Xmx to 1GB this should also allow 1GB of native memory
which may result in more then 2GB of memory used by the JVM
Regards,
Stefan Mayr
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-m
Hi Brian,
Am 30.12.2023 um 21:42 schrieb Brian Braun:
I don't have any Java OOME exceptions, so it is not that my objects don't
fit. Even if I supply 300MB to the -Xmx parameter. In fact, as I wrote, I
don't think the Heap and non-heap usage is the problem. I have been
inspecting those and their
Hi,
Am 21.06.2023 um 12:20 schrieb Mark Thomas:
CVE-2023-34981 Apache Tomcat - Information disclosure
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 11.0.0-M5
Apache Tomcat 10.1.8
Apache Tomcat 9.0.74
Apache Tomcat 8.5.88
Description:
The fix for
Am 10.03.2023 um 08:27 schrieb Stefan Mayr:
Am 10.03.2023 um 07:58 schrieb Thomas Hoffmann (Speed4Trade GmbH):
Hello,
-Ursprüngliche Nachricht-
Von: Seth Mayers
Gesendet: Freitag, 10. März 2023 01:14
An: Tomcat Users List
Betreff: Re: HTTP Error 414. The request URL is too long
Am 10.03.2023 um 07:58 schrieb Thomas Hoffmann (Speed4Trade GmbH):
Hello,
-Ursprüngliche Nachricht-
Von: Seth Mayers
Gesendet: Freitag, 10. März 2023 01:14
An: Tomcat Users List
Betreff: Re: HTTP Error 414. The request URL is too long.
Thanks. Sadly I know how the data is being push
Hi Chris,
Am 07.07.2022 um 00:59 schrieb Christopher Schultz:
Stefan,
On 7/6/22 18:50, Stefan Mayr wrote:
Am 05.07.2022 um 23:36 schrieb Pawel Veselov:
Christopher, Stephan,
On Tue, Jul 5, 2022 at 11:18 PM Christopher Schultz
wrote:
Stefan,
On 7/2/22 09:45, Stefan Mayr wrote:
Hi,
Am
Am 05.07.2022 um 23:36 schrieb Pawel Veselov:
Christopher, Stephan,
On Tue, Jul 5, 2022 at 11:18 PM Christopher Schultz
wrote:
Stefan,
On 7/2/22 09:45, Stefan Mayr wrote:
Hi,
Am 01.07.2022 um 17:10 schrieb Christopher Schultz:
Thomas,
On 6/30/22 13:52, Thomas Meyer wrote:
Sadly
Hi,
Am 01.07.2022 um 17:10 schrieb Christopher Schultz:
Thomas,
On 6/30/22 13:52, Thomas Meyer wrote:
Sadly currently Tomcat startup relies on shell script to bootstrap
JVM process.
In the light of distroless images (e.g.
https://blog.chainguard.dev/introducing-apko-bringing-distroless-nirvan
Hi,
i created a bugzilla entry
(https://bz.apache.org/bugzilla/show_bug.cgi?id=65901) and included a
first attempt to patch this issue.
Am 12.02.2022 um 14:24 schrieb Stefan Mayr:
Hello Tomcat users,
this week we were debugging a strange connection issue which I tracked
down to an
body although it should not (at least i
think mod_jk is somehow responsible for that)
-Ursprüngliche Nachricht-
Von: Stefan Mayr
Gesendet: Montag, 14. Februar 2022 23:07
An: users@tomcat.apache.org
Betreff: Re: mod_jk interference with ErrorDocument/Alias on HEAD request
Hello again,
a
Hello again,
a self-compiled mod_jk 1.2.48 shows the same issue.
Am 13.02.2022 um 18:37 schrieb Stefan Mayr:
Hi,
looking at the source code
https://github.com/apache/tomcat-connectors/blob/main/native/apache-2.0/mod_jk.c#L2954#L2973
I did some more testing:
Variant 1: JkMount /demo
->status
The response only seems correct for variant 1 - which is configured to
let Apache httpd handle all responses for status codes >= 401. For
variant 2 mod_jk seems to handle the response itself - contrary to what
the comment explains.
