Re: Weird certificate situation -- I don't even understand why it works at all!
James, On 21.1.2014 0:14, James H. H. Lampert wrote: It seems that one of our customers moved their server to a different physical box, over the weekend, and we're now seeing some definite weirdness: Their Tomcat now shows a certificate that expired this past September. But it gets weirder: Their connector for port 443 in server.xml shows a word as the alias. The word we usually use when setting up a customer's SSL. But when I examine their keystore in Keytool, it shows the digit 1 as the only alias in the keystore. Why would this even work at all? Hard to say without seeing your server.xml. I could only guess: you misspelled keyAlias attribute name, so Tomcat just reads first key in the keystore. -Ognjen - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Weird certificate situation -- I don't even understand why it works at all!
Ognjen Blagojevic ognjen.d.blagoje...@gmail.com wrote: James, On 21.1.2014 0:14, James H. H. Lampert wrote: It seems that one of our customers moved their server to a different physical box, over the weekend, and we're now seeing some definite weirdness: Their Tomcat now shows a certificate that expired this past September. But it gets weirder: Their connector for port 443 in server.xml shows a word as the alias. The word we usually use when setting up a customer's SSL. But when I examine their keystore in Keytool, it shows the digit 1 as the only alias in the keystore. Why would this even work at all? Hard to say without seeing your server.xml. I could only guess: you misspelled keyAlias attribute name, so Tomcat just reads first key in the keystore. It would be worth checking if the keyAlias atribute had any effect at all if there is only one key in the key store. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Weird certificate situation -- I don't even understand why it works at all!
Mark, On 21.1.2014 9:55, Mark Thomas wrote: Why would this even work at all? Hard to say without seeing your server.xml. I could only guess: you misspelled keyAlias attribute name, so Tomcat just reads first key in the keystore. It would be worth checking if the keyAlias atribute had any effect at all if there is only one key in the key store. Checked, it does have effect. With just one key aliased tomcat in keystore, and attribute keyAlias=foo on connector, Tomcat throws exception: java.io.IOException: Alias name foo does not identify a key entry -Ognjen - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Weird certificate situation -- I don't even understand why it works at all!
On 21/01/2014 11:29, Ognjen Blagojevic wrote: Mark, On 21.1.2014 9:55, Mark Thomas wrote: Why would this even work at all? Hard to say without seeing your server.xml. I could only guess: you misspelled keyAlias attribute name, so Tomcat just reads first key in the keystore. It would be worth checking if the keyAlias atribute had any effect at all if there is only one key in the key store. Checked, it does have effect. With just one key aliased tomcat in keystore, and attribute keyAlias=foo on connector, Tomcat throws exception: java.io.IOException: Alias name foo does not identify a key entry Thanks for checking. That isn't it then. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Weird certificate situation -- I don't even understand why it works at all!
2014/1/21 James H. H. Lampert jam...@touchtonecorp.com: It seems that one of our customers moved their server to a different physical box, over the weekend, and we're now seeing some definite weirdness: 1. You are still accessing the old box? A proxy that forwards requests to the old box, instead of a new one? An /etc/hosts file (e.g. on client PC) or a DNS that resolves your host name to IP address of the old box? A MiM? 2. An old instance of Tomcat still running (e.g. started automatically at boot time), and the new one is not visible because either a) a connector failed to start because port is already used. A clash of shutdown ports is fatal, but a failure of a single connector does not prevent Tomcat from stating, unless you explicitly configure it to not ignore such errors (see System Props page in Configuration Reference). You should see messages in the log files in this case. b) it listens on a different network interface Their Tomcat now shows a certificate that expired this past September. But it gets weirder: Their connector for port 443 in server.xml shows a word as the alias. The word we usually use when setting up a customer's SSL. But when I examine their keystore in Keytool, it shows the digit 1 as the only alias in the keystore. A different file? E.g. typo in a configuration, so a default file path is used. A file was replaced but application still accesses the old file, because it has a open file handle to it? You are using an APR connector, but are examining a Java keystore ? Why would this even work at all? Call it a fool-proof one :) Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: running packed WAR files with embedded tomcat
May be tomcat.addWebapp(contextName,pathToWarFile) instead of tomcat.addWebapp(pathToWarFile, contextName) will help yoo. 2014/1/21 John Cartwright - NOAA Federal john.c.cartwri...@noaa.gov Hello All, I'm trying to create a very basic embeded tomcat 7 application to host a packed WAR file. My code looks like: Tomcat tomcat = new Tomcat() tomcat.setPort(port) tomcat.setBaseDir(.) tomcat.addWebapp(pathToWarFile, contextName) It seems to work, but I'm getting an exception on startup complaining about the missing webapps directory: SEVERE: Exception fixing docBase for context [/quickstart] java.io.IOException: Application base [{1}] for host [/private/tmp/./webapps] does not exist or is not a directory. Can someone please direct me to a better way to do this? Is Tomcat#addWebapp not appropriate if hosting a packed WAR file? Thanks! --john
Re: Weird certificate situation -- I don't even understand why it works at all!
