date:20120613

Re: [OT] Observer pattern?

2012-06-13 Thread mailingl...@j-b-s.de

JMS (like ActiceMQ)

Terracotta DSO?


Jens


Sent from my iPhone

On 13.06.2012, at 06:12, Albert Kam moonblade.w...@gmail.com wrote:

 If you are talking about how to notify other webapps, i think you're
 actually talking about integration between existing applications here,
 which can be done using RMI (java only and using a specific port),
 Hessian/Burlap (support several languages + http, but not java
 serialization) , or even Spring's HttpInvoker (java + spring + use
 http).
 But i think it's more usual for people to just implement web services,
 either the RESTful way or the SOAP way, which makes use of HTTP (which
 doesnt normally get blocked by firewall).
 
 But if the weight of your question is on the observer pattern, which
 is kinda like publish / subscribe,
 for example, publishing change event, and the listener of that type of
 event will execute some code (perhaps invoking external web services),
 i suggest you to look at google guava's EventBus
 code.google.com/p/guava-libraries/wiki/EventBusExplained
 
 Updating the view without user intervention is about realtime user
 experience, which could involve polling or pushing changes. I am not
 quite familiar in this, but i think polling is about using a smart
 timer in javascript to fetch any data changes and then update the view
 appropriately.
 For pushing data from backend to frontend, perhaps html 5's websocket
 could do, and perhaps comet also ?
 
 On Wed, Jun 13, 2012 at 5:00 AM, Leo Donahue - PLANDEVX
 leodona...@mail.maricopa.gov wrote:
 Could someone point me in the right direction.
 
 If three different web applications all rely on knowing when a piece of data 
 changes, how does webapp #1 who makes the update, notify webapp #2 and 
 webapp #3 that they need to make a request to update their view?
 
 For example:
 
 User of webapp #1 updates the status of something in a database and needs to 
 inform the users of webapp #2 and webapp #3, who are updating other data yet 
 watching for that status to change, that they need to update their view 
 (fetch updated data from a database, or call some other method based on the 
 changed status value).
 
 It sounds like the Observer pattern, but I don't know.
 
 Leo
 
 
 
 
 -- 
 Do not pursue the past. Do not lose yourself in the future.
 The past no longer is. The future has not yet come.
 Looking deeply at life as it is in the very here and now,
 the practitioner dwells in stability and freedom.
 (Thich Nhat Hanh)
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: iis not looking for jsp in tomcat webapps folder

2012-06-13 Thread Vijaya

Thanks for the reply Andre Warnier. It is not virus. It happened over the 
week end while the download of signatures failed. It is that IIS is not 
looking at the tomcat' webapps folder for the jsps through ISAPI filter. 
When I try to delete isapi_redirector dll, I keep getting the error the file 
is in use by another program. I'll try to install the latest version of 
tomcat and see what happens.


Vijaya

-Original Message- 
From: André Warnier

Sent: Tuesday, June 12, 2012 3:47 PM
To: Tomcat Users List
Subject: Re: iis not looking for jsp in tomcat webapps folder

Vijaya wrote:

Hi All,

After a long time I am having a problem that I cannot explain why is it 
happening. Help will be very much appreciated.


Our portal www.eservicebazaar.com was working okay till last week. 
Suddenly we had the anti virus software, and link problem and after that 
the portal is not working okay.


The current setting is
In IIS 6, I have the jakarta isapi filter set  and the default document 
only as and nothing else; All the portal related files are moved under 
inetpub/wwwroot except the jspfiles. jspfiles are located under 
tomcat../webapps/esb folder.
The index.html that is located in wwwroot folder has nothing other than 
calling index.jsp from webapps directory.
Till last friday, the portal was working okay and all of us could login to 
the portal from remote machines. last saturday, our link went down and 
when I connected the link back, I am not able to login to the portal both 
locally and remotely.
the url  invokes the index.html (means the name server, iis is working 
fine) but the index.jsp gives a 404 error.
I tried all possible things like deleting the jakarta virtual directory, 
recreating the reg entries, and deleting the isap_redirector2.dll and 
copying back from the backup version. Nothing is working.

Can any body help me what I need to do (reinstall IIS)?



If you suspect that there was a virus infection, then the prudent thing to 
do is to take

the server off the network, and re-install it completely (Windows included).
I would say specially if this is a web server, because you may be spreading 
this virus

much more widely than you even think.  You probably already have.

As for other help, what do you expect ? if it is a virus, then who knows 
what it may have
corrupted.  Re-install the system, and the next time, choose a platform and 
software that

is less suceptible to that kind of thing (hint).





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org 



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: iis not looking for jsp in tomcat webapps folder

2012-06-13 Thread André Warnier

Hi.

