RE: [E] Re: Cannot get a connection, pool error Timeout waiting for ideal object

[Halder, Arpan [ITSUS Non J]]

Hi Chris,

Thanks a lot for your help!!Much appreciated!!

We could able to locate context.xml under " /apps/apache-tomcat-7.0.67/conf" 
path - see below:



WEB-INF/web.xml







 







Could you please check which are the parameters to add/modify/delete.

Also we could locate another "context.xml" under " 
/apps/apache-tomcat-7.0.67/webapps/host-manager/META-INF" and " 
/apps/apache-tomcat-7.0.67/webapps/manager/META-INF" path - could you please 
advise if we need to make any change here:


  
  
>
> 
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 
> 
> -
>
>
> 
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQJRBAEBCAA7FiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlqHXlsdHGNocmlzQGNo
cmlzdG9waGVyc2NodWx0ei5uZXQACgkQHPApP6U8pFh93w/+PO/2xkpVXDwEZQHL
cGmR7kT7YuGNHU+ROu/cDuITm2TKMPzkl4HcvVS6heIbe/bZUVHm7Xf66mF9ArUc
WKXJ4KB6JDnrF3Lgpg3otMFNs65Kd90Ku5Azos/QF7evmKGoJ386HyQCoJPRCPW4
qaIUB1qhbhESbPSs+WUkH5RSDUXpw6YA8+Q9ZgpFaNrEncAL7mZFLcM60NMLHLFQ
6l1zbz8i6fzXvjzWhYHdEBOOqVtaaR8vMK8QQ3RzWEwz0jtRS+P9dTfXfny40gRg
2B0yC5ZbcW+v7ya7VxhScjOrGnFQawsxyzW2i+DQfynERLMkZtpz3kxOqiGHehAV
Qbe3yUgS8QaEh0rmD6hjFQMIUtDtr93ULlFGU27/Bl18cI02X/DQJn6D+dChSdus
o85UImx/KfxTEFPru6gGFrrWHdMNvs2jh2PcEdRNf/X104kgZAdfcf9P9LtB7zZH
LbERS+bqrY8UaloITcPl8hluPb57xfMn0F3SKo/52ZXQj5pB4NlUX66tAZGp1mfg
id5OdHrbFsF4lyaULnF54oh5AfOnL3azkz8InZSfVeX+mnEFNfGF0mrWB76vGKBk
Wwff96PGK5a6LnsHmIm8lEw5ZGYK8hkaELFTPA51qF8WQUWKMoXNVD2KtfVa/NUw
hAbcuPVPHWqlgWZazlxyY7fs+WE=
=sdf2
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: [E] Re: Cannot get a connection, pool error Timeout waiting for ideal object

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Arpan,

On 2/16/18 3:13 PM, Halder, Arpan [ITSUS Non J] wrote:
> We could locate the parameters in "jdbc-pool.html" file located
> under apache-tomcat-7.0.67/webapps/docs" path. Is there somewhere
> else we need to look into for this file? Could you please advise on
> where we could find the file.

I think you might need another member of your team to advise you on
this subject and maybe represent you within this community.

The file in question is part of Tomcat's user manual. It is not a
configuration file, and is not a part of your own application.

> Also in case the mentioned file is correct file but it is not 
> configured for our database - could you please let me know what is 
> the process of modification/setting up parameters and what are the 
> parameters we need to set in case it is not done for our case.

The real configuration is usually in a file called context.xml in your
application's META-INF directory.

