On Mon, Apr 16, 2018 at 4:51 PM, Igor wrote:
> If this is really such a simple problem then how can I get rid of its
> output
> into error log?
>
You can always configure the logging if you'd like to filter this one out,
but this looks like a serious error during accept. I'd think you should try
On Sun, Apr 15, 2018 at 1:32 PM, Igor T wrote:
> I'm experiencing many "Socket accept failed: The specified network
> name is no longer available." exceptions in the Tomcat error log.
>
> These exceptions happen both on port 80 and 443. Both connectors are
> using Http11Nio2Protocol.
>
> I can't
On Wed, Apr 4, 2018 at 1:02 PM, Mark Thomas wrote:
> On 04/04/18 11:54, Rémy Maucherat wrote:
> > On Wed, Apr 4, 2018 at 12:05 PM, Venkata Reddy (Trianz) <
> > venkata.re...@trianz.com> wrote:
> >
> >> Hi Team,
> >>
> >> Could you please help
On Wed, Apr 4, 2018 at 12:05 PM, Venkata Reddy (Trianz) <
venkata.re...@trianz.com> wrote:
> Hi Team,
>
> Could you please help me on whether tomcat6.0.53 version is also impacted
> with these vulnerabilities (CVE-2018-1304,
Yes.
> CVE-2018-1305)?
>
No.
Rémy
On Thu, Mar 8, 2018 at 5:26 PM, Tarin Gamberini
wrote:
> Hi everybody,
>
> I have found a strange behavior on Tomcat 9.0.5 (originally on Tomcat
> 8.5.28).
>
>
> # PROBLEM
>
> I have two datasources in the same web application:
>
> type="javax.sql.DataSource"/>
> type="javax.sql.DataSou
t; > Remy, what more information would you like? Any more info on the issue
> > that you are referencing?
> >
> > On Fri, Mar 2, 2018 at 10:56 AM, Rémy Maucherat wrote:
> >
> >> On Fri, Mar 2, 2018 at 4:19 PM, Alex O'Ree wrote:
> >>
> >> >
On Fri, Mar 2, 2018 at 4:19 PM, Alex O'Ree wrote:
> Ran into a strange problem, not too sure what the problem is. Basically,
> I'm getting intermittent connectivity from a http client to tomcat but only
> through SSL using the Http11NioProtocol. Some http requests go through,
> others fail with t
On Mon, Feb 19, 2018 at 5:28 PM, Mark Thomas wrote:
> On 19/02/18 16:23, Coty Sutherland wrote:
> > Do we plan on doing any audio or video to go along with the slides for
> > these? We could add them to the youtube channel for those that can't
> > attend the live training.
>
> My current thinking
On Mon, Jan 22, 2018 at 8:35 AM, d3coder wrote:
> I can't enable StoreConfigLifecycleListener with default settings because
> of misspelling in class name in default server-registry.xml
> XML line 138 - storeFactoryClass="org.apache.catalina.storeconfig.
> OpenSSLConfSF"
> storeFactoryClass shoul
On Fri, Jan 5, 2018 at 3:43 PM, Michael Peng <
michael.p...@entrustdatacard.com> wrote:
> Hi, Remy,
>
> Is the fix available for 8.5.16? if not, could you please share the code
> changes?
>
This is the fix as the code seemed incorrect when thinking about it some
more.