On 1/21/14 12:40 AM, Ognjen Blagojevic wrote: Hard to say without seeing your server.xml. I could only guess: you misspelled keyAlias attribute name, so Tomcat just reads first key in the keystore. That would explain much: instead of a keyAlias attribute in the connector tag, I have an alias attribute. Uff-da! -- JHHL - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
How to update a web app without uploading the WAR
Hello, My WAR file is becoming every time bigger and bigger, images are included and also some documents like PDFs Sometimes we need to change little code in only one jsp file, perhaps someone can help figuring out alternatives to upload and update specific changes to code regarding one single file ? I am using Tomcat 7.0.50, with Apache, using mod_jk working fine and usually deploying the web app with the tomcat manager on a Centos release 6.5 WAR is allready over 120M size. Thanks, Wilhelm. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to update a web app without uploading the WAR
You can update the single .jsp on the server, in at least some situations. I do that occasionally when I need to get an update out and can't take the service down. On 1/21/2014 12:02 PM, Chris Patterson wrote: Hello, My WAR file is becoming every time bigger and bigger, images are included and also some documents like PDFs Sometimes we need to change little code in only one jsp file, perhaps someone can help figuring out alternatives to upload and update specific changes to code regarding one single file ? I am using Tomcat 7.0.50, with Apache, using mod_jk working fine and usually deploying the web app with the tomcat manager on a Centos release 6.5 WAR is allready over 120M size. Thanks, Wilhelm. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to update a web app without uploading the WAR
On 1/21/14 9:59 AM, David kerber wrote: You can update the single .jsp on the server, in at least some situations. I do that occasionally when I need to get an update out and can't take the service down. But note that if and when you DO replace the WAR file, it will stomp on whatever changes you've made in the context. -- JHHL (speaking from bitter experience) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to update a web app without uploading the WAR
On 1/21/2014 1:55 PM, James H. H. Lampert wrote: On 1/21/14 9:59 AM, David kerber wrote: You can update the single .jsp on the server, in at least some situations. I do that occasionally when I need to get an update out and can't take the service down. But note that if and when you DO replace the WAR file, it will stomp on whatever changes you've made in the context. Yes, but in my use case that's ok. I replace the .jsp first, and then when I can stop the service I replace the entire .war file, which will include the new .jsp. -- JHHL (speaking from bitter experience) Yup, me too, when I once forgot to push the updated .jsp into the new .war file. Never happened again, though. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to update a web app without uploading the WAR
On Jan 21, 2014, at 1:55 PM, James H. H. Lampert jam...@touchtonecorp.com wrote: On 1/21/14 9:59 AM, David kerber wrote: You can update the single .jsp on the server, in at least some situations. I do that occasionally when I need to get an update out and can't take the service down. But note that if and when you DO replace the WAR file, it will stomp on whatever changes you've made in the context. You can get around this if you deploy from an exploded WAR directory instead of a WAR file. As an example, the manager application does this. Dan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to update a web app without uploading the WAR
