Re: [OT] Observer pattern?
JMS (like ActiceMQ) Terracotta DSO? Jens Sent from my iPhone On 13.06.2012, at 06:12, Albert Kam moonblade.w...@gmail.com wrote: If you are talking about how to notify other webapps, i think you're actually talking about integration between existing applications here, which can be done using RMI (java only and using a specific port), Hessian/Burlap (support several languages + http, but not java serialization) , or even Spring's HttpInvoker (java + spring + use http). But i think it's more usual for people to just implement web services, either the RESTful way or the SOAP way, which makes use of HTTP (which doesnt normally get blocked by firewall). But if the weight of your question is on the observer pattern, which is kinda like publish / subscribe, for example, publishing change event, and the listener of that type of event will execute some code (perhaps invoking external web services), i suggest you to look at google guava's EventBus code.google.com/p/guava-libraries/wiki/EventBusExplained Updating the view without user intervention is about realtime user experience, which could involve polling or pushing changes. I am not quite familiar in this, but i think polling is about using a smart timer in javascript to fetch any data changes and then update the view appropriately. For pushing data from backend to frontend, perhaps html 5's websocket could do, and perhaps comet also ? On Wed, Jun 13, 2012 at 5:00 AM, Leo Donahue - PLANDEVX leodona...@mail.maricopa.gov wrote: Could someone point me in the right direction. If three different web applications all rely on knowing when a piece of data changes, how does webapp #1 who makes the update, notify webapp #2 and webapp #3 that they need to make a request to update their view? For example: User of webapp #1 updates the status of something in a database and needs to inform the users of webapp #2 and webapp #3, who are updating other data yet watching for that status to change, that they need to update their view (fetch updated data from a database, or call some other method based on the changed status value). It sounds like the Observer pattern, but I don't know. Leo -- Do not pursue the past. Do not lose yourself in the future. The past no longer is. The future has not yet come. Looking deeply at life as it is in the very here and now, the practitioner dwells in stability and freedom. (Thich Nhat Hanh) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: iis not looking for jsp in tomcat webapps folder
Thanks for the reply Andre Warnier. It is not virus. It happened over the week end while the download of signatures failed. It is that IIS is not looking at the tomcat' webapps folder for the jsps through ISAPI filter. When I try to delete isapi_redirector dll, I keep getting the error the file is in use by another program. I'll try to install the latest version of tomcat and see what happens. Vijaya -Original Message- From: André Warnier Sent: Tuesday, June 12, 2012 3:47 PM To: Tomcat Users List Subject: Re: iis not looking for jsp in tomcat webapps folder Vijaya wrote: Hi All, After a long time I am having a problem that I cannot explain why is it happening. Help will be very much appreciated. Our portal www.eservicebazaar.com was working okay till last week. Suddenly we had the anti virus software, and link problem and after that the portal is not working okay. The current setting is In IIS 6, I have the jakarta isapi filter set and the default document only as and nothing else; All the portal related files are moved under inetpub/wwwroot except the jspfiles. jspfiles are located under tomcat../webapps/esb folder. The index.html that is located in wwwroot folder has nothing other than calling index.jsp from webapps directory. Till last friday, the portal was working okay and all of us could login to the portal from remote machines. last saturday, our link went down and when I connected the link back, I am not able to login to the portal both locally and remotely. the url invokes the index.html (means the name server, iis is working fine) but the index.jsp gives a 404 error. I tried all possible things like deleting the jakarta virtual directory, recreating the reg entries, and deleting the isap_redirector2.dll and copying back from the backup version. Nothing is working. Can any body help me what I need to do (reinstall IIS)? If you suspect that there was a virus infection, then the prudent thing to do is to take the server off the network, and re-install it completely (Windows included). I would say specially if this is a web server, because you may be spreading this virus much more widely than you even think. You probably already have. As for other help, what do you expect ? if it is a virus, then who knows what it may have corrupted. Re-install the system, and the next time, choose a platform and software that is less suceptible to that kind of thing (hint). - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: iis not looking for jsp in tomcat webapps folder