Rémy
On Fri, Jan 5, 2018 at 8:38 AM, Rémy Maucherat wrote:
> On Fri, Jan 5, 2018 at 12:25 AM, Michael Peng <
> michael.p...@entrustdatacard.com> wrote:
>
>> Do the changes make sense, and what would be the side effect ? In our
>> case, the "netInBuffer" could be
On Fri, Jan 5, 2018 at 12:25 AM, Michael Peng <
michael.p...@entrustdatacard.com> wrote:
> Do the changes make sense, and what would be the side effect ? In our
> case, the "netInBuffer" could be full, i.e., postion = limit for large
> data. Maybe the "netInBuffer" should not be cleared since "com
On Wed, Nov 22, 2017 at 3:24 PM, Jong Kim wrote:
> Tomcat version: 8.0.47
> OS: SUSE Linux Enterprise Server 12 (SP3)
>
> I have a Tomcat installation where server.xml defines two connectors -
> NIO2 connector on port 8443 and AJP connector on port 8009 - The two
> connector definitions are shown
On Wed, Nov 8, 2017 at 5:30 AM, Maxim Solodovnik
wrote:
> OK :)
> I finally found the difference :)))
>
> Tomcat.java 8.5.23:
> public void start() throws LifecycleException {
> getServer();
> getConnector();
> server.start();
> }
>
> Tomcat.java 9.0.1:
> publi
On Thu, Oct 5, 2017 at 7:11 PM, Eirik Lykken
wrote:
>
> 05-Oct-2017 17:13:32.535 SEVERE
> [https-openssl-nio2-94.229.64.230-443-exec-19701]
> org.apache.coyote.AbstractProtocol$ConnectionHandler.process Error
> reading request, ignored
> java.lang.IllegalStateException
> at org.apache.c
On Mon, Sep 25, 2017 at 9:30 PM, Mark Thomas wrote:
> On 25/09/17 15:06, Coty Sutherland wrote:
> > On Sat, Sep 23, 2017 at 12:47 PM, Mark Thomas wrote:
> >> On 23/09/17 13:15, Alex O'Ree wrote:
> >>> Is there an approximate or estimated date in which ASF will stop
> >>> supporting patches for T
On Thu, Sep 21, 2017 at 3:12 PM, Mark Thomas wrote:
> On 21/09/17 10:35, Inderjeet Banwait wrote:
> > Hi Mark,
> >
> > Java EE 8 is already released .Can we expect a stable release by the end
> of September 2017?
>
> Servlet 4.0 was released on 5 September 2017.
> Java EE 8 platform was released
On Mon, Sep 11, 2017 at 10:56 PM, Mark Thomas wrote:
> On 11/09/17 21:07, Coty Sutherland wrote:
> > On Mon, Sep 11, 2017 at 2:43 PM, Mark Thomas wrote:
> >> On 11/09/17 19:07, Coty Sutherland wrote:
> >>
> >>> So, my questions comes down to "Can I configure a PropertySource
> >>> instance and p
On Tue, Aug 22, 2017 at 7:06 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
> If you are using Spring Boot, then you might want to ask the Spring
> Boot community. Perhaps someone here can answer your question, but
> most of us (myself included) can't.
>
The idea of that framework
On Fri, Aug 11, 2017 at 3:14 PM, Sergey Mashkov <
sergey.mash...@jetbrains.com> wrote:
> Hi everyone
>
> I am experiencing race condition: from time to time when I cann to
> UpgradedServletOutputStream.setWriteListener(myCallback) servlet container
> doesn't invoke neither myCallback.onWritePossib
On Sun, Jul 30, 2017 at 10:59 AM, Konstantin Preißer
wrote:
> Hi Mark,
>
> > -Original Message-
> > From: Mark Thomas [mailto:ma...@apache.org]
> > Sent: Saturday, July 29, 2017 2:56 PM
> >
> >> (...)
> >>
> > >Why would Tomcat want to modify static files, instead of just serving
> > >the
On Mon, Jul 10, 2017 at 3:31 PM, Mark Thomas wrote:
> On 10/07/17 20:59, Mark Thomas wrote:
> > On 08/07/17 20:06, Mark Thomas wrote:
> >> On 07/07/17 23:05, George Stanchev wrote:
> >
> >
> >
> >>> Since you cannot reproduce it, perhaps I can package up the tomcat +
> the
> > test app in a zip
2017-06-23 16:20 GMT-05:00 Mark Thomas :
> On 23/06/17 17:52, l...@kreuser.name wrote:
> >> Am 23.06.2017 um 17:32 schrieb Mark Thomas :
>
>
>
> >>> However I still see a timing problem, as it is not always happening.