Thanks for your suggestions, I will try this last one. Indeed, not all replacements had a good experience with some specific files. Do you know if there is some plugin for Eclipse that helps to do updates or sync just for the last changes done, or only just for one single file to be replaced, together with its associated files for successfull micro updates ? Dreamweaver has a facility to upload a single file for replacement and asks if associated files should also be uploaded. Remote connection is previosly configured and tested. I just couldn't find something similar. Chris El 21/01/2014 02:03 p.m., Daniel Mikusa escribió: On Jan 21, 2014, at 1:55 PM, James H. H. Lampert jam...@touchtonecorp.com wrote: On 1/21/14 9:59 AM, David kerber wrote: You can update the single .jsp on the server, in at least some situations. I do that occasionally when I need to get an update out and can't take the service down. But note that if and when you DO replace the WAR file, it will stomp on whatever changes you've made in the context. You can get around this if you deploy from an exploded WAR directory instead of a WAR file. As an example, the manager application does this. Dan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to update a web app without uploading the WAR
On Tue, Jan 21, 2014 at 11:14 AM, Chris Patterson tom...@vittox.com wrote: Indeed, not all replacements had a good experience with some specific files. Do you know if there is some plugin for Eclipse that helps to do updates or sync just for the last changes done, or only just for one single file to be replaced, together with its associated files for successfull micro updates ? I would seriously reconsider a deployment strategy that packs lots of large static resources (images, PDFs) along with code. Being able to just do a standard deploy regardless of the scope of changes makes for a lot less mental overhead :-) FWIW, -- Hassan Schroeder hassan.schroe...@gmail.com http://about.me/hassanschroeder twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jeffrey, On 1/20/14, 3:04 PM, Jeffrey Janner wrote: -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Monday, January 20, 2014 1:47 PM To: Tomcat Users List Subject: Re: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system Jeffrey Janner wrote: -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Monday, January 20, 2014 11:01 AM To: Tomcat Users List Subject: Re: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system Jeffrey Janner wrote: -Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: Monday, January 20, 2014 10:09 AM To: Tomcat Users List Subject: Re: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system Jeffrey Janner wrote: -Original Message- From: Ognjen Blagojevic [mailto:ognjen.d.blagoje...@gmail.com] Sent: Sunday, January 19, 2014 9:19 AM To: Tomcat Users List Subject: Re: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system Jeffrey, On 19.1.2014 6:03, Christopher Schultz wrote: Connector address=10.4.1.20 port=443 maxHttpHeaderSize=8192 Could it be as simple as having set the address attribute? +1 BTW, setting attribute preverIPv4Stack=true on server side doesn't mean anything for the client. The client will try to connect with the protocol he prefers. The client may also fall back to other protocol (e.g. if IPv6 connection fails several times, try with IPv4). I see that access log is not configured. Is there a reason for that? Without access log you can't tell if the remote request reaches Tomcat or not. So, for start, I suggest you configure access log for Tomcat 7 and report back if something is logged after you try to connect from the remote host. Note that Tomcat may postpone writes to the log files, so make sure you stop Tomcat before you check your logs. If there is no record of remote requests in Tomcat 7 access logs, I suggest you analyze what is going on with Wireshark or some other packet analyzer. You can that see if the client: 1. tries to connect using IPv6 or IPv4, 2. is falling back, 3. which exactly IPv4/v6 adress does it use, 4. is TCP three-way handshake successfull. Only when you confirm that three-way handshake is succsessful and that the destionation IP adress is IPv4 10.4.1.20, you may say that the request should have reached Tomcat. -Ognjen Added the access log. Absolutely 0 entries from any address that is not