Re: Tomcat won't serve newly created files
Can you be more specific about their exact location?: They're stored in webapps/ROOT/files. (The actual app folder is renamed to ROOT I was unable to change the app context to the application folder so when the app is deployed the deployed folder is renamed to ROOT. This is something the previous admin guy setup/did so I left it the way it is. Or tried to anyway) Have you verified that the Tomcat userid has read access to those files?: Yes tomcat owns everything in the application folder directory and sub directories thus every file in the webapp directory downwards is listed as being owned by tomcat. Sorry, I should have been more clear. I meant what servlet or JSP is delivering the content? Is it Tomcat's DefaultServlet, or something else?: Upon looking it seems the Default servlet is the one serving the files (I think, but I'm no tomcat guru) What is an example of a failing URL?: https://www.ourcompany.net/files/company/1392534625.jpg You should post the element and WEB-INF/web.xml for the webapp; there might be something amiss: http://fpaste.org/wAmw/ as for the context.xml file, everything inside is commented out. On 11/02/2011, Caldarale, Charles R wrote: >> From: angelicos [mailto:angeli...@gmail.com] >> Subject: Re: Tomcat won't serve newly created files > >> I've looked through the logs also. Nothing about the 404 error. > > Turn on the AccessLogValve in server.xml to get some more information. > >> Regarding where the files are stored, I'm afriad it's in the >> deployment directory. > > Can you be more specific about their exact location? > > Have you verified that the Tomcat userid has read access to those files? > >> as to what mechanism is being used to serve the files >> Well https download. > > Sorry, I should have been more clear. I meant what servlet or JSP is > delivering the content? Is it Tomcat's DefaultServlet, or something else? > What is an example of a failing URL? > > You should post the element and WEB-INF/web.xml for the webapp; > there might be something amiss. > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you received > this in error, please contact the sender and delete the e-mail and its > attachments from all computers. > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > -- A Hundred Elephants can knock down the walls of a fortress. One diseased rat can kill everyone inside - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Monitor session count & request time.
Disregard that last email. If I had paid attention, I would not have skipped right past the part where it was about Solr. :-| -- Eric Robinson Disclaimer - February 11, 2011 This email and any files transmitted with it are confidential and intended solely for Tomcat Users List. If you are not the named addressee you should not disseminate, distribute, copy or alter this email. Any views or opinions presented in this email are solely those of the author and might not represent those of Physicians' Managed Care or Physician Select Management. Warning: Although Physicians' Managed Care or Physician Select Management has taken reasonable precautions to ensure no viruses are present in this email, the company cannot accept responsibility for any loss or damage arising from the use of this email or attachments. This disclaimer was added by Policy Patrol: http://www.policypatrol.com/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Monitor session count & request time.
> -Original Message- > From: Stijn Vanhoorelbeke [mailto:stijn.vanhoorelb...@gmail.com] > > Hi, > > I'm using Solr on my Tomcat 6 system. How can I measure how > much sessions there are active? > > I could find such info through Tomcat manager > (manager/html/sessions?path=/solr). But that shows up ALL the > sessions of the past 10 min. I only want to measure active sessions. Maybe I'm just too old school, but what's wrong with... # netstat -antp|grep java|grep ESTAB|wc -l > > Also, is there a way to measure the respons time, needed to > satisfy a request? This must be no log file ( too much > overhead to log all requests ), but just lets say retrieve 1 > request/respons time per minute. > I use the %D parameter in the pattern string of the AccessLogValve section of server.xml. It puts the response time in every entry in the jasper logs. Then I run a script to parse the logs and give me a nice little breakdown of response times. See: http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html --Eric Disclaimer - February 11, 2011 This email and any files transmitted with it are confidential and intended solely for Tomcat Users List. If you are not the named addressee you should not disseminate, distribute, copy or alter this email. Any views or opinions presented in this email are solely those of the author and might not represent those of Physicians' Managed Care or Physician Select Management. Warning: Although Physicians' Managed Care or Physician Select Management has taken reasonable precautions to ensure no viruses are present in this email, the company cannot accept responsibility for any loss or damage arising from the use of this email or attachments. This disclaimer was added by Policy Patrol: http://www.policypatrol.com/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat 7 and parsers...