> Maybe 5 out of 7 are NULL. If I send more requests immediately after each
> o
2017-06-12 17:07 GMT-05:00 Mark Thomas :
> On 09/06/17 16:02, Kreuser, Peter wrote:
> > Hi all,
> >
> > Sorry for the long text. I hope somebody can help me track down the
> problem I'm facing with Tomcat (8.5.15), tcnative (1.2.12), openssl
> (1.1.0e) and HTTP/2. JVM is zulu-8.21.0.1 (1.8.0_131-b
2017-05-19 16:28 GMT+02:00 Christopher Schultz :
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Rémy,
>
> On 5/19/17 8:47 AM, Rémy Maucherat wrote:
> > 2017-05-19 14:42 GMT+02:00 Christopher Schultz
> > >> :
> >
> >> But here i
2017-05-19 14:42 GMT+02:00 Christopher Schultz :
> But here it's clear that the client wants to know "do I get a
> performance benefit swapping-out JSSE for OpenSSL. I think we all knew
> what the answer was. Jean-Frederick's slides from yesterday I believe
> include such benchmarks as well (NIO/O
2017-05-17 23:31 GMT+02:00 Mark Thomas :
> Hi all,
>
> I got asked in the corridor at TomcatCon earlier today what the relative
> performance of the TLS handshake was with 8.5.x, the NIO connector and JSSE
> vs OpenSSL TLS implementation.
>
> This might be something that is of interest to a wider
2017-05-18 7:04 GMT+02:00 Christopher Schultz
:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Mark,
>
> On 5/17/17 5:31 PM, Mark Thomas wrote:
> > I got asked in the corridor at TomcatCon earlier today what the
> > relative performance of the TLS handshake was with 8.5.x, the NIO
> > co
2017-04-03 10:51 GMT+02:00 Frank Taffelt <
frank.taff...@interface-projects.de>:
> after upgrading from 8.5.12 to 8.5.13 the following exception is thrown on
> startup.
>
> Caused by: java.lang.NullPointerException
> at java.io.FileInputStream.(FileInputStream.java:130)
> at java.i
2017-01-24 20:08 GMT+01:00 Christopher Schultz :
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> All,
>
> I'm cross-posting dev@ and users@, but please only reply to dev@ if
> you'd like to get involved in this discussion.
>
> I'd like to openly-discuss r1702765 [1]. There have been some
>
2017-01-09 1:16 GMT-06:00 Patil, Shital :
> We are assessing Java 9(early access) and JSP compilation is badly broken
> with Java 9. Even basic java objects(java.lang.Object) are not accessible
> while compilation. Appears to be because of jigsaw(modular)
>
> Any solution or alternative to this pr
2016-11-10 16:02 GMT+01:00 Christopher Schultz :
> http://mrcoles.com/media/test/cookies-max-age-vs-expires.html
>
> Just tested with Edge and MSIE11 on Win 10. Both fail to recognize the
> expiration of a cookie when "expires" is not set and only max-age is set
> .
>
> Perhaps it behaves differen
2016-11-10 11:51 GMT+01:00 Mark Thomas :
> Tempting. But IE/Edge represents ~30% of the current browser usage. If
> we were talking about a browser will a much smaller - and shrinking -
> market share I could be convinced.
>
http://promincproductions.com/blog/set-cookie-expiration-date-browser-co
2016-11-05 23:58 GMT+01:00 Mark Thomas :
> On 04/11/2016 19:10, Hedrick, Brooke - 43 wrote:
> > Sorry if this has been already asked. I searched the archives and
> > didn't find what I was looking for.
>
> I don't recall anyone raising it before now.
>
> > Has anyone else run into an issue with
2016-11-02 5:19 GMT+01:00 Bruce Huang :
> Thanks for your suggestion.
>
> I have tested on 8.0.38 release, but it even can't close the comet
> properly. On 8.0.23, after OutputStream.close(), I have to do event.close()
> to make the END event to be fired correctly.
