Re: Considering @serverEndPoint url for routing the request , if the request is of ws:// type

2017-05-30 Thread Bhuvan Gupta 
>>>at what point does your websocket class extend org.apache.tomcat.
websocket.server.WsFilter

I am not extending the o.a.t.w.s.WsFilter at any point , i am using the
JSR(356) where i only need to define the @ServerEndPoint.

If you look at the 6th observation in
https://stackoverflow.com/questions/44216801/tomcat-using-servlet-and-websocket-jsr356-in-same-web-app




On Wed, May 31, 2017 at 12:00 AM, Martin Gainty  wrote:

> possibly mixing up asking guice to inject HttpServlets with asking
> guice injecting webSocket classes
>
>
> at what point does your websocket class extend org.apache.tomcat.
> websocket.server.WsFilter
>
>
> ?
> M
> __
>
>
>
>
> --
> *From:* Bhuvan Gupta 
> *Sent:* Tuesday, May 30, 2017 11:12 AM
> *To:* Tomcat Users List
> *Subject:* Re: Considering @serverEndPoint url for routing the request ,
> if the request is of ws:// type
>
> I have added some observation for the issue and observation 5 is
> interesting
> Basically it shows that web.xml filter are registered before WsFilter can
> register, which creates a problem
>
> Please clarify:
>
> https://stackoverflow.com/questions/44216801/tomcat-
> using-servlet-and-websocket-jsr356-in-same-web-app
>
> 
> Tomcat: using servlet and websocket (jsr356) in same web app
> 
> stackoverflow.com
> I create a sample webapp using Guice-servlets and websocket in tomcat, now
> once guice filter is used websocket stop working Basic information: In my
> web.xml, i initialized the Guiceservlet using
>
>
>
> On Tue, May 30, 2017 at 12:15 PM, Mark Thomas  wrote:
>
> > This time to the list...
> >
> > On 29/05/17 16:49, Bhuvan Gupta wrote:
> > > Mark,
> > >
> > >>> Explicitly declare Tomcat's WebSocket filter and ensure it is the
> first
> > > filter in the processing chain.
> > > Can you please give a sample , how to create such filter.
> > >
> > > I looked into the documentation , but cant find it
> >
> > You don't need to create a filter. You just need to configure Tomcat's
> > WebSocket filter in your web.xml before the GuiceFilter. Like the
> > GuiceFilter, it needs to be mapped to "/*". It also needs to be
> > configured to handle DispatcherType.REQUEST and DispatcherType.FORWARD
> >
> > Mark
> >
> >
> > >
> > > On Sun, May 28, 2017 at 3:44 PM, Mark Thomas  wrote:
> > >
> > >> On 28 May 2017 10:09:03 BST, Bhuvan Gupta  wrote:
> > >>> Hello,
> > >>>
> > >>>
> > >>>
> > >>> I create a sample webapp using servlets and http, which work fine and
> > >>> the
> > >>> web.xml looks like
> > >>>
> > >>> 
> > >>>guiceFilter
> > >>> com.google.inject.servlet.GuiceFilter > >> filter-class>
> > >>> 
> > >>>guiceFilter
> > >>>/*
> > >>>
> > >>> Now i want to add few @ServerEndPoint class to use websocket. So i
> > >>> added a
> > >>> class and added @ServerEndpoint(value = "/websocket/chat) on that
> > >>> class.
> > >>>
> > >>> Now i expected that when i use websocket client and use
> > >>> ws://localhost:8080/app/websocket/chatto connect it should work but
> it
> > >>> does
> > >>> not as i already have a /* filter which redirect request to
> > >>> guiceFilter.
> > >>>
> > >>> *If i comment the filter it works fine.*
> > >>> --
> > >>>
> > >>> *Question:*
> > >>>
> > >>> How can i tell tomcat to first consider serverEndPoint url for
> routing
> > >>> the
> > >>> request before matching the filter url patterns ?
> > >>
> > >> Explicitly declare Tomcat's WebSocket filter and ensure it is the
> first
> > >> filter in the processing chain.
> > >>
> > >> Mark
> > >>
> > >>
> > >> -
> > >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> > >> For additional commands, e-mail: users-h...@tomcat.apache.org
> > >>
> > >>
> > >
> >
> >
> > -
> > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> > For additional commands, e-mail: users-h...@tomcat.apache.org
> >
> >
>

Re: Change of status code for ClientAbortExceptions - bug?