Quoting you :

Vijaya wrote:
Thanks for the reply Andre Warnier. It is not virus. It happened over
the week end while the download of signatures failed. It is that IIS is
not looking at the tomcat' webapps folder for the jsps through ISAPI
filter. When I try to delete isapi_redirector dll, I keep getting the
error the file is in use by another program. I'll try to install the
latest version of tomcat and see what happens.

[...]

After a long time I am having a problem that I cannot explain why is
it happening. Help will be very much appreciated.

Our portal www.eservicebazaar.com was working okay till last week.
Suddenly we had the anti virus software, and link problem and after
that the portal is not working okay.

The current setting is
In IIS 6, I have the jakarta isapi filter set and the default
document only as and nothing else; All the portal related files are
moved under inetpub/wwwroot except the jspfiles. jspfiles are located
under tomcat../webapps/esb folder.
The index.html that is located in wwwroot folder has nothing other
than calling index.jsp from webapps directory.
Till last friday, the portal was working okay and all of us could
login to the portal from remote machines. last saturday, our link went
down and when I connected the link back, I am not able to login to the
portal both locally and remotely.
the url invokes the index.html (means the name server, iis is working
fine) but the index.jsp gives a 404 error.
I tried all possible things like deleting the jakarta virtual
directory, recreating the reg entries, and deleting the
isap_redirector2.dll and copying back from the backup version. Nothing
is working.

Can any body help me what I need to do (reinstall IIS)?

Unquote

Vijaya,
there is not much that can be done with the explanation above.
In summary :
- it was working last week, and is not working this week.
- something happened in-between, which may or may not involve a virus
- since then you have been modifying Registry entries, deleting/recreating files and/or
moving them around

- and still nothing is working

In normal circumstances, and to take a shortcut, I would probably tell you to
1) verify that Tomcat itself is working, by accessing your Tomcat application directly,
through Tomcat's own HTTP port
2) if Tomcat is working, then stop IIS, de-install isapi_redirector, and re-install it
properly according to the relevant on-line documentation.
3) and if you still have a problem then, turn on the logging feature of isapi_redirector,
check the logs and try to determine exactly what happens.

But, considering that you have already been making changes all over, including in the
Registry, it is not even certain that the isapi_redirector de-installation procedure can
work properly and will really clean up.

We do not have a crystal ball here, and we cannot see your real system setup nor what
happens to make it not work. So unless you come back here with a really precise and
technical description of what you are doing, what happens, including a copy of the
relevant log messages, there is not more we could do.

Otherwise, my recommendation would still be the same : re-install this machine
completely.
Or use another machine, where Windows and IIS and Tomcat are a clean install, add
isapi_redirector, and try it out. If it works, then compare with the machine that does not
work.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: URL Rewriting

2012-06-13 Thread André Warnier


Kiran Badi wrote:

Hi All,

For some of the functionality, I have url in the below format

http://localhost:8080/mysite/getmyservice.do?id=17

What I was looking for is to hide the id part of the url and just show 
something like


http://localhost:8080/mysite/getmyservice.do#

Is this hack possible with tomcat 7.011 or 7.027 or I need to write some 
filter to do this?


I have Tomcat 7.027 on win 7 home premium and url is generated via 
servlet/jsp.




Kiran,

Why does that id=17 visible in the URL bother you ?
Is it because of some security aspect ? (that the user could change it, and get something 
else than what they should be getting ?)


1) If that is the case, then the basic logic of your application is flawed.  If this is 
information that really needs to be sent by the browser to the server, then the browser 
must have that information. And if that information originally comes from the server and 
is sent to the browser, then there is /nothing/ that you can do to block some user from 
playing around with it, before sending it back to the server.
If you do not want the user to be able to play around with some information, then don't 
send it to him in the first place.


2) if the browser /must/ send some information to the server as part of the URL, then 
there is /nothing/ that can be done on the server side, to stop the browser showing this 
information in the URL bar.


To illustrate this :
- imagine that the server sends a page to the browser, and this page contains a 
link like :
a href=http://localhost:8080/mysite/getmyservice.do?id=my-very-secret-information;click 
here/a


Then the user, just by moving his mouse above click here, sees the content of that link 
at the bottom of his screen, in the status bar, right ?

And the user can right-click on click here, and choose copy link location.
And then the user can open another browser window, and paste this URL in the 
URL bar.
And then the user can modify this link before hitting the return button, so that the link 
now looks like

http://localhost:8080/mysite/getmyservice.do?id=some-other-information
right ?
And all this happens in the browser, /before/ the server even sees this browser 
request.
So what could the server do ?



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm

2012-06-13 Thread javed ansari

I am creating a website and implement security. For this I am using Form
based authentication and JAASRealm. I have implemented the login module and
able to authenticate but while authorizing tomcat is not able to load the
user and role classes once I start the tomcat server.

