging to syslog? /var/log/tomcat/mywebapp.log [snip] log4j.rootLogger=DEBUG, cons See Jeffrey's suggestion in his post. log4j.appender.myAppender.File=testbart.log I would have done: log4j.appender.myAppender.File=/var/log/tomcat/mywebapp.log Make sure that the user running Tomcat has rights to write to that file/directory. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAksZiEUACgkQ9CaO5/Lv0PDuAACgr9akSt+bLoUK66POxEq275/x IucAoKz1XnMtclmhigcgSajbx9vkg7Lb =vq1l -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: how to change the url,username and password connection pooling
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Carsten, On 11/2/2009 12:05 PM, Carsten Pohl wrote: I wrote a webapp, that is using tomcats connection pooling. I was wondering how I can change URL / username or password of the connection pool, without redeploying the webapp. I tried the following: 1. putting the configuration in the $CATALINA_BASE/conf/[enginename]/[hostname]/[webappname].xml and then changing the ressource entries. This works (in 6.0.18) but a redeploy happens. Which means, that the application is unavailable for some time. This is expected behavior. 2. Using JMX to connect to the tomcat. Under catalina - datasource - webappname - localhost- javax.sql.datasource - jdbc/postgres - attributes i see the URL, but when i change that, nothing happens. You are only changing the configuration, you aren't changing the DataSource that was created using that configuration. If you want to switch-out the DataSource in the JNDI context during runtime, you'll have to actually create a new instance of a DataSource and stuff it into the JNDI context. I'm not sure if Tomcat will let you do that, though. Perhaps there is a way, using JMX, to trigger a re-load of the DataSource configuration so that your above change actually has an effect. I'm sorry, I don't have any experience with JMX in Tomcat (nor anywhere else for that matter) so I can't really advise you. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAksZivAACgkQ9CaO5/Lv0PA4YQCfQwdR+U/bz/FVBYfw/Dtdaek3 lQwAn0b/bQcm2GmGS4zUXOAzX4GjBaGQ =dtku -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Can service output be redirected to the terminal window?
I am new to Tomcat. 1. I have several services written under axis2. I deployed them statically into Tomcat but don't seem to be able to list those services. 2. I have noticed that startup.bat (under Windows) starts the separate terminal for the service output in oppose to startup.sh (in Unix). Is there way to direct my service output into the separate terminal window? I was using the apache axis2 server until now, but have to switch to Tomcat because I do not know how to make apache server to use SSL (how to configure it?) My service uses println output, it is a test utility and I want to keep it simple even if it is not most beautiful or optimal solution. Thanks Vadim. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
JSSE question
I am confused. Can Tomcat use only JKS keystore or it can also use pem or some other certificate storages? Thanks Vadim. (310)765-3812
Re: Can service output be redirected to the terminal window?
Vadim Letitchevski wrote: I am new to Tomcat. 1. I have several services written under axis2. I deployed them statically into Tomcat but don't seem to be able to list those services. 2. I have noticed that startup.bat (under Windows) starts the separate terminal for the service output in oppose to startup.sh (in Unix). Is there way to direct my service output into the separate terminal window? I was using the apache axis2 server until now, but have to switch to Tomcat because I do not know how to make apache server to use SSL (how to configure it?) My service uses println output, it is a test utility and I want to keep it simple even if it is not most beautiful or optimal solution. Vadim, I cannot really answer your question; but it is not very clear here if your question relates to Tomcat under Windows, or under Unix. Maybe this is due to the fact that the word service under Windows can be confusing. Under Windows, startup.bat is used to run Tomcat in a console window, not as a Windows Service. Running Tomcat as a Windows Service happens through another mechanism, which does not use startup.bat. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Can service output be redirected to the terminal window?
I am working under Linux actually. Thanks Vadim. -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Friday, December 04, 2009 3:46 PM To: Tomcat Users List Subject: Re: Can service output be redirected to the terminal window? Vadim Letitchevski wrote: I am new to Tomcat. 1. I have several services written under axis2. I deployed them statically into Tomcat but don't seem to be able to list those services. 2. I have noticed that startup.bat (under Windows) starts the separate terminal for the service output in oppose to startup.sh (in Unix). Is there way to direct my service output into the separate terminal window? I was using the apache axis2 server until now, but have to switch to Tomcat because I do not know how to make apache server to use SSL (how to configure it?) My service uses println output, it is a test utility and I want to keep it simple even if it is not most beautiful or optimal solution. Vadim, I cannot really answer your question; but it is not very clear here if your question relates to Tomcat under Windows, or under Unix. Maybe this is due to the fact that the word service under Windows can be confusing. Under Windows, startup.bat is used to run Tomcat in a console window, not as a Windows Service. Running Tomcat as a Windows Service happens through another mechanism, which does not use startup.bat. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installing SSL connector for Tomcat on Linux/Debian
fyi, i finally figured out what i was doing wrong. When building the tomcat
native connector i didn't include the '--with-ssl=yes' option ... see below
the correct command configure command:
# Build the Tomcat native connector.
cd tomcat-native-*-src/jni/native
JAVA_HOME=%{java_home} ./configure \
--prefix=%{home} \
--with-apr=/usr/bin/apr-1-config \
--with-ssl=yes
make
Hope this helps others with similar issue I had!
--skim
Daniele Development-ML wrote:
Hello everybody,
I'm trying to set up a SSL transport layer, but I'm coming up against some
difficulties.