Hi. Quoting you : Vijaya wrote: Thanks for the reply Andre Warnier. It is not virus. It happened over the week end while the download of signatures failed. It is that IIS is not looking at the tomcat' webapps folder for the jsps through ISAPI filter. When I try to delete isapi_redirector dll, I keep getting the error the file is in use by another program. I'll try to install the latest version of tomcat and see what happens. [...] After a long time I am having a problem that I cannot explain why is it happening. Help will be very much appreciated. Our portal www.eservicebazaar.com was working okay till last week. Suddenly we had the anti virus software, and link problem and after that the portal is not working okay. The current setting is In IIS 6, I have the jakarta isapi filter set and the default document only as and nothing else; All the portal related files are moved under inetpub/wwwroot except the jspfiles. jspfiles are located under tomcat../webapps/esb folder. The index.html that is located in wwwroot folder has nothing other than calling index.jsp from webapps directory. Till last friday, the portal was working okay and all of us could login to the portal from remote machines. last saturday, our link went down and when I connected the link back, I am not able to login to the portal both locally and remotely. the url invokes the index.html (means the name server, iis is working fine) but the index.jsp gives a 404 error. I tried all possible things like deleting the jakarta virtual directory, recreating the reg entries, and deleting the isap_redirector2.dll and copying back from the backup version. Nothing is working. Can any body help me what I need to do (reinstall IIS)? Unquote Vijaya, there is not much that can be done with the explanation above. In summary : - it was working last week, and is not working this week. - something happened in-between, which may or may not involve a virus - since then you have been modifying Registry entries, deleting/recreating files and/or moving them around - and still nothing is working In normal circumstances, and to take a shortcut, I would probably tell you to 1) verify that Tomcat itself is working, by accessing your Tomcat application directly, through Tomcat's own HTTP port 2) if Tomcat is working, then stop IIS, de-install isapi_redirector, and re-install it properly according to the relevant on-line documentation. 3) and if you still have a problem then, turn on the logging feature of isapi_redirector, check the logs and try to determine exactly what happens. But, considering that you have already been making changes all over, including in the Registry, it is not even certain that the isapi_redirector de-installation procedure can work properly and will really clean up. We do not have a crystal ball here, and we cannot see your real system setup nor what happens to make it not work. So unless you come back here with a really precise and technical description of what you are doing, what happens, including a copy of the relevant log messages, there is not more we could do. Otherwise, my recommendation would still be the same : re-install this machine completely. Or use another machine, where Windows and IIS and Tomcat are a clean install, add isapi_redirector, and try it out. If it works, then compare with the machine that does not work. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: URL Rewriting
Kiran Badi wrote: Hi All, For some of the functionality, I have url in the below format http://localhost:8080/mysite/getmyservice.do?id=17 What I was looking for is to hide the id part of the url and just show something like http://localhost:8080/mysite/getmyservice.do# Is this hack possible with tomcat 7.011 or 7.027 or I need to write some filter to do this? I have Tomcat 7.027 on win 7 home premium and url is generated via servlet/jsp. Kiran, Why does that id=17 visible in the URL bother you ? Is it because of some security aspect ? (that the user could change it, and get something else than what they should be getting ?) 1) If that is the case, then the basic logic of your application is flawed. If this is information that really needs to be sent by the browser to the server, then the browser must have that information. And if that information originally comes from the server and is sent to the browser, then there is /nothing/ that you can do to block some user from playing around with it, before sending it back to the server. If you do not want the user to be able to play around with some information, then don't send it to him in the first place. 2) if the browser /must/ send some information to the server as part of the URL, then there is /nothing/ that can be done on the server side, to stop the browser showing this information in the URL bar. To illustrate this : - imagine that the server sends a page to the browser, and this page contains a link like : a href=http://localhost:8080/mysite/getmyservice.do?id=my-very-secret-information;click here/a Then the user, just by moving his mouse above click here, sees the content of that link at the bottom of his screen, in the status bar, right ? And the user can right-click on click here, and choose copy link location. And then the user can open another browser window, and paste this URL in the URL bar. And then the user can modify this link before hitting the return button, so that the link now looks like http://localhost:8080/mysite/getmyservice.do?id=some-other-information right ? And all this happens in the browser, /before/ the server even sees this browser request. So what could the server do ? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm
I am creating a website and implement security. For this I am using Form based authentication and JAASRealm. I have implemented the login module and able to authenticate but while authorizing tomcat is not able to load the user and role classes once I start the tomcat server. It gives the following error on startup (in the tomcat7-stderr.2012-06-13.log) Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm parseClassNames SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal not found! Class not added. Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm parseClassNames SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal not found! Class not added. I have taken help from http://blog.frankel.ch/custom-loginmodule-in-tomcat I tried even the sample one on the above website but gives the same error. Please let me know what am I missing. -- Regards, Javed Even a big pot full of water will be emptied by a small hole. Similarly just a little anger or ego will burn the nobility of good heart.
