Re: GoDaddy SSL certificate not working with Tomcat9

2023-03-20 Thread Robert Turner 
Pressed send too quickly -- I see different aliases there. Ignore my
previous comments

Using PEM files is much simpler to manage, I would go that route instead...
will make it easier. However, I can't offer any real advice on the specific
issue at this time...

Others will certainly be more helpful than I...sorry.

On Mon, Mar 20, 2023 at 9:14 PM Robert Turner  wrote:

> I believe the default certificate alias used by Tomcat is "tomcat". I
> think you are creating your keystore with the alias "root".
>
> (see https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html for docs on
> Tomcat SSL configuration -- adjust for the version you are running)
>
> On Mon, Mar 20, 2023 at 9:09 PM Ralph Grove 
> wrote:
>
>> I'm having a problem installing a new SSL certificate on a GoDaddy-hosted
>> server running Tomcat. Any suggestions for resolving it would be
>> appreciated.
>>
>> I set up the server last year and installed the SSL certificate with no
>> problem. This year, after the original certificate expired, I downloaded
>> the new certificate provided by GoDaddy, removed the old certificate files
>> from the keystore, and installed the new ones. Now Tomcat is throwing a
>> "java.io.IOException: jsse.alias_no_key_entry" exception when it tries to
>> open the HTTPS connector. I also tried rebuilding the keystore from scratch
>> and requesting a new certificate, but am getting the same exception with
>> that certificate.
>>
>> These are the commands I used to obtain and install the certificate:
>>
>> sudo keytool -genkey -alias tomcat -keyalg RSA -keystore keystore.jks
>>
>> sudo keytool -certreq -keyalg RSA -alias tomcat -file certreq.csr
>> -keystore keystore.jks
>>
>> (--request and obtain certificate files from GoDaddy--)
>>
>> sudo keytool -import -alias root -keystore keystore.jks -trustcacerts
>> -file gdcerts/gdroot-g2.crt
>>
>> sudo keytool -import -alias inter -keystore keystore.jks -trustcacerts
>> -file gdcerts/gd_bundle-g2-g1.crt
>>
>> sudo keytool -import -alias tomcat -keystore keystore.jks -file
>> gdcerts/.crt
>>
>>
>>
>> And this is the Tomcat configuration for the connector:
>>
>>> protocol="org.apache.coyote.http11.Http11NioProtocol"
>>
>>   maxThreads="150" SSLEnabled="true">
>>
>>
>>
>>>
>>  type="RSA" certificateKeystorePassword="xx" />
>>
>>
>>
>>
>>
>>
>
>

Re: GoDaddy SSL certificate not working with Tomcat9

2023-03-20 Thread Robert Turner 
I believe the default certificate alias used by Tomcat is "tomcat". I think
you are creating your keystore with the alias "root".

(see https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html for docs on
Tomcat SSL configuration -- adjust for the version you are running)

On Mon, Mar 20, 2023 at 9:09 PM Ralph Grove 
wrote:

> I'm having a problem installing a new SSL certificate on a GoDaddy-hosted
> server running Tomcat. Any suggestions for resolving it would be
> appreciated.
>
> I set up the server last year and installed the SSL certificate with no
> problem. This year, after the original certificate expired, I downloaded
> the new certificate provided by GoDaddy, removed the old certificate files
> from the keystore, and installed the new ones. Now Tomcat is throwing a
> "java.io.IOException: jsse.alias_no_key_entry" exception when it tries to
> open the HTTPS connector. I also tried rebuilding the keystore from scratch
> and requesting a new certificate, but am getting the same exception with
> that certificate.
>
> These are the commands I used to obtain and install the certificate:
>
> sudo keytool -genkey -alias tomcat -keyalg RSA -keystore keystore.jks
>
> sudo keytool -certreq -keyalg RSA -alias tomcat -file certreq.csr
> -keystore keystore.jks
>
> (--request and obtain certificate files from GoDaddy--)
>
> sudo keytool -import -alias root -keystore keystore.jks -trustcacerts
> -file gdcerts/gdroot-g2.crt
>
> sudo keytool -import -alias inter -keystore keystore.jks -trustcacerts
> -file gdcerts/gd_bundle-g2-g1.crt
>
> sudo keytool -import -alias tomcat -keystore keystore.jks -file
> gdcerts/.crt
>
>
>
> And this is the Tomcat configuration for the connector:
>
> protocol="org.apache.coyote.http11.Http11NioProtocol"
>
>   maxThreads="150" SSLEnabled="true">
>
>
>
>
>  type="RSA" certificateKeystorePassword="xx" />
>
>
>
>
>
>

GoDaddy SSL certificate not working with Tomcat9

2023-03-20 Thread Ralph Grove 
I'm having a problem installing a new SSL certificate on a GoDaddy-hosted 
server running Tomcat. Any suggestions for resolving it would be appreciated.

I set up the server last year and installed the SSL certificate with no 
problem. This year, after the original certificate expired, I downloaded the 
new certificate provided by GoDaddy, removed the old certificate files from the 
keystore, and installed the new ones. Now Tomcat is throwing a 
"java.io.IOException: jsse.alias_no_key_entry" exception when it tries to open 
the HTTPS connector. I also tried rebuilding the keystore from scratch and 
requesting a new certificate, but am getting the same exception with that 
certificate. 