- -chris

> -Original Message- From: Christopher Schultz 
> [mailto:ch...@christopherschultz.net] Sent: Friday, February 16,
> 2018 2:24 PM To: users@tomcat.apache.org Subject: [EXTERNAL] Re:
> [E] Re: Cannot get a connection, pool error Timeout waiting for
> ideal object
> 
> Arpan,
> 
> On 2/15/18 8:54 AM, Halder, Arpan [ITSUS Non J] wrote:
>> We have already setup below parameters in jdbc-pool.html (see 
>> below) – could you please advise if we need to modify/add
>> anything else here:
> 
>> And here is an example on how to configure a resource for JNDI
>>  lookups Resource 
>> name="jdbc/TestDB" auth="Container" type="javax.sql.DataSource" 
>> factory="org.apache.tomcat.jdbc.pool.DataSourceFactory" 
>> testWhileIdle="true" testOnBorrow="true" testOnReturn="false" 
>> validationQuery="SELECT 1" validationInterval="3" 
>> timeBetweenEvictionRunsMillis="3" maxActive="100"
>> minIdle="10" maxWait="1" initialSize="10"
>> removeAbandonedTimeout="60" removeAbandoned="true"
>> logAbandoned="true" minEvictableIdleTimeMillis="3"
>> jmxEnabled="true" 
>> jdbcInterceptors="org.apache.tomcat.jdbc.pool.interceptor.ConnectionS
t
>
>>
>> 
ate;
> 
> 
> org.apache.tomcat.jdbc.pool.interceptor.StatementFinalizer"
>> username="root" password="password" 
>> driverClassName="com.mysql.jdbc.Driver" 
>> url="jdbc:mysql://localhost:3306/mysql"/
> 
> Looks like you copy/pasted that from the Tomcat documentation. How 
> about copy/pasting your actual configuration (without any secrets, 
> of course) just in case there are any errors in your
> interpretation.
> 
> Are you sure you don't have capacity problems? If you have only
> e.g. 10 connections available but hundreds of users, perhaps you
> simply need more connections. Are you sure the database is
> available and reachable via the network?
> 
> Sometimes timeouts are simply a reality. But if you start to see 
> "timeout" errors and the database is NOT DOWN and still reachable, 
> but everything grinds to a halt, then you certainly have a
> resource problem.
> 
> I disagree with another poster about abandoned connections: do not 
> remove them. Log them and allow the pool to become exhausted. That 
> way, you'll end up finding and fixing the problems instead of just 
> continuing to bleed.
> 
> -chris
> 
> -
>
>
> 
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 
> 
> -
>
>
> 
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQJRBAEBCAA7FiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlqHXlsdHGNocmlzQGNo
cmlzdG9waGVyc2NodWx0ei5uZXQACgkQHPApP6U8pFh93w/+PO/2xkpVXDwEZQHL
cGmR7kT7YuGNHU+ROu/cDuITm2TKMPzkl4HcvVS6heIbe/bZUVHm7Xf66mF9ArUc
WKXJ4KB6JDnrF3Lgpg3otMFNs65Kd90Ku5Azos/QF7evmKGoJ386HyQCoJPRCPW4
qaIUB1qhbhESbPSs+WUkH5RSDUXpw6YA8+Q9ZgpFaNrEncAL7mZFLcM60NMLHLFQ
6l1zbz8i6fzXvjzWhYHdEBOOqVtaaR8vMK8QQ3RzWEwz0jtRS+P9dTfXfny40gRg
2B0yC5ZbcW+v7ya7VxhScjOrGnFQawsxyzW2i+DQfynERLMkZtpz3kxOqiGHehAV
Qbe3yUgS8QaEh0rmD6hjFQMIUtDtr93ULlFGU27/Bl18cI02X/DQJn6D+dChSdus
o85UImx/KfxTEFPru6gGFrrWHdMNvs2jh2PcEdRNf/X104kgZAdfcf9P9LtB7zZH
LbERS+bqrY8UaloITcPl8hluPb57xfMn0F3SKo/52ZXQj5pB4NlUX66tAZGp1mfg
id5OdHrbFsF4lyaULnF54oh5AfOnL3azkz8InZSfVeX+mnEFNfGF0mrWB76vGKBk
Wwff96PGK5a6LnsHmIm8lEw5ZGYK8hkaELFTPA51qF8WQUWKMoXNVD2KtfVa/NUw
hAbcuPVPHWqlgWZazlxyY7fs+WE=
=sdf2
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: [E] Re: Cannot get a connection, pool error Timeout waiting for ideal object

[Halder, Arpan [ITSUS Non J]]

Hi Chris,

Thank you for your reply!!

We could locate the parameters in "jdbc-pool.html" file located under 
apache-tomcat-7.0.67/webapps/docs" path. Is there somewhere else we need to 
look into for this file? Could you please advise on where we could find the 
file.

Also in case the mentioned file is correct file but it is not configured for 
our database - could you please let me know what is the process of 
modification/setting up parameters and what are the parameters we need to set 
in case it is not done for our case.

Thank you in advance and appreciate your help!!