Am 12.02.2022 um 14:24 schrieb Stefan Mayr:
Mount /demo/* ajp13_worker
JkUnMount /error/* ajp13_worker
-Ursprüngliche Nachricht-
Von: Stefan Mayr
Gesendet: Samstag, 12. Februar 2022 14:24
An: Tomcat Users List
Betreff: mod_jk interference with ErrorDocument/Alias on HEAD request
Hello Tomcat users,
this week we were debugg
46.
I didn't try to compile the latest mod_jk version yet because I didn't
spot a relevant point in the changelog.
Can anyone confirm this behaviour or point me to a configuration
directive i missed?
Thank you,
Stefan Mayr
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Am 30.12.2021 um 12:24 schrieb Mark Thomas:
On 29/12/2021 21:04, Eric Robinson wrote:
My question is, is there a better way?
I can only think of variations on a theme.
The ~64k limit assumes client IP, server IP and server port remain
constant. i.e. just client port is varying.
That sug
Am 25.01.2021 um 19:04 schrieb Christopher Schultz:
> All,
>
> On 1/25/21 11:10, Christopher Schultz wrote:
>> All,
>>
>> Off-topic, but I know there are plenty of Spring users on this list
>> who can probably help me figure this out.
>>
>> Recently, Let's Encrypt switched from using their soon-to
Hi,
Am 30.11.2020 um 17:09 schrieb Amit Pande:
> I guess I will have to investigate the RHEL 7.3 entropy issue separately
> (possibly as hobby project) and look for other options to make progress.
>
> I still find it odd that something related to randomness (entropy generation)
> is so consiste
Am 03.11.2020 um 16:05 schrieb Eric Robinson:
>> -Original Message-
>> From: Eric Robinson
>> Sent: Tuesday, November 3, 2020 8:21 AM
>> To: Tomcat Users List
>> Subject: RE: Weirdest Tomcat Behavior Ever?
>>
>>> From: Mark Thomas
>>> Sent: Tuesday, November 3, 2020 2:06 AM
>>> To: Tomca
Hi Klaus,
Am 06.07.2020 um 15:13 schrieb Klaus Tachtler:
> Hi,
>
> I'm trying to build a rpm package for CentOS-8 for mod_jk with the
> latest version 1.2.48. While building the rpm package, following error
> occurs:
>
>
> - %< -
>
> ...
> make[1]: Entering directory
> '/root/rpmbuild/
Hi,
Am 10.06.2020 um 15:34 schrieb Mark Thomas:
> On 10/06/2020 14:07, Paul Carter-Brown wrote:
>> At runtime, any code can call TimeZone.setDefault to change the timezone of
>> the JVM.
>>
>> I'd suggest logging TimeZone.getDefault().getDisplayName(Locale.ENGLISH);
>> intermittently and seeing i
Hi,
today I've seen something I don't understand: our developers reported an
application that was returning a non-GMT timezone in Date and
Last-Modified headers.
$ curl -v http://localhost:8080
* Rebuilt URL to: http://localhost:8080/
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to local
sistentManager as in org.apache.catalina.session.PersistentManager?
So a vulnerable configuration would need to use something like
Regards,
Stefan Mayr
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
of the web application by some other means) then this, along
> with the ability to process a file as a JSP, made remote code execution
> possible.
Is this a bug which is or will be fixed or is this a fundamental design
flaw of AJP which cannot be fixed? So to trust or not to trust are
Hi Chris,
Am 13.02.2020 um 15:31 schrieb Christopher Schultz:
> [snip]
> The answer to the question "why change the default?" is: "because the
> default was essentially insecure, in a way that wasn't obvious to
> someone who wasn't paying close attention."