the local system. Can you configure your Tomcat-6 to run under your Java-7 ? (in the principle, I think that this should work; I don't know about the practice) This would help determine if the difference resides in the Java or the Tomcat. Tried it a different way. Since TC7 is supposed to support Java 1.6, switched my TC7 to use the existing Java6. No luck. Noticed that 7.0.47 is old now. Going to try 7.0.50. Did you try a simple : telnet 10.4.1.20 Tomcat listen port (just to see if 'anything' from outside can connect to your AWS/Tomcat port) Nope, just timeouts. If the connection is not rejected right away with a connection refused by host, it normally means that a LISTEN port is opened on that port. Taken strictly by the book and according to your presumed accurate description of the symptoms above, A timeout suggests to me that the connection request packet (SYN ?) is received and accepted by the server, but that the return packet which should tell the client so (ACK ?), never makes it back to the client. Hence the client waits, until the timeout kicks in. Are you sure that this server has a route back to the client ? Or, are you sure that your descriptions so far are really accurate ? For example, is it really the same server on which you can make this succeed/fail just by switching the Java and/or Tomcat version, no other changes involved ? (Also see Konstantin's question about the apparent discrepancy between the netstat output and your server.xml). Yep, just stopping one service and starting the other. It's something weird with the server, since an identical Tomcat 6 install wouldn't work with a copied and stripped configuration. I'm double-checking everything, but I think the server's tied the outside IP to the wrong internal IP. Trying to come up with a way to check that. Note, the connectors and hosts my original posted server.xml are taken from my original install, but that also has another pair of connectors (different IPv4 address) and some hosts that should only respond on that address, though they are all under one service/engine combo. The troublesome address connectors and hosts are commented out in the original and the original restarted before I try to start the newer setups. I haven't caught-up with the whole thread, yet, but I can tell you that it's not an IP-mapping
ApacheCon NA 2014
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, I didn't get much of a response last time around, but if there are any topics of interest to the community that we could present at ApacheCon NA 2014 (in April in Denver, CO), please let us know. Anything, however mundane, that anyone would like to see in a presentation? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJS3tT0AAoJEBzwKT+lPKRYha8P/jvzEeH0XkoKH5FDE2gBgbPY pRlwkY6T6tBgOH9rWKF0mJXPn9kBlLq7ESRouF6+zpmYqM8wQr2vW35l9hVbZLMx gJBWgCY7YZ167NMOwa6pn2s/5s/iKWqmyyKDytrOs+Bqps/9Vn69PId5AKrlOMP3 2leAL6eucZw89JqVKCChNLOsVpWJYJJsRHDk6lvtjuqYgvdACvaUpDvv2oVH6v6B G/NKOoF96gzuMmPaA2bTuwXDkY7x4xHV7GWunamDOTugOXIn2S8pfc++WyUeF8lr 6n34MQ/V2AMQKGqwWlNM1xMBvYsXGxa6hznhx/k3H2ezX0/WJPWQL3w6uWpyVtXF 0PzF+Jy/aXYdGJLn0+O2zV7dxvszBooxFbOkxmdCVMuzmTeyYSQ28q8pinpQmBcv 307F8gJGlmloI29PI0EBqeeG0aJypIw6wzFFbMEA+2QoOmUIYcs+8YXDlLDlEulU W4D4s3e7IrEHrLn1YTj2NYyb864KHpGkd9ed+XEA7rxH/o5Zn3NOrzTqYiALCW7N iSH3HQgc2/naRCPpL1DuYiF+THXCSqT4as2ckrMroKzPB3g9mbguBH2mX09JLKDH LGMTMQF+e+7d2VnE/UiJ4fQYJu59Gq/CtTrea3Fx3aG5SrsMBqy49xFIchnXL9Y9 YbB8SZh3OFy3CKod1fxS =P7Ig -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Stopping/pausing a Connector