Thanks and Regards,
Arpan

Arpan Halder 
Tata Consultancy Services providing services to:
Global Data and Analytics
Application Support / ITAS
Route 22 West▪NJ 08876 ▪ USA
Mobile: +1 (908) 392 2947 


-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net] 
Sent: Friday, February 16, 2018 2:24 PM
To: users@tomcat.apache.org
Subject: [EXTERNAL] Re: [E] Re: Cannot get a connection, pool error Timeout 
waiting for ideal object

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Arpan,

On 2/15/18 8:54 AM, Halder, Arpan [ITSUS Non J] wrote:
> We have already setup below parameters in jdbc-pool.html (see
> below) – could you please advise if we need to modify/add anything 
> else here:
> 
> And here is an example on how to configure a resource for JNDI 
> lookups Resource
> name="jdbc/TestDB" auth="Container" type="javax.sql.DataSource" 
> factory="org.apache.tomcat.jdbc.pool.DataSourceFactory" 
> testWhileIdle="true" testOnBorrow="true" testOnReturn="false" 
> validationQuery="SELECT 1" validationInterval="3" 
> timeBetweenEvictionRunsMillis="3" maxActive="100" minIdle="10" 
> maxWait="1" initialSize="10" removeAbandonedTimeout="60" 
> removeAbandoned="true" logAbandoned="true" 
> minEvictableIdleTimeMillis="3" jmxEnabled="true" 
> jdbcInterceptors="org.apache.tomcat.jdbc.pool.interceptor.ConnectionSt
ate;
>
> 
org.apache.tomcat.jdbc.pool.interceptor.StatementFinalizer"
> username="root" password="password" 
> driverClassName="com.mysql.jdbc.Driver" 
> url="jdbc:mysql://localhost:3306/mysql"/

Looks like you copy/pasted that from the Tomcat documentation. How about 
copy/pasting your actual configuration (without any secrets, of
course) just in case there are any errors in your interpretation.

Are you sure you don't have capacity problems? If you have only e.g.
10 connections available but hundreds of users, perhaps you simply need more 
connections. Are you sure the database is available and reachable via the 
network?

Sometimes timeouts are simply a reality. But if you start to see "timeout" 
errors and the database is NOT DOWN and still reachable, but everything grinds 
to a halt, then you certainly have a resource problem.

I disagree with another poster about abandoned connections: do not remove them. 
Log them and allow the pool to become exhausted. That way, you'll end up 
finding and fixing the problems instead of just continuing to bleed.

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlqHL+YACgkQHPApP6U8
pFgbDxAAhmn6nD0edc0F/3eh3izdZ9KnV5sUAC/E5ubv/1tc+KiE/GPZUhiy/qSa
n4Am3KEhXmyee+ZcQFUg1PNqeZGgq/uLdppeZHG0Vsv0lYH/I1xBJMoluEpDzzQN
nnRFQEHCqlB+ujBP5G4bQGLRuh5fhwVRz9lktoQnwDybG/KjzTh56+SZmYXABSEn
JMFEbr6+ADafPVUiSmu8uMklenH5YXYMXiiB6dAXdtpP/SHAGxko05c0j1g+Snq1
WrM17qKpGI2qdQaXlfr8NChBuXrNQz8zj+2HJrNxzRLDa56GmVBq7tbvgwQwmdTb
r1vqW1sEl4l3y8fnUxFJlyoQixQ8wPKDQH7H8NPpMkts4SyRULqRwpJvp6/L+TYy
D8Ge2j+9uZCxUcccA0ds3E8j1r+FjtpU6w8Ut1ZJIb071JmtEDlvRTYyAEt0Q69w
3MJa0dA59DJ8l4/A2KzNuDhFYtkmuf1UmBHxw6qsfqsseqFD3AzDVcbirpxwNdIj
1mtbH91Fl+hSN4Ww4gGQLXjUfLf1o8MR0bkeLy5236k2UajuH1Jbvf8xCh6GlQoc
yp7PH61Kw5vb2M5Yjqg0C0OSgXspagYYATCM4Y2QTBATUrpLHTLYv679yKXCMPgq
wQlvIn4+jpxnFpB2fhY5ZWH0VdilWhXG8uhGz2FJCI9XhWUaAws=
=vd5m
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: asgard tomcat application 404

[Olaf Kock]

On 15.02.2018 23:39, Tim Dunphy wrote:

I'm trying to get Netflix Asgard tomcat app working. I'm using tomcat 9.
I'm using windows.
[...]
Tomcat is about as much involved in this as is Windows. To second 
Christopher's OT answer: This is a problem of the deployed application, 
not of Tomcat. You should look for help in the Asgard community. Tomcat 
doesn't use spring, thus there's not even common ground.


Olaf

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: [E] RE: Tomcat 8.5.23

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Margaret,

On 2/15/18 10:46 PM, Bauer, Margaret M (Peggy) wrote:
> I am not using 8.5, but in older tomcat you must set the below in
> the server.xml
> 
>  autoDeploy="true">

That is the default configuration. So... what is your suggestion exactly
?