2017-05-30 Thread Mark Thomas 
Another one I failed to send to the list first time around...

On 29/05/17 08:26, Thomas Eliassen wrote:
> Hi,
> 
> Since https://bz.apache.org/bugzilla/show_bug.cgi?id=60718 (r1783148 in 
> tc8.5.x), ClientAbortExceptions are logged in the access log as status 500, 
> changed from the previous status 200.
> 
> Is this actually the desired behaviour? It doesn't seem appropriate to log a 
> 500 as this isn't necessarily a server error.

The server has no way of knowing for sure whether the request processing
completed cleanly and then failed when the completed response was being
written or if the exception caused the processing to abort half-way through.

A 200 response certainly doesn't look to be correct.

None of the 4xx codes look to be appropriate.

That does, pretty much, leave the 500 code which does not seem an
unreasonable option.

> Also, the error isn't being logged to catalina.log using the default 
> logging.properties, which for a 500 error seems wrong.

I suspect if you enable debug logging you'll see it. It doesn't make
sense to log user triggered exceptions by default.

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Security Headers Implementation in Tomcat 6.x version

2017-05-30 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Mohammad,

On 5/30/17 2:13 AM, Shaik, Mohammad N. wrote:
> Thanks for the valuable input, that helps!! We shall go with
> getting the source package of Tomcat 7, put them in Tomcat 6 and
> use the filters of Tomcat 7 in Tomcat 6.
> 
> Can you please let me know from where I can get/download the
> source package of Tomcat 7? Also can you please share the location
> of the source package in Tomcat 6 so that we can replace it with
> the one from Tomcat 7?

The source download for Tomcat 7 is in the same place all the other
downloads are.

You will not need the source for Tomcat 6, nor will you need to build
the complete source-to-binary for Tomcat 7. Just grab the source, take
the classes you need, and compile them against the servlet JAR you
already have for Tomcat 6. Feel free to re-name the packages if they
are awkward for you to compile/install and then just reference the new
class names in your application/server.

Remember to watch for patches to those source files in Tomcat 7 in
case they include e.g. security updates -- you'll want to apply those
same updates to the code you have taken from Tomcat 7.

A longer-term goal should be to upgrade to Tomcat 8 or 8.5. Tomcat is
backward-compatible with all spec-compliant applications, though it
does behave differently sometimes as the Servlet Experts Group has
clarified certain questions or added new capabilities (like
annotation-processing). I recommend a long period of testing with a
new version of Tomcat, but I also recommend that you begin that
testing as soon as possible. Tomcat 6 will probably receive *no
further updates, security or otherwise*, even if a vulnerability is foun
d.

- -chris

> -Original Message- From: Christopher Schultz 
> [mailto:ch...@christopherschultz.net] Sent: 29 May 2017 20:57 To: 
> users@tomcat.apache.org Subject: Re: Security Headers
> Implementation in Tomcat 6.x version
> 
> Mohammad,
> 
> On 5/29/17 7:34 AM, Shaik, Mohammad N. wrote:
>> Based on your inputs, we are thinking to put Apache httpd in
>> front of Tomcat 6 server, since our header configuration is going
>> to be static.
> 
> This might not be a bad idea for a number of reasons, but it is by
> no means required.
> 
> You can download the Tomcat 7 source package and use the security 
> filters from Tomcat 7[1] in Tomcat 6: there is nothing in there
> that actually requires Tomcat 7 to run.
> 
>> Can you please help us in identifying which version of Apache
>> HTTP Server we can use for Tomcat 6 version? Also, it will be
>> great if you can share some guidelines on how to implement Apache
>> in front of Tomcat.
> All supported versions of Apache web server work with app
> supported versions of Tomcat (as well as Tomcat 6). You have
> several choices for how to connect them together, but the most
> straightforward is to use mod_proxy_http from httpd to Tomcat.
> Tomcat behaves exactly as it did before and requires no additional
> configuration unless you are moving TLS termination from Tomcat to
> httpd. If that's the case, there are many guides on the web as well
> as on Tomcat's Presentations Page[2] that document how to do that.
> 
> Hope that helps, -chris
> 
> [1] http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html [2] 
> http://tomcat.apache.org/presentations.html
> 
> -
>
>
> 
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 
> 
> 
> 
> This message is for the designated recipient only and may contain 
> privileged, proprietary, or otherwise confidential information. If 
> you have received it in error, please notify the sender
> immediately and delete the original. Any other use of the e-mail by
> you is prohibited. Where allowed by local law, electronic
> communications with Accenture and its affiliates, including e-mail
> and instant messaging (including content), may be scanned by our
> systems for the purposes of information security and assessment of
> internal compliance with Accenture policy. 
> __

