Re: Tomcat SecurityListener

2020-10-12 Thread Mark Eggers
Shawn, On 10/12/2020 12:59 PM, Beard, Shawn wrote: Tomcat 9.0.31.0 loads a org.apache.catalina.security.SecurityListener by default in the catalina.sh file. This SecurityListener also sets the UMASK of files to 0027. This has the effect of any file tomcat creates or the app running in tomcat

Tomcat SecurityListener

2020-10-12 Thread Beard, Shawn
Tomcat 9.0.31.0 loads a org.apache.catalina.security.SecurityListener by default in the catalina.sh file. This SecurityListener also sets the UMASK of files to 0027. This has the effect of any file tomcat creates or the app running in tomcat creates with permissions or -rw-r- This is

Re: Deploying war, Negative Date exception

2020-10-12 Thread Mark Thomas
On 12/10/2020 18:48, Christopher Schultz wrote: > There is already a check for -1 for the last-modified time for the file > in the ZIP archive. Also for 0 for some reason (sorry, Brian Kernighan, > you can't store your first file in a ZIP file!). I've tracked that change back to this:

Re: Deploying war, Negative Date exception

2020-10-12 Thread Christopher Schultz
Mark, On 10/12/20 09:50, Mark Thomas wrote: > On 12/10/2020 13:53, Mark Thomas wrote: >> On 12/10/2020 12:49, Mark Thomas wrote: >>> On 12/10/2020 12:19, Peter Henderson wrote: Hello fellow tomcat users. My environment. Tomcat: 9.0.39 Java: openjdk 11.0.8 2020-07-14

Re: Deploying war, Negative Date exception

2020-10-12 Thread Peter Henderson
On Mon, 12 Oct 2020 at 14:50, Mark Thomas wrote: > On 12/10/2020 13:53, Mark Thomas wrote: > > On 12/10/2020 12:49, Mark Thomas wrote: > >> On 12/10/2020 12:19, Peter Henderson wrote: > >>> Hello fellow tomcat users. > >>> > >>> My environment. > >>> Tomcat: 9.0.39 > >>> Java: openjdk 11.0.8

Re: java.lang.OutOfMemoryError: PermGen space when we redeploy same application multiple times

2020-10-12 Thread Prabhu Gurunathan
Thanks Manuel Dominguez On Mon, Oct 12, 2020 at 5:51 PM Manuel Dominguez Sarmiento wrote: > > The articles in this page will be helpful: > https://java.jiderhamn.se/category/classloader-leaks/ > > On 12/10/2020 04:19, Mark Thomas wrote: > > On 11/10/2020 02:39, Prabhu Gurunathan wrote: > >> Hi

Re: HTTP2: memory filled up fast on increasing the connections to 1000/2000 (Embedded tomcat 9.0.38)

2020-10-12 Thread Mark Thomas
On 12/10/2020 08:02, Arshiya Shariff wrote: > Hi Mark , > > The issue is reproduced with version 9.0.39 as well. Max threads in Tomcat is > 200. > > Please find the case: > Client:JMeter 5.2.1 (With http2 plugin) > TPS: around 20 > No of users from JMeter : 700 > Message payload size: 6 KB to

Re: Deploying war, Negative Date exception

2020-10-12 Thread Mark Thomas
On 12/10/2020 13:53, Mark Thomas wrote: > On 12/10/2020 12:49, Mark Thomas wrote: >> On 12/10/2020 12:19, Peter Henderson wrote: >>> Hello fellow tomcat users. >>> >>> My environment. >>> Tomcat: 9.0.39 >>> Java: openjdk 11.0.8 2020-07-14 >>> OS: Ubuntu 18.04.5 LTS >>> >>> Source code [0] >>> >>>

Re: Deploying war, Negative Date exception

2020-10-12 Thread Mark Thomas
On 12/10/2020 12:49, Mark Thomas wrote: > On 12/10/2020 12:19, Peter Henderson wrote: >> Hello fellow tomcat users. >> >> My environment. >> Tomcat: 9.0.39 >> Java: openjdk 11.0.8 2020-07-14 >> OS: Ubuntu 18.04.5 LTS >> >> Source code [0] >> >> When deploying this war [1], by copying it into the

Re: Deploying war, Negative Date exception

2020-10-12 Thread Martin Grigorov
Hi Peter, On Mon, Oct 12, 2020 at 2:20 PM Peter Henderson wrote: > Hello fellow tomcat users. > > My environment. > Tomcat: 9.0.39 > Java: openjdk 11.0.8 2020-07-14 > OS: Ubuntu 18.04.5 LTS > > Source code [0] > > When deploying this war [1], by copying it into the webapps directory, > I get