It is 7.0.32. To be honest, I'm not sure which connector it is. The code extends org.apache.catalina.connector.Connector, sets up HTTP settings, and adds it to the EmbeddedTomcat container. Using netstat I'm noticing that with either a pause() or a stop() the port is still being listened on. It's only when I shut down completely that it stops. I would prefer it to stop listening, at least that way I can the OS can return me an error or drop the connection, but instead it seems to accept requests and hold on to them until resume() or start() is called before processing. Is this expected? Thanks! Date: Sun, 19 Jan 2014 19:38:40 +0400 Subject: Re: Stopping/pausing a Connector From: knst.koli...@gmail.com To: users@tomcat.apache.org 2014/1/17 Randy Toor rtoor...@hotmail.com: Hi, I'm running embedded tomcat (unfortunately still using the deprecated classes and not the newer Tomcat class) and I'm trying to configure my connector at runtime to reject requests. If I use connector.pause(), any requests just hang until I call connector.resume(). If I use connector.stop(), the first request gets a 503 service unavailable, but any subsequent requests just hang for some reason until I start it again. Is the latter behaviour expected? And what would be the best way for me to get the 503 service unavailable (or some error) every time? Tomcat7, by the way. 1. Exactly which one of ~50 different 7.0.x versions? 2. What connector (BIO, NIO, APR)? 3. On a stop() I would expect Tomcat to close the sockets. Clients that have already connected will have their connection aborted. Clients that have not connected - the behavior depends on your OS network settings. The OS may reply that a port is unreachable, or may just drop the incoming connection. In either case, when nothing listens on that port, you have nothing that could serve a 503 response. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: ApacheCon NA 2014
On Tue, Jan 21, 2014 at 1:13 PM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, I didn't get much of a response last time around, but if there are any topics of interest to the community that we could present at ApacheCon NA 2014 (in April in Denver, CO), please let us know. Anything, however mundane, that anyone would like to see in a presentation? - -chris Well, if I could attend, I would attend something on embedded Tomcat. As in, is it possible to upgrade an embedded Tomcat provided from a third party application. In my world, I see alot of products with embedded Tomcats, and I wonder what version they are and when/if they are ever updated. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system
!-- Snip entire thread -- Eureka, I finally figured it out! It was a real eureka moment, some remembrance burned its way up from my subconscious and I had the answer. Ready guys? Really surprised no one mentioned it. It was Windows F-ing Firewall! Since the server is hosted at AWS and I in no way trust their minimal firewall they refer to as security groups (just a bunch of iptables rules), I left the Windows Firewall up and running. I haven't figured out a rule to apply to Tomcat in general, so I have to set up a rule for each Tomcat instance (tied to the bin\commons_deamon_name.exe file) and I hadn't done that for the new install. Considering it's been a year since I had to do one of these, I completely forgot about that step (doing it without my notes). Once I did that for my new install, BINGO! It also explains why the re-install of Tomcat 6 didn't work, since I was using a different service name. If I re-installed with the old service name, then it mysteriously worked, because the old firewall rule was still in existance. Thanks for following me down this rabbit hole. I hope not to lead you down another anytime soon. Jeff I HATE WINDOWS!! - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system
-Original Message- From: Jeffrey Janner [mailto:jeffrey.jan...@polydyne.com] Sent: Tuesday, January 21, 2014 3:19 PM To: 'Tomcat Users List'; 'Tomcat Users List' Subject: RE: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system !