>
>
> 
www.accenture.com
> 
> -
>
>
> 
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJZLZFGAAoJEBzwKT+lPKRYFlEQAMWx2/ngj4vEeoQfZU4rRFlH
1Mscn61MUFJdrVBFkVF+NR86m8clUt8Kw1MKZNGexMXcKjrIllqnVPJUQxjyvgai
bsDndUDGT/BrFtyLWg8B68mUok+X3dcv4NrhokRQ4phpKM4vADIl6bqi6Uxmp1sX
rRyjx0ZGnKTKEw2rJgAzp22OP7OURz5eyOayMNLBvCFcXBNLagC9uhuCuG39Hhjx
9FBjDZZDuFbLpWSH65pakWwU0vhcl2D45641n5dKwEyAsOPdrdJMBrjIE/ruj6/R

Re: Considering @serverEndPoint url for routing the request , if the request is of ws:// type

2017-05-30 Thread Mark Thomas 
On 30/05/17 16:12, Bhuvan Gupta wrote:
> I have added some observation for the issue and observation 5 is interesting
> Basically it shows that web.xml filter are registered before WsFilter can
> register, which creates a problem
> 
> Please clarify:
> 
> https://stackoverflow.com/questions/44216801/tomcat-using-servlet-and-websocket-jsr356-in-same-web-app

Again:

You just need to configure Tomcat's WebSocket filter in your web.xml
before the GuiceFilter. Like the GuiceFilter, it needs to be mapped to
"/*". It also needs to be configured to handle DispatcherType.REQUEST
and DispatcherType.FORWARD.

Mark


> 
> On Tue, May 30, 2017 at 12:15 PM, Mark Thomas  wrote:
> 
>> This time to the list...
>>
>> On 29/05/17 16:49, Bhuvan Gupta wrote:
>>> Mark,
>>>
> Explicitly declare Tomcat's WebSocket filter and ensure it is the first
>>> filter in the processing chain.
>>> Can you please give a sample , how to create such filter.
>>>
>>> I looked into the documentation , but cant find it
>>
>> You don't need to create a filter. You just need to configure Tomcat's
>> WebSocket filter in your web.xml before the GuiceFilter. Like the
>> GuiceFilter, it needs to be mapped to "/*". It also needs to be
>> configured to handle DispatcherType.REQUEST and DispatcherType.FORWARD
>>
>> Mark
>>
>>
>>>
>>> On Sun, May 28, 2017 at 3:44 PM, Mark Thomas  wrote:
>>>
 On 28 May 2017 10:09:03 BST, Bhuvan Gupta  wrote:
> Hello,
>
>
>
> I create a sample webapp using servlets and http, which work fine and
> the
> web.xml looks like
>
> 
>guiceFilter
> com.google.inject.servlet.GuiceFilter>>> filter-class>
> 
>guiceFilter
>/*
>
> Now i want to add few @ServerEndPoint class to use websocket. So i
> added a
> class and added @ServerEndpoint(value = "/websocket/chat) on that
> class.
>
> Now i expected that when i use websocket client and use
> ws://localhost:8080/app/websocket/chatto connect it should work but it
> does
> not as i already have a /* filter which redirect request to
> guiceFilter.
>
> *If i comment the filter it works fine.*
> --
>
> *Question:*
>
> How can i tell tomcat to first consider serverEndPoint url for routing
> the
> request before matching the filter url patterns ?

 Explicitly declare Tomcat's WebSocket filter and ensure it is the first
 filter in the processing chain.