>
> So we are forcing users to pay close
Hi,
> - AJP defaults changed to listen the loopback address, require a secret
> and to be disabled in the sample server.xml
What was the motivation behind this breaking change to require a secret
or to explitly disable it? What makes an open AJP connector more unsafe
than an open HTTP connector
Am 09.01.2020 um 21:45 schrieb Christopher Schultz:
> DSA is almost never used. Nearly 100% of keys in the world are
> plain-RSA or EC. I know of no CA that uses DSA for signing. So pretty
> much every cert you will come across will be EC-with-RSA or
> RSA-with-RSA (that's keytype-with-signature-ty
Am 28.10.2019 um 22:07 schrieb Michael Osipov:
Am 2019-10-28 um 22:00 schrieb Stefan Mayr:
Am 28.10.2019 um 14:13 schrieb Rémy Maucherat:
On Mon, Oct 28, 2019 at 1:46 PM Johan Compagner
wrote:
Hi
On Mon, 28 Oct 2019 at 13:15, Mark Thomas wrote:
Hi all,
A frequent topic of discussion
Am 28.10.2019 um 14:13 schrieb Rémy Maucherat:
> On Mon, Oct 28, 2019 at 1:46 PM Johan Compagner
> wrote:
>
>> Hi
>>
>>
>>
>> On Mon, 28 Oct 2019 at 13:15, Mark Thomas wrote:
>>
>>> Hi all,
>>>
>>> A frequent topic of discussion at ApacheCon EU was Jakarta EE 9. For
>> those
>>> of you who aren'
Hi,
Am 31.08.2018 um 19:22 schrieb Christopher Schultz:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Stefan,
>
> On 8/30/18 23:27, Stefan Mayr wrote:
>> we got an application has multiple Service, Engine and Host entries
>> in server.xml. All Host sec
diffenent applications appX.
Is this a valid configuration (for Tomcat 7.0)? If yes, what should we
expect to happen?
We currently see and endless loop of application deployments that fail
because the ports of the Service Connector is already
Hi,
Am 30.07.2018 um 18:25 schrieb Christopher Schultz:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Marek,
>
> On 7/30/18 3:22 AM, Marek Czernek wrote:
>> Hi there,
>>
>> recently, we noticed the lack of documentation for Catalina Base,
>> and I wanted to find out more about it. Othe
Hi
Am 04.10.2017 um 19:27 schrieb Mark Thomas:
> ... are now (mostly) available:
>
> http://tomcat.apache.org/presentations.html
>
> I thought Jean-Frederic sent me his slides but I can't find the e-mail.
> I'm sure one of us will update that page shortly.
Reverse Proxies, Load-Balancing & Clus
Hi,
Am 10.04.2017 um 21:14 schrieb Mark Thomas:
> CVE-2017-5647 Apache Tomcat Information Disclosure
>
> Severity: Important
>
> Vendor: The Apache Software Foundation
>
> Versions Affected:
> Apache Tomcat 9.0.0.M1 to 9.0.0.M18
> Apache Tomcat 8.5.0 to 8.5.12
> Apache Tomcat 8.0.0.RC1 to 8.0.4
Am 05.11.2016 um 23:58 schrieb Mark Thomas:
> On 04/11/2016 19:10, Hedrick, Brooke - 43 wrote:
>> Sorry if this has been already asked. I searched the archives and
>> didn't find what I was looking for.
>
> I don't recall anyone raising it before now.
>
>> Has anyone else run into an issue with
Am 09.08.2016 um 19:48 schrieb Mark Thomas:
On 09/08/2016 18:29, Stefan Mayr wrote:
Hi,
two colleagues came with an idea that our new java platform should only
run signed code. In the java world I've only seen signed java applets.
From a bit of internet research it looks like any JAR, W
icate that this is supported or verified in WebLogic. So
how about Tomcat? Is there any verification of signed code or are there
any configuration flags to enable/enforce/disable this?
I would guess the signature is ignored. Am I wrong?
Thank you,
Stefan
ot. If you write this wrapper in java you could use an
embedded tomcat or jetty to startup a servlet container where needed.
Regards,
Stefan Mayr
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional c
between the client and the proxy benefits
most of the new procotol.
- Stefan
--
Mayr Stefan
Hausen - Gassenaecker 10
82269 Geltendorf
Tel.: 08193 - 9979469
-
To unsubscribe, e-mail: users-unsubscr...@tom
Hi John,
Am 11.10.2014 23:30, schrieb John Smith:
I'm trying to workout a managed backup scheme on a MySQL production
database with XtraBackup. According to our DBA, XtraBackup doesn't lock the
database, but issues a series of SHOW TABLE STATUS commands and then works
on the file system level.