These are the commands I used to obtain and install the certificate:

sudo keytool -genkey -alias tomcat -keyalg RSA -keystore keystore.jks

sudo keytool -certreq -keyalg RSA -alias tomcat -file certreq.csr -keystore 
keystore.jks

(--request and obtain certificate files from GoDaddy--)

sudo keytool -import -alias root -keystore keystore.jks -trustcacerts -file 
gdcerts/gdroot-g2.crt

sudo keytool -import -alias inter -keystore keystore.jks -trustcacerts -file 
gdcerts/gd_bundle-g2-g1.crt

sudo keytool -import -alias tomcat -keystore keystore.jks -file 
gdcerts/.crt

 

And this is the Tomcat configuration for the connector:

Re: Unable to start application

2023-03-20 Thread Kevin Huntly 
Hey Chris!

I actually fixed (well, figured out) the MySQL problem - it looks like it's
hard coded to a 2048b DH key, but I configured my servers for CIS level 2
which wants a minimum 3072. I can update the openssl config to utilize a
lower security level and it works just fine.

I don't want to do that, but I don't want to have a nonsecure instance
either. so im probably going to go with an ssh tunnel since this is just
dev and it won't be going to production (our prod is db2)

On Mon, Mar 20, 2023, 20:09 Christopher Schultz <
ch...@christopherschultz.net> wrote:

> Kevin,
>
> On 3/18/23 19:04, Kevin Huntly wrote:
> > I can't use tomcat 10 because of the switch to jakarta for the servlet
> > container - I'd have to rewrite a lot of code. That being said, I got it
> > fixed:
> >
> > All JDBC and JNDI lookups were prefixed with "java:comp/env/" and things
> > worked. Clearly, IBM's WebSphere does this for you, since that's
> primarily
> > what I develop against...
>
> I had to read the whole thread to find this ^^^. You are correct, Tomcat
> gives you an initial context that is rooted at, well, the root of the
> JNDI tree. IMHO any product that locks you into java:comp/env is doing
> you a disservice.
>
> It wasn't clear to me whether you were using Tomcat's "global naming
> resources" or per-context resources. Your posted snippets have all
> expired so I couldn't look at them.
>
> But it looks like you have everything working, so ... great!
>
> You mentioned having a MySQL/MariaDB admin question. Please post that
> separately (different thread, different subject) and annotate it with a
> "[OT]" prefix to indicate that it's off-topic. We may have answers for
> you (I know a lot about MySQL/MariaDB) but this isn't the "correct"
> forum for such questions, hence the "off-topic" moniker.
>
> -chris
>
> > 
> >
> > Kevin Huntly
> > Email: kmhun...@gmail.com
> > Cell: 716/424-3311
> > 
> >
> > -BEGIN GEEK CODE BLOCK-
> > Version: 1.0
> > GCS/IT d+ s a C++ UL+++$ P+(++) L+++ E---
> > W+++ N+ o K(+) w--- O- M-- V-- PS+ PE Y(+)
> > PGP++(+++) t+ 5-- X-- R+ tv+ b++  DI++ D++
> > G++ e(+) h--- r+++ y+++*
> > --END GEEK CODE BLOCK--
> >
> >
> > On Sat, Mar 18, 2023 at 6:31 PM John Dale (DB2DOM) 
> > wrote:
> >
> >> Here's what I use for development:
> >>
> >> apache-tomcat-10.0.6
> >>
> >> java --version
> >> openjdk 11.0.9.1 2020-11-04
> >> OpenJDK Runtime Environment (build 11.0.9.1+1-post-Raspbian-1deb10u2)
> >> OpenJDK Server VM (build 11.0.9.1+1-post-Raspbian-1deb10u2, mixed mode)
> >>
> >> I have tremendous success running this combination.
> >>
> >> For production ..
> >>
> >> Raspbian flows through to ubuntu/debian with practically no issues
> >> except Pi has a problem with ipchainining and NAT.
> >>
> >> Start firing away to jcdw...@gmail.com with questions regarding MySQL.
> >>
> >> I'll do what I can.
> >>
> >> John
> >>
> >>
> >> On 3/18/23, Kevin Huntly  wrote:
> >>> Hey Everyone,
> >>>
> >>> Is this possibly happening because I'm using JDK19 and not 8 or 9?
> >>> 
> >>>
> >>> Kevin Huntly
> >>> Email: kmhun...@gmail.com
> >>> Cell: 716/424-3311
> >>> 
> >>>
> >>> -BEGIN GEEK CODE BLOCK-
> >>> Version: 1.0
> >>> GCS/IT d+ s a C++ UL+++$ P+(++) L+++ E---
> >>> W+++ N+ o K(+) w--- O- M-- V-- PS+ PE Y(+)
> >>> PGP++(+++) t+ 5-- X-- R+ tv+ b++  DI++ D++
> >>> G++ e(+) h--- r+++ y+++*
> >>> --END GEEK CODE BLOCK--
> >>>
> >>>
> >>> On Sat, Mar 18, 2023 at 5:10 PM Kevin Huntly 
> wrote:
> >>>
>  Hey John - if you're out there can you email me direct? I have a MySQL
>  admin question if you have the time and the inclination
>  
> 
>  Kevin Huntly
>  Email: kmhun...@gmail.com
>  Cell: 716/424-3311
>  
> 
>  -BEGIN GEEK CODE BLOCK-
>  Version: 1.0
>  GCS/IT d+ s a C++ UL+++$ P+(++) L+++ E---
>  W+++ N+ o K(+) w--- O- M-- V-- PS+ PE Y(+)
>  PGP++(+++) t+ 5-- X-- R+ tv+ b++  DI++ D++
>  G++ e(+) h--- r+++ y+++*
>  --END GEEK CODE BLOCK--
> 
> 
>  On Sat, Mar 18, 2023 at 1:40 PM Kevin Huntly 
> >> wrote:
> 
> > any other ideas guys? I want to migrate a bunch of really awful apps
> >> off
> > our primary application server so they don't cause us headaches
> >> anymore.
> > if
> > I can't get one app working I have no hope of getting others to work
> >> lol
> >
> > On Sat, Mar 18, 2023, 09:16 John Dale (DB2DOM) 
> > wrote:
> >
> >> Thanks Mark - are statics reloaded now, too?
> >>
> >> I touch web.xml and it's reloaded successfully hundreds of times.
> >>
> >> But I don't use war files so I can use git to version and transfer
> my
> >> builds ... maybe