- -chris

> On Thu, Feb 15, 2018 at 1:25 PM, Lawrence Lim
>  wrote:
> 
>> Red Hat Enterprise Linux Server release 6.9 (Santiago)
>> 
>> Yes. I did check the logs. It does not log anything when I
>> deploy. But, it logs something when I undeploy.
>> 
>> Lawrence Lim Software Developer -
>> 
>> ENBRIDGE TEL: 780-969-6208 10175 101 St NW,  Edmonton, Alberta
>> T5J 0H3
>> 
>> enbridge.com Integrity. Safety. Respect.
>> 
>> -Original Message- From: Satish Chhatpar 02
>> [mailto:chhatp...@cpwplc.com] Sent: Thursday, February 15, 2018
>> 10:58 AM To: users@tomcat.apache.org Subject: [External] Re:
>> Tomcat 8.5.23
>> 
>> Which operating system? Did you check the logs?
>> 
>> Sent using OWA for iPhone  From:
>> Lawrence Lim  Sent: Thursday, February
>> 15, 2018 11:09:54 PM To: users@tomcat.apache.org Subject: Tomcat
>> 8.5.23
>> 
>> Hi,
>> 
>> 
>> 
>> I just installed tomcat 8.5.23. I am having problems deploying
>> web apps via manager. To reproduce:
>> 
>> 
>> 
>> 1.   Login to tomcat manager
>> 
>> 
>> 
>> 2.   Go to " WAR file to deploy"
>> 
>> 
>> 
>> 3.   Pick a war file
>> 
>> 
>> 
>> 
>> 
>> Error message: FAIL - File upload failed, no file
>> 
>> 
>> 
>> 
>> 
>> Workaround: Copy war file to the tomcat webapps directory
>> 
>> 
>> 
>> 
>> 
>> I also tried using localhost:8080, same result. So, it's not some
>> weird networking constraint.
>> 
>> 
>> Lawrence Lim Software Developer -
>> 
>> ENBRIDGE TEL: 780-969-6208 10175 101 St NW,  Edmonton, Alberta
>> T5J 0H3
>> 
>> enbridge.com Integrity. Safety. Respect.
>> 
>> ::DISCLAIMER:: 
>>  
>>  
>> Confidentiality Notice from Dixons Carphone plc (registered in
>> England & Wales No.07105905) of 1 Portal Way, London, W3 6RS
>> ("Dixons Carphone"). The information contained in this e-mail and
>> any attachments may be legally privileged, proprietary and/or
>> confidential. If you received this e-mail in error, please notify
>> the sender by return, permanently delete the e-mail and destroy
>> all hard copies immediately. No warranty is made as to the 
>> completeness or accuracy of the information contained in this
>> e-mail. Opinions, conclusions and statements of intent in this
>> e-mail are those of the sender and will not bind any Dixons
>> Carphone group company (Dixons Carphone Group) unless confirmed
>> by an authorised representative independently of this e-mail. We
>> do not accept responsibility for viruses; you must scan for
>> these. E-mails sent to and from Dixons Carphone Group are 
>> routinely monitored for record keeping, quality control, training
>> purposes, to ensure regulatory compliance and to prevent viruses
>> and unauthorised use of our computer systems. The Carphone
>> Warehouse Limited (registered in England & Wales No.02142673) is
>> a member of the Dixons Carphone Group and is authorised and
>> regulated by the Financial Conduct Authority. 
>>  
>> 
>> 
>> -
>>
>> 
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>> 
>> 
> 
> 
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlqHMcsACgkQHPApP6U8
pFgjpRAAuawUIvJ6cBsStytSyqy9dRCbLM6XcYO72w2JAe6OriGwzSmPlFgJtGnD
QuNwSgyZc0g7ePG6fpg6+QCQ6aA3wOEeBMVbUH0oj+KssdhyizNf/j1sGEEJ/Kwd
MPoCXZX0ekZWRqCNlzzs6j4czunSbi6rm2AGP7UZGW3HqCV6hYzc5qvLhrZf2ddN
7bsRlp9rqmdCuLr3etzJ5pXE1ewbcHQGc83hKvGNYzgBUkTkYfImYU1nJQjcae03
BquueYMJA4clfh6NFiknAAhOb8Ok5Sl+CKUPnmsxwJz1s/41plVNeMuWFTbe7gy2
7OhLXBSSkb+rUloNBmWD2ACjL+/yb7KohPTCH0zK7xQQjYqenS4+MPgT8XH/hWJ2
na6+yEqqFxEE8XuvW5EuZSGwYp5yjnLKfZuCz9tvibs4pCFSiARpF1ChcCCmtSZN
TDOrQEU2qoplfM8Vn6SX4VGi5nBq82AKP9UxRsgrC7gRl4MdEVBFLBlzgsHmSAA+
hE9gAnsLx5TI4q3ktSoMDwRMy92rAJrAOnmKyaD4RrWag2sTi9oV845fyI15V0JA
DV0dsjf9YQvQVDnDamyaWlNc2iVeK9YsxHquKGWSff794oHx5Na82SSWOEH7r5cO
mvsc9aTR5Z7rXfXJfbsJRBYHOWWCw9WrLds86WseShdl6Ps0mw4=
=p7Hf
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: [OT] asgard tomcat application 404