Hi Christopher,
Am 01.10.2014 20:40, schrieb Christopher Schultz:
-BEGIN PGP SIGNED MESSAGE-
...
I've been trying to get mod_remoteip to handle the client's IP address
for me -- especially for logging -- but I'm having some difficulty and
have asked a question over on the httpd users'
Am 01.10.2014 19:18, schrieb Christopher Schultz:
-BEGIN PGP SIGNED MESSAGE-
...
What I'm mainly looking for is a way to say "the incoming
connection (from ELB) is HTTP and I want to pretend that the
connection is HTTPS".
Then the easier solution seems using ELB for SSL termination an
Am 29.08.2014 14:23, schrieb Sylvain Goulmy:
Thank you for your feedbacks.
I had actually already tried a configuration with a "url" parameter. With
this configuration :
factory="org.apache.tomcat.jdbc.naming.GenericNamingResourcesFactory"
name="jdbc/mydatasource-xa" password="password"
typ
le:thin:@myhost:1521/orcl or add a driverType, e.g.
driverType="thin"
see http://www.orafaq.com/wiki/JDBC for URLs and
http://docs.oracle.com/cd/E18283_01/appdev.112/e13995/oracle/jdbc/pool/OracleDataSource.html
for the possible parameters and default val
ide. A new window will show a table with
Cookie and Response-Header information.
As Oracle seems to support cluster configuration of OIA you could also
ask their support about the setup requirements.
Stefan
--
Mayr Stefan
Hausen - Gassenaecker 10
82269 Geltendorf
Tel.: 08193
Am 13.01.2014 07:22, schrieb Divyaprakash Y:
-Original Message-
From: Stefan Mayr [mailto:ste...@mayr-stefan.de]
Sent: 10 January 2014 23:26
To: users@tomcat.apache.org
Subject: Re: Packet misses in Tomcat
Hi
Am 09.01.2014 14:21, schrieb Divyaprakash Y:
-Original Message
Hi
Am 09.01.2014 14:21, schrieb Divyaprakash Y:
-Original Message-
From: Divyaprakash Y
Sent: 08 January 2014 14:35
To: Tomcat Users List
Subject: RE: Packet misses in Tomcat
-Original Message-
From: André Warnier [mailto:a...@ice-sa.com]
Sent: 08 January 2014 02:52
To: Tomcat
Am 23.08.2013 20:10, schrieb Stefan Mayr:
Am 11.06.2013 19:42, schrieb Felix Schumacher:
Am 05.06.2013 13:42, schrieb Ilya Kazakevich:
Hello,
I use "probe" app for several tomcats.
It's security model is based on servlet API security: security roles and
constraints are provided
Am 11.06.2013 19:42, schrieb Felix Schumacher:
Am 05.06.2013 13:42, schrieb Ilya Kazakevich:
Hello,
I use "probe" app for several tomcats.
It's security model is based on servlet API security: security roles and
constraints are provided in web.xml and mapped for each servlet it has.
I use JNDIR
Hi Bernd,
Am 20.06.2013 18:45, schrieb Lentes, Bernd:
Hi,
i'm fairly new to tomcat. We have a SLES 10 SP4 64bit host, running Tomcat 5.5,
which was provided as a rpm from the distributor.
Our developers need now a more current version, 6 or prefered 7.
I didn't find rpm's for these versions fo
+0200 schrieb "Caldarale, Charles R"
:
From: Stefan Mayr [mailto:ste...@mayr-stefan.de]
Subject: Delayed WAR expansion, timeout on context startup?
Are there any parameters to adjust deployment timeouts for these
contexts with large WAR files?
Want to give us a hint about what Tomc
Hi,
we've upgraded our linux systems and experience some serious slowdowns
from our antivirus solutions. Expanding large WAR files (e.g. Alfresco)
is blocked by the virus scanner for minutes (!). Now we get tomcats
failing to deploy contexts on startup. Everything was fine when the
deployment
Am 18.01.2013 20:06, schrieb Gabriel Huerta Araujo:
Hi all:
I did not notice the fact that my server application does not generate log
file. Someone else changed configuration files and tomcat is not generating
this log file (catalina.out). How can I restablish tomcat for generating this
file
Am 14.01.2013 15:11, schrieb Conrad Kostecki:
Hi!