Re: Unable to start application

2023-03-20 Thread Christopher Schultz 

Kevin,

On 3/18/23 19:04, Kevin Huntly wrote:

I can't use tomcat 10 because of the switch to jakarta for the servlet
container - I'd have to rewrite a lot of code. That being said, I got it
fixed:

All JDBC and JNDI lookups were prefixed with "java:comp/env/" and things
worked. Clearly, IBM's WebSphere does this for you, since that's primarily
what I develop against...


I had to read the whole thread to find this ^^^. You are correct, Tomcat 
gives you an initial context that is rooted at, well, the root of the 
JNDI tree. IMHO any product that locks you into java:comp/env is doing 
you a disservice.


It wasn't clear to me whether you were using Tomcat's "global naming 
resources" or per-context resources. Your posted snippets have all 
expired so I couldn't look at them.


But it looks like you have everything working, so ... great!

You mentioned having a MySQL/MariaDB admin question. Please post that 
separately (different thread, different subject) and annotate it with a 
"[OT]" prefix to indicate that it's off-topic. We may have answers for 
you (I know a lot about MySQL/MariaDB) but this isn't the "correct" 
forum for such questions, hence the "off-topic" moniker.


-chris




Kevin Huntly
Email: kmhun...@gmail.com
Cell: 716/424-3311


-BEGIN GEEK CODE BLOCK-
Version: 1.0
GCS/IT d+ s a C++ UL+++$ P+(++) L+++ E---
W+++ N+ o K(+) w--- O- M-- V-- PS+ PE Y(+)
PGP++(+++) t+ 5-- X-- R+ tv+ b++  DI++ D++
G++ e(+) h--- r+++ y+++*
--END GEEK CODE BLOCK--


On Sat, Mar 18, 2023 at 6:31 PM John Dale (DB2DOM) 
wrote:


Here's what I use for development:

apache-tomcat-10.0.6

java --version
openjdk 11.0.9.1 2020-11-04
OpenJDK Runtime Environment (build 11.0.9.1+1-post-Raspbian-1deb10u2)
OpenJDK Server VM (build 11.0.9.1+1-post-Raspbian-1deb10u2, mixed mode)

I have tremendous success running this combination.

For production ..

Raspbian flows through to ubuntu/debian with practically no issues
except Pi has a problem with ipchainining and NAT.

Start firing away to jcdw...@gmail.com with questions regarding MySQL.

I'll do what I can.

John


On 3/18/23, Kevin Huntly  wrote:

Hey Everyone,

Is this possibly happening because I'm using JDK19 and not 8 or 9?


Kevin Huntly
Email: kmhun...@gmail.com
Cell: 716/424-3311


-BEGIN GEEK CODE BLOCK-
Version: 1.0
GCS/IT d+ s a C++ UL+++$ P+(++) L+++ E---
W+++ N+ o K(+) w--- O- M-- V-- PS+ PE Y(+)
PGP++(+++) t+ 5-- X-- R+ tv+ b++  DI++ D++
G++ e(+) h--- r+++ y+++*
--END GEEK CODE BLOCK--


On Sat, Mar 18, 2023 at 5:10 PM Kevin Huntly  wrote:


Hey John - if you're out there can you email me direct? I have a MySQL
admin question if you have the time and the inclination


Kevin Huntly
Email: kmhun...@gmail.com
Cell: 716/424-3311


-BEGIN GEEK CODE BLOCK-
Version: 1.0
GCS/IT d+ s a C++ UL+++$ P+(++) L+++ E---
W+++ N+ o K(+) w--- O- M-- V-- PS+ PE Y(+)
PGP++(+++) t+ 5-- X-- R+ tv+ b++  DI++ D++
G++ e(+) h--- r+++ y+++*
--END GEEK CODE BLOCK--


On Sat, Mar 18, 2023 at 1:40 PM Kevin Huntly 

wrote:



any other ideas guys? I want to migrate a bunch of really awful apps

off

our primary application server so they don't cause us headaches

anymore.

if
I can't get one app working I have no hope of getting others to work

lol


On Sat, Mar 18, 2023, 09:16 John Dale (DB2DOM) 
wrote:


Thanks Mark - are statics reloaded now, too?

I touch web.xml and it's reloaded successfully hundreds of times.

But I don't use war files so I can use git to version and transfer my
builds ... maybe that's the reason?

John


On 3/18/23, Mark Thomas  wrote:

On 17/03/2023 23:18, John Dale (DB2DOM) wrote:

ok - "mnet" should be "ment"


  From the logs excerpt I saw earlier in the thread, that needs

fixing

(although it was only a test element). I don't think it will break
anything else but better to remove the noise from the logs.


I figured I'd spell that out and behave like a compiler.  :)

I would also move that configuration into server.xml (it's a major
difference between your configuration and mine).


That configuration style is NOT recommended. It means you have no

choice

but to restart Tomcat if you change the Context configuration. If it
is
in a separate Context file, Tomcat will reload the web application
automatically if you change the Context file.