Specifically, I followed all the steps requires and specified as in the
Tomcat guide - adding some suggestions I found around on several web site
for the installation of APR libraries - but still it doesn't work.
I'm using Tomcat 6.0.20 with the last version of APR library, on a
Lenny/Debian distribution.
The output I get in catalina.out is:
18-Aug-2009 18:05:55 org.apache.catalina.startup.SetAllPropertiesRule
begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property
'clientAuth' to 'false' did not find a matching property.
18-Aug-2009 18:05:55 org.apache.catalina.startup.SetAllPropertiesRule
begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property
'SSLEngine' to 'on' did not find a matching property.
18-Aug-2009 18:05:55 org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.1.16.
18-Aug-2009 18:05:55 org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters
[false], random [true].
18-Aug-2009 18:05:55 org.apache.catalina.core.AprLifecycleListener
lifecycleEvent
INFO: Failed to initialize the SSLEngine.
18-Aug-2009 18:05:55 org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
18-Aug-2009 18:05:55 org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8443
18-Aug-2009 18:05:55 org.apache.coyote.ajp.AjpAprProtocol init
INFO: Initializing Coyote AJP/1.3 on ajp-8009
18-Aug-2009 18:05:55 org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 656 ms
While my server configuration is:
!-- Define a SSL HTTP/1.1 Connector on port 8443 --
Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true
maxThreads=150 scheme=https secure=true clientAuth=false
sslProtocol=TLS enableLookups=false disableUploadTimeout=true
SSLEngine=on
SSLCertificateFile=${catalina.base}/config/certs/self-signed-cert.pem
SSLCertificateKeyFile=${catalina.base}/config/certs/rsa-private-key.pem/
Where the certificates where generated with OpenSLL on a Windows Platform.
In addition, I included the following lines at the beginning of setclass
file
CATALINA_OPTS=$CATALINA_OPTS
-Djava.library.path=/home/daniele/tomcat-6.0.20/bin/tomcat-native-1.1.16-src/jni/native/.libs
Where the APR libraries are deposed after the installation.
Any hints or suggestions?
Daniele
--
View this message in context:
http://old.nabble.com/Installing-SSL-connector-for-Tomcat-on-Linux-Debian-tp25030389p26651674.html
Sent from the Tomcat - User mailing list archive at Nabble.com.
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Control character in cookie value
Hi all,
I'm using seam on tomcat 6.0.20 and encounter problem in my security module.
Basically, i try to add cookie with base64 encoding of the username which is
email address.
The encoding works and no exception is thrown. But when seam try adding the
cookie an exception is thrown:
05/12/2009 02:23:00 com.sun.faces.lifecycle.Phase doPhase
SEVERE: JSF1054: (Phase ID: INVOKE_APPLICATION 5, View ID: /login.xhtml)
Exception thrown during phase execution:
javax.faces.event.phaseevent[source=com.sun.faces.lifecycle.lifecyclei...@7d5
05/12/2009 02:23:00 org.ajax4jsf.webapp.BaseXMLFilter doXmlFilter
SEVERE: Exception in the filter chain
javax.servlet.ServletException: #{identity.login}:
java.lang.IllegalArgumentException: Control character in cookie value,
consider BASE64 encoding your value
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:277)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
at
org.jboss.seam.web.IdentityFilter.doFilter(IdentityFilter.java:40)
at
org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at
org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:90)
at
org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at
org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
at
org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at
org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
at
org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at
org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:178)
at org.ajax4jsf.webapp.BaseFilter.handleRequest(BaseFilter.java:290)
at
org.ajax4jsf.webapp.BaseFilter.processUploadsAndHandleRequest(BaseFilter.java:390)
at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:517)
at
org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:56)
at
org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Thread.java:595)
Caused by: javax.faces.FacesException: #{identity.login}:
java.lang.IllegalArgumentException: Control character in cookie value,
consider BASE64 encoding your value
at
com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:118)
at javax.faces.component.UICommand.broadcast(UICommand.java:387)
at
org.ajax4jsf.component.AjaxViewRoot.processEvents(AjaxViewRoot.java:321)
at
org.ajax4jsf.component.AjaxViewRoot.broadcastEvents(AjaxViewRoot.java:296)
at
org.ajax4jsf.component.AjaxViewRoot.processPhase(AjaxViewRoot.java:253)
at
org.ajax4jsf.component.AjaxViewRoot.processApplication(AjaxViewRoot.java:466)
at
com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:82)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100)
at
com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
... 30 more
Caused by: javax.faces.el.EvaluationException:
java.lang.IllegalArgumentException: Control character in cookie value,
consider BASE64 encoding your value
at
javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:102)
at
com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)
... 39 more
Caused by: java.lang.IllegalArgumentException: Control character in cookie
value,
Re: JSSE question
Vadim Letitchevski vletitchev...@teledyne.com wrote in message news:e17da276f9a0c84fad22739de29c389005dafc3...@entmail01.tad.teledyne.com... I am confused. Can Tomcat use only JKS keystore or it can also use pem or some other certificate storages? In the Tomcat docs (http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html), it shows how to use a PKCS12 keystore. At some point that should be updated to include an example for using a PKCS11 keystore. The actual answer is that the JSSE Connector can use any keystore format that is supported by your Java vendor. In particular, with the Sun JVM, you can't use PEM (however the APR Connector does use PEM). However, it is usually pretty easy to convert PEM to PKCS12 (see the link above for an example). Thanks Vadim. (310)765-3812 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