It gives the following error on startup (in the
tomcat7-stderr.2012-06-13.log)
Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm parseClassNames
SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal not
found! Class not added.
Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm parseClassNames
SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal not
found! Class not added.

I have taken help from
http://blog.frankel.ch/custom-loginmodule-in-tomcat

I tried even the sample one on the above website but gives the same error.
Please let me know what am I missing.
-- 
Regards,
Javed

Even a big pot full of water will be emptied by a small hole.
Similarly just a little anger or ego will burn the nobility of good heart.

Re: tomcat cluster for stateless web application

2012-06-13 Thread Pid *

On 12 Jun 2012, at 18:22, Albert Kam moonblade.w...@gmail.com wrote:

 I've noticed that in the documentation, it says a lot about session 
 replication.

 I wonder what can be omitted in the configurations for a stateless
 java webapp setup (without any sessions),
 to hopefully get a simpler configuration or even gain more efficiency,
 bypassing the replication altogether ?

Well, start by not configuring the cluster. That should be enough.


p



 --
 Do not pursue the past. Do not lose yourself in the future.
 The past no longer is. The future has not yet come.
 Looking deeply at life as it is in the very here and now,
 the practitioner dwells in stability and freedom.
 (Thich Nhat Hanh)

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: post redirect get to the same tomcat instance in a tomcat cluster ?

2012-06-13 Thread Pid *

On 12 Jun 2012, at 18:17, Albert Kam moonblade.w...@gmail.com wrote:

Hi all !

Is it possible to do POST submit to the tomcat-A, redirect happens,
and then GET to the same tomcat-A again in a tomcat cluster ?
And, in hope to make things easier, all the tomcat servers in the
cluster are stateless wihout any sessions

You contradict this statement below by saying it does use s

This needs arise because each tomcat servers will have it's own spring
context (a kind of state, but not a per-user-session),
and i am making use of flash attribute feature detailed in here :
http://static.springsource.org/spring/docs/3.1.x/spring-framework-reference/html/mvc.html#mvc-flash-attributes

Here are the relevant quotes from the page :

Flash attributes provide a way for one request to store attributes
intended for use in another. This is most commonly needed when
redirecting — for example, the Post/Redirect/Get pattern. Flash
attributes are saved temporarily before the redirect (typically in the
session) to be made available to the request after the redirect and
removed immediately.

Flash attribute support is always on and does not need to enabled
explicitly although if not used, it never causes HTTP session
creation. On each request there is an input FlashMap with attributes
passed from a previous request (if any) and an output FlashMap with
attributes to save for a subsequent request. Both FlashMap instances
are accessible from anywhere in Spring MVC through static methods in
RequestContextUtils.

--
Do not pursue the past. Do not lose yourself in the future.
The past no longer is. The future has not yet come.
Looking deeply at life as it is in the very here and now,
the practitioner dwells in stability and freedom.
(Thich Nhat Hanh)

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: post redirect get to the same tomcat instance in a tomcat cluster ?

2012-06-13 Thread Pid

On 13/06/2012 13:13, Pid * wrote:
On 12 Jun 2012, at 18:17, Albert Kam moonblade.w...@gmail.com wrote:

Hi all !

You contradict this statement below by saying it does use s

(Oops. Fat finger + touch screen...)

You contradict this statement below by saying it does use sessions,
below. Just because you are not directly using a session, it does not
mean that a framework isn't doing so behind the scenes.

If there's no need to replicate sessions, you can still use the
sticky-session mechanism to pin a session to a node.

See server.xml, Engine.jvmRoute in the docs.

Here are the relevant quotes from the page :

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

[key:62590808]

signature.asc
Description: OpenPGP digital signature

Re: tomcat cluster for stateless web application

2012-06-13 Thread zhenek


On 06/12/2012 07:21 PM, Albert Kam wrote:

I've noticed that in the documentation, it says a lot about session replication.

I wonder what can be omitted in the configurations for a stateless
java webapp setup (without any sessions),
to hopefully get a simpler configuration or even gain more efficiency,
bypassing the replication altogether ?


Hi Albert,

only you have to setup is loadbalancer in front of your tomcat servers. 
That is all.


Regards,
Zdenek

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: HttpOnly

2012-06-13 Thread Pid

On 12/06/2012 15:11, Christopher Schultz wrote:
 Paul,
 
 On 6/12/12 9:03 AM, Paul Singleton wrote:
 On 12/06/2012 06:57, Caldarale, Charles R wrote:
 From: N.s.Karthik [mailto:nskarthi...@gmail.com] Subject:
 HttpOnly

 Tomcat 6.0.10

 For some specific Reason We use Tomcat 6.0.10 for Dev/Deploy
 in INTRANET.

 Sorry, but there is simply no excuse for using a version of
 Tomcat that's over five years old.
 
 There may be a sound business rationale for using old versions of 
 software.