>
> ServletOutputStream servletO
2016-09-20 21:51 GMT+02:00 Colin Ingarfield :
> Hello,
>
> A thread from a day or two ago mentioned a NPE in SecureNioChannel
> when the connector is configured with Http11NioProtocol. OP mentioned
> using Http11Nio2Protocol resolves the issue. I am also seeing this
> exception and it is resolve
2016-09-19 11:54 GMT+02:00 Avanish Kant :
> Extra bit of information that may help:
> One change that I did try is to change "Http11NioProtocol" to
> "Http11Nio2Protocol" just to see how it goes and noticed that this
> Exception is not thrown for NIO2.
>
> I am suspecting that I have hit some bug
2016-09-06 23:04 GMT+02:00 Mark Thomas :
> I was assuming that Servlet 4.0 would update to RFC6265 so 9.0.x would
> be no change. 8.0.x uses the legacy parser by default so we are only
> talking about 8.5.x. here.
>
> The reason I was fine with adding this to STRICT_SERVLET_COMPLIANCE for
> 8.5.x
2016-09-06 19:11 GMT+02:00 Mark Thomas :
> This looks like something that is a good fit for
> STRICT_SERVLET_COMPLIANCE. My current thinking is if this is set, change
> the default CookieProcessor to LegacyCookieProcessor.
>
> I think I'm -1 for using the strict compliance flag for that. It's too
2016-09-06 18:38 GMT+02:00 Robert Winch :
> Thank you for your response.
>
You're welcome.
Rémy
2016-09-02 23:19 GMT+02:00 Robert Winch :
> I realize that I can manually configure LegacyCookieProcessor
>
> Yes, you'll have to configure the legacy cookie processor to support the
less formal former cookie RFCs, this is as expected. If you find any
discrepancies about that in the Tomcat documen
2016-08-31 16:51 GMT+02:00 Mark Thomas :
> On 31/08/2016 15:45, Lazar Kirchev wrote:
> > Hello,
> >
> > According to Tomcat 8.5 documentation [1] when JSSE is used if the key
> > alias is not specified through the attribute certificateKeyAlias of
> > Certificate entry, then "... the first key read
2016-08-30 15:31 GMT+02:00 Mark Thomas :
> On 30/08/2016 14:27, Rémy Maucherat wrote:
> > 2016-08-30 15:22 GMT+02:00 Mark Thomas :
> >
> >> Either or both of these:
> >> http://bz.apache.org/bugzilla/show_bug.cgi?id=60030
> >>
> > I wasn't 100%
2016-08-30 15:22 GMT+02:00 Mark Thomas :
> Either or both of these:
> http://bz.apache.org/bugzilla/show_bug.cgi?id=60030
>
> I wasn't 100% sure NIO2 wasn't affected by the SNI IO loop, but it does
fine then reading his email.
Rémy
tionName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
then, it is the fallback.
Rémy
>
> Peter
>
> On 7/25/16, 3:29 PM, "Rémy Maucherat" wrote:
>
> >You are potentially changing two things at the same time here. You
> >were/are using boutyc
2016-07-22 22:16 GMT+02:00 Peter Robbins :
> Just to update, we were able to work around this by changing our
> server.xml connector config from:
>
> protocol="HTTP/1.1"
> to:
> protocol="org.apache.coyote.http11.Http11Nio2Protocol"
> sslImplementationName="org.apache.tomcat.util.net.jsse.
2016-07-20 13:59 GMT+02:00 Peter Robbins :
> Ok I'll see if I can dig BC out of the application and have it actually
> start up to try to see if that's the case.
>
> You're saying there are known compatibility issues with Tomcat NIO https
> if you register another j2ee security provider?
No, but
2016-07-20 2:54 GMT+02:00 Peter Robbins :
> Without JCE or BC? Both are pretty critical for core functionality and
> didn't cause any issues until 8.5.3 entered the mix. Any known issues there
> I should be aware of?
>
You still need to test something. You don't describe anything out of the
ordin
2016-07-19 23:51 GMT+02:00 Peter Robbins :
> Hi there,
>
> JCE, Bouncy Castle 1.48
>
> Maybe try without that first.