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Tim,

On 2/15/18 5:39 PM, Tim Dunphy wrote:
> I'm trying to get Netflix Asgard tomcat app working. I'm using
> tomcat 9. I'm using windows.
> 
> I can load up the tomcat management and other interfaces no
> problem.
> 
> But when I navigate to /asgard I get a 404 error:
> 
> HTTP Status 404 – Not Found Type Status Report
> 
> Message /asgard/
> 
> Description The origin server did not find a current representation
> for the target resource or is not willing to disclose that one
> exists.
> 
> Apache Tomcat/9.0.5
> 
> I have JAVA_HOME set to C:\Program Files\Java\jdk1.8.0_162
> 
> I placed the asgard.war file in the tomcat\webapps directory.
> 
> This is what I have in my catalina logs:
> 
> 15-Feb-2018 15:59:30.048 INFO [main] 
> org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was
> scanned for TLDs yet contained no TLDs. Enable debug logging for
> this logger for a complete list of JARs that were scanned but no
> TLDs were found in them. Skipping unneeded JARs during scanning can
> improve startup time and JSP compilation time. 15-Feb-2018
> 15:59:33.402 SEVERE [main] 
> org.apache.catalina.core.StandardContext.startInternal One or more 
> listeners failed to start. Full details will be found in the
> appropriate container log file 15-Feb-2018 15:59:33.404 SEVERE
> [main] org.apache.catalina.core.StandardContext.startInternal
> Context [/asgard] startup failed due to previous errors
> 
> I have this in the asgard.log file:
> 
> 
> 
> [2018-02-15 15:59:33,389] [main] 
> springframework.web.context.ContextLoaderContext initialization
> failed org.springframework.beans.factory.BeanCreationException:
> Error creating bean with name 'pluginManager' defined in
> ServletContext resource [/WEB-INF/applicationContext.xml]:
> Invocation of init method failed; nested exception is
> java.lang.NullPointerException: Cannot invoke method getAt() on
> null object at 
> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511
)
>
> 
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> at 
> java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorSe
rvice.java:112)
>
> 
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> at 
> java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorSe
rvice.java:134)
>
> 
Caused by: java.lang.NullPointerException: Cannot invoke method getAt()
> on null object ... 5 more [2018-02-15 15:59:33,397] [main] 
> grails.web.context.GrailsContextLoaderError initializing the 
> application: Error creating bean with name 'pluginManager' defined
> in ServletContext resource [/WEB-INF/applicationContext.xml]:
> Invocation of init method failed; nested exception is
> java.lang.NullPointerException: Cannot invoke method getAt() on
> null object 
> org.springframework.beans.factory.BeanCreationException: Error
> creating bean with name 'pluginManager' defined in ServletContext
> resource [/WEB-INF/applicationContext.xml]: Invocation of init
> method failed; nested exception is java.lang.NullPointerException:
> Cannot invoke method getAt() on null object at 
> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511
)
>
> 
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> at 
> java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorSe
rvice.java:112)
>
> 
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> at 
> java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorSe
rvice.java:134)
>
> 
Caused by: java.lang.NullPointerException: Cannot invoke method getAt()
> on null object ... 5 more [2018-02-15 15:59:33,401] [main] 
> grails.web.context.GrailsContextLoaderError initializing
> Grails: Error creating bean with name 'pluginManager' defined in
> ServletContext resource [/WEB-INF/applicationContext.xml]:
> Invocation of init method failed; nested exception is
> java.lang.NullPointerException: Cannot invoke method getAt() on
> null object 
> org.springframework.beans.factory.BeanCreationException: Error
> creating bean with name 'pluginManager' defined in ServletContext
> resource [/WEB-INF/applicationContext.xml]: Invocation of init
> method failed; nested exception is java.lang.NullPointerException:
> Cannot invoke method getAt() on null object at 
> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511
)
>
> 
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> at 
> java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorSe
rvice.java:112)
>
> 
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> at 
> java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorSe
rvice.java:134)
>
> 
Caused by: java.lang.NullPointerException: Cannot invoke method getAt()
> on null object
> 
> And this is what I have in the localhost log:
> 
> 15-Feb-2018 15:59:30.077 INFO [main] 
> org.apache.catalina.core.ApplicationContext.log No Spring 
> WebApplicationInitializer types 