 Mark


 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org


>>>
>>
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>>
> 


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Tomcat 8.5.4, Backup Manager and Serializable objects in httpSession

2017-05-30 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Jared,

On 5/29/17 5:03 PM, Jared Walker wrote:
> Hello,
> 
> I have a question about how BackupManager enforces or performs
> session replication.
> 
> I have added print outs to the serializing methods of an object
> I'm binding to the http session.  When I run a simple test (login
> to the server, shut it down, then try to refresh) I do not stay
> logged in. In looking through my debug output I have noticed the
> following on the server that is acting as the backup for session
> replication:
> 
> ClickSession:865 - Session read in: ClickSession:866 - Session ID:
> tj8Zu6ANdJdftMJHPAOa/JyTBiY= ClickSession:867 - Login ID: 1 
> 1249:ClickSession is bound to HttpSession
> tj8Zu6ANdJdftMJHPAOa/JyTBiY= by key
> com.clickfind.http.ClickSession
> 
> ClickSession:865 - Session read in: ClickSession:866 - Session ID:
> tj8Zu6ANdJdftMJHPAOa/JyTBiY= ClickSession:867 - Login ID: 18201
> 
> ClickSession:865 - Session read in: ClickSession:866 - Session ID:
> tj8Zu6ANdJdftMJHPAOa/JyTBiY= ClickSession:867 - Login ID: 18201
> 
> ClickSession:876 - Session write out: ClickSession:877 - Session
> ID: tj8Zu6ANdJdftMJHPAOa/JyTBiY= ClickSession:878 - Login ID: 1
> 
> As you can see, initially the session is replicated across with a 
> guest login (ID=1).  Then there are subsequent messages that
> indicate it is receiving updates to the session with an actual
> login value (ID=18201).
> 
> However, when it goes to replicate the session to another server 
> (because the primary node was shut down) you can see that it
> writes out the original value for the session (ID=1).
> 
> How can I ensure that the replication replaces the existing object
> in the session attributes?

Can you post the code that generates the above output?

Are all those messages printed on the backup node (only)? Give us a
little more information about the setup of your cluster.

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJZLZAqAAoJEBzwKT+lPKRYiaAP/2rf2SnGTDeSbGcQPGVUqiJW
RIOYQcFITI9NC7kimSJGzgpwOa0kC4QAB5VDMhm7Jxgk+f+JercgEWgauWb8gxGy
QV5UHDRdAv1oD5/17hS0tSnIVt7hq2+Ar181BGMV29JyLMCnvimOdyklMmGRV/ET
aS9V32ybE49oIZkdUU7bybYIR3hBn+1wPn2P+/8S0tw0CN1L4+LI7u/RZXAU4pua
U5gPUBz5N+T57txnEvd1yfGdLuZqoeWiS7VYOo2pRwtilYkYbzCh0SlDU5WPgbX/
TFG3J2sukEilcz4k1MWxzRiiyjo1JuhhfqB2vx3QJsxDoceKK5yaquwbscieYIFN
ONJMez0v1REDJ5C5d0gK/KdgU2PuNRwwgNiW3AO/nMUawGwdVGAL1UySzBcBs6Yd
WCwoCrwG97mSw2XKP0ioCvVQeWARfZ9ZL2DXKjJDQoghlSzsJGk5jFz8+yJYELzR
EKWlHvStwxaqBxQhqC/3SptMUlH2BKLHwro9uWulh0n0Y0Ii9wDRC0B6HqIg99pI
Ghn0lUevGEV0k4UsEzfUoVCi9CWxhixYijx5ZMCM88jlek8dl/UF2Rp5ZC3+scoY
zsGU6u9qaiW6VQrCcvkDA2GURuXuRoELsz0YdnVglEIQ9fQhs2UTUhSu5WJdltSw
h2cgi4lJG+lJq+nInDbx
=VJNr
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: QUIC

2017-05-30 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Einav,

On 5/29/17 2:25 PM, Einav Hollander wrote:
> Are there plans to support the QUIC protocol in Apache Tomcat?
> When?

There are no current plans to support QUIC, but there was a
conversation at ApacheCon about the possibility of supporting
protocols other than HTTP/H2/WebSocket and supporting only
servlet-spec-mandated APIs.