Maybe, but only if that version hasn't been updated - and even then the
risk associated with that software increases over time, not decreases.


 Tomcat 5.5.9, for example, works as well now as it did when it was 
 judged ready to be a stable release.

What a pointless statement.  Software doesn't degrade over time.

The issue is not whether it works 'as well as it did' (it can't work any
other way) it's whether it works as well as it was _supposed to_.


 If there are no bugs or missing features in it which affect the 
 security or functionality of an application, then there is no
 benefit from upgrading

What a bizarre statement, given the context you set is a release that
happened in March 2005.  7 years ago.


 You are absolutely right. Feel free to read the find documentation on
 the Tomcat site about all the security vulnerabilities that have been
 fixed since 6.0.10 (and 5.5.9 for that matter).

+1


 but there will be costs and risks:
 
 * downtime and manpower for the upgrade

Should I infer that a typical upgrade will take a long time  a lot of
people?  Or are you saying that this is a small risk, 1 person and a few
seconds?

(A seven year window is probably enough to squeeze a couple of updates in.)


 * recommissioning/retesting: unless *all* acceptance tests are 
 automated, this can be far more expensive than deploying the 
 upgrade

Yes, I sort of agree.  Deploying the upgrade should be completely
inexpensive; by comparison, the testing process should be more
expensive, yes.


 You are right about this, too. But there are certainly risks to not
 upgrading as well. I'll leave those as an exercise for the reader.
 
 * risk of introducing new bugs in new code

That is a comparison between:

 a) measurable risk of impact on your application from known bugs

 b) *perceived* risk of impact on your application from
unknown/unidentified bugs

You cannot measure b), you can only address a).


 Unless your webapp needs modifications to run under a new version of
 Tomcat (which should never be the case when staying on a major-version
 number line), you shouldn't be introducing any new bugs into any code.
 Unless you mean bugs in Tomcat, which are always a possibility.
 
 So I guess you're saying that it's better to stick with the devil you
 know?

If that's what he's saying, then the argument is in favour of upgrading
to address the bugs you *do* know about, surely?


 In general, older software is better understood and less risky
 than new software, and if it meets requirements, is preferable.

Older software is only less risky if it's been debugged  patched.
Which means updating it regularly.

Would you say that the businesses of the world circa late 1999 felt that
their venerable Cobol apps presented less risk that newly written ones?

Or that they presented more risk, because it wasn't clear what would
happen to them when the clock flipped over to 2000?

Or that they presented more risk because it was harder to find people
with the right skill set to debug said applications?


p

 In general, yes. I this case, no, for at least 2 reasons:
 
 1. Many security, stability, and performance updates between 6.0.10
and 6.0.35.
 2. Volunteer support on this forum doesn't care to support truly
ancient versions of software that is freely available.
 
 If the OP wants to go purchase a support contract for Tomcat 6.0.10,
 he or she can certainly do that.






-- 

[key:62590808]



signature.asc
Description: OpenPGP digital signature

Re: Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm

2012-06-13 Thread Daniel Mikusa

- Original Message -
 I am creating a website and implement security. For this I am using
 Form
 based authentication and JAASRealm. I have implemented the login
 module and
 able to authenticate but while authorizing tomcat is not able to load
 the
 user and role classes once I start the tomcat server.
 
 It gives the following error on startup (in the
 tomcat7-stderr.2012-06-13.log)
 Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm
 parseClassNames
 SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal
 not
 found! Class not added.
 Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm
 parseClassNames
 SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal
 not
 found! Class not added.

The classes mentioned above cannot be found.

1.) What are they classes?  They are not part of Tomcat.

2.) Have you placed the classes on the classpath somewhere?  If so, where?

Dan



 
 I have taken help from
 http://blog.frankel.ch/custom-loginmodule-in-tomcat
 
 I tried even the sample one on the above website but gives the same
 error.
 Please let me know what am I missing.
 --
 Regards,
 Javed
 
 Even a big pot full of water will be emptied by a small hole.
 Similarly just a little anger or ego will burn the nobility of good
 heart.
 
 

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Jakarta ISAP Redirector

2012-06-13 Thread DeMarco, Alex

I hope this is the right place to post this question.

 

We have the latest Jakarta Plugin installed with IIS 7.5.

 

Do you know, does the plugin specifically block  /services requests on
wsdl's

 

If I go here:

 

 

http://myural/myapp/services

 

I get a page not available

 

However, if I am locally on the page the services listing does load.

 

Also,  if I go here from my desk:

 

http://myural/myapp/services/someservicename?wsdl

 

It works fine.  In fact all the wsdl's work I just cannot display the
services list remotely.

 

Thanks in advance.

 

-  Alex

Re: URL Rewriting

2012-06-13 Thread Kiran Badi


Please inline for my answers Andre.