Re: tomcat cluster for stateless web application
On 12 Jun 2012, at 18:22, Albert Kam moonblade.w...@gmail.com wrote: I've noticed that in the documentation, it says a lot about session replication. I wonder what can be omitted in the configurations for a stateless java webapp setup (without any sessions), to hopefully get a simpler configuration or even gain more efficiency, bypassing the replication altogether ? Well, start by not configuring the cluster. That should be enough. p -- Do not pursue the past. Do not lose yourself in the future. The past no longer is. The future has not yet come. Looking deeply at life as it is in the very here and now, the practitioner dwells in stability and freedom. (Thich Nhat Hanh) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: post redirect get to the same tomcat instance in a tomcat cluster ?
On 12 Jun 2012, at 18:17, Albert Kam moonblade.w...@gmail.com wrote: Hi all ! Is it possible to do POST submit to the tomcat-A, redirect happens, and then GET to the same tomcat-A again in a tomcat cluster ? And, in hope to make things easier, all the tomcat servers in the cluster are stateless wihout any sessions You contradict this statement below by saying it does use s This needs arise because each tomcat servers will have it's own spring context (a kind of state, but not a per-user-session), and i am making use of flash attribute feature detailed in here : http://static.springsource.org/spring/docs/3.1.x/spring-framework-reference/html/mvc.html#mvc-flash-attributes Here are the relevant quotes from the page : Flash attributes provide a way for one request to store attributes intended for use in another. This is most commonly needed when redirecting — for example, the Post/Redirect/Get pattern. Flash attributes are saved temporarily before the redirect (typically in the session) to be made available to the request after the redirect and removed immediately. Flash attribute support is always on and does not need to enabled explicitly although if not used, it never causes HTTP session creation. On each request there is an input FlashMap with attributes passed from a previous request (if any) and an output FlashMap with attributes to save for a subsequent request. Both FlashMap instances are accessible from anywhere in Spring MVC through static methods in RequestContextUtils. -- Do not pursue the past. Do not lose yourself in the future. The past no longer is. The future has not yet come. Looking deeply at life as it is in the very here and now, the practitioner dwells in stability and freedom. (Thich Nhat Hanh) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: post redirect get to the same tomcat instance in a tomcat cluster ?
On 13/06/2012 13:13, Pid * wrote: On 12 Jun 2012, at 18:17, Albert Kam moonblade.w...@gmail.com wrote: Hi all ! Is it possible to do POST submit to the tomcat-A, redirect happens, and then GET to the same tomcat-A again in a tomcat cluster ? And, in hope to make things easier, all the tomcat servers in the cluster are stateless wihout any sessions You contradict this statement below by saying it does use s (Oops. Fat finger + touch screen...) You contradict this statement below by saying it does use sessions, below. Just because you are not directly using a session, it does not mean that a framework isn't doing so behind the scenes. If there's no need to replicate sessions, you can still use the sticky-session mechanism to pin a session to a node. See server.xml, Engine.jvmRoute in the docs. p This needs arise because each tomcat servers will have it's own spring context (a kind of state, but not a per-user-session), and i am making use of flash attribute feature detailed in here : http://static.springsource.org/spring/docs/3.1.x/spring-framework-reference/html/mvc.html#mvc-flash-attributes Here are the relevant quotes from the page : Flash attributes provide a way for one request to store attributes intended for use in another. This is most commonly needed when redirecting — for example, the Post/Redirect/Get pattern. Flash attributes are saved temporarily before the redirect (typically in the session) to be made available to the request after the redirect and removed immediately. Flash attribute support is always on and does not need to enabled explicitly although if not used, it never causes HTTP session creation. On each request there is an input FlashMap with attributes passed from a previous request (if any) and an output FlashMap with attributes to save for a subsequent request. Both FlashMap instances are accessible from anywhere in Spring MVC through static methods in RequestContextUtils. -- Do not pursue the past. Do not lose yourself in the future. The past no longer is. The future has not yet come. Looking deeply at life as it is in the very here and now, the practitioner dwells in stability and freedom. (Thich Nhat Hanh) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- [key:62590808] signature.asc Description: OpenPGP digital signature
Re: tomcat cluster for stateless web application
On 06/12/2012 07:21 PM, Albert Kam wrote: I've noticed that in the documentation, it says a lot about session replication. I wonder what can be omitted in the configurations for a stateless java webapp setup (without any sessions), to hopefully get a simpler configuration or even gain more efficiency, bypassing the replication altogether ? Hi Albert, only you have to setup is loadbalancer in front of your tomcat servers. That is all. Regards, Zdenek - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: HttpOnly