-- Snip entire thread -- Eureka, I finally figured it out! It was a real eureka moment, some remembrance burned its way up from my subconscious and I had the answer. Ready guys? Really surprised no one mentioned it. It was Windows F-ing Firewall! Since the server is hosted at AWS and I in no way trust their minimal firewall they refer to as security groups (just a bunch of iptables rules), I left the Windows Firewall up and running. I haven't figured out a rule to apply to Tomcat in general, so I have to set up a rule for each Tomcat instance (tied to the bin\commons_deamon_name.exe file) and I hadn't done that for the new install. Considering it's been a year since I had to do one of these, I completely forgot about that step (doing it without my notes). Once I did that for my new install, BINGO! It also explains why the re-install of Tomcat 6 didn't work, since I was using a different service name. If I re-installed with the old service name, then it mysteriously worked, because the old firewall rule was still in existance. Thanks for following me down this rabbit hole. I hope not to lead you down another anytime soon. Jeff I HATE WINDOWS!! Actually, Konstantin did mention to check my firewalls on Monday. My fault for not thinking all the way to the Windows internal firewall. Jeff
RE: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system
-Original Message- From: Jeffrey Janner [mailto:jeffrey.jan...@polydyne.com] Sent: Monday, January 20, 2014 1:57 PM To: 'Tomcat Users List' Subject: RE: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system -Original Message- From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] Sent: Monday, January 20, 2014 1:04 PM To: Tomcat Users List Subject: Re: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system 2014/1/20 Jeffrey Janner jeffrey.jan...@polydyne.com: -Original Message- From: Ognjen Blagojevic [mailto:ognjen.d.blagoje...@gmail.com] Sent: Sunday, January 19, 2014 9:19 AM To: Tomcat Users List Subject: Re: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system \ C:\Users\Administratornetstat -ano Active Connections Proto Local Address Foreign AddressState PID TCP0.0.0.0:25 0.0.0.0:0 LISTENING 1244 TCP0.0.0.0:1350.0.0.0:0 LISTENING 792 TCP0.0.0.0:4450.0.0.0:0 LISTENING 4 TCP0.0.0.0:3389 0.0.0.0:0 LISTENING 1944 TCP0.0.0.0:5985 0.0.0.0:0 LISTENING 4 TCP0.0.0.0:8086 0.0.0.0:0 LISTENING 14676 TCP0.0.0.0:8087 0.0.0.0:0 LISTENING 1592 TCP0.0.0.0:8088 0.0.0.0:0 LISTENING 7596 TCP0.0.0.0:8089 0.0.0.0:0 LISTENING 4100 TCP0.0.0.0:8090 0.0.0.0:0 LISTENING 19600 1. What is the above line, listening on port 8090 for the same PID? Such port number is not mentioned in server.xml that you cited. [Jeff Janner] JMX, set in the Java tab of the commons daemon wrapper. TCP10.4.1.20:80 0.0.0.0:0 LISTENING 19600 TCP10.4.1.20:443 0.0.0.0:0 LISTENING 19600 Interestingly, even though IPv6 is unchecked in the Windows network properties, the stack is still available and if the address is unspecified, you will get some IPv6 connections configured. TCP[::]:135 [::]:0 LISTENING 792 TCP[::]:445 [::]:0 LISTENING 4 TCP[::]:3389 [::]:0 LISTENING 1944 TCP[::]:5985 [::]:0 LISTENING 4 TCP[::]:8086 [::]:0 LISTENING 14676 TCP[::]:8087 [::]:0 LISTENING 1592 TCP[::]:8088 [::]:0 LISTENING 7596 TCP[::]:8089 [::]:0 LISTENING 4100 I can connect using the server's local IE and the configured local IP address. I cannot connect from any system, anywhere, using the external IP address. 2. If Tomcat listens locally and you can connect locally to its IP, then Tomcat's own job is done. Check our NATs/ routers and your firewalls. [Jeff Janner] Yea, it's something with the server, but I can't suss it. Read some of my later posts, but it seems to only want to work with my original Tomcat6 install (though I deleted it and re-created somewhere during all this). Should have been my tipoff that it was the Windows Server Advanced Firewall. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system
From: Jeffrey Janner [mailto:jeffrey.jan...@polydyne.com] Subject: RE: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system Ready guys? Really surprised no one mentioned it. It was Windows F-ing Firewall! Do you mean when Konstantin said this yesterday: http://marc.info/?l=tomcat-userm=139024468231800w=2 Check our NATs/ routers and your firewalls. Or Chris today: http://marc.info/?l=tomcat-userm=139033501727424w=2 Windows often will block network access to programs it does not recognize. Perhaps you have white-listed the existing Tomcat 6 binary that you're running, but not the newer one for Tomcat 7? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: running packed WAR files with embedded tomcat