Kiran,


Why does that id=17 visible in the URL bother you ?
Is it because of some security aspect ? (that the user could change 
it, and get something else than what they should be getting ?)
Thanks for reminding this aspect.I was not checking for empty resultset 
in my code.Fixed that one now.:)


1) If that is the case, then the basic logic of your application is 
flawed.  If this is information that really needs to be sent by the 
browser to the server, then the browser must have that information. 
And if that information originally comes from the server and is sent 
to the browser, then there is /nothing/ that you can do to block some 
user from playing around with it, before sending it back to the server.
If you do not want the user to be able to play around with some 
information, then don't send it to him in the first place. O

Ok let me share the way I wrote this piece,

href=%=request.getContextPath()%/getmyservice.do?id=${myid} , this 
is link basically where I append the id(id comes from DB) send this to 
the servlet and it the pulls the records from db for corresponding id 
and then sends it back again to JSP for display.But I am not able to 
figure out as why I not getting the url of jsp something like


http://localhost:8080/ourstory/myiddata.jsp

.So thought that let me try to rewrite the url in case if its possible.


2) if the browser /must/ send some information to the server as part 
of the URL, then there is /nothing/ that can be done on the server 
side, to stop the browser showing this information in the URL bar.


To illustrate this :
- imagine that the server sends a page to the browser, and this page 
contains a link like :
a 
href=http://localhost:8080/mysite/getmyservice.do?id=my-very-secret-information;click 
here/a


Then the user, just by moving his mouse above click here, sees the 
content of that link at the bottom of his screen, in the status bar, 
right ?
And the user can right-click on click here, and choose copy link 
location.
And then the user can open another browser window, and paste this URL 
in the URL bar.
And then the user can modify this link before hitting the return 
button, so that the link now looks like

http://localhost:8080/mysite/getmyservice.do?id=some-other-information
right ?
And all this happens in the browser, /before/ the server even sees 
this browser request.

So what could the server do ?
This is interesting information,how about sending the info as POST 
rather than Get.Not sure if I can convert clicking of the link from get 
from post.but I will try.But again the place where I am displaying the 
generating the links, is not within form, they just hyperlinks with id 
appended to it.


Now I know both get/post can be broken if one wants it,thats all 
together is different case,but for now I need tidy and clean url with no 
id appended to it.


Does my requirement makes sense ?



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Jakarta ISAP Redirector

2012-06-13 Thread André Warnier


DeMarco, Alex wrote:

I hope this is the right place to post this question.



It is the right place.

 


We have the latest Jakarta Plugin installed with IIS 7.5.

 


Do you know, does the plugin specifically block  /services requests on
wsdl's



Short answer : no, it does not specifically block any request.
In fact, it is the opposite : it only forwards requests to Tomcat, if the request URL 
matches some pre-defined values.

See :
http://tomcat.apache.org/connectors-doc/webserver_howto/iis.html
the section How does it work ?.
(and for the word worker, understand a back-end tomcat).

One more thing : the isapi_redirector can write a logfile.
See item (3) in the section Configuring the ISAPI Redirector for details.
The logfile will tell you when and why it is forwarding a request to Tomcat and 
when/why not.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Jakarta ISAP Redirector

2012-06-13 Thread Pid *

On 13 Jun 2012, at 18:18, DeMarco, Alex alex.dema...@suny.edu wrote:

 I hope this is the right place to post this question.



 We have the latest Jakarta Plugin installed with IIS 7.5.



 Do you know, does the plugin specifically block  /services requests on
 wsdl's

No, it doesn't.

 If I go here:

 http://myural/myapp/services

 I get a page not available

Please post your config.


p




 However, if I am locally on the page the services listing does load.



 Also,  if I go here from my desk:



 http://myural/myapp/services/someservicename?wsdl



 It works fine.  In fact all the wsdl's work I just cannot display the
 services list remotely.



 Thanks in advance.



 -  Alex














-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm

2012-06-13 Thread Mark Eggers

- Original Message -

 From: Daniel Mikusa dmik...@vmware.com
 To: Tomcat Users List users@tomcat.apache.org
 Cc: 
 Sent: Wednesday, June 13, 2012 6:25 AM
 Subject: Re: Apache tomcat (7.0.27) is not loading the user and role class 
 for JAASRealm

 - Original Message -
  I am creating a website and implement security. For this I am using
  Form
  based authentication and JAASRealm. I have implemented the login
  module and
  able to authenticate but while authorizing tomcat is not able to load
  the
  user and role classes once I start the tomcat server.

  It gives the following error on startup (in the
  tomcat7-stderr.2012-06-13.log)
  Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm
  parseClassNames
  SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal
  not
  found! Class not added.
  Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm
  parseClassNames
  SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal
  not
  found! Class not added.

 The classes mentioned above cannot be found.

 1.) What are they classes?  They are not part of Tomcat.