Re: [E] Re: Cannot get a connection, pool error Timeout waiting for ideal object

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Arpan,

On 2/15/18 8:54 AM, Halder, Arpan [ITSUS Non J] wrote:
> We have already setup below parameters in jdbc-pool.html (see
> below) – could you please advise if we need to modify/add anything
> else here:
> 
> And here is an example on how to configure a resource for JNDI
> lookups Resource
> name="jdbc/TestDB" auth="Container" type="javax.sql.DataSource" 
> factory="org.apache.tomcat.jdbc.pool.DataSourceFactory" 
> testWhileIdle="true" testOnBorrow="true" testOnReturn="false" 
> validationQuery="SELECT 1" validationInterval="3" 
> timeBetweenEvictionRunsMillis="3" maxActive="100" minIdle="10" 
> maxWait="1" initialSize="10" removeAbandonedTimeout="60" 
> removeAbandoned="true" logAbandoned="true" 
> minEvictableIdleTimeMillis="3" jmxEnabled="true" 
> jdbcInterceptors="org.apache.tomcat.jdbc.pool.interceptor.ConnectionSt
ate;
>
> 
org.apache.tomcat.jdbc.pool.interceptor.StatementFinalizer"
> username="root" password="password" 
> driverClassName="com.mysql.jdbc.Driver" 
> url="jdbc:mysql://localhost:3306/mysql"/

Looks like you copy/pasted that from the Tomcat documentation. How
about copy/pasting your actual configuration (without any secrets, of
course) just in case there are any errors in your interpretation.

Are you sure you don't have capacity problems? If you have only e.g.
10 connections available but hundreds of users, perhaps you simply
need more connections. Are you sure the database is available and
reachable via the network?

Sometimes timeouts are simply a reality. But if you start to see
"timeout" errors and the database is NOT DOWN and still reachable, but
everything grinds to a halt, then you certainly have a resource problem.

I disagree with another poster about abandoned connections: do not
remove them. Log them and allow the pool to become exhausted. That
way, you'll end up finding and fixing the problems instead of just
continuing to bleed.

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlqHL+YACgkQHPApP6U8
pFgbDxAAhmn6nD0edc0F/3eh3izdZ9KnV5sUAC/E5ubv/1tc+KiE/GPZUhiy/qSa
n4Am3KEhXmyee+ZcQFUg1PNqeZGgq/uLdppeZHG0Vsv0lYH/I1xBJMoluEpDzzQN
nnRFQEHCqlB+ujBP5G4bQGLRuh5fhwVRz9lktoQnwDybG/KjzTh56+SZmYXABSEn
JMFEbr6+ADafPVUiSmu8uMklenH5YXYMXiiB6dAXdtpP/SHAGxko05c0j1g+Snq1
WrM17qKpGI2qdQaXlfr8NChBuXrNQz8zj+2HJrNxzRLDa56GmVBq7tbvgwQwmdTb
r1vqW1sEl4l3y8fnUxFJlyoQixQ8wPKDQH7H8NPpMkts4SyRULqRwpJvp6/L+TYy
D8Ge2j+9uZCxUcccA0ds3E8j1r+FjtpU6w8Ut1ZJIb071JmtEDlvRTYyAEt0Q69w
3MJa0dA59DJ8l4/A2KzNuDhFYtkmuf1UmBHxw6qsfqsseqFD3AzDVcbirpxwNdIj
1mtbH91Fl+hSN4Ww4gGQLXjUfLf1o8MR0bkeLy5236k2UajuH1Jbvf8xCh6GlQoc
yp7PH61Kw5vb2M5Yjqg0C0OSgXspagYYATCM4Y2QTBATUrpLHTLYv679yKXCMPgq
wQlvIn4+jpxnFpB2fhY5ZWH0VdilWhXG8uhGz2FJCI9XhWUaAws=
=vd5m
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Dynamic session cookie domain... possible?