Rémy
2016-06-21 13:31 GMT+02:00 Andrei Ivanov :
> Hello,
> Trying to upgrade from 8.0.35 to 8.5.3 (on Win 7 and JDK
> 1.8.0_92-b14), I ran into this error, using Firefox 47:
>
> Try not using the APR connector, for starters, your platform isn't the
best for it IMO.
Rémy
2016-04-28 17:14 GMT+02:00 Mark Thomas :
> I've done some investigation. It looks like something is going wrong in
> the native connector. It should be failing the connection on the basis that
> there is no matching ALPN protocol. For some reason, the protocol specified
> by the client is returned
2016-04-27 15:59 GMT+02:00 Mark Thomas :
> On 27 April 2016 14:20:37 BST, "Kreuser, Peter"
> wrote:
>
>
>
> >A first hint:
> >when I downloaded 8.5.1-dev from trunk the problem was gone - until I
> >saw that the installed TC Native Lib 1.2.5 was not used (SEVERE
> >incompatible).
> >Recompiled 1
2016-04-05 15:11 GMT-05:00 Thad Humphries :
> My primary interest in Tomcat 8.5 is HTTP/2, so I must set up HTTPS and
> TLS.
>
> Since I eventually must demonstrate the various HTTPS approaches to others,
> I have tried both the APR and the NIO implementation, as well as the
> different layouts i
2016-03-11 0:38 GMT+01:00 George Stanchev :
> > Perhaps I am overlooking something, but the documentation for AJP [1]
> > states for "protocol"
> >
> >
> > The standard protocol value for an AJP connector is AJP/1.3 which uses
> > an auto-switching mechanism to select either a Java based connecto
2016-03-10 23:55 GMT+01:00 George Stanchev :
> Perhaps I am overlooking something, but the documentation for AJP [1]
> states for "protocol"
>
>
> The standard protocol value for an AJP connector is AJP/1.3 which uses an
> auto-switching mechanism to select either a Java based connector or an
> A
2016-03-04 12:42 GMT+01:00 Mark Thomas :
> On 04/03/2016 11:17, Tullio Bettinazzi wrote:
> > This servlet reproduces the problem perfectly.
>
> Getting better but still some room for improvement.
> - You don't need to implement doPost()
> - You don't need to call System.gc() (or if you do look the
2016-02-12 23:32 GMT+01:00 Lesley Kimmel :
> Thanks, Chris and Remy. Your comments got me thinking about something I
> hadn't considered...EPEL. tc-native is available on EPEL as tomcat-native.
> It turns out that this may not need to be compiled against a FIPS-capable
> OpenSSL so long as the Ope
2016-02-12 20:13 GMT+01:00 Lesley Kimmel :
> I am using Red Hat which provides the FIPS-enabled OpenSSL. I have been
> doing some more reading and it appears that I also now have to build the
> Tomcat Native libraries against APR and OpenSSL. It does not appear that
> Red Hat provides a pre-compil
2016-02-12 15:18 GMT+01:00 Andrew King :
> In our new Tomcat 8.0.30 site “http://NewServer.MyDomain/Site/” I can only
> log in if the trailing “/” is present even though it correctly redirects me
> to the login page when the "/" is missing.
>
> You should upgrade to 8.0.32, or use the mapperContex
2016-02-10 15:06 GMT+01:00 Joe Aldrich :
>
> >Am 29.01.2016 15:34, schrieb Joe Aldrich:
> >> Hello,
> >>
> >> I am using Tomcat 8.0.28 on Windows 10 and am having a problem with
> >> the Rewrite Value. I must include the escaped form of an ampersand
> >> '%26' in the output URL.
> >>
> >> My rewri
2016-01-06 18:11 GMT+01:00 Ikenna Darlington :
> Hello Devs,
>
> My team currently uses tomcat8 to serve our Scala application developed
> using lift. Our application uses comet to send real time data from the
> server to the client.