 2.) Have you placed the classes on the classpath somewhere?  If so, where?

 Dan

  I have taken help from
  http://blog.frankel.ch/custom-loginmodule-in-tomcat

  I tried even the sample one on the above website but gives the same
  error.
  Please let me know what am I missing.
  --
  Regards,
  Javed

WARNING
===

The following is based on Tomcat's documentation. I have not written my own 
JAAS Realm, so your mileage may vary.

WARNING
===

The documentation that I'm basing this on can be found here:

http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html#JAASRealm
http://tomcat.apache.org/tomcat-7.0-doc/config/realm.html

There are a few things to note from the blog post.

The place the blog tells you to put the Realm configuration is confusing at 
best.

As mentioned in the blog post, you can place your Realm definition in the 
Engine, Host, or Context elements. Unfortunately, the notes for the context 
element is a bit misleading.

If you place your Realm definition in the Context element, it should be in one 
of two places.

1. application's META-INF/context.xml
2. CATALINA_BASE/conf/Catalina/[hostname]/appname.xml.
   [hostname] is typically localhost 
   appname.xml is the name of your application.xml.

I suppose you could also place the Realm definition in 
CATALINA_BASE/conf/Catalina/[hostname]/context.xml.default.

Placing your classes (LoginModule and Principal) within Tomcat combined with 
the above information probably follows the logic below. Again, I've not tried 
this. I'm just reading the documentation.

1. If you define your JAASRealm in your application's context.xml

a. Place the LoginModule and Principle classes in WEB-INF/classes or 
   WEB-INF/lib of your application
b. No special attribute needs to be set

2. If you define your JAASRealm in Engine or Host (server.xml)

a. Place the LoginModule and Principle classes in CATALINA_HOME/lib as a jar 
file
b. Add the following attribute to the JAASRealm definition

   useContextClassLoader=true

This tells Tomcat to use the container classloader rather than the 
application's classloader to find the classes.

An advantage of doing things the first way is that you can easily change your 
JAAS implementation and just reload the web application.

An advantage of doing things the second way is that you only have to define the 
resource once for the entire Engine or Host. However changes to the 
implementation would then require a Tomcat restart.

In any event, you'll need to indicate where your jaas.config file lives. The 
easiest way to do this is by setting a JAVA_OPTS environment variable.

1. Create a setenv.sh (or setenv.bat if you're on Windows)
2. Add the information to JAVA_OPTS. In a setenv.sh file, it would look like:

JAVA_OPTS=-Djava.security.auth.login.config=$CATALINA_BASE/conf/jaas.config
export JAVA_OPTS

Note that the examples for doing this in both the Tomcat documentation and the 
JAAS documentation have a double equals ( == ) sign for the assignment. I'm not 
sure why this is the case.

Again, this is just my reading of the documentation. Your mileage may vary.

. . . only one cent, since I've no experience
/mde/

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: URL Rewriting

2012-06-13 Thread Hassan Schroeder

On Wed, Jun 13, 2012 at 11:12 AM, Kiran Badi ki...@poonam.org wrote:

 why I not getting the url of jsp something like

 http://localhost:8080/ourstory/myiddata.jsp

If you want 'clean' URLs you should get rid of the '.jsp' too, but ...

The bottom line is the value for 'id' needs to come from somewhere.
Your choices are:

1) Embed it in the URL for GET requests, either via query string or
as path info  (e.g. /story/data/17 ) and handle the security aspect
(if any) yourself

2) Use a form to POST the request with the id included (a bit clunky,
 same security issue)

3) Save the 'id' in session and use that -- everyone sees the same URL
 e.g. /story/data but with unique data. Obviously, this doesn't work for
 a resource that's intended to be shared  :-)

HTH,
-- 
Hassan Schroeder  hassan.schroe...@gmail.com
http://about.me/hassanschroeder
twitter: @hassan

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: URL Rewriting

2012-06-13 Thread Kiran Badi


Thanks Hassan.

If you want 'clean' URLs you should get rid of the '.jsp' too, but ...



The bottom line is the value for 'id' needs to come from somewhere.
Your choices are:

1) Embed it in the URL for GET requests, either via query string or
as path info  (e.g. /story/data/17 ) and handle the security aspect
(if any) yourself

Kiran : I think this is what I am presently doing.


2) Use a form to POST the request with the id included (a bit clunky,
  same security issue)
Form will not work as data is dynamic and form I feel will not serve the 
purpose.


3) Save the 'id' in session and use that -- everyone sees the same URL
  e.g. /story/data but with unique data. Obviously, this doesn't work for
  a resource that's intended to be shared  :-)
Yup I agree, session is ruled out.I just dont have that much patience to 
figure the things out if I get some nasty behavior.I just dont have that 
level of skill nor time.
The way I have done this is ok for me, it serves my purpose and also I 
dont have the data which is kind of private.Its just that I was 
exploring if we can hide the id.