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Phillipe,

On 2/14/18 6:50 PM, Philippe Busque wrote:
> I'm migrating from Tomcat 8.0.X to Tomcat 9.0.5 and I have a issue
> I've been dragging for too long that I wise to correct. I have been
> searching for a workaround and so far, I've found nothing so far
> that work out of the box.
> 
> Here is the situation:
> 
> We have a single webapp  that can handle multiple domains, some of
> which are sub-domains. Example: www.example1.com,
> images.example1.com, assets.example1.com, www.example2.com
> 
> As far as I know Tomcat only allows us to set define a domain
> through a sessionCookieDomain in the context. But this domain is
> fixed. If I set sessionCookieDomain=".example1.com", this will
> break www.example2.com and vice-versa.
> 
> If I leave sessionCookieDomain empty, I don't get sub-domain
> support as no domain is set and the browser fallback to the current
> domain serviced.
> 
> All the manipulation of the session cookie  are managed in the 
> org.apache.catalina.connector.Response class and is not
> customizable.
> 
> So far, when we were using Tomcat 8, we were able to do a
> workaround by overriding the method addSessionCookieInternal inside
> the Response class through a facade, but this is a dirty hack and I
> would rather not alter any of Tomcat's inner classes... And a proxy
> is out of the question, Response not being an interface.
> 
> The other workaround I can think of is  splitting  *.example1.com
> & example2.com into 2 separate tomcat instance or webapps, but that
> would only duplicate the resources required (ram + disk space) for
> as many different domains we decide to support.
> 
> 
> Is there therefor a better way to handle manipulating session
> cookies, or is it frozen and out of reach for multiple subdomain?
> 
> A "SessionCookieProcessor", which would take the context & the
> cookie, would be most welcome for such  a case

This all comes down to how cookies actually work. The simply trust is
that the web browser isn't going to let you set a cookie for another
domain.

I'm not even sure how your "hack" even worked.

You said that you couldn't use a Proxy... I assume you mean
java.lang.reflect.Proxy, right? Well... what about a reverse-proxy (a
networking component) that serves all applications under a single
domain name? (e.g. examples-all.com)? Then all applications can appear
to be using the same shared domain name?

If you can't do that, and you really need to support multiple
hostnames, then you'll have to do something like trampolining:

1. Client makes a request to https://www.example1.com/resource

2. Respond with 302 ; Set-Cookie: JSESSIONID=foo ;
Location:https://www.exmaple2.com/create-session

3. Client follows redirect to https://www.example2.com/create-session

4. Respond with 302 ; Set-Cookie JSESSIONID=bar ; Location:
https://www.example1.com/back-from-hostname2

5. Do whatever you need to do afterwards.

This is awkward, but it will work.

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlqHLnIACgkQHPApP6U8
pFi8Vw//V3H/owH7QbLlok99pF5LJ3BHxHQya2AIg5+q2PtqHFSx4dANERF0GL4h
/wsdb6UxnQnIkn4rCSSJ46ZMfNTVzkocJPKpWFOIbBrBeuMvqG3Zdtvn/xkAlEFy
Bb7kUr3ZFNxiGE+6mZ2bwD79N9FosvWi3Uh7dH2brskcwf+IVvkSd2KR3GsW6Kiy
kqovAkAAF+c1BvfnWZrtljoErAUtuwSVELRCxwf+0WvyktrDDLz2EZjP3WlevBck
cJyZ0o88dLTN7Apcb054kGVvbY1r0peOkJjmfxs4n/FnOtOTiL6fBIYe+PLBgS0w
UNH2XQfBP8+a8cNHi8/8kUtuprHctx+U5aldto+Gm96h9CnDOiwBBJCVx7JN0w9O
kdV5yYGLLgHsPOFStFfOl7Oz9I7xNZaHkPSY9X5L1oue8mEQri9aTSUAHW9d2lc7
84Uu543p7prxjgiDhl+jhg7ILxBmKU8NvoAJcYsDQLnDi6KFfeN9rY69QEVE/t9Y
l6PfK+QTgPxnlGkwptHayAPr+PyiQIlczpLRyBOwBNCcKc3fNBkb8NTrxXVSxgdB
/6tseX0aNQgaTL9+aMxRSMff7vCVU+NZv8LEVWGuYGe5yIc5RtvulvLPwpTZ2hgj
4NLQonTHcj417+xjavtkZjvUKEL53G++7mrYF/Ghs/1z4NoFWok=
=RCyY
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: using default cacerts AND custom keystore