On 2/11/11 10:40 PM, Tony Anecito wrote: > Hi All, > > Is it possible to replace xml parsers in Tomcat 7? Not really AFAIK. > Which xml parsers are used? Tomcat only parses XML at server or app startup. > I am just doing some performance testing of Tocat 7.0.8 and wondering. > Perhaps > only the APR that comes with Tomcat 7 does the parsing? Nope. What XML are you expecting Tomcat (as opposed to Java itself) to parse? > I am specifically running some performance tests with Jersey and trying > different performance tuning options and besides the jvm setting for tomcat. > I > tried using ApacheHttpClient with GET so far which seems to be the fastest > option. Of course I am looking for other tweeks. Tomcat doesn't get URLs, your app does. p > Thanks, > -Tony > > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > signature.asc Description: OpenPGP digital signature
Tomcat 7 and parsers...
Hi All, Is it possible to replace xml parsers in Tomcat 7? Which xml parsers are used? I am just doing some performance testing of Tocat 7.0.8 and wondering. Perhaps only the APR that comes with Tomcat 7 does the parsing? I am specifically running some performance tests with Jersey and trying different performance tuning options and besides the jvm setting for tomcat. I tried using ApacheHttpClient with GET so far which seems to be the fastest option. Of course I am looking for other tweeks. Thanks, -Tony - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tomcat 5.5.28 Servlet Spec 2.3 - When does Tomcat actually service requests?
I know that per the Servlet Spec 2.3 that Tomcat will start up the Listeners first and then start up any servlets. However, I am unsure (the spec is ambigious) on when the Servlet container is supposed to start servicing incoming requests. I have a Servlet that has a load-on-startup setting of 2 and this initializes some application settings. Granted, the best avenue for this is a Listener I'm wondering if Tomcat will service HTTP requests before or after the any load-on-startup Servlets are loaded. Specically Tomcat 5.5.28 to 5.5.31.
RE: Monitor session count & request time.
> From: Stijn Vanhoorelbeke [mailto:stijn.vanhoorelb...@gmail.com] > Subject: Monitor session count & request time. > is there a way to measure the respons time, needed to satisfy > a request? Take a look at this: http://moskito.anotheria.net/ Measures more than you can possibly think of... - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Monitor session count & request time.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Stijn, On 2/11/2011 11:09 AM, Stijn Vanhoorelbeke wrote: > I'm using Solr on my Tomcat 6 system. How can I measure how much sessions > there are active? > > I could find such info through Tomcat manager > (manager/html/sessions?path=/solr). But that shows up ALL the sessions of > the past 10 min. I only want to measure active sessions. Tomcat exposes lots of information via JMX. Connect using JConsole and look at the "MBeans" tab to poke around and see what's there. > Also, is there a way to measure the respons time, needed to satisfy a > request? This must be no log file ( too much overhead to log all requests ), > but just lets say retrieve 1 request/respons time per minute. This may be a tough thing to do without introducing a bottleneck. I think you'll have to do it yourself using something like a Valve or a filter, or even by modifying/subclassing the AccessLogValve to record only once per minute instead of all requests. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk1VnGsACgkQ9CaO5/Lv0PAXXwCePvftNuIE2i9L2hdbMrvpCcCg IZgAn0OMEsEEB8MSOjlyO2rhRhhn6pTp =8N6s -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat won't serve newly created files
> From: angelicos [mailto:angeli...@gmail.com] > Subject: Re: Tomcat won't serve newly created files > I've looked through the logs also. Nothing about the 404 error. Turn on the AccessLogValve in server.xml to get some more information. > Regarding where the files are stored, I'm afriad it's in the > deployment directory. Can you be more specific about their exact location? Have you verified that the Tomcat userid has read access to those files? > as to what mechanism is being used to serve the files > Well https download. Sorry, I should have been more clear. I meant what servlet or JSP is delivering the content? Is it Tomcat's DefaultServlet, or something else? What is an example of a failing URL? You should post the element and WEB-INF/web.xml for the webapp; there might be something amiss. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat won't serve newly created files