HTH,



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: URL Rewriting

2012-06-13 Thread Hassan Schroeder

On Wed, Jun 13, 2012 at 2:34 PM, Kiran Badi ki...@poonam.org wrote:

 1) Embed it in the URL for GET requests, either via query string or
   as path info  (e.g. /story/data/17 )

 I think this is what I am presently doing.

The query string approach, yes; personally I think the pathinfo approach
is cleaner visually.

 2) Use a form to POST the request with the id included (a bit clunky,
      same security issue)

 Form will not work as data is dynamic and form I feel will not serve the
 purpose.

The data being dynamic isn't relevant. And this approach *is* used
by frameworks like Rails for cases where GET isn't appropriate.

But each approach has advantages and disadvantages, so...

-- 
Hassan Schroeder  hassan.schroe...@gmail.com
http://about.me/hassanschroeder
twitter: @hassan

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

wget and Tomcat resources

2012-06-13 Thread Miguel González Castaños


Dear all,

  Our developer has set a cronjob similar to this:

  wget -T 0 http://ourserver.com/email_sender

  which calls a javabean to check pending emails to send in a database 
and actually send them.


  I'm concerned about this, since I have realized that we have peaks of 
500 http connections per minute exactly about the same time this cronjob 
runs. I'm just wondering if this cronjob is performing several retries 
(since it sets a 0 timeout) and count as http hits.


  This increase of http hits (not related to people connecting since 
people connect in office hours and this happens early morning) is 
happening together with an increase of use of memory.


   Regards,

   Miguel

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Jakarta ISAP Redirector

2012-06-13 Thread DeMarco, Alex

Yes I have looked in the log file and set it debug.  There are no errors logged.

My uriworkermap has this:


/myapp=DTS_Submission
/myapp/*=DTS_Submission

My Workers file has:

worker.list=DTS_Submission

worker.DTS_Submission.type=ajp13
worker.DTS_Submission.host=xxx.xxx.xxx.xxx
worker.DTS_Submission.port=3305


If I am locally on the box (with a local host entry that maps to the same IIS 
site on that box) it works fine.

However, from my desktop I get a page could not be found...  However, it says 
it can't find http://myurl:80/jakarta/isapi_redirect.dll  I have double and 
triple checked my config.

From my desktop this works:

http://myurl/myapp/services/mywebservice?wsdl

but this fails

http:// myurl/myapp/services?wsdl

but when on the local sever everything works.  I see no errors in the log.  
It's like IIS is stopping the request??

- Alex

-Original Message-
From: André Warnier [mailto:a...@ice-sa.com] 
Sent: Wednesday, June 13, 2012 2:18 PM
To: Tomcat Users List
Subject: Re: Jakarta ISAP Redirector

DeMarco, Alex wrote:
 I hope this is the right place to post this question.
 

It is the right place.

  
 
 We have the latest Jakarta Plugin installed with IIS 7.5.
 
  
 
 Do you know, does the plugin specifically block  /services requests on 
 wsdl's
 

Short answer : no, it does not specifically block any request.
In fact, it is the opposite : it only forwards requests to Tomcat, if the 
request URL matches some pre-defined values.
See :
http://tomcat.apache.org/connectors-doc/webserver_howto/iis.html
the section How does it work ?.
(and for the word worker, understand a back-end tomcat).

One more thing : the isapi_redirector can write a logfile.
See item (3) in the section Configuring the ISAPI Redirector for details.
The logfile will tell you when and why it is forwarding a request to Tomcat and 
when/why not.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: wget and Tomcat resources

2012-06-13 Thread Darryl Lewis


The -T 0 options limits disables the timeout, so it will hold the connection 
open until it gets a response.
Personally, I'd remove it as if the 'ourserver' fails to respond (busy, network 
issues, solar flares), that wget job will sit on the calling server forever. 
The default is 900 seconds, which is usually good enough. Sometimes you might 
lower it to say 30 seconds if you are trying to measure the responsiness of a 
connection.

Also get you developer to add -t 1
This limits the amount of times it will try to fetch a connection.

Have a look on the box running the script to see if there are a lot of these 
wget jobs sitting there. My guess is that there is, and when 'ourserver' 
finally get around to answering the requests, it does them all at once.
The one thing you don't mention is how frequently this cron executes. 
Try:

wget -t 1 http://ourserver.com/email_sender

if your cron executes every minute, make the connection only last 20 seconds or 
fail:

wget -t 1 -T 20 http://ourserver.com/email_sender



-Original Message-
From: Miguel González Castaños [mailto:miguel_3_gonza...@yahoo.es] 
Sent: Thursday, 14 June 2012 9:14 AM
To: Tomcat Users List
Subject: wget and Tomcat resources

Dear all,

   Our developer has set a cronjob similar to this:

   wget -T 0 http://ourserver.com/email_sender

   which calls a javabean to check pending emails to send in a database 
and actually send them.