Stick with:




/opt/Apache/Tomcat/apache-tomcat-9.0.73/conf/Catalina/localhost/esolutions.xml


Do NOT specify a path attribute for the Context. It will be ignored.

Where is the JDBC driver located? It needs to be in

${CATALINA_BASE}/lib

and not part of the WAR.

Can we see the full logs from a clean start-up please?

Mark




Lastly, maybe to help debug a future issue, did you compile your
project

RE: Quick Question with Tomcat 10.1x

2023-03-20 Thread jonmcalexander 
Thank you Chris!

Dream * Excel * Explore * Inspire
Jon McAlexander
Senior Infrastructure Engineer
Asst. Vice President
He/His

Middleware Product Engineering
Enterprise CIO | EAS | Middleware | Infrastructure Solutions

8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010
Tel 515-988-2508 | Cell 515-988-2508

jonmcalexan...@wellsfargo.com
This message may contain confidential and/or privileged information. If you are 
not the addressee or authorized to receive this for the addressee, you must not 
use, copy, disclose, or take any action based on this message or any 
information herein. If you have received this message in error, please advise 
the sender immediately by reply e-mail and delete this message. Thank you for 
your cooperation.

> -Original Message-
> From: Christopher Schultz 
> Sent: Monday, March 20, 2023 6:43 PM
> To: users@tomcat.apache.org
> Subject: Re: Quick Question with Tomcat 10.1x
> 
> Jon,
> 
> On 3/16/23 15:19, jonmcalexan...@wellsfargo.com.INVALID wrote:
> >
> >> -Original Message-
> >> From: jonmcalexan...@wellsfargo.com.INVALID
> >> 
> >> Sent: Thursday, March 16, 2023 1:54 PM
> >> To: users@tomcat.apache.org
> >> Subject: RE: Quick Question with Tomcat 10.1x
> >>
> >>> -Original Message-
> >>> From: Torsten Krah 
> >>> Sent: Thursday, March 16, 2023 1:40 PM
> >>> To: Tomcat Users List 
> >>> Subject: Re: Quick Question with Tomcat 10.1x
> >>>
> >>>  schrieb am Do., 16. März
> >>> 2023,
> >>> 19:32:
> >>>
> >> 
> >>>
> >>> Please read
> >>>
> >>
> https://urldefense.com/v3/__https://tomcat.apache.org/whichversion.ht
> >> m
> >>> l
> >>
> __;!!F9svGWnIaVPGSwU!sqrCJdsIe3_3iYLirxu4vrA4Xj8DffbYlvj5JdwcXcILyGX
> >>> yLmBtRF78uePA8eNGJa8ahRawR8Fvw5jflikZzHI$  - you have used the
> >> wrong
> >>> servlet API version in your war file for tomcat 10.1 .
> >>
> >> Thank you so very much. This is exactly what I was looking for.
> >> FWIW, I'm not any type of developer, just slapped something together
> >> for my testing purposes. I'll see if I can figure out how to update my war
> file.
> >>
> >> Thank you,
> >>
> >> -
> >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> >> For additional commands, e-mail: users-h...@tomcat.apache.org
> >
> > Another silly add on to this,
> >
> > Is it possible to reference multiple servlet specs? Or can you only 
> > reference
> 1?
> 
> Torsten's reply was technically correct but not entirely helpful.
> 
> Tomcat 10.1 implements the jakarta.servlet APIs but it has a feature would
> allows you to deploy a javax.servlet-based application onto it through one of
> two techniques:
> 
> 1. Use the tomcat-migration-tool [1] to convert your application WAR (or
> exploded WAR-directory) into a jakarta.servlet-compliant application.
> 
> 2. Use the legacyAppBase option[1] on your  ans just drop your
> javax.servlet-compliant application into there in either WAR or expanded-
> WAR format.
> 
> > Again, not a developer, so silly question I know.
> 
> This is not a silly question /at all/. It's quite complicated and I think the
> Tomcat team did a great job building a migration path for developers and
> admins who want to migrate from one major version of these APIs to
> another completely 100% incompatible version in a way that is nearly
> painless.
> 
> Note that you should encourage your development team to begin looking at
> migrating the original source from javax.servlet -> jakarta.servlet for a
> "complete" migration. It's probably not a great idea to just keep running the
> same old application without any changes forever and ever even if the
> servlet container allows you to do so :)
> 
> Hope that helps,
> -chris
> 
> [1] https://urldefense.com/v3/__https://tomcat.apache.org/download-
> migration.cgi__;!!F9svGWnIaVPGSwU!qD-
> Piu69IkRM061f2qi0iC8Oagbo158vkbPSBGRddFRLFfgD4CXcU2w7w9p5NFpkoZ
> PmzRxvhbrSl-svNxCLBFnG9GkRL9nT$
> [2] https://urldefense.com/v3/__https://tomcat.apache.org/tomcat-10.1-
> doc/config/host.html__;!!F9svGWnIaVPGSwU!qD-
> Piu69IkRM061f2qi0iC8Oagbo158vkbPSBGRddFRLFfgD4CXcU2w7w9p5NFpkoZ
> PmzRxvhbrSl-svNxCLBFnG9GcEiYro$
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Quick Question with Tomcat 10.1x

2023-03-20 Thread Christopher Schultz 

Jon,

On 3/16/23 15:19, jonmcalexan...@wellsfargo.com.INVALID wrote:



-Original Message-
From: jonmcalexan...@wellsfargo.com.INVALID

Sent: Thursday, March 16, 2023 1:54 PM
To: users@tomcat.apache.org
Subject: RE: Quick Question with Tomcat 10.1x


-Original Message-
From: Torsten Krah 
Sent: Thursday, March 16, 2023 1:40 PM
To: Tomcat Users List 
Subject: Re: Quick Question with Tomcat 10.1x

 schrieb am Do., 16. März 2023,
19:32:





Please read


https://urldefense.com/v3/__https://tomcat.apache.org/whichversion.htm

l

__;!!F9svGWnIaVPGSwU!sqrCJdsIe3_3iYLirxu4vrA4Xj8DffbYlvj5JdwcXcILyGX

yLmBtRF78uePA8eNGJa8ahRawR8Fvw5jflikZzHI$  - you have used the

wrong

servlet API version in your war file for tomcat 10.1 .