No. It's not a 3rd party repackaged tomcat, (downloaded from repos for the Linux machines and from apache on dev server) I've looked through the logs also. Nothing about the 404 error. Regarding where the files are stored, I'm afriad it's in the deployment directory. Not by my design. I just inherited the app. as to what mechanism is being used to serve the files Well https download. On 11/02/2011, Caldarale, Charles R wrote: >> From: angelicos [mailto:angeli...@gmail.com] >> Subject: Tomcat won't serve newly created files > >> We use Tomcat (Standalone) 5.5.29 on CentOS 5.4 >> and 5.5 virtual servers. > > Are you using a real Tomcat, or a 3rd-party repackaged one? If the latter, > the configuration may enable the security manager, which limits what can be > done from a webapp. Make sure you're running with a real Tomcat downloaded > from tomcat.apache.org. > >> I have a problem in which tomcat won't serve files >> newly created by the application. > > Where are the newly created files being stored? (Inside the webapp's > deployment directory would be a very bad answer.) > > What mechanism is being used to serve the files? > > Is there anything in the Tomcat logs related to the 404? > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you received > this in error, please contact the sender and delete the e-mail and its > attachments from all computers. > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > -- A Hundred Elephants can knock down the walls of a fortress. One diseased rat can kill everyone inside - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: IPv6 Issue with Tomcat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark, On 2/11/2011 12:14 PM, Mark Shifman wrote: > I was burned in a similar fashion. Phil Steitz (on the commons user list) > pointed me to. > http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6483406 > > One recommended fix/workaround is that suggested by Chuck in a previous post. I might recommend allowing loopback IPv6 communication, but that might not be reasonable in the OP's environment. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk1ViioACgkQ9CaO5/Lv0PDhnwCbBXY7IhAMMk53DaxSoAcWmmh5 KAEAni02VvvmaKsj0F9vjlr+liytLSjL =j/S0 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: IPv6 Issue with Tomcat
I was burned in a similar fashion. Phil Steitz (on the commons user list) pointed me to. http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6483406 One recommended fix/workaround is that suggested by Chuck in a previous post. mas On 02/11/2011 10:39 AM, Martin Dubuc wrote: > I am using Tomcat 6.0.29 and JDK 6 Update 23. > > Martin > > On Fri, Feb 11, 2011 at 10:30 AM, Caldarale, Charles R < > chuck.caldar...@unisys.com> wrote: > >>> From: Martin Dubuc [mailto:martind1...@gmail.com] >>> Subject: IPv6 Issue with Tomcat >> >>> I am wondering if there is configuration within Tomcat >>> to force the driver not to use IPv6. >> >> Not within Tomcat, but possibly for the JVM you're using. Try setting >> -Djava.net.preferIPv4Stack=true as a JVM system property parameter. >> >> Of course, not telling us your actual Tomcat version, the JVM level you're >> using, and the platform you're on makes providing advice somewhat of a shot >> in the dark. >> >> - Chuck >> >> >> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY >> MATERIAL and is thus for use only by the intended recipient. If you received >> this in error, please contact the sender and delete the e-mail and its >> attachments from all computers. >> >> >> - >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> > -- Mark Shifman MD. Ph.D. Yale Center for Medical Informatics Phone (203)737-5219 mark.shif...@yale.edu - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: CVE-2010-4476 - is it fixed or not?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Leon, On 2/10/2011 6:03 PM, Leon Rosenberg wrote: > short question, I read in the http://tomcat.apache.org/security-6.html > that a possible DoS attack vulnerability has been fixed in Request > class. > Does that mean that CVE-2010-4476 is > a) not an issue with 6.0.32++ > b) not an issue unless the app uses Double.parseDouble > c) probably not in issue in tomcat, at least until someone finds out it is. Tomcat uses Double.parseDouble in a few places that have not been addressed, but they are used for parsing values supplied by the administrator or webapp developer (like parsing the version string, for instance). This appears to be the only use of Double.parseDouble in Tomcat that could really be considered vulnerable. If you want to protect yourself entirely, consider upgrading or using the "fpupdate" program which patches your installation's rt.jar file. I have done this on all my servers. If you want to protect yourself on all Tomcat versions but still be vulnerable to application use of Double.parseDouble, see my followups to Mark's announcement this week: I show you how to protect Tomcat using two different techniques with Apache httpd... these could easily be adapted to use UrlRewrite if you aren't using a web server in front of Tomcat. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk1VY4IACgkQ9CaO5/Lv0PDGXACfcstSTQ/4uZCaQ4EL6+4S0Rl+ V8YAoIkZqeq7rdXbwSi7bQs85ndmO0r+ =6h/3 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Monitor session count & request time.