On 12/06/2012 15:11, Christopher Schultz wrote: Paul, On 6/12/12 9:03 AM, Paul Singleton wrote: On 12/06/2012 06:57, Caldarale, Charles R wrote: From: N.s.Karthik [mailto:nskarthi...@gmail.com] Subject: HttpOnly Tomcat 6.0.10 For some specific Reason We use Tomcat 6.0.10 for Dev/Deploy in INTRANET. Sorry, but there is simply no excuse for using a version of Tomcat that's over five years old. There may be a sound business rationale for using old versions of software. Maybe, but only if that version hasn't been updated - and even then the risk associated with that software increases over time, not decreases. Tomcat 5.5.9, for example, works as well now as it did when it was judged ready to be a stable release. What a pointless statement. Software doesn't degrade over time. The issue is not whether it works 'as well as it did' (it can't work any other way) it's whether it works as well as it was _supposed to_. If there are no bugs or missing features in it which affect the security or functionality of an application, then there is no benefit from upgrading What a bizarre statement, given the context you set is a release that happened in March 2005. 7 years ago. You are absolutely right. Feel free to read the find documentation on the Tomcat site about all the security vulnerabilities that have been fixed since 6.0.10 (and 5.5.9 for that matter). +1 but there will be costs and risks: * downtime and manpower for the upgrade Should I infer that a typical upgrade will take a long time a lot of people? Or are you saying that this is a small risk, 1 person and a few seconds? (A seven year window is probably enough to squeeze a couple of updates in.) * recommissioning/retesting: unless *all* acceptance tests are automated, this can be far more expensive than deploying the upgrade Yes, I sort of agree. Deploying the upgrade should be completely inexpensive; by comparison, the testing process should be more expensive, yes. You are right about this, too. But there are certainly risks to not upgrading as well. I'll leave those as an exercise for the reader. * risk of introducing new bugs in new code That is a comparison between: a) measurable risk of impact on your application from known bugs b) *perceived* risk of impact on your application from unknown/unidentified bugs You cannot measure b), you can only address a). Unless your webapp needs modifications to run under a new version of Tomcat (which should never be the case when staying on a major-version number line), you shouldn't be introducing any new bugs into any code. Unless you mean bugs in Tomcat, which are always a possibility. So I guess you're saying that it's better to stick with the devil you know? If that's what he's saying, then the argument is in favour of upgrading to address the bugs you *do* know about, surely? In general, older software is better understood and less risky than new software, and if it meets requirements, is preferable. Older software is only less risky if it's been debugged patched. Which means updating it regularly. Would you say that the businesses of the world circa late 1999 felt that their venerable Cobol apps presented less risk that newly written ones? Or that they presented more risk, because it wasn't clear what would happen to them when the clock flipped over to 2000? Or that they presented more risk because it was harder to find people with the right skill set to debug said applications? p In general, yes. I this case, no, for at least 2 reasons: 1. Many security, stability, and performance updates between 6.0.10 and 6.0.35. 2. Volunteer support on this forum doesn't care to support truly ancient versions of software that is freely available. If the OP wants to go purchase a support contract for Tomcat 6.0.10, he or she can certainly do that. -- [key:62590808] signature.asc Description: OpenPGP digital signature
Re: Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm
- Original Message - I am creating a website and implement security. For this I am using Form based authentication and JAASRealm. I have implemented the login module and able to authenticate but while authorizing tomcat is not able to load the user and role classes once I start the tomcat server. It gives the following error on startup (in the tomcat7-stderr.2012-06-13.log) Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm parseClassNames SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal not found! Class not added. Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm parseClassNames SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal not found! Class not added. The classes mentioned above cannot be found. 1.) What are they classes? They are not part of Tomcat. 2.) Have you placed the classes on the classpath somewhere? If so, where? Dan I have taken help from http://blog.frankel.ch/custom-loginmodule-in-tomcat I tried even the sample one on the above website but gives the same error. Please let me know what am I missing. -- Regards, Javed Even a big pot full of water will be emptied by a small hole. Similarly just a little anger or ego will burn the nobility of good heart. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Jakarta ISAP Redirector