Thanks for the suggestion Valery, but swapping the arguments doesn't work. --john On Tue, Jan 21, 2014 at 8:12 AM, Valery Shyshkin vns.shysh...@gmail.comwrote: May be tomcat.addWebapp(contextName,pathToWarFile) instead of tomcat.addWebapp(pathToWarFile, contextName) will help yoo. 2014/1/21 John Cartwright - NOAA Federal john.c.cartwri...@noaa.gov Hello All, I'm trying to create a very basic embeded tomcat 7 application to host a packed WAR file. My code looks like: Tomcat tomcat = new Tomcat() tomcat.setPort(port) tomcat.setBaseDir(.) tomcat.addWebapp(pathToWarFile, contextName) It seems to work, but I'm getting an exception on startup complaining about the missing webapps directory: SEVERE: Exception fixing docBase for context [/quickstart] java.io.IOException: Application base [{1}] for host [/private/tmp/./webapps] does not exist or is not a directory. Can someone please direct me to a better way to do this? Is Tomcat#addWebapp not appropriate if hosting a packed WAR file? Thanks! --john
RE: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system
-Original Message- From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Sent: Tuesday, January 21, 2014 3:39 PM To: Tomcat Users List Subject: RE: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system From: Jeffrey Janner [mailto:jeffrey.jan...@polydyne.com] Subject: RE: Cannot connect from outside using Tomcat 7/APR/SSL on AWS Windows system Ready guys? Really surprised no one mentioned it. It was Windows F-ing Firewall! Do you mean when Konstantin said this yesterday: http://marc.info/?l=tomcat-userm=139024468231800w=2 Check our NATs/ routers and your firewalls. Or Chris today: http://marc.info/?l=tomcat-userm=139033501727424w=2 Windows often will block network access to programs it does not recognize. Perhaps you have white-listed the existing Tomcat 6 binary that you're running, but not the newer one for Tomcat 7? - Chuck Yep, mea culpa, Chuck. I didn't read enough of Chris's reply this morning, it would have saved me an hour or so had I read it to the end. And I'd already eaten crow on the list regarding missing Konstantin's hint. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: running packed WAR files with embedded tomcat
Try: File baseDir = new File(System.getProperty(java.io.tmpdir)); tomcat.addContext(, baseDir.getAbsolutePath()); 2014/1/22 John Cartwright - NOAA Federal john.c.cartwri...@noaa.gov Thanks for the suggestion Valery, but swapping the arguments doesn't work. --john On Tue, Jan 21, 2014 at 8:12 AM, Valery Shyshkin vns.shysh...@gmail.com wrote: May be tomcat.addWebapp(contextName,pathToWarFile) instead of tomcat.addWebapp(pathToWarFile, contextName) will help yoo. 2014/1/21 John Cartwright - NOAA Federal john.c.cartwri...@noaa.gov Hello All, I'm trying to create a very basic embeded tomcat 7 application to host a packed WAR file. My code looks like: Tomcat tomcat = new Tomcat() tomcat.setPort(port) tomcat.setBaseDir(.) tomcat.addWebapp(pathToWarFile, contextName) It seems to work, but I'm getting an exception on startup complaining about the missing webapps directory: SEVERE: Exception fixing docBase for context [/quickstart] java.io.IOException: Application base [{1}] for host [/private/tmp/./webapps] does not exist or is not a directory. Can someone please direct me to a better way to do this? Is Tomcat#addWebapp not appropriate if hosting a packed WAR file? Thanks! --john
Re: running packed WAR files with embedded tomcat