Hi, I'm using Solr on my Tomcat 6 system. How can I measure how much sessions there are active? I could find such info through Tomcat manager (manager/html/sessions?path=/solr). But that shows up ALL the sessions of the past 10 min. I only want to measure active sessions. Also, is there a way to measure the respons time, needed to satisfy a request? This must be no log file ( too much overhead to log all requests ), but just lets say retrieve 1 request/respons time per minute. Thank you,
RE: Tomcat won't serve newly created files
> From: angelicos [mailto:angeli...@gmail.com] > Subject: Tomcat won't serve newly created files > We use Tomcat (Standalone) 5.5.29 on CentOS 5.4 > and 5.5 virtual servers. Are you using a real Tomcat, or a 3rd-party repackaged one? If the latter, the configuration may enable the security manager, which limits what can be done from a webapp. Make sure you're running with a real Tomcat downloaded from tomcat.apache.org. > I have a problem in which tomcat won't serve files > newly created by the application. Where are the newly created files being stored? (Inside the webapp's deployment directory would be a very bad answer.) What mechanism is being used to serve the files? Is there anything in the Tomcat logs related to the 404? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tomcat won't serve newly created files
Hi all I am a bit of a newbie to this so bear with me please. We use Tomcat (Standalone) 5.5.29 on CentOS 5.4 and 5.5 virtual servers. I have a problem in which tomcat won't serve files newly created by the application. The pages return a 404 with the correct file path listed in the message, and I can browse and open the files listed. It will however serve the files already in the folder and I discovered that redeploying the app will work for the newly created files but not for the files created after re-deployment. I'm completely stumped as to why this is happening. The app works fine on the test server which runs on Windows. Thanks for your help
Re: IPv6 Issue with Tomcat
I am using Tomcat 6.0.29 and JDK 6 Update 23. Martin On Fri, Feb 11, 2011 at 10:30 AM, Caldarale, Charles R < chuck.caldar...@unisys.com> wrote: > > From: Martin Dubuc [mailto:martind1...@gmail.com] > > Subject: IPv6 Issue with Tomcat > > > I am wondering if there is configuration within Tomcat > > to force the driver not to use IPv6. > > Not within Tomcat, but possibly for the JVM you're using. Try setting > -Djava.net.preferIPv4Stack=true as a JVM system property parameter. > > Of course, not telling us your actual Tomcat version, the JVM level you're > using, and the platform you're on makes providing advice somewhat of a shot > in the dark. > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you received > this in error, please contact the sender and delete the e-mail and its > attachments from all computers. > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
RE: IPv6 Issue with Tomcat
> From: Martin Dubuc [mailto:martind1...@gmail.com] > Subject: IPv6 Issue with Tomcat > I am wondering if there is configuration within Tomcat > to force the driver not to use IPv6. Not within Tomcat, but possibly for the JVM you're using. Try setting -Djava.net.preferIPv4Stack=true as a JVM system property parameter. Of course, not telling us your actual Tomcat version, the JVM level you're using, and the platform you're on makes providing advice somewhat of a shot in the dark. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
IPv6 Issue with Tomcat
On my Tomcat server (currently running version 6.x), I have set up a firewall rule to drop all IPv6 traffic. It seems that this is causing some issue on startup, because the startup delay is noticeable (takes around 3 minutes) when the IPv6 firewall rule is on. If the IPv6 rule is not on, the server usually starts in a few seconds. By looking more closely at the problem, my understanding is that the delay is caused by the server trying to access the database realm. It is using JDBC to connect to the database. The driver is likely trying to communicate first using IPv6 and when a timeout occurs (because all IPv6 packets are dropped by the firewall), the driver switches back to IPv4 and then the startup is able to complete. To me, this seems to be a JDBC driver issue, but I am wondering if there is configuration within Tomcat to force the driver not to use IPv6. Martin