>
> Unfortunately we noticed that in the new release of tomcat -
2015-12-17 17:25 GMT+01:00 Barry Coughlan :
> Each AsyncChannelWrapperSecure creates two threads, and
> WsWebSocketContainer creates an AsyncChannelWrapperSecure for each secure
> connection.
>
> Is this behaviour intended or is this a bug?
>
> I initially posted this as a bug because:
> 1. The be
2015-12-08 23:40 GMT+01:00 Mark Thomas :
> All,
>
> As promised, today's webinar "Apache Tomcat: TLS Virtual Hosting" is
> now available on the Apache Tomcat YouTube channel:
>
> https://www.youtube.com/channel/UCpqpJ0-G1lYfUBQ6_36Au_g
>
> I watched it. In particular I had missed why JSSE had sepa
2015-11-25 16:26 GMT+01:00 Christopher Schultz :
> All,
>
> Is the PEM-based certificate configuration available for both JSSE-based
> and APR-based connectors in Tomcat 9 at this point? The documentation
> says e.g. the "certificateFile" attribute is for "OpenSSL Only", and
> when I try to launch
2015-11-25 12:06 GMT+01:00 Johan Compagner :
> thx,
>
> one question i have, is server push always code?
> because for me it is
> if this js file is hit (served by the default servlet of tomcat i guess).
> also send in this set..
>
> So its kind of a configuration, or should i just use a filter fo
2015-09-28 12:17 GMT+02:00 kamalakannan chandrakumar <
chandrakumarkamalakan...@gmail.com>:
> Hi,
>
> >
> > Please let me why there is no way to set Handler class or Future task is
> > not returned for
> > SSL handshake in SecureNIO2Channel. How to use those classes for writing
> > client code ?
>
2015-05-26 14:32 GMT+02:00 Konstantin Kolinko :
> The "forced recycling" message is not a problem per se, but an
> indicator of a problem. In the same way as "or even on one virtual
> host appeared a page from another virtual host" that you. It signals
> that a request/response object was not empt
2015-02-25 17:17 GMT+01:00 Christopher Schultz :
> This configuration seems to solve the issue:
>
> redirectPort="443"
>protocol="org.apache.coyote.ajp.AjpNioProtocol"
> URIEncoding="UTF-8"
> packetSize="65536"
> socket.appReadBufSize="65536"
> socket.appWr
2015-02-25 15:10 GMT+01:00 Christopher Schultz :
> SEVERE: Exception while dispatching incoming RPC call
> java.lang.IllegalArgumentException
> at java.nio.Buffer.limit(Buffer.java:275)
> at
> org.apache.coyote.ajp.AjpNioProcessor.readSocket(AjpNioProcessor.java:179)
>
I see no ch
2015-02-20 10:31 GMT+01:00 Jérémie Barthés :
> I send you the patch i did to fix my issue with the RewriteValve (it was
> for the 8.0.15),
> The goal of that patch is to block the RewriteValve if a 302 automatic
> folder '/' redirection occurs. The RewriteValve will rewrite the redirected
> URL.
>
2014-03-19 17:47 GMT+01:00 Yann Simon :
> > This is because you're forking a thread, it won't concurrently invoke the
> > two events (which would be invalid).
>
> Can you explain more please? I have difficulties to understand your
> sentence.
>
It means the container has to wait until onReadPossi
2014-03-19 17:10 GMT+01:00 Yann Simon :
> 2014-03-19 17:05 GMT+01:00 Rémy Maucherat :
> > 2014-03-19 16:36 GMT+01:00 Yann Simon :
> >
> >> I have maybe found another problem:
> >> onAllDataRead is called with the same thread that is calling input.read.
&
2014-03-19 16:36 GMT+01:00 Yann Simon :
> I have maybe found another problem:
> onAllDataRead is called with the same thread that is calling input.read.
>
I am not aware of any requirement that says this is not allowed.
Rémy
2014-01-30 Yann Simon :
> It means we cannot write real asynchronous reactive applications with
> servlet 3.1... disappointing.