I've noticed, that Tomcat got much slower during startup. When using a Version
> 7.0.27 (+ Oracle JDK 7), it takes much longer.
...
After this Step, with a newer version, it can take several minutes, until it
continues.
During this "pause", I ca
Am 22.08.2012 23:04, schrieb Kari Scott:
On Aug 22, 2012, at 3:55 PM, Stefan Mayr wrote:
Am 22.08.2012 22:31, schrieb Miguel González Castaños:
We are having what sounds like a similar problem (although 7.0.26
works for us) and can provide our details.
We are using Solaris 10, Tomcat 7.0.26
Am 22.08.2012 22:31, schrieb Miguel González Castaños:
We are having what sounds like a similar problem (although 7.0.26
works for us) and can provide our details.
We are using Solaris 10, Tomcat 7.0.26, Apache/2.2.16, mod_jk/1.2.35
and Java(TM) SE Runtime Environment (build 1.6.0_30-b12) in our
Am 01.08.2012 19:10, schrieb Shaw, Ray V CTR (US):
I'm starting up Tomcat 7.0 on RHEL6 with the following init script:
#!/bin/bash
#
# chkconfig: 235 80 20
# description: Takes care of starting and stopping Tomcat.
CATALINA_HOME="/opt/tomcat7"
export JAVA_HOME="/usr/java/jdk6-64/"
case "$1" in
Am 31.07.2012 23:28, schrieb André Warnier:
To be more explicit : my bet at this stage would be a bug in the
XP+IE+Acrobat9 combination (as being "the usual suspects"), but a bug
that gets triggered only because Tomcat 7.0.27+ send the response just a
bit differently than 7.0.26.
How about APR
Good morning,
I could need some ideas how to debug a very specific network problem. It
is not directly Tomcat related (more JVM) but maybe you have some pointers.
The situation: We have an application running in Tomcat on two different
servers (TomcatA, TomcatB). Both are doing HTTP calls to
Am 07.06.2012 10:13, schrieb Miguel González Castaños:
...
Do you suggest me to upgrade to Tomcat 6 or 7? What about jdk? 1.6
or 1.7?
1.6 is more widely tested (many years), but for a new system I would
go with 1.7.
It's not a new system, it's been running for 3 years already. I don't
want t
Am 03.06.2012 09:17, schrieb Kevin Marx:
OK, so now, how is this working? How to fix it?
ROOT.xml is located in conf/Catalina/localhost
File contents are thus:
in the browser I am entering http://localhost:8080
the URL is comes up with is thus:
http://localhost:8080/dashboards/welcome/ma
Hello,
Am 13.05.2012 00:24, schrieb Konstantin Kolinko:
2012/5/13 Kiran Badi:
Hi,
I am trying to setup custom error page and has done below modification to
web.xml
500
/errorback.jsp
404
/errorback.jsp
Then in errorback.jsp
I wrote the default hello jsp page and triggered 404 condition t
Am 08.04.2012 18:41, schrieb Ofer Israeli:
2012/4/6 Pid:
On 05/04/2012 22:17, Ofer Israeli wrote:
Y
On 5 באפר 2012, at 18:58, "Konstantin Kolinko"
wrote:
2012/4/5 Ofer Israeli:
Mark Thomas wrote:
On 04/04/2012 17:02, Ofer Israeli wrote:
Once you have an OOME all bets are off. The JVM ne
Am 11.03.2012 11:33, schrieb Pid:
On 11/03/2012 06:25, pricyber wrote:
Hi I recently upgrade JDK from 1.6 to 1.7u3. And tomcat no longer work on
Windows 2003, ie not sending response to any request either with https or
plain http. But the same code/setting works on Windows 7 and my ubuntu
machin
Am 28.12.2011 10:04, schrieb ma...@apache.org:
Matthew Tyson wrote:
That's right, there is an f5 load balancer. The valve is used to keep
track of whether the request was via HTTPS or not.