Thank you so very much. This is exactly what I was looking for.
FWIW, I'm not any type of developer, just slapped something together for
my testing purposes. I'll see if I can figure out how to update my war file.

Thank you,

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


Another silly add on to this,

Is it possible to reference multiple servlet specs? Or can you only reference 1?


Torsten's reply was technically correct but not entirely helpful.

Tomcat 10.1 implements the jakarta.servlet APIs but it has a feature 
would allows you to deploy a javax.servlet-based application onto it 
through one of two techniques:


1. Use the tomcat-migration-tool [1] to convert your application WAR (or 
exploded WAR-directory) into a jakarta.servlet-compliant application.


2. Use the legacyAppBase option[1] on your  ans just drop your 
javax.servlet-compliant application into there in either WAR or 
expanded-WAR format.



Again, not a developer, so silly question I know.


This is not a silly question /at all/. It's quite complicated and I 
think the Tomcat team did a great job building a migration path for 
developers and admins who want to migrate from one major version of 
these APIs to another completely 100% incompatible version in a way that 
is nearly painless.


Note that you should encourage your development team to begin looking at 
migrating the original source from javax.servlet -> jakarta.servlet for 
a "complete" migration. It's probably not a great idea to just keep 
running the same old application without any changes forever and ever 
even if the servlet container allows you to do so :)


Hope that helps,
-chris

[1] https://tomcat.apache.org/download-migration.cgi
[2] https://tomcat.apache.org/tomcat-10.1-doc/config/host.html


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Tomcat 9.0.72 Firefox issue with 204 response (Empty Body)

2023-03-20 Thread Bhavesh Mistry 
Hi, Mark and Tomcat team,

Thank you for your support so far and I will take it up with Firefox.  I
will look into CSP as well. Thanks for checking this.


Thanks,

Bhavesh

On Sat, Mar 18, 2023 at 4:56 AM Mark Thomas  wrote:

> That looks like a browser bug then. You'll need to raise that with Firefox.
>
> Also, the CSP doesn't look quite right.
>
> "...form-action 'self'; https:;..."
>
> should probably be:
>
> "...form-action 'self' https:;..."
>
> Mark
>
>
> On 17/03/2023 23:34, Bhavesh Mistry wrote:
> > Hi Tomcat Team and Mark,
> >
> > I am able to reproduce the problem with your sample app. *CSP large
> > header is causing this problem we attached it to ALL responses.  This
> > custom header.  I am not sure if this is a tomcat issue or Firefox. *We
> > get *NS_ERROR_ABORT*.   Sorry, it took a while but the issue is
> > reproducible with CSP or Large header.
> >
> > Sample:
> >
> https://github.com/bmistry13/tomat-204-issue/blob/main/no-content-test.war
> <
> https://github.com/bmistry13/tomat-204-issue/blob/main/no-content-test.war
> >
> >
> > web.xml
> >  >  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance
> > "
> >  xmlns="http://java.sun.com/xml/ns/javaee
> > "
> >  xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_4_0.xsd
> > "
> >  xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
> > 
> > https://java.sun.com/xml/ns/javaee/web-app_4_0.xsd
> > "
> >  id="Versa"
> >  version="4.0">
> >
> >  testa
> >
> > *
> >  TESTServlet
> >  AjaxTestServlet
> >  AjaxServletTest
> >  
> >
> >  
> >  AjaxTestServlet
> >  /test
> >  *
> >  
> >  60
> >  COOKIE
> >  
> > true
> > true
> >  
> >  
> >  
> >  
> >  HTTPSOnly
> >  /*
> >  
> >  
> >  
> >  
> >  
> >  
> >  
> >  
> >  js
> >  application/javascript
> >  
> > 
> > ~
> >
> > --- JSP change
> >
> > 
> >
> >
> >  > src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
> > <http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
> >">
> > 
> >  function test() {
> >
> >   for (let i = 5; i < 10; i++) {
> >  $.ajax({
> >  async: true,
> >  type: "GET",
> >  url: "/no-content-test/test?q=test1",
> >  contentType: "application/json; charset=utf-8",
> >  dataType: "json",
> >  success: function (response) {
> >  alert(response.status);
> >  }
> >  });
> >  }
> >  for (let i = 5; i < 10; i++) {
> >  $.ajax({
> >  async: true,
> >  type: "GET",
> >  url: "/no-content-test/test?q=test2",
> >  contentType: "application/json; charset=utf-8",
> >  dataType: "json",
> >  success: function (response) {
> >  alert(response.d);
> >  }
> >  });
> >  }
> >  }
> > 
> >  Clinking on button to ajax test  > onclick='test();' value='Click Me and See Dev Tool Netowrk Tab'/>
> >
> > 
> > --
> >
> > import javax.servlet.ServletException;
> > import javax.servlet.http.HttpServlet;
> > import javax.servlet.http.HttpServletRequest;
> > import javax.servlet.http.HttpServletResponse;
> > import java.io.IOException;
> >
> > public class AjaxServletTest extends HttpServlet {
> >
> >  private static final String CSP_HEADER ="Content-Security-Policy";
> >
> >  private static final String CSP_HEADER_POLICY ="default-src 'self'
> https:;font-src 'self' data:
> > https://fonts.googleapis.com/ 
> > https://fonts.gstatic.com ; script-src
> 'self' " +
> >  "'sha256-BdZ62JYXk9kaPAizrIertjvay2mtb//aXKRFuOz6RLI='
> > 'sha256-Rv1DFftLIYbmrwNcvKH3vd+fs4aXTb6/RNjTs7CLJOg=' " +
> >  "'sha256-BDvo3wEMDWiXAoVw9mYgGW9GCvsvo3ECBHjc4FzPky8='
> 'unsafe-eval'
> > https://maps.googleapis.com/maps/api/geocode/json
> > 
> > https://maps.googleapis.com/  " +
> >  "https://*.tile.openstreetmap.org <
> http://tile.openstreetmap.org>
> > https://export.highcharts.com/ 
> > https://code.highcharts.com/ ; img-src
> > 'self' blob: " +
> >  "data:

RE: java.lang.AbstractMethodError: Receiver class org.apache.tomcat.websocket.server.WsSessionListener does not define or inherit an implementation

2023-03-20 Thread Harri Pesonen 
I think that I understand.
I need to change Servlet API from 3.1 to 4.0.
I was thinking that we can still use 3.1, and 4.0 would be compatible.

https://tomcat.apache.org/whichversion.html

Servlet SpecJSP SpecEL Spec WebSocket Spec  Authentication (JASPIC) 
SpecApache Tomcat Version   Latest Released Version Supported Java Versions
6.1 4.0 6.0 TBD TBD 11.0.x  11.0.0-M4 (alpha)   17 and 
later
6.0 3.1 5.0 2.1 3.0 10.1.x  10.1.7  11 and later
5.0 3.0 4.0 2.0 2.0 10.0.x (superseded) 10.0.27 
(superseded)8 and later
4.0 2.3 3.0 1.1 1.1 9.0.x   9.0.73  8 and later
3.1 2.3 3.0 1.1 1.1 8.5.x   8.5.87  7 and later

-Harri

-Original Message-
From: Rémy Maucherat  
Sent: maanantai 20. maaliskuuta 2023 16.10
To: Tomcat Users List 
Subject: Re: java.lang.AbstractMethodError: Receiver class 
org.apache.tomcat.websocket.server.WsSessionListener does not define or inherit 
an implementation

On Mon, Mar 20, 2023 at 1:59 PM Harri Pesonen  wrote:
>
> Hello,
>
> I changed:
>
>   *   source code target from Java 8 to Java 11
>   *   Tomcat from 8.5 to 9.0.73
>   *   Java runtime from Java 11 to Java 17
> and now I see extra error in Tomcat log, which did not happen before:

The Servlet API was changed so that in the HttpSessionListener interface the 
sessionCreated method is now a "default". So something is not right in this 
area after your upgrade.

Rémy

>
> (http-nio-8080-exec-8) 
> (org.apache.catalina.session.StandardSession#tellNew) Session event 
> listener threw exception
> java.lang.AbstractMethodError: Receiver class 
> org.apache.tomcat.websocket.server.WsSessionListener does not define or 
> inherit an implementation of the resolved method 'abstract void 
> sessionCreated(javax.servlet.http.HttpSessionEvent)' of interface 
> javax.servlet.http.HttpSessionListener.
>  at 
> org.apache.catalina.session.StandardSession.tellNew(StandardSession.java:390)
>  at 
> org.apache.catalina.session.StandardSession.setId(StandardSession.java:363)
>  at 
> org.apache.catalina.session.StandardSession.setId(StandardSession.java:342)
>  at 
> org.apache.catalina.session.ManagerBase.createSession(ManagerBase.java:763)
>  at 
> org.apache.catalina.connector.Request.doGetSession(Request.java:3008)
>  at 
> org.apache.catalina.connector.Request.getSession(Request.java:2422)
>  at 
> org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:650)
>  at 
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>  at 
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
>  at 
> java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>  at 
> java.base/java.lang.reflect.Method.invoke(Method.java:568)
>  at 
> org.glassfish.hk2.utilities.reflection.ReflectionHelper.invoke(ReflectionHelper.java:1268)
>  at 
> org.jvnet.hk2.internal.MethodInterceptorImpl.internalInvoke(MethodInterceptorImpl.java:85)
>  at 
> org.jvnet.hk2.internal.MethodInterceptorImpl.invoke(MethodInterceptorImpl.java:101)
>  at 
> org.jvnet.hk2.internal.MethodInterceptorInvocationHandler.invoke(MethodInterceptorInvocationHandler.java:39)
>  at 
> jdk.proxy4/jdk.proxy4.$Proxy72.getSession(Unknown Source)
>  at 
> com.sap.cctr.ri.context.AuthenticationFilter.filter(AuthenticationFilter.java:341)
>  at 
> org.glassfish.jersey.server.ContainerFilteringStage.apply(ContainerFilteringStage.java:108)
>  at 
> org.glassfish.jersey.server.ContainerFilteringStage.apply(ContainerFilteringStage.java:44)
>  at 
> org.glassfish.jersey.process.internal.Stages.process(Stages.java:173)
>  at 
> org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:248)
>  at 
> org.glassfish.jersey.internal.Errors$1.call(Errors.java:248)
>  at 
> org.glassfish.jersey.internal.Errors$1.call(Errors.java:244)
>  at 
> org.glassfish.jersey.internal.Errors.process(Errors.java:292)
>  at 
> org.glassfish.jersey.internal.Errors.process(Errors.java:274)
>  at 
> org.glassfish.jersey.internal.Errors.process(Errors.java:244)
>  at 
>