Please consider joining the dev@tomcat mailing list to make the case
for QUIC as we discuss these possibilities moving forward.

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJZLY+yAAoJEBzwKT+lPKRYPKoQAJMZ6S3/YRSL7f8R6+9Sqjme
LROUCEht+ue2FowV7CBfYpxiawLaqBeopI3a04o/i+Qu7eKcAiKK7EJgYSw3Xb40
GbBk/NLqui6pIwdPsn9CpH6Gzfxn34G3w0bWWCL8E9a8UmHb+u6dHGI+xSC0A9Dh
jzrUtkhuCXWe95lXx2jlEDo820gQpyMLSyQbLaZQIg4nKSRaLN2YGPl73uThXZB6
1kWDOaf61866aoRfdh+K7rPH9JCShcFEeAtP77LRrOYmz31Z1W/nFJqonup1aWZ4
rwC610gjkZIOdM1++FMpbVPUc6Tc0NJHjRsSEUfoP5zY2ewlXZU2OdeSEaCrMVeo
cYRgngF/VLPq0/qY6OnwpOJU9m585Ne5uhm/gVYZZYePombvQHPGImqtPL59CCz8
zmEuWLSUQw7N/e3CtAjm0UH4L15uJMZZuIq60i3pboUrfc00djBmOvKh6AN4L1JJ
TXiuVABXvzjkxcvNe5Oaz7TDbON7cSu3WHO8WsL+Qt0YfXkZiImgvmWIVsySlFGu
/oggutFwJwiDjd/JXZ2ARisD9+471zNszBtSGDf+SBWe3Ei66FhyG7XD625FEzXN
ti8NR1HHQBv7aXz2mtNsBrbovSXRdWPBilCxkfsF3eKUIokgXmyr4ECQ4nRFZskg
PRXZPJ6a7+XrtfCBVer8
=GkQu
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Considering @serverEndPoint url for routing the request , if the request is of ws:// type

2017-05-30 Thread Bhuvan Gupta 
I have added some observation for the issue and observation 5 is interesting
Basically it shows that web.xml filter are registered before WsFilter can
register, which creates a problem

Please clarify:

https://stackoverflow.com/questions/44216801/tomcat-using-servlet-and-websocket-jsr356-in-same-web-app

On Tue, May 30, 2017 at 12:15 PM, Mark Thomas  wrote:

> This time to the list...
>
> On 29/05/17 16:49, Bhuvan Gupta wrote:
> > Mark,
> >
> >>> Explicitly declare Tomcat's WebSocket filter and ensure it is the first
> > filter in the processing chain.
> > Can you please give a sample , how to create such filter.
> >
> > I looked into the documentation , but cant find it
>
> You don't need to create a filter. You just need to configure Tomcat's
> WebSocket filter in your web.xml before the GuiceFilter. Like the
> GuiceFilter, it needs to be mapped to "/*". It also needs to be
> configured to handle DispatcherType.REQUEST and DispatcherType.FORWARD
>
> Mark
>
>
> >
> > On Sun, May 28, 2017 at 3:44 PM, Mark Thomas  wrote:
> >
> >> On 28 May 2017 10:09:03 BST, Bhuvan Gupta  wrote:
> >>> Hello,
> >>>
> >>>
> >>>
> >>> I create a sample webapp using servlets and http, which work fine and
> >>> the
> >>> web.xml looks like
> >>>
> >>> 
> >>>guiceFilter
> >>> com.google.inject.servlet.GuiceFilter >> filter-class>
> >>> 
> >>>guiceFilter
> >>>/*
> >>>
> >>> Now i want to add few @ServerEndPoint class to use websocket. So i
> >>> added a
> >>> class and added @ServerEndpoint(value = "/websocket/chat) on that
> >>> class.
> >>>
> >>> Now i expected that when i use websocket client and use
> >>> ws://localhost:8080/app/websocket/chatto connect it should work but it
> >>> does
> >>> not as i already have a /* filter which redirect request to
> >>> guiceFilter.
> >>>
> >>> *If i comment the filter it works fine.*
> >>> --
> >>>
> >>> *Question:*
> >>>
> >>> How can i tell tomcat to first consider serverEndPoint url for routing
> >>> the
> >>> request before matching the filter url patterns ?
> >>
> >> Explicitly declare Tomcat's WebSocket filter and ensure it is the first
> >> filter in the processing chain.
> >>
> >> Mark
> >>
> >>
> >> -
> >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> >> For additional commands, e-mail: users-h...@tomcat.apache.org
> >>
> >>
> >
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Re: Source Package file path location in Tomcat

2017-05-30 Thread Simon De Uvarow 
http://tomcat.apache.org/download-70.cgi

Check the left side menu .. you will find downloads for all versions of
Tomcat.
In the download page you can download binary distributions and also source
code.