By the way it's not a suggestion it's a signature of the addWebApp method. I'll try to find my working code and send it. 2014/1/22 Valery Shyshkin vns.shysh...@gmail.com Try: File baseDir = new File(System.getProperty(java.io.tmpdir)); tomcat.addContext(, baseDir.getAbsolutePath()); 2014/1/22 John Cartwright - NOAA Federal john.c.cartwri...@noaa.gov Thanks for the suggestion Valery, but swapping the arguments doesn't work. --john On Tue, Jan 21, 2014 at 8:12 AM, Valery Shyshkin vns.shysh...@gmail.com wrote: May be tomcat.addWebapp(contextName,pathToWarFile) instead of tomcat.addWebapp(pathToWarFile, contextName) will help yoo. 2014/1/21 John Cartwright - NOAA Federal john.c.cartwri...@noaa.gov Hello All, I'm trying to create a very basic embeded tomcat 7 application to host a packed WAR file. My code looks like: Tomcat tomcat = new Tomcat() tomcat.setPort(port) tomcat.setBaseDir(.) tomcat.addWebapp(pathToWarFile, contextName) It seems to work, but I'm getting an exception on startup complaining about the missing webapps directory: SEVERE: Exception fixing docBase for context [/quickstart] java.io.IOException: Application base [{1}] for host [/private/tmp/./webapps] does not exist or is not a directory. Can someone please direct me to a better way to do this? Is Tomcat#addWebapp not appropriate if hosting a packed WAR file? Thanks! --john
Expected Date for Stable release of Tomcat version 8
Hi, Do you have an ETA for a stable release of Tomcat version 8? Thanks and Regards, Melanie
Re: Stopping/pausing a Connector
2014/1/22 Randy Toor rtoor...@hotmail.com: The rules: do not top-post here http://tomcat.apache.org/lists.html#tomcat-users - 6. It is 7.0.32. To be honest, I'm not sure which connector it is. The code extends org.apache.catalina.connector.Connector, sets up HTTP settings, and adds it to the EmbeddedTomcat container. What kind of connector is used is visible as thread names (if you do a thread dump, or if you connect with jconsole), or in the logs (if you enable logging). Using netstat I'm noticing that with either a pause() or a stop() the port is still being listened on. It's only when I shut down completely that it stops. I would prefer it to stop listening, at least that way I can the OS can return me an error or drop the connection, but instead it seems to accept requests and hold on to them until resume() or start() is called before processing. Is this expected? http://tomcat.apache.org/tomcat-7.0-doc/config/http.html See bindOnInit. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: running packed WAR files with embedded tomcat
The code below works fine on my Win 7 PC final Tomcat tomcat = new Tomcat(); tomcat.setPort(9191); //File baseDir = new File(System.getProperty(java.io.tmpdir)); File baseDir = new File(.); tomcat.addContext(, baseDir.getAbsolutePath()); tomcat.addWebapp(/WebApplication2, D:\\VnsTestApps\\Nb74Jetty\\WebApplication2\\dist\\WebApplication2.war); tomcat.start(); tomcat.getServer().await(); 2014/1/22 Valery Shyshkin vns.shysh...@gmail.com By the way it's not a suggestion it's a signature of the addWebApp method. I'll try to find my working code and send it. 2014/1/22 Valery Shyshkin vns.shysh...@gmail.com Try: File baseDir = new File(System.getProperty(java.io.tmpdir)); tomcat.addContext(, baseDir.getAbsolutePath()); 2014/1/22 John Cartwright - NOAA Federal john.c.cartwri...@noaa.gov Thanks for the suggestion Valery, but swapping the arguments doesn't work. --john On Tue, Jan 21, 2014 at 8:12 AM, Valery Shyshkin vns.shysh...@gmail.com wrote: May be tomcat.addWebapp(contextName,pathToWarFile) instead of tomcat.addWebapp(pathToWarFile, contextName) will help yoo. 2014/1/21 John Cartwright - NOAA Federal john.c.cartwri...@noaa.gov Hello All, I'm trying to create a very basic embeded tomcat 7 application to host a packed WAR file. My code looks like: Tomcat tomcat = new Tomcat() tomcat.setPort(port) tomcat.setBaseDir(.) tomcat.addWebapp(pathToWarFile, contextName) It seems to work, but I'm getting an exception on startup complaining about the missing webapps directory: SEVERE: Exception fixing docBase for context [/quickstart] java.io.IOException: Application base [{1}] for host [/private/tmp/./webapps] does not exist or is not a directory. Can someone please direct me to a better way to do this? Is Tomcat#addWebapp not appropriate if hosting a packed WAR file? Thanks! --john