Re: java.lang.AbstractMethodError: Receiver class org.apache.tomcat.websocket.server.WsSessionListener does not define or inherit an implementation

2023-03-20 Thread Rémy Maucherat 
On Mon, Mar 20, 2023 at 1:59 PM Harri Pesonen  wrote:
>
> Hello,
>
> I changed:
>
>   *   source code target from Java 8 to Java 11
>   *   Tomcat from 8.5 to 9.0.73
>   *   Java runtime from Java 11 to Java 17
> and now I see extra error in Tomcat log, which did not happen before:

The Servlet API was changed so that in the HttpSessionListener
interface the sessionCreated method is now a "default". So something
is not right in this area after your upgrade.

Rémy

>
> (http-nio-8080-exec-8) (org.apache.catalina.session.StandardSession#tellNew) 
> Session event listener threw exception
> java.lang.AbstractMethodError: Receiver class 
> org.apache.tomcat.websocket.server.WsSessionListener does not define or 
> inherit an implementation of the resolved method 'abstract void 
> sessionCreated(javax.servlet.http.HttpSessionEvent)' of interface 
> javax.servlet.http.HttpSessionListener.
>  at 
> org.apache.catalina.session.StandardSession.tellNew(StandardSession.java:390)
>  at 
> org.apache.catalina.session.StandardSession.setId(StandardSession.java:363)
>  at 
> org.apache.catalina.session.StandardSession.setId(StandardSession.java:342)
>  at 
> org.apache.catalina.session.ManagerBase.createSession(ManagerBase.java:763)
>  at 
> org.apache.catalina.connector.Request.doGetSession(Request.java:3008)
>  at 
> org.apache.catalina.connector.Request.getSession(Request.java:2422)
>  at 
> org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:650)
>  at 
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>  at 
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
>  at 
> java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>  at 
> java.base/java.lang.reflect.Method.invoke(Method.java:568)
>  at 
> org.glassfish.hk2.utilities.reflection.ReflectionHelper.invoke(ReflectionHelper.java:1268)
>  at 
> org.jvnet.hk2.internal.MethodInterceptorImpl.internalInvoke(MethodInterceptorImpl.java:85)
>  at 
> org.jvnet.hk2.internal.MethodInterceptorImpl.invoke(MethodInterceptorImpl.java:101)
>  at 
> org.jvnet.hk2.internal.MethodInterceptorInvocationHandler.invoke(MethodInterceptorInvocationHandler.java:39)
>  at 
> jdk.proxy4/jdk.proxy4.$Proxy72.getSession(Unknown Source)
>  at 
> com.sap.cctr.ri.context.AuthenticationFilter.filter(AuthenticationFilter.java:341)
>  at 
> org.glassfish.jersey.server.ContainerFilteringStage.apply(ContainerFilteringStage.java:108)
>  at 
> org.glassfish.jersey.server.ContainerFilteringStage.apply(ContainerFilteringStage.java:44)
>  at 
> org.glassfish.jersey.process.internal.Stages.process(Stages.java:173)
>  at 
> org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:248)
>  at 
> org.glassfish.jersey.internal.Errors$1.call(Errors.java:248)
>  at 
> org.glassfish.jersey.internal.Errors$1.call(Errors.java:244)
>  at 
> org.glassfish.jersey.internal.Errors.process(Errors.java:292)
>  at 
> org.glassfish.jersey.internal.Errors.process(Errors.java:274)
>  at 
> org.glassfish.jersey.internal.Errors.process(Errors.java:244)
>  at 
> org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:265)
>  at 
> org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:235)
>  at 
> org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:684)
>  at 
> org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:394)
>  at 
> org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:346)
>  at 
> org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:358)
>  at 
> org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:311)
>  at 
> org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:205)
>  at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:209)
>  at 
>

java.lang.AbstractMethodError: Receiver class org.apache.tomcat.websocket.server.WsSessionListener does not define or inherit an implementation

2023-03-20 Thread Harri Pesonen 
Hello,

I changed:

  *   source code target from Java 8 to Java 11
  *   Tomcat from 8.5 to 9.0.73
  *   Java runtime from Java 11 to Java 17
and now I see extra error in Tomcat log, which did not happen before:

(http-nio-8080-exec-8) (org.apache.catalina.session.StandardSession#tellNew) 
Session event listener threw exception
java.lang.AbstractMethodError: Receiver class 
org.apache.tomcat.websocket.server.WsSessionListener does not define or inherit 
an implementation of the resolved method 'abstract void 
sessionCreated(javax.servlet.http.HttpSessionEvent)' of interface 
javax.servlet.http.HttpSessionListener.
 at 
org.apache.catalina.session.StandardSession.tellNew(StandardSession.java:390)
 at 
org.apache.catalina.session.StandardSession.setId(StandardSession.java:363)
 at 
org.apache.catalina.session.StandardSession.setId(StandardSession.java:342)
 at 
org.apache.catalina.session.ManagerBase.createSession(ManagerBase.java:763)
 at 
org.apache.catalina.connector.Request.doGetSession(Request.java:3008)
 at 
org.apache.catalina.connector.Request.getSession(Request.java:2422)
 at 
org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:650)
 at 
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at 
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
 at 
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 at 
java.base/java.lang.reflect.Method.invoke(Method.java:568)
 at 
org.glassfish.hk2.utilities.reflection.ReflectionHelper.invoke(ReflectionHelper.java:1268)
 at 
org.jvnet.hk2.internal.MethodInterceptorImpl.internalInvoke(MethodInterceptorImpl.java:85)
 at 
org.jvnet.hk2.internal.MethodInterceptorImpl.invoke(MethodInterceptorImpl.java:101)
 at 
org.jvnet.hk2.internal.MethodInterceptorInvocationHandler.invoke(MethodInterceptorInvocationHandler.java:39)
 at 
jdk.proxy4/jdk.proxy4.$Proxy72.getSession(Unknown Source)
 at 
com.sap.cctr.ri.context.AuthenticationFilter.filter(AuthenticationFilter.java:341)
 at 
org.glassfish.jersey.server.ContainerFilteringStage.apply(ContainerFilteringStage.java:108)
 at 
org.glassfish.jersey.server.ContainerFilteringStage.apply(ContainerFilteringStage.java:44)
 at 
org.glassfish.jersey.process.internal.Stages.process(Stages.java:173)
 at 
org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:248)
 at 
org.glassfish.jersey.internal.Errors$1.call(Errors.java:248)
 at 
org.glassfish.jersey.internal.Errors$1.call(Errors.java:244)
 at 
org.glassfish.jersey.internal.Errors.process(Errors.java:292)
 at 
org.glassfish.jersey.internal.Errors.process(Errors.java:274)
 at 
org.glassfish.jersey.internal.Errors.process(Errors.java:244)
 at 
org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:265)
 at 
org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:235)
 at 
org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:684)
 at 
org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:394)
 at 
org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:346)
 at 
org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:358)
 at 
org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:311)
 at 
org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:205)
 at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:209)
 at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
 at 
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
 at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
 at

Re: how to make tomcat 9 remember which application where stopped before shutdown

2023-03-20 Thread Ivano Luberti 

Thanks Mark.

I have to move a few applications from one tomcat to another.

The new tomcat is ready and the applications are already deployed but 
working on test data.


Now i would like to, one application at a time, switch them to 
production data.


Say I have applications A.0, A.1, A.2, B.0, B.1, B.2, B.3

A.x work on same data

B.x work on a different set of data.

So I want to start A.0 , test it and the A.1 e A.2

The same for B.x

Obviously I can deploy A.1, A.2 etc only after testing but start would 
be much quicker.


I hope I have been clear eough


Il 20/03/2023 12:27, Mark Thomas ha scritto:

On 20/03/2023 10:09, Ivano Luberti wrote:
Hi all , I would like to find a way to start tomcat with all the 
application stopped except the manager.


My colleagues made a test manually  stopping an application and 
restarting tomcat.


After the service restarted the application was up and running.

Is there a way to make Tomcat remember which application were stopped 
at shutdown and keep them stopped at restart?


No.

What you can do is set deployOnStartup="false" on the Host. But to 
have the Manager app always start, you'd have to define the Manager 
Context in server.xml which means any changes to the Manager 
configuration would require a full Tomcat restart.


What problem are you trying to solve? There may be other options 
available.


Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


--

Archimede Informatica tratta i dati personali in conformità a quanto
stabilito dal Regolamento UE n. 2016/679 (GDPR) e dal D. Lgs. 30 giugno 
2003 n. 196

per come modificato dal D.Lgs. 10 agosto 2018 n. 101.
Informativa completa 



dott. Ivano Mario Luberti

Archimede Informatica società cooperativa a r. l.
Via Gereschi 36, 56127 Pisa

tel.: +39 050/580959 | fax: +39 050/8932061

web: www.archicoop.it
linkedin: www.linkedin.com/in/ivanoluberti
facebook: www.facebook.com/archimedeinformaticapisa/

Re: how to make tomcat 9 remember which application where stopped before shutdown

2023-03-20 Thread Mark Thomas 

On 20/03/2023 10:09, Ivano Luberti wrote:
Hi all , I would like to find a way to start tomcat with all the 
application stopped except the manager.


My colleagues made a test manually  stopping an application and 
restarting tomcat.


After the service restarted the application was up and running.

Is there a way to make Tomcat remember which application were stopped at 
shutdown and keep them stopped at restart?


No.

What you can do is set deployOnStartup="false" on the Host. But to have 
the Manager app always start, you'd have to define the Manager Context 
in server.xml which means any changes to the Manager configuration would 
require a full Tomcat restart.


What problem are you trying to solve? There may be other options available.

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

how to make tomcat 9 remember which application where stopped before shutdown

2023-03-20 Thread Ivano Luberti 
Hi all , I would like to find a way to start tomcat with all the 
application stopped except the manager.


My colleagues made a test manually  stopping an application and 
restarting tomcat.


After the service restarted the application was up and running.

Is there a way to make Tomcat remember which application were stopped at 
shutdown and keep them stopped at restart?


TIA

--

Archimede Informatica tratta i dati personali in conformità a quanto
stabilito dal Regolamento UE n. 2016/679 (GDPR) e dal D. Lgs. 30 giugno 
2003 n. 196

per come modificato dal D.Lgs. 10 agosto 2018 n. 101.
Informativa completa 



dott. Ivano Mario Luberti

Archimede Informatica società cooperativa a r. l.
Via Gereschi 36, 56127 Pisa

tel.: +39 050/580959 | fax: +39 050/8932061

web: www.archicoop.it
linkedin: www.linkedin.com/in/ivanoluberti
facebook: www.facebook.com/archimedeinformaticapisa/