Re: Issue with Apache 2.2.3, Tomcat 6.0.29, and Flex
Martin Kuen wrote: Hi Michael, did you verify that your flex app is sending something when you hit the login button? (e.g. using wireshark) I have now done this testing, and it generates zero traffic on ports 80 or 8080 when I call the page via FQDN and hit login. When I call the page by IP and attempt login, network traffic happens. As you referring to a "compiled flex application", I am somewhat tempted to assume that you didn't write it on your own (?) I've asked the devs to go over their code again; maybe that is where the error lives. Thanks MSL - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: IIS6 not forwarding requests to Tomcat 5.5
I've installed Wireshark and indeed there is no network traffic flowing from IIS to AJP Connector, while it catches my other connection I did using telnet. But how do I find what's wrong with my IIS6 config? I've found IIS error log in systemroot\System32\LogFiles\HTTPERR folder but no errors there, also nothing in EventViewer. Can someone have a look at IIS config screen shots? https://picasaweb.google.com/madperro/IISTomcat?authkey=Gv1sRgCLC69v6XrszBHQ# Regards, Sebastian 2011/2/11 Sebastian Szuber : > Hi! > > You can see screen shots with ISAPI Filter, Virtual Directory and > Extension configurations using this link: > https://picasaweb.google.com/madperro/IISTomcat?authkey=Gv1sRgCLC69v6XrszBHQ# > > I've found only IIS access log entry with my request like this: > #Software: Microsoft Internet Information Services 6.0 > #Version: 1.0 > #Date: 2011-02-11 04:56:28 > #Fields: date time s-sitename s-computername s-ip cs-method > cs-uri-stem cs-uri-query s-port cs-username c-ip cs-version > cs(User-Agent) cs(Cookie) cs(Referer) cs-host sc-status sc-substatus > sc-win32-status sc-bytes cs-bytes time-taken > 2011-02-11 04:56:28 W3SVC1 127.0.0.1 GET > /analytics/res/Salsa_Glossary_en.htm - 80 - 127.0.0.1 HTTP/1.1 > Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) > nQuireID=6k2tvpltgiqfp0k1hvrmvaa0ahimnf9mjhvs7qizOr07UFe9W00;+sawU=;+JSESSIONID=C4D5E330BADB7B722CC8C330D669D460 > - localhost 404 2 1260 1795 414 796 > > But none any errors logged at least in Windows Event Viewer. Is there > any other place that I shall check for errors logged? > > Pozdrawiam, S. > > > > 2011/2/11 Mladen Turk : >> On 02/11/2011 10:09 AM, Sebastian Szuber wrote: >>> >>> Andre, >>> >>> HTTP Connector is listening to HTTP protocol on 8080 port - I've used >>> it to access Tomcat directly from the browser (without IIS) just to >>> check if Tomcat works. >>> So results shown in points 2 and 3 do not go through IIS. >>> >>> When I request page through IIS - don't see anything on this fact in >>> Tomcat logs. >>> >> >> Seems like you IIS is not well configured. >> Filter seems to work, but not extension. >> Check the IIS log. It should have error there. >> >> Where is /jakarta virtual dir defined and do you >> have all permissions set up. >> >> >> Regards >> -- >> ^TM >> >> - >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Issue with Apache 2.2.3, Tomcat 6.0.29, and Flex
Hi Martin, Martin Kuen wrote: Hi Michael, did you verify that your flex app is sending something when you hit the login button? (e.g. using wireshark) I have not done that as yet, but will give that a try. Thing is, it behaves as intended when called by IP, so I can't see it not sending anything when the page it's embedded in is called by DNS name instead. As you referring to a "compiled flex application", I am somewhat tempted to assume that you didn't write it on your own (?) Our inhouse coders developed it. I had no hand in writing it. It is a compiled app that uses a text config file in /etc to specify the address of the backend Tomcat server. --> Do