"No olvides, no traiciones, lo que llevas bien dentro de ti. No olvides, no
traiciones, lo que siempre te ha hecho vivir."

On Tue, May 30, 2017 at 4:40 AM, Shaik, Mohammad N. <
mohammad.n.sh...@accenture.com> wrote:

> Hello,
>
> Can you please help in sharing the Source Package file path location in
> Tomcat 6 and 7 versions?
>
> We need to put the Source Package of Tomcat 7 in Tomcat 6 so that we can
> use the security filters of Tomcat 7 in Tomcat 6.
>
>
> Regards,
> Mohammad Nayeem
>
> 
>
> This message is for the designated recipient only and may contain
> privileged, proprietary, or otherwise confidential information. If you have
> received it in error, please notify the sender immediately and delete the
> original. Any other use of the e-mail by you is prohibited. Where allowed
> by local law, electronic communications with Accenture and its affiliates,
> including e-mail and instant messaging (including content), may be scanned
> by our systems for the purposes of information security and assessment of
> internal compliance with Accenture policy.
> 
> __
>
> www.accenture.com
>

Re: parallel deployment and websockets

2017-05-30 Thread Ludovic Pénet 
In a similar situation, I do the following :
* go full stateless, use no session ;
* configure WS client to frequently reconnect
* use atmosphere with an internal JMS backend, such as ActiveMQ, to share data 
transparently between parallely deployed versions.

With Atmosphere, you avoid losing messages on reconnections. 

Hope this helps.

Ludovic

Le 30 mai 2017 12:40:45 GMT+02:00, Johan Compagner  a 
écrit :
>>
>> > But now i have websockets, if i connect to ##1 first and i have the
>end
>> > point there
>> > Then i add a ##2 version of the context
>> > then i guess a new user that opens a websocket will go to ##2
>> > but if the existing user does a refresh in the browser then it will
>also
>> > suddenly go to ##2 i guess?
>>
>> It depends. If the URL in the HTTP UPGRADE request includes the
>session
>> ID, and that session ID is still valid in ##1, then the WebSocket
>> request will be handled by ##1.
>>
>
>
>ah so for this to work we need to force a http session to be created?
>so the cookie is set and the http session is there?
>problem is a bit that all communication is then going through the
>websocket
>so the session could even just timeout, because we don't hit it anymore
>
>i do see when creating a websocket, request.getSession(false) is called
>(multiply times by the way, a lot goes wrong when you have a breakpoint
>on
>that method, but thats another story)
>but it isn't when it is just alive. So  do i need to call something
>every
>time on the incomming() call in the endpoint to keep the http session
>alive..
>
>johan

-- 
Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma brièveté.

Re: parallel deployment and websockets

2017-05-30 Thread Johan Compagner 
>
> > But now i have websockets, if i connect to ##1 first and i have the end
> > point there
> > Then i add a ##2 version of the context
> > then i guess a new user that opens a websocket will go to ##2
> > but if the existing user does a refresh in the browser then it will also
> > suddenly go to ##2 i guess?
>
> It depends. If the URL in the HTTP UPGRADE request includes the session
> ID, and that session ID is still valid in ##1, then the WebSocket
> request will be handled by ##1.
>


ah so for this to work we need to force a http session to be created?
so the cookie is set and the http session is there?
problem is a bit that all communication is then going through the websocket
so the session could even just timeout, because we don't hit it anymore

i do see when creating a websocket, request.getSession(false) is called
(multiply times by the way, a lot goes wrong when you have a breakpoint on
that method, but thats another story)
but it isn't when it is just alive. So  do i need to call something every
time on the incomming() call in the endpoint to keep the http session
alive..