I hope this is the right place to post this question. We have the latest Jakarta Plugin installed with IIS 7.5. Do you know, does the plugin specifically block /services requests on wsdl's If I go here: http://myural/myapp/services I get a page not available However, if I am locally on the page the services listing does load. Also, if I go here from my desk: http://myural/myapp/services/someservicename?wsdl It works fine. In fact all the wsdl's work I just cannot display the services list remotely. Thanks in advance. - Alex
Re: URL Rewriting
Please inline for my answers Andre. Kiran, Why does that id=17 visible in the URL bother you ? Is it because of some security aspect ? (that the user could change it, and get something else than what they should be getting ?) Thanks for reminding this aspect.I was not checking for empty resultset in my code.Fixed that one now.:) 1) If that is the case, then the basic logic of your application is flawed. If this is information that really needs to be sent by the browser to the server, then the browser must have that information. And if that information originally comes from the server and is sent to the browser, then there is /nothing/ that you can do to block some user from playing around with it, before sending it back to the server. If you do not want the user to be able to play around with some information, then don't send it to him in the first place. O Ok let me share the way I wrote this piece, href=%=request.getContextPath()%/getmyservice.do?id=${myid} , this is link basically where I append the id(id comes from DB) send this to the servlet and it the pulls the records from db for corresponding id and then sends it back again to JSP for display.But I am not able to figure out as why I not getting the url of jsp something like http://localhost:8080/ourstory/myiddata.jsp .So thought that let me try to rewrite the url in case if its possible. 2) if the browser /must/ send some information to the server as part of the URL, then there is /nothing/ that can be done on the server side, to stop the browser showing this information in the URL bar. To illustrate this : - imagine that the server sends a page to the browser, and this page contains a link like : a href=http://localhost:8080/mysite/getmyservice.do?id=my-very-secret-information;click here/a Then the user, just by moving his mouse above click here, sees the content of that link at the bottom of his screen, in the status bar, right ? And the user can right-click on click here, and choose copy link location. And then the user can open another browser window, and paste this URL in the URL bar. And then the user can modify this link before hitting the return button, so that the link now looks like http://localhost:8080/mysite/getmyservice.do?id=some-other-information right ? And all this happens in the browser, /before/ the server even sees this browser request. So what could the server do ? This is interesting information,how about sending the info as POST rather than Get.Not sure if I can convert clicking of the link from get from post.but I will try.But again the place where I am displaying the generating the links, is not within form, they just hyperlinks with id appended to it. Now I know both get/post can be broken if one wants it,thats all together is different case,but for now I need tidy and clean url with no id appended to it. Does my requirement makes sense ? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Jakarta ISAP Redirector
DeMarco, Alex wrote: I hope this is the right place to post this question. It is the right place. We have the latest Jakarta Plugin installed with IIS 7.5. Do you know, does the plugin specifically block /services requests on wsdl's Short answer : no, it does not specifically block any request. In fact, it is the opposite : it only forwards requests to Tomcat, if the request URL matches some pre-defined values. See : http://tomcat.apache.org/connectors-doc/webserver_howto/iis.html the section How does it work ?. (and for the word worker, understand a back-end tomcat). One more thing : the isapi_redirector can write a logfile. See item (3) in the section Configuring the ISAPI Redirector for details. The logfile will tell you when and why it is forwarding a request to Tomcat and when/why not. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Jakarta ISAP Redirector
On 13 Jun 2012, at 18:18, DeMarco, Alex alex.dema...@suny.edu wrote: I hope this is the right place to post this question. We have the latest Jakarta Plugin installed with IIS 7.5. Do you know, does the plugin specifically block /services requests on wsdl's No, it doesn't. If I go here: http://myural/myapp/services I get a page not available Please post your config. p However, if I am locally on the page the services listing does load. Also, if I go here from my desk: http://myural/myapp/services/someservicename?wsdl It works fine. In fact all the wsdl's work I just cannot display the services list remotely. Thanks in advance. - Alex - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm
- Original Message - From: Daniel Mikusa dmik...@vmware.com To: Tomcat Users List users@tomcat.apache.org Cc: Sent: Wednesday, June 13, 2012 6:25 AM Subject: Re: Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm - Original Message - I am creating a website and implement security. For this I am using Form based authentication and JAASRealm. I have implemented the login module and able to authenticate but while authorizing tomcat is not able to load the user and role classes once I start the tomcat server. It gives the following error on startup (in the tomcat7-stderr.2012-06-13.log) Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm parseClassNames SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal not found! Class not added. Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm parseClassNames SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal not found! Class not added. The classes mentioned above cannot be found. 1.) What are they classes? They are not part of Tomcat. 2.) Have you placed the classes on the classpath somewhere? If so, where? Dan I have taken help from http://blog.frankel.ch/custom-loginmodule-in-tomcat I tried even the sample one on the above website but gives the same error. Please let me know what am I missing. -- Regards, Javed WARNING === The following is based on Tomcat's documentation. I have not written my own JAAS Realm, so your mileage may vary. WARNING === The documentation that I'm basing this on can be found here: http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html#JAASRealm http://tomcat.apache.org/tomcat-7.0-doc/config/realm.html There are a few things to note from the blog post. The place the blog tells you to put the Realm configuration is confusing at best. As mentioned in the blog post, you can place your Realm definition in the Engine, Host, or Context elements. Unfortunately, the notes for the context element is a bit misleading. If you place your Realm definition in the Context element, it should be in one of two places. 1. application's META-INF/context.xml 2. CATALINA_BASE/conf/Catalina/[hostname]/appname.xml. [hostname] is typically localhost appname.xml is the name of your application.xml. I suppose you could also place the Realm definition in CATALINA_BASE/conf/Catalina/[hostname]/context.xml.default. Placing your classes (LoginModule and Principal) within Tomcat combined with the above information probably follows the logic below. Again, I've not tried this. I'm just reading the documentation. 1. If you define your JAASRealm in your application's context.xml a. Place the LoginModule and Principle classes in WEB-INF/classes or WEB-INF/lib of your application b. No special attribute needs to be set 2. If you define your JAASRealm in Engine or Host (server.xml) a. Place the LoginModule and Principle classes in CATALINA_HOME/lib as a jar file b. Add the following attribute to the JAASRealm definition useContextClassLoader=true This tells Tomcat to use the container classloader rather than the application's classloader to find the classes. An advantage of doing things the first way is that you can easily change your JAAS implementation and just reload the web application. An advantage of doing things the second way is that you only have to define the resource once for the entire Engine or Host. However changes to the implementation would then require a Tomcat restart. In any event, you'll need to indicate where your jaas.config file lives. The easiest way to do this is by setting a JAVA_OPTS environment variable. 1. Create a setenv.sh (or setenv.bat if you're on Windows) 2. Add the information to JAVA_OPTS. In a setenv.sh file, it would look like: JAVA_OPTS=-Djava.security.auth.login.config=$CATALINA_BASE/conf/jaas.config export JAVA_OPTS Note that the examples for doing this in both the Tomcat documentation and the JAAS documentation have a double equals ( == ) sign for the assignment. I'm not sure why this is the case. Again, this is just my reading of the documentation. Your mileage may vary. . . . only one cent, since I've no experience /mde/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: URL Rewriting
On Wed, Jun 13, 2012 at 11:12 AM, Kiran Badi ki...@poonam.org wrote: why I not getting the url of jsp something like http://localhost:8080/ourstory/myiddata.jsp If you want 'clean' URLs you should get rid of the '.jsp' too, but ... The bottom line is the value for 'id' needs to come from somewhere. Your choices are: 1) Embed it in the URL for GET requests, either via query string or as path info (e.g. /story/data/17 ) and handle the security aspect (if any) yourself 2) Use a form to POST the request with the id included (a bit clunky, same security issue) 3) Save the 'id' in session and use that -- everyone sees the same URL e.g. /story/data but with unique data. Obviously, this doesn't work for a resource that's intended to be shared :-) HTH, -- Hassan Schroeder hassan.schroe...@gmail.com http://about.me/hassanschroeder twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: URL Rewriting
Thanks Hassan. If you want 'clean' URLs you should get rid of the '.jsp' too, but ... The bottom line is the value for 'id' needs to come from somewhere. Your choices are: 1) Embed it in the URL for GET requests, either via query string or as path info (e.g. /story/data/17 ) and handle the security aspect (if any) yourself Kiran : I think this is what I am presently doing. 2) Use a form to POST the request with the id included (a bit clunky, same security issue) Form will not work as data is dynamic and form I feel will not serve the purpose. 3) Save the 'id' in session and use that -- everyone sees the same URL e.g. /story/data but with unique data. Obviously, this doesn't work for a resource that's intended to be shared :-) Yup I agree, session is ruled out.I just dont have that much patience to figure the things out if I get some nasty behavior.I just dont have that level of skill nor time. The way I have done this is ok for me, it serves my purpose and also I dont have the data which is kind of private.Its just that I was exploring if we can hide the id. HTH, - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: URL Rewriting