>
> onDataAvailable is already something asynchronous, so starting an
asynchronous operation from it to do the same thing you're supposed to do
is not going to make thing
2014-01-30 Yann Simon :
> Hi,
>
> I wrote a sample app to demonstrate the problem:
> https://github.com/yanns/servlet31_async
>
> You can generate an exploded war with maven: mvn war:exploded
> I deployed the application in tomcat 8.0.0-RC10.
>
> The 2 upload form does work.
> The 1st upload form
On Thu, Mar 25, 2010 at 1:50 AM, Mark Thomas wrote:
> Chris deserves a lot of the credit. Without his figures, it is just opinion.
That's the second benchmark that I see today that has odd numbers.
Rémy
-
To unsubscribe, e-mail
On Wed, Jul 22, 2009 at 2:37 PM, Mark Thomas wrote:
> You'll need to provide more details. Nothing stands out from the security
> pages.
>
> Please provide step by step instructions to reproduce from a clean Tomcat
> installation.
>
> Please also note that potential security vulnerabilities should
On Thu, Jun 4, 2009 at 6:48 PM, Christopher Schultz
wrote:
> I don't see any information disclosure vulnerability in the first place,
> and I don't see how your patch would have fixed it.
>
> ??!
The behavior was different if the user is not found of if the password is wrong.
(ok, the security is
On Tue, Mar 31, 2009 at 2:40 PM, yann grostete
wrote:
> -with connectionTimeout="0", the process tomcat uses a huge percentage
> of CPU, even if there is no traffic.
> but we doesn't observe any problem and the response time is good.
Please use a timeout value > 0. Allowing 0 is a (minor) bug, as
On Tue, Jun 10, 2008 at 4:17 PM, Jörg Fröber <[EMAIL PROTECTED]> wrote:
> An explizit call of response.flushBuffer() seems to have solved the problem.
>
So it could indeed be worth it if you provide a test JSP.
Rémy
-
To start a
On Tue, Jun 10, 2008 at 2:54 PM, Mark Thomas <[EMAIL PROTECTED]> wrote:
> Can you provide the source of the simplest JSP that causes the error? What
> we need is a test case we can use to investigate this. The simpler the test
> case the better.
I suppose he should increase the header size, or (be
On Fri, Apr 11, 2008 at 4:51 AM, Jess Holle <[EMAIL PROTECTED]> wrote:
> Agreed -- but that draws me back to the need for an option (or default
> behavior!) in mod_proxy_ajp wherein the URL passed to via AJP is not
> decoded.
The thing is that it is news to me that mod_proxy_ajp passes decoded
UR
On Fri, Apr 11, 2008 at 1:58 AM, Rainer Jung <[EMAIL PROTECTED]> wrote:
> Rémy,
>
> I know that we cleaned reencoding of forwarded URLs up in the context of
> the CVE and mod_jk. The semicolon wasn't involved in the CVE though and at
> that time it would have been easier, if the AJP connectors ha
On Fri, Apr 11, 2008 at 12:19 AM, Jess Holle <[EMAIL PROTECTED]> wrote:
> Done. [https://issues.apache.org/bugzilla/show_bug.cgi?id=44803]
Guys, you've been going crazy about a (known) security issue: CVE-2007-1860
See http://tomcat.apache.org/security-jk.html
Rémy
-
On Tue, Mar 4, 2008 at 3:43 AM, Hanks Wang (hanwan) <[EMAIL PROTECTED]> wrote:
> Hi guys,
>
> [ISSUE RESOLVED]
>
> I change back to Tomcat5.5 and everything works well now. write it here
> in case someone meet same issue in future.
The configuration did change in Tomcat 6.0.
Rémy
--
On 10/27/07, Peter <[EMAIL PROTECTED]> wrote:
> Has anyone experience any similar behaviour? Any ideas or suggestions?