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Chris,

On 2/14/18 3:34 PM, Chris Cheshire wrote:
> On Wed, Feb 14, 2018 at 12:30 PM, Mark Thomas 
> wrote:
>> On 14/02/18 17:17, Chris Cheshire wrote:
>>> I am trying to set up my webapp to connect to an external
>>> database via ssl. The database uses a self-signed certificate.
>>> I have created a keystore with the self-signed CA and the
>>> client key & cert. This keystore is configured via JAVA_OPTS in
>>> setenv.sh
>>> 
>>> JAVA_OPTS="-Djavax.net.ssl.keyStore=$CATALINA_BASE/conf/mysql.jks
>>> \ -Djavax.net.ssl.keyStorePassword=password \ 
>>> -Djavax.net.ssl.trustStore=$CATALINA_BASE/conf/mysql.jks \ 
>>> -Djavax.net.ssl.trustStorePassword=password"
>>> 
>>> This allows me to connect to the database without a problem.
>>> However now I cannot connect to any external web service
>>> because their certs will no longer validate.
>>> 
>>> How do I configure tomcat such that the default cacerts is used
>>> in addition to my self-signed certificates without importing
>>> those into the default keystore (which is a Bad Idea™)?
>> 
>> This is nothing to do with Tomcat. Tomcat plays no role in
>> out-going TLS connections.
>> 
>> The short answer is rather than using system properties, you
>> should set the keystore and truststore programmatically so they
>> apply just to the database connections rather than globally.
>> 
> 
> So after a bit of digging [1,2] I found that this is achieved by 
> adding the following parameters to the mysql jdbc url in the
> resource definition:
> 
> clientCertificateKeyStoreUrl=file://${catalina.base}/conf/mysql.jks
>
> 
clientCertificateKeyStorePassword=password
> trustCertificateKeyStoreUrl=file://${catalina.base}/conf/mysql.jks 
> trustCertificateKeyStorePassword=changeit
> 
> Note that  [2] has a couple of errors. A) it specifies
> clientCertificateKeyStore[Url|Password] in lieu of trustStore
> system property, that should be 
> trustCertificateKeyStore[Url|Password] B) it specifies specifies
> the urls in the form file:path_to_truststore_file, that is also
> incorrect it should be file://path_to_truststore_file (which will
> give a triple slash if an absolute path is used)
> 
> 
> [1]
> https://dev.mysql.com/doc/connector-j/5.1/en/connector-j-reference-con
figuration-properties.html
>
> 
[2]
https://dev.mysql.com/doc/connector-j/5.1/en/connector-j-reference-using
- -ssl.html

It might depend upon the version of Connector/J you are using. For
example, I have this in my connection URL:

'...=file:/etc/mysql/mysql.jks'

Only a single leading / for an absolute path in my case, and it works
as expected.

The use of file:// was a historical mistake web browser users made,
thinking that // was necessary between the protocol and anything after
it. It was never the case, and any software requiring a URL like
file:/// should be considered broken.

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlqHLOUACgkQHPApP6U8
pFiChA//XG5SJL66UWaSOdTELykxG6lHvoCqg/HKiN9i+sRH5kfyjWg1Yn4gUh4d
psLFHvINo3lWpfchY+CJ76xSIq6NKXfAOXohxfYJUgXSGr6reRPj1dFMhAbsE0XW
y8dzlilT6G8vWVFgYe3zwTEVQv30Rn+yc5mo4lspt2BR3Mw9YmiJL9l1z0Fj83+6
Bgaeq+oLXbO6x1QfFxWcDi5jdlkKUyTcbTuoRGUvCSMm6TfB7+lEcs2JKZSxw2hw
c62iR8cPwkQElBfhL08GMsbO2ay/hpPDIzajxW/iMiX6g3V1QkaNQnj3dTSoUegC
59OSxg9KCXSfMe7SydSYBH5SE8ruElseFh7cn4PUuCLY0vaFlJEf+iaviJMxXsTS
Ysj3YdfG5mCHxnFlNHKHz5tYv7wRs6ruhmYTxvQob73hgJyIxtUfCcn7XiwBOvey
xpCxfuBNv91B8VAkDxGf2bk4XK+YRrrCK/1FZDXGrcqGfDRocE5UwbaajkBojZva
aZceEm7nzYS8dYL4NQTj8gLwWyyYe96h9xF1muQhDvYGp7qdNle+C9sUf/jzS6KP
5VV+wOMxBtyXA2624xh+1iL2kcdDE7A9nPOPdBZgnBfr+OH9lG7YACr/aNLCNfJs
6EoNn8GNZSNL8CaPLb8LpvfcN69t04cblKUul0Fidq8VtVfOsxk=
=rMes
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org