   I'm concerned about this, since I have realized that we have peaks of 
500 http connections per minute exactly about the same time this cronjob 
runs. I'm just wondering if this cronjob is performing several retries 
(since it sets a 0 timeout) and count as http hits.

   This increase of http hits (not related to people connecting since 
people connect in office hours and this happens early morning) is 
happening together with an increase of use of memory.

Regards,

Miguel

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Jakarta ISAP Redirector

2012-06-13 Thread DeMarco, Alex

I have 4 servers all configured the same way..  Locally the call works fine yet 
remotely I get an iis 404

- Alex

-Original Message-
From: DeMarco, Alex [mailto:alex.dema...@suny.edu] 
Sent: Wednesday, June 13, 2012 8:45 PM
To: Tomcat Users List
Subject: RE: Jakarta ISAP Redirector

Yes I have looked in the log file and set it debug.  There are no errors logged.

My uriworkermap has this:

/myapp=DTS_Submission
/myapp/*=DTS_Submission

My Workers file has:

worker.list=DTS_Submission

worker.DTS_Submission.type=ajp13
worker.DTS_Submission.host=xxx.xxx.xxx.xxx
worker.DTS_Submission.port=3305

If I am locally on the box (with a local host entry that maps to the same IIS 
site on that box) it works fine.

However, from my desktop I get a page could not be found...  However, it says 
it can't find http://myurl:80/jakarta/isapi_redirect.dll  I have double and 
triple checked my config.

From my desktop this works:

http://myurl/myapp/services/mywebservice?wsdl

but this fails

http:// myurl/myapp/services?wsdl

but when on the local sever everything works.  I see no errors in the log.  
It's like IIS is stopping the request??

- Alex

-Original Message-
From: André Warnier [mailto:a...@ice-sa.com]
Sent: Wednesday, June 13, 2012 2:18 PM
To: Tomcat Users List
Subject: Re: Jakarta ISAP Redirector

DeMarco, Alex wrote:
 I hope this is the right place to post this question.

It is the right place.

 We have the latest Jakarta Plugin installed with IIS 7.5.

 Do you know, does the plugin specifically block  /services requests on 
 wsdl's

Short answer : no, it does not specifically block any request.
In fact, it is the opposite : it only forwards requests to Tomcat, if the 
request URL matches some pre-defined values.
See :
http://tomcat.apache.org/connectors-doc/webserver_howto/iis.html
the section How does it work ?.
(and for the word worker, understand a back-end tomcat).

One more thing : the isapi_redirector can write a logfile.
See item (3) in the section Configuring the ISAPI Redirector for details.
The logfile will tell you when and why it is forwarding a request to Tomcat and 
when/why not.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: post redirect get to the same tomcat instance in a tomcat cluster ?

2012-06-13 Thread Albert Kam

Oops, i really misread the documentation, thinking it will never use
session to provide that feature.
Thank you for the pointers !

On Wed, Jun 13, 2012 at 7:23 PM, Pid p...@pidster.com wrote:
On 13/06/2012 13:13, Pid * wrote:
On 12 Jun 2012, at 18:17, Albert Kam moonblade.w...@gmail.com wrote:

Hi all !

You contradict this statement below by saying it does use s

(Oops. Fat finger + touch screen...)

You contradict this statement below by saying it does use sessions,
below. Just because you are not directly using a session, it does not
mean that a framework isn't doing so behind the scenes.

If there's no need to replicate sessions, you can still use the
sticky-session mechanism to pin a session to a node.

See server.xml, Engine.jvmRoute in the docs.

Here are the relevant quotes from the page :

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

[key:62590808]

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: [OT] Observer pattern?

Re: iis not looking for jsp in tomcat webapps folder

Re: iis not looking for jsp in tomcat webapps folder

Re: URL Rewriting

Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm

Re: tomcat cluster for stateless web application

Re: post redirect get to the same tomcat instance in a tomcat cluster ?

Re: post redirect get to the same tomcat instance in a tomcat cluster ?

Re: tomcat cluster for stateless web application

Re: HttpOnly

Re: Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm

Jakarta ISAP Redirector

Re: URL Rewriting

Re: Jakarta ISAP Redirector

Re: Jakarta ISAP Redirector

Re: Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm

Re: URL Rewriting

Re: URL Rewriting

Re: URL Rewriting

wget and Tomcat resources

RE: Jakarta ISAP Redirector

RE: wget and Tomcat resources

RE: Jakarta ISAP Redirector

Re: post redirect get to the same tomcat instance in a tomcat cluster ?

24 matches

Site Navigation

Mail list logo

Footer information