you have a flash *debug* player installed? Otherwise, you won't see any errors, which are thrown by the flash app (and not handled). No, but I'll give that a try, too. Thanks for the suggestions - will report back my results. Cheers MSL Martin On Fri, Feb 11, 2011 at 12:56 PM, Michael Liermann wrote: Hello all, we have a testing server up that is running CentOS 5.4 32 bit, Java version 1.6.0_20, Apache 2.2.3 and Tomcat 6.0.29. Apache is set up to run two name-based vhosts, which I'll call system.domain.tld and test.domain.tld for short. For the test.domain.tld vhost, Apache serves a static HTML page that contains a link to a compiled Flex application (.swf file). This Flex app implements a login box and connects to Tomcat on the same server to authenticate users and provide functionality to the app. For system.domain.tld, Apache uses mod_jk and JKMount to make available a Java web app (systemapi) that is used by the Flex app to authenticate. When I call test.domain.tld via a web browser, Apache logs the request and serves the SWF file. The SWF displays a login box; when I enter data here and hit the login button...nothing happens. The Tomcat log file catalina.out is set to maximum verbosity, and it logs no activity whatsoever. When I use the IP address for test.domain.tld instead of the FQDN, then I can log on, Tomcat generates copious entries in catalina.out, and all works as intended. I don't think it's my Apache vhost config, since all the parts of the process that Apache is responsible for function properly in both cases. I've added Alias directives for both name-based vhosts in the Host section of Tomcat's server.xml, with no change. Any ideas? This has me baffled. Regards MSL - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org smime.p7s Description: S/MIME Cryptographic Signature
Re: Issue with Apache 2.2.3, Tomcat 6.0.29, and Flex
Hi Michael, did you verify that your flex app is sending something when you hit the login button? (e.g. using wireshark) As you referring to a "compiled flex application", I am somewhat tempted to assume that you didn't write it on your own (?) --> Do you have a flash *debug* player installed? Otherwise, you won't see any errors, which are thrown by the flash app (and not handled). Martin On Fri, Feb 11, 2011 at 12:56 PM, Michael Liermann wrote: > Hello all, > > we have a testing server up that is running CentOS 5.4 32 bit, Java version > 1.6.0_20, Apache 2.2.3 and Tomcat 6.0.29. Apache is set up to run two > name-based vhosts, which I'll call system.domain.tld and test.domain.tld for > short. For the test.domain.tld vhost, Apache serves a static HTML page that > contains a link to a compiled Flex application (.swf file). This Flex app > implements a login box and connects to Tomcat on the same server to > authenticate users and provide functionality to the app. For > system.domain.tld, Apache uses mod_jk and JKMount to make available a Java > web app (systemapi) that is used by the Flex app to authenticate. > > When I call test.domain.tld via a web browser, Apache logs the request and > serves the SWF file. The SWF displays a login box; when I enter data here > and hit the login button...nothing happens. The Tomcat log file catalina.out > is set to maximum verbosity, and it logs no activity whatsoever. > > When I use the IP address for test.domain.tld instead of the FQDN, then I > can log on, Tomcat generates copious entries in catalina.out, and all works > as intended. > > I don't think it's my Apache vhost config, since all the parts of the > process that Apache is responsible for function properly in both cases. I've > added Alias directives for both name-based vhosts in the Host section of > Tomcat's server.xml, with no change. > > Any ideas? This has me baffled. > > Regards > MSL > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Issue with Apache 2.2.3, Tomcat 6.0.29, and Flex
On 11/02/2011 11:56, Michael Liermann wrote: > Any ideas? This has me baffled. Enable access logging on httpd and Tomcat. Include the full request line and the host header. Run your test. Review the logs. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Issue with Apache 2.2.3, Tomcat 6.0.29, and Flex