johan

Re: parallel deployment and websockets

2017-05-30 Thread Mark Thomas 
On 30/05/17 11:09, Johan Compagner wrote:
> Hi,
> 
> if i read this:
> 
> http://tomcat.apache.org/tomcat-8.5-doc/config/context.html#Parallel_deployment
> 
> then i see it will go to the "old" version of a war based on session
> information
> i guess this is jsessionid?
> 
> So a refresh in the browser or another request with the jsessionid will go
> to the version it started with i guess?
> 
> But now i have websockets, if i connect to ##1 first and i have the end
> point there
> Then i add a ##2 version of the context
> then i guess a new user that opens a websocket will go to ##2
> but if the existing user does a refresh in the browser then it will also
> suddenly go to ##2 i guess?

It depends. If the URL in the HTTP UPGRADE request includes the session
ID, and that session ID is still valid in ##1, then the WebSocket
request will be handled by ##1.

Mark


> 
> (we have session info over the websocket url like a jsessionid... but that
> will not map in the other later version of the context i guess)
> 


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

parallel deployment and websockets

2017-05-30 Thread Johan Compagner 
Hi,

if i read this:

http://tomcat.apache.org/tomcat-8.5-doc/config/context.html#Parallel_deployment

then i see it will go to the "old" version of a war based on session
information
i guess this is jsessionid?

So a refresh in the browser or another request with the jsessionid will go
to the version it started with i guess?

But now i have websockets, if i connect to ##1 first and i have the end
point there
Then i add a ##2 version of the context
then i guess a new user that opens a websocket will go to ##2
but if the existing user does a refresh in the browser then it will also
suddenly go to ##2 i guess?

(we have session info over the websocket url like a jsessionid... but that
will not map in the other later version of the context i guess)

-- 
Johan Compagner
Servoy

Source Package file path location in Tomcat

2017-05-30 Thread Shaik, Mohammad N. 
Hello,

Can you please help in sharing the Source Package file path location in Tomcat 
6 and 7 versions?

We need to put the Source Package of Tomcat 7 in Tomcat 6 so that we can use 
the security filters of Tomcat 7 in Tomcat 6.


Regards,
Mohammad Nayeem



This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise confidential information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the e-mail by you is prohibited. Where allowed by local law, electronic 
communications with Accenture and its affiliates, including e-mail and instant 
messaging (including content), may be scanned by our systems for the purposes 
of information security and assessment of internal compliance with Accenture 
policy.
__

www.accenture.com

Re: Considering @serverEndPoint url for routing the request , if the request is of ws:// type

2017-05-30 Thread Mark Thomas 
This time to the list...

On 29/05/17 16:49, Bhuvan Gupta wrote:
> Mark,
> 
>>> Explicitly declare Tomcat's WebSocket filter and ensure it is the first
> filter in the processing chain.
> Can you please give a sample , how to create such filter.
> 
> I looked into the documentation , but cant find it

You don't need to create a filter. You just need to configure Tomcat's
WebSocket filter in your web.xml before the GuiceFilter. Like the
GuiceFilter, it needs to be mapped to "/*". It also needs to be
configured to handle DispatcherType.REQUEST and DispatcherType.FORWARD

Mark


> 
> On Sun, May 28, 2017 at 3:44 PM, Mark Thomas  wrote:
> 
>> On 28 May 2017 10:09:03 BST, Bhuvan Gupta  wrote:
>>> Hello,
>>>
>>>
>>>
>>> I create a sample webapp using servlets and http, which work fine and
>>> the
>>> web.xml looks like
>>>
>>> 
>>>guiceFilter
>>> com.google.inject.servlet.GuiceFilter> filter-class>
>>> 
>>>guiceFilter
>>>/*
>>>
>>> Now i want to add few @ServerEndPoint class to use websocket. So i
>>> added a
>>> class and added @ServerEndpoint(value = "/websocket/chat) on that
>>> class.
>>>
>>> Now i expected that when i use websocket client and use
>>> ws://localhost:8080/app/websocket/chatto connect it should work but it
>>> does
>>> not as i already have a /* filter which redirect request to
>>> guiceFilter.
>>>
>>> *If i comment the filter it works fine.*
>>> --
>>>
>>> *Question:*
>>>
>>> How can i tell tomcat to first consider serverEndPoint url for routing
>>> the
>>> request before matching the filter url patterns ?
>>
>> Explicitly declare Tomcat's WebSocket filter and ensure it is the first
>> filter in the processing chain.
>>
>> Mark
>>
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>>
> 


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Security Headers Implementation in Tomcat 6.x version

2017-05-30 Thread Shaik, Mohammad N. 
Hello Chris,

Thanks for the valuable input, that helps!! We shall go with getting the source 
package of Tomcat 7, put them in Tomcat 6 and use the filters of Tomcat 7 in 
Tomcat 6.