On Wed, Jun 13, 2012 at 2:34 PM, Kiran Badi ki...@poonam.org wrote: 1) Embed it in the URL for GET requests, either via query string or as path info (e.g. /story/data/17 ) I think this is what I am presently doing. The query string approach, yes; personally I think the pathinfo approach is cleaner visually. 2) Use a form to POST the request with the id included (a bit clunky, same security issue) Form will not work as data is dynamic and form I feel will not serve the purpose. The data being dynamic isn't relevant. And this approach *is* used by frameworks like Rails for cases where GET isn't appropriate. But each approach has advantages and disadvantages, so... -- Hassan Schroeder hassan.schroe...@gmail.com http://about.me/hassanschroeder twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
wget and Tomcat resources
Dear all, Our developer has set a cronjob similar to this: wget -T 0 http://ourserver.com/email_sender which calls a javabean to check pending emails to send in a database and actually send them. I'm concerned about this, since I have realized that we have peaks of 500 http connections per minute exactly about the same time this cronjob runs. I'm just wondering if this cronjob is performing several retries (since it sets a 0 timeout) and count as http hits. This increase of http hits (not related to people connecting since people connect in office hours and this happens early morning) is happening together with an increase of use of memory. Regards, Miguel - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Jakarta ISAP Redirector
Yes I have looked in the log file and set it debug. There are no errors logged. My uriworkermap has this: /myapp=DTS_Submission /myapp/*=DTS_Submission My Workers file has: worker.list=DTS_Submission worker.DTS_Submission.type=ajp13 worker.DTS_Submission.host=xxx.xxx.xxx.xxx worker.DTS_Submission.port=3305 If I am locally on the box (with a local host entry that maps to the same IIS site on that box) it works fine. However, from my desktop I get a page could not be found... However, it says it can't find http://myurl:80/jakarta/isapi_redirect.dll I have double and triple checked my config. From my desktop this works: http://myurl/myapp/services/mywebservice?wsdl but this fails http:// myurl/myapp/services?wsdl but when on the local sever everything works. I see no errors in the log. It's like IIS is stopping the request?? - Alex -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Wednesday, June 13, 2012 2:18 PM To: Tomcat Users List Subject: Re: Jakarta ISAP Redirector DeMarco, Alex wrote: I hope this is the right place to post this question. It is the right place. We have the latest Jakarta Plugin installed with IIS 7.5. Do you know, does the plugin specifically block /services requests on wsdl's Short answer : no, it does not specifically block any request. In fact, it is the opposite : it only forwards requests to Tomcat, if the request URL matches some pre-defined values. See : http://tomcat.apache.org/connectors-doc/webserver_howto/iis.html the section How does it work ?. (and for the word worker, understand a back-end tomcat). One more thing : the isapi_redirector can write a logfile. See item (3) in the section Configuring the ISAPI Redirector for details. The logfile will tell you when and why it is forwarding a request to Tomcat and when/why not. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: wget and Tomcat resources
The -T 0 options limits disables the timeout, so it will hold the connection open until it gets a response. Personally, I'd remove it as if the 'ourserver' fails to respond (busy, network issues, solar flares), that wget job will sit on the calling server forever. The default is 900 seconds, which is usually good enough. Sometimes you might lower it to say 30 seconds if you are trying to measure the responsiness of a connection. Also get you developer to add -t 1 This limits the amount of times it will try to fetch a connection. Have a look on the box running the script to see if there are a lot of these wget jobs sitting there. My guess is that there is, and when 'ourserver' finally get around to answering the requests, it does them all at once. The one thing you don't mention is how frequently this cron executes. Try: wget -t 1 http://ourserver.com/email_sender if your cron executes every minute, make the connection only last 20 seconds or fail: wget -t 1 -T 20 http://ourserver.com/email_sender -Original Message- From: Miguel González Castaños [mailto:miguel_3_gonza...@yahoo.es] Sent: Thursday, 14 June 2012 9:14 AM To: Tomcat Users List Subject: wget and Tomcat resources Dear all, Our developer has set a cronjob similar to this: wget -T 0 http://ourserver.com/email_sender which calls a javabean to check pending emails to send in a database and actually send them. I'm concerned about this, since I have realized that we have peaks of 500 http connections per minute exactly about the same time this cronjob runs. I'm just wondering if this cronjob is performing several retries (since it sets a 0 timeout) and count as http hits. This increase of http hits (not related to people connecting since people connect in office hours and this happens early morning) is happening together with an increase of use of memory. Regards, Miguel - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Jakarta ISAP Redirector