Why do you think it is a good idea to use both the NIO and APR
connectors ? (the consequence of that is you're going to run in twice
as many bugs)
Rémy
-
On 9/24/07, Larry Reisler <[EMAIL PROTECTED]> wrote:
> We recently switched our development JBOSS instance from 4.05GA to 4.21GA
Which AJP connector is used in JBoss exactly ?
Normally, the two connectors in org.apache.coyote.ajp cannot be doing
what you see.
Rémy
--
On 8/24/07, lightbulb432 <[EMAIL PROTECTED]> wrote:
> Although the debate between session replication vs stateless can't be
> definitively solved and depends on the application, I'd like to hear about
> your experiences with both. How are you designing your current applications,
> and what implicat
On 6/8/07, Diego Rodríguez Martín <[EMAIL PROTECTED]> wrote:
It affects version 1.3 of commons pool. In tomcat 6, commons pool is
embbeded in /tomcat-dbcp.jar/, and the docs don't say with version of
commons is inside.
It's that version. A new commons-pool version will be integrated when
it's a
On 5/24/07, Mirko Nasato <[EMAIL PROTECTED]> wrote:
Rémy Maucherat wrote:
> I was disappointed when I saw the performance results of the current
> executors. At the moment, you should not be using them.
>
Alright. I would suggest putting an EXPERIMENTAL! or similar warning in
th
On 5/24/07, Mirko Nasato <[EMAIL PROTECTED]> wrote:
Should I file a bug report?
I was disappointed when I saw the performance results of the current
executors. At the moment, you should not be using them.
Rémy
-
To start a ne
On 5/23/07, Filip Hanik - Dev Lists <[EMAIL PROTECTED]> wrote:
take a look at the documentation, the way you are reading it is incorrect.
you need to take advantage of the available() method
With a reader, it's ready().
Rémy
On 5/2/07, Sebastiaan van Erk <[EMAIL PROTECTED]> wrote:
It's a race condition and the problem occurs quite infrequently
(especially with small request bodies). The larger the request body of
the POST request, the more likely it is that the problem occurs. I was
testing at a few thousand request
On 5/2/07, Frank McCown <[EMAIL PROTECTED]> wrote:
The default contents of the conf/tomcat-users.xml file *should* be
but the file that ships with 6.0 is missing all the tags.
No default users will be provided.
And the server.xml file is missing the line:
It has a functio
On 5/2/07, Sebastiaan van Erk <[EMAIL PROTECTED]> wrote:
Sorry about that, did not mean to say it is not possible to do a
request, wait, response with Comet. All I'm trying to say is that Comet
was not designed (at least, Filip stated this) for the async servlet
model, and I tried to point out so
On 5/2/07, Sebastiaan van Erk <[EMAIL PROTECTED]> wrote:
What you seem to want is more in line with the "asynchronous servlet"
(request, wait, response), which Filip and Remy pointed out is not the
quite the same as Tomcat's Comet. Ideally, both models would be possible
through single unified AP
On 4/28/07, Reich, Matthias <[EMAIL PROTECTED]> wrote:
The problem is that the socket is added to the poller already within the
Http11AprProcessor.event method.
Due to this the process method can be invoked before the event method
has done it's cleanup.
I don't really understand how it can happ
On 4/27/07, Sebastiaan van Erk <[EMAIL PROTECTED]> wrote:
> GET parameters, ie parameters in the URL will work.
> However, using Comet you shouldn't rely on parameters in the body, the
> body if for you usage, and your usage alone.
Seems to me that this is a pretty common use case though with AJA
On 4/26/07, Sebastiaan van Erk <[EMAIL PROTECTED]> wrote:
Hi,
If the body of the POST request is not present at the time of the
getParameter() call, it returns null even if the parameter value is set.
Things don't work like this, obviously. Parameter parsing only occurs
if nothing used getRead
On 4/26/07, Sebastiaan van Erk <[EMAIL PROTECTED]> wrote:
I don't understand why the client does not get an immediate -1 (EOF) on
the read() as soon as I do this. The socket itself does not need to be
closed, but the output stream close should flush the output stream and
call shutdownOutput() on
201 - 300 of 364 matches
Mail list logo