Hello all, we have a testing server up that is running CentOS 5.4 32 bit, Java version 1.6.0_20, Apache 2.2.3 and Tomcat 6.0.29. Apache is set up to run two name-based vhosts, which I'll call system.domain.tld and test.domain.tld for short. For the test.domain.tld vhost, Apache serves a static HTML page that contains a link to a compiled Flex application (.swf file). This Flex app implements a login box and connects to Tomcat on the same server to authenticate users and provide functionality to the app. For system.domain.tld, Apache uses mod_jk and JKMount to make available a Java web app (systemapi) that is used by the Flex app to authenticate. When I call test.domain.tld via a web browser, Apache logs the request and serves the SWF file. The SWF displays a login box; when I enter data here and hit the login button...nothing happens. The Tomcat log file catalina.out is set to maximum verbosity, and it logs no activity whatsoever. When I use the IP address for test.domain.tld instead of the FQDN, then I can log on, Tomcat generates copious entries in catalina.out, and all works as intended. I don't think it's my Apache vhost config, since all the parts of the process that Apache is responsible for function properly in both cases. I've added Alias directives for both name-based vhosts in the Host section of Tomcat's server.xml, with no change. Any ideas? This has me baffled. Regards MSL - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: IIS6 not forwarding requests to Tomcat 5.5
Hi! You can see screen shots with ISAPI Filter, Virtual Directory and Extension configurations using this link: https://picasaweb.google.com/madperro/IISTomcat?authkey=Gv1sRgCLC69v6XrszBHQ# I've found only IIS access log entry with my request like this: #Software: Microsoft Internet Information Services 6.0 #Version: 1.0 #Date: 2011-02-11 04:56:28 #Fields: date time s-sitename s-computername s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs-version cs(User-Agent) cs(Cookie) cs(Referer) cs-host sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken 2011-02-11 04:56:28 W3SVC1 127.0.0.1 GET /analytics/res/Salsa_Glossary_en.htm - 80 - 127.0.0.1 HTTP/1.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) nQuireID=6k2tvpltgiqfp0k1hvrmvaa0ahimnf9mjhvs7qizOr07UFe9W00;+sawU=;+JSESSIONID=C4D5E330BADB7B722CC8C330D669D460 - localhost 404 2 1260 1795 414 796 But none any errors logged at least in Windows Event Viewer. Is there any other place that I shall check for errors logged? Pozdrawiam, S. 2011/2/11 Mladen Turk : > On 02/11/2011 10:09 AM, Sebastian Szuber wrote: >> >> Andre, >> >> HTTP Connector is listening to HTTP protocol on 8080 port - I've used >> it to access Tomcat directly from the browser (without IIS) just to >> check if Tomcat works. >> So results shown in points 2 and 3 do not go through IIS. >> >> When I request page through IIS - don't see anything on this fact in >> Tomcat logs. >> > > Seems like you IIS is not well configured. > Filter seems to work, but not extension. > Check the IIS log. It should have error there. > > Where is /jakarta virtual dir defined and do you > have all permissions set up. > > > Regards > -- > ^TM > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: IIS6 not forwarding requests to Tomcat 5.5
On 02/11/2011 10:09 AM, Sebastian Szuber wrote: Andre, HTTP Connector is listening to HTTP protocol on 8080 port - I've used it to access Tomcat directly from the browser (without IIS) just to check if Tomcat works. So results shown in points 2 and 3 do not go through IIS. When I request page through IIS - don't see anything on this fact in Tomcat logs. Seems like you IIS is not well configured. Filter seems to work, but not extension. Check the IIS log. It should have error there. Where is /jakarta virtual dir defined and do you have all permissions set up. Regards -- ^TM - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: CVE-2010-4476 - is it fixed or not?