I have 4 servers all configured the same way.. Locally the call works fine yet remotely I get an iis 404 - Alex -Original Message- From: DeMarco, Alex [mailto:alex.dema...@suny.edu] Sent: Wednesday, June 13, 2012 8:45 PM To: Tomcat Users List Subject: RE: Jakarta ISAP Redirector Yes I have looked in the log file and set it debug. There are no errors logged. My uriworkermap has this: /myapp=DTS_Submission /myapp/*=DTS_Submission My Workers file has: worker.list=DTS_Submission worker.DTS_Submission.type=ajp13 worker.DTS_Submission.host=xxx.xxx.xxx.xxx worker.DTS_Submission.port=3305 If I am locally on the box (with a local host entry that maps to the same IIS site on that box) it works fine. However, from my desktop I get a page could not be found... However, it says it can't find http://myurl:80/jakarta/isapi_redirect.dll I have double and triple checked my config. From my desktop this works: http://myurl/myapp/services/mywebservice?wsdl but this fails http:// myurl/myapp/services?wsdl but when on the local sever everything works. I see no errors in the log. It's like IIS is stopping the request?? - Alex -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Wednesday, June 13, 2012 2:18 PM To: Tomcat Users List Subject: Re: Jakarta ISAP Redirector DeMarco, Alex wrote: I hope this is the right place to post this question. It is the right place. We have the latest Jakarta Plugin installed with IIS 7.5. Do you know, does the plugin specifically block /services requests on wsdl's Short answer : no, it does not specifically block any request. In fact, it is the opposite : it only forwards requests to Tomcat, if the request URL matches some pre-defined values. See : http://tomcat.apache.org/connectors-doc/webserver_howto/iis.html the section How does it work ?. (and for the word worker, understand a back-end tomcat). One more thing : the isapi_redirector can write a logfile. See item (3) in the section Configuring the ISAPI Redirector for details. The logfile will tell you when and why it is forwarding a request to Tomcat and when/why not. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: post redirect get to the same tomcat instance in a tomcat cluster ?
Oops, i really misread the documentation, thinking it will never use session to provide that feature. Thank you for the pointers ! On Wed, Jun 13, 2012 at 7:23 PM, Pid p...@pidster.com wrote: On 13/06/2012 13:13, Pid * wrote: On 12 Jun 2012, at 18:17, Albert Kam moonblade.w...@gmail.com wrote: Hi all ! Is it possible to do POST submit to the tomcat-A, redirect happens, and then GET to the same tomcat-A again in a tomcat cluster ? And, in hope to make things easier, all the tomcat servers in the cluster are stateless wihout any sessions You contradict this statement below by saying it does use s (Oops. Fat finger + touch screen...) You contradict this statement below by saying it does use sessions, below. Just because you are not directly using a session, it does not mean that a framework isn't doing so behind the scenes. If there's no need to replicate sessions, you can still use the sticky-session mechanism to pin a session to a node. See server.xml, Engine.jvmRoute in the docs. p This needs arise because each tomcat servers will have it's own spring context (a kind of state, but not a per-user-session), and i am making use of flash attribute feature detailed in here : http://static.springsource.org/spring/docs/3.1.x/spring-framework-reference/html/mvc.html#mvc-flash-attributes Here are the relevant quotes from the page : Flash attributes provide a way for one request to store attributes intended for use in another. This is most commonly needed when redirecting — for example, the Post/Redirect/Get pattern. Flash attributes are saved temporarily before the redirect (typically in the session) to be made available to the request after the redirect and removed immediately. Flash attribute support is always on and does not need to enabled explicitly although if not used, it never causes HTTP session creation. On each request there is an input FlashMap with attributes passed from a previous request (if any) and an output FlashMap with attributes to save for a subsequent request. Both FlashMap instances are accessible from anywhere in Spring MVC through static methods in RequestContextUtils. -- Do not pursue the past. Do not lose yourself in the future. The past no longer is. The future has not yet come. Looking deeply at life as it is in the very here and now, the practitioner dwells in stability and freedom. (Thich Nhat Hanh) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- [key:62590808] -- Do not pursue the past. Do not lose yourself in the future. The past no longer is. The future has not yet come. Looking deeply at life as it is in the very here and now, the practitioner dwells in stability and freedom. (Thich Nhat Hanh) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org