What happens if you go direct to Tomcat and bypass the F5?
tcpdump seems to confirm the same. What
Am 24.12.2011 00:39, schrieb Matthew Tyson:
Hello,
We have been having quite a few problems with using long-polling
connections in Tomcat, via the NIO connector. Upgrading to Tomcat 7.0.23
definitely improved things, but we are still seeing major issues.
The problems only crop up after a coupl
Am 24.12.2011 19:33, schrieb Matthew Tyson:
On Sat, Dec 24, 2011 at 1:06 AM, Mark Thomas wrote:
On 23/12/2011 23:39, Matthew Tyson wrote:
Hello,
We have been having quite a few problems with using long-polling
connections in Tomcat, via the NIO connector. Upgrading to Tomcat 7.0.23
definite
Am 30.11.2011 12:08, schrieb j...@gniffelnieuws.net:
On Wed, 30 Nov 2011 16:14:45 +0530, Choudhury wrote
Hello ,
The question is not why I would use 32 bit JVM , the
question is whether there is any maximum limit on memory for Tomcat
and if yes why ? Regards,
The limit is the JVM, not
Am 16.10.2011 10:31, schrieb André Warnier:
Léa Massiot wrote:
Hello,
Thank you for reading my post.
Here is my problem:
- I have two machines S and M on the same LAN.
- S is a Debian machine running a Tomcat server.
- And I have a WebApp W deployed on this Tomcat server.
- M is a Windows mach
Am 25.08.2011 22:55, schrieb Stefan Mayr:
...
Back to your question. I recommend to read
http://blogs.technet.com/b/jorke/archive/2008/09/17/cat-power-tomcat-on-server-2008-core-with-iis7.aspx
. It is a bit dated but lists an ugly pitfall: MSVCR71.dll is required
but not included. (don't kn
Am 24.08.2011 23:01, schrieb André Warnier:
David kerber wrote:
Will TC run on a Windows Server Core installation? For those of you
not familiar with that term, it's a windows server installation with
no GUI, and minimal other pieces. The idea is a reduced disk, memory
and cpu footprint (rather
Hello,
Am 21.08.2011 15:01, schrieb Venkata Surapaneni:
Verlag,
Both the suggestions worked and We are going to add address line to
the server.xml file.
Is the support for IP 4 dropped by plan or by accident ? If it is by plan,
isn't it early ? There are still lot of applications ru
Am 14.07.2011 13:25, schrieb André Warnier:
Mark Thomas wrote:
On 14/07/2011 11:29, André Warnier wrote:
Hi.
This is a bit of a side question, or let's say a question-by-proxy.
...
I think for this problem, I have to treat tomcat as a little, rather
inefficient, black box and try to fixup on
Am 04.05.2011 18:34, schrieb André Warnier:
fsman...@netscape.net wrote:
Also, do the out-of-order timestamps (and the server startup time of
-1161496934 ms) hint at anything?
Not that it has anything to do with the problem, but I would say that
the startup time looks very much like a formatt
Am 29.03.2011 16:19, schrieb Jeffrey Janner:
OK, I'm sure some of you guys can weigh in better on this than me, but:
If he already has two "intelligent" load-balancers terminating the SSL,
couldn't he simplify the configuration a good bit by removing the
Apache servers all together? That is, co
Hi
Am 29.03.2011 12:28, schrieb Rainer Jung:
On 29.03.2011 12:07, Richard Levy wrote:
...
The current setup involves two intelligent load-balancers that
terminates SSL then hands over to Oracle 10g. The 10g stack has
custom Oracle versions of Apache which have configuration options not
found in
Hi Mark,
Am 28.03.2011 10:49, schrieb Mark Thomas:
On 28/03/2011 08:42, Borut Hadžialić wrote:
Hellos Stefan,
if you can't fix your problem with configuration and decide that you
want to solve the problem by programming, then this might help you
http://blog.springsource.com/2009/09/28/spring-s
are admins, no
devs)?
What solutions have you deployed? Recommendations?
Thank you