On 02/11/2011 10:42 AM, Mark Thomas wrote: b) not an issue unless the app uses Double.parseDouble False. As per the announcement sent to all the usual places: Tomcat is affected when accessing a form based security constrained page or any page that calls javax.servlet.ServletRequest.getLocale() or javax.servlet.ServletRequest.getLocales(). I'd add that the app needs a workaround as well if directly parsing the problematic user/wire data (without patched JVM) Regards -- ^TM - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: CVE-2010-4476 - is it fixed or not?
On 10/02/2011 23:03, Leon Rosenberg wrote: > Hi, > > short question, I read in the http://tomcat.apache.org/security-6.html > that a possible DoS attack vulnerability has been fixed in Request > class. > Does that mean that CVE-2010-4476 is > a) not an issue with 6.0.32++ True. Also not an issue with 7.0.8+ and 5.5.33+ > b) not an issue unless the app uses Double.parseDouble False. As per the announcement sent to all the usual places: Tomcat is affected when accessing a form based security constrained page or any page that calls javax.servlet.ServletRequest.getLocale() or javax.servlet.ServletRequest.getLocales(). > c) probably not in issue in tomcat, at least until someone finds out it is. False. See above. I would add that Oracle have now released a patch for 1.6.0_23. If running on a patched JVM, CVE-2010-4476 is not an issue for *any* Tomcat version. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: IIS6 not forwarding requests to Tomcat 5.5
Andre, HTTP Connector is listening to HTTP protocol on 8080 port - I've used it to access Tomcat directly from the browser (without IIS) just to check if Tomcat works. So results shown in points 2 and 3 do not go through IIS. When I request page through IIS - don't see anything on this fact in Tomcat logs. Regards, Sebastian. 2011/2/11 André Warnier : > Hi. > > Something there does indeed not make sense. > Your configuration looks ok at first sight. > But this : > > 3. AccessLogValve is logging HTTP Connector request > 127.0.0.1 - - [11/Feb/2011:04:55:37 +] "GET > /analytics/res/Salsa_Glossary_en.htm HTTP/1.1" 304 - > > seems to indicate > 1) that Tomcat received the request > 2) that it responded with a 304 ("not modified") status > > (In other words, the browser had this in cache already, and sent the request > along with a "if-modified-since" header or the like, and the server answers > "well no, it has not been modified since then, so your copy is still valid" > (kind of)). > > But anyway, the communication between IIS and Tomcat seems to work. > > Why IIS would then respond with 404, I have no idea. > And how do you see that it answers with a 404 ? > What does the error page really say ? > > > Suggestions : > 1) make a small modification to the page Salsa_Glossary_en.htm, save it, and > then request the same URL again in the browser. > (Or find a way to completely clear the browser cache; but with IE that may > be tricky) > > 2) get yourself a browser plugin like : > - for IE : Fiddler2 > - for Firefox : HttpFox or similar > These allow you to see exactly what the browser is sending, and what the > server is answering. It is like a protocol analyser, but specialised for > HTTP. > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: IIS6 not forwarding requests to Tomcat 5.5
Hi. Something there does indeed not make sense. Your configuration looks ok at first sight. But this : 3. AccessLogValve is logging HTTP Connector request 127.0.0.1 - - [11/Feb/2011:04:55:37 +] "GET /analytics/res/Salsa_Glossary_en.htm HTTP/1.1" 304 - seems to indicate 1) that Tomcat received the request 2) that it responded with a 304 ("not modified") status (In other words, the browser had this in cache already, and sent the request along with a "if-modified-since" header or the like, and the server answers "well no, it has not been modified since then, so your copy is still valid" (kind of)). But anyway, the communication between IIS and Tomcat seems to work. Why IIS would then respond with 404, I have no idea. And how do you see that it answers with a 404 ? What does the error page really say ? Suggestions : 1) make a small modification to the page Salsa_Glossary_en.htm, save it, and then request the same URL again in the browser. (Or find a way to completely clear the browser cache; but with IE that may be tricky) 2) get yourself a browser plugin like : - for IE : Fiddler2 - for Firefox : HttpFox or similar These allow you to see exactly what the browser is sending, and what the server is answering. It is like a protocol analyser, but specialised for HTTP. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org