Re: Deploying war, Negative Date exception

2020-10-12 Thread Mark Thomas
On 12/10/2020 12:19, Peter Henderson wrote: > Hello fellow tomcat users. > > My environment. > Tomcat: 9.0.39 > Java: openjdk 11.0.8 2020-07-14 > OS: Ubuntu 18.04.5 LTS > > Source code [0] > > When deploying this war [1], by copying it into the webapps directory, > I get this exception. [2] >

Re: java.lang.OutOfMemoryError: PermGen space when we redeploy same application multiple times

2020-10-12 Thread Manuel Dominguez Sarmiento
The articles in this page will be helpful: https://java.jiderhamn.se/category/classloader-leaks/ On 12/10/2020 04:19, Mark Thomas wrote: On 11/10/2020 02:39, Prabhu Gurunathan wrote: Hi All, We have an setup where we are using OpenJDK 1.7 and Tomcat 7.0.100 , in CentOs 7 Env . and we have

Deploying war, Negative Date exception

2020-10-12 Thread Peter Henderson
Hello fellow tomcat users. My environment. Tomcat: 9.0.39 Java: openjdk 11.0.8 2020-07-14 OS: Ubuntu 18.04.5 LTS Source code [0] When deploying this war [1], by copying it into the webapps directory, I get this exception. [2] java.lang.IllegalArgumentException: Negative time I only started

Re: java.lang.OutOfMemoryError: PermGen space when we redeploy same application multiple times

2020-10-12 Thread Prabhu Gurunathan
Thanks Mark , for your thoughts , will explore more and get back . On Mon, Oct 12, 2020 at 12:49 PM Mark Thomas wrote: > > On 11/10/2020 02:39, Prabhu Gurunathan wrote: > > Hi All, > > > > We have an setup where we are using OpenJDK 1.7 and Tomcat 7.0.100 , > > in CentOs 7 Env . and we have many

[SECURITY] CVE-2020-13943 Apache Tomcat HTTP/2 Request mix-up

2020-10-12 Thread Mark Thomas
CVE-2020-13943 Apache Tomcat HTTP/2 Request mix-up Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 10.0.0-M1 to 10.0.0-M7 Apache Tomcat 9.0.0.M5 to 9.0.37 Apache Tomcat 8.5.1 to 8.5.57 Description: If an HTTP/2 client exceeded the agreed maximum

[ANN] Apache Tomcat 8.5.59 available

2020-10-12 Thread Mark Thomas
The Apache Tomcat team announces the immediate availability of Apache Tomcat 8.5.59. Apache Tomcat 8 is an open source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and Java Authentication Service Provider Interface for Containers

[ANN] Apache Tomcat 9.0.39 available

2020-10-12 Thread Mark Thomas
The Apache Tomcat team announces the immediate availability of Apache Tomcat 9.0.39. Apache Tomcat 9 is an open source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies. Apache Tomcat 9.0.39 is a bugfix and

[ANN] Apache Tomcat 10.0.0-M9 available

2020-10-12 Thread Mark Thomas
The Apache Tomcat team announces the immediate availability of Apache Tomcat 10.0.0-M9. Apache Tomcat 10 is an open source software implementation of the Jakarta Servlet, Jakarta Server Pages, Jakarta Expression Language, Jakarta WebSocket, Jakarta Authentication and Jakarta Annotations

Re: java.lang.OutOfMemoryError: PermGen space when we redeploy same application multiple times

2020-10-12 Thread Mark Thomas
On 11/10/2020 02:39, Prabhu Gurunathan wrote: > Hi All, > > We have an setup where we are using OpenJDK 1.7 and Tomcat 7.0.100 , > in CentOs 7 Env . and we have many application deployed in > Tomcat/webapps and the common lib's needed for those apps are kept in > Tomcat/lib directory like log4j ,

RE: HTTP2: memory filled up fast on increasing the connections to 1000/2000 (Embedded tomcat 9.0.38)

2020-10-12 Thread Arshiya Shariff
Hi Mark , The issue is reproduced with version 9.0.39 as well. Max threads in Tomcat is 200. Please find the case: Client:JMeter 5.2.1 (With http2 plugin) TPS: around 20 No of users from JMeter : 700 Message payload size: 6 KB to 34 KB Loop: Infinite We let the loop run infinitely and see the