Can you please let me know from where I can get/download the source package of 
Tomcat 7? Also can you please share the location of the source package in 
Tomcat 6 so that we can replace it with the one from Tomcat 7?


Regards,
Mohammad

-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: 29 May 2017 20:57
To: users@tomcat.apache.org
Subject: Re: Security Headers Implementation in Tomcat 6.x version

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Mohammad,

On 5/29/17 7:34 AM, Shaik, Mohammad N. wrote:
> Based on your inputs, we are thinking to put Apache httpd in front of
> Tomcat 6 server, since our header configuration is going to be static.

This might not be a bad idea for a number of reasons, but it is by no means 
required.

You can download the Tomcat 7 source package and use the security filters from 
Tomcat 7[1] in Tomcat 6: there is nothing in there that actually requires 
Tomcat 7 to run.

> Can you please help us in identifying which version of Apache HTTP
> Server we can use for Tomcat 6 version? Also, it will be great if you
> can share some guidelines on how to implement Apache in front of
> Tomcat.
All supported versions of Apache web server work with app supported versions of 
Tomcat (as well as Tomcat 6). You have several choices for how to connect them 
together, but the most straightforward is to use mod_proxy_http from httpd to 
Tomcat. Tomcat behaves exactly as it did before and requires no additional 
configuration unless you are moving TLS termination from Tomcat to httpd. If 
that's the case, there are many guides on the web as well as on Tomcat's 
Presentations Page[2] that document how to do that.

Hope that helps,
- -chris

[1] http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html
[2] http://tomcat.apache.org/presentations.html
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJZLD3hAAoJEBzwKT+lPKRYPh0P/RiGWVDs8c/PsFdC8VmU8fBB
V+EqkBd3SMeMK9l/2NtHW+MK/5BkkB5/2ebZiivCBYVTkUi4jaqnBvy981EJFcFb
vxovSsFhkhAPnr2DtZcg98wkTJ5dwT7ze50Cx/VBeXVlZD8n/nh+Msv5a1Fab0qI
dTzTGUwAguFwVZHkZX16LefqHvbvC6R5lJDCkqdtWx51KbDB4fY2TdVhzGK1vCEk
Vgrg4uEhjrkS/d6YgU4VWY8gHF2202DbmGPyZjIlh8l3R9bFWUE5NEg0AokOAAxR
AySanDW0J1QNKjm11KQuwynDVTqLGu9u9JBxKYsqsZsjjzSIpHFzVislI/lIbKBi
RKb1m+Hsfm0LkmDX+9N47EKXG5B6HOenUjWnjy2BCBnkINPXSbGOPXrG4028hSmo
NlPWGZTFSJnlcE4mLTxHZBQjPwgg2pmn/Ck4LsP9PFJITC3/2jtCpnwCv29pcxx8
ILG8On65M9uA2AdnhGucNvSpV5nsfPujhBQtB44A9Xd9V3ssdqn+hSgorZ4aMY7U
XPGyiUV985D+9XKkaHY0gBWjLdEBRZisWV1k66QjAWXC3ekdxGQzyV47RehwRueQ
6Zcc5MuH1F/3okJpXlxSwnpwfLyfZZPjZrhVoyKMxAWj2ozkIqPcfcSw8cYxN5hr
Fx+sOmqCwHww762nVlnZ
=03C1
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise confidential information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the e-mail by you is prohibited. Where allowed by local law, electronic 
communications with Accenture and its affiliates, including e-mail and instant 
messaging (including content), may be scanned by our systems for the purposes 
of information security and assessment of internal compliance with Accenture 
policy.
__

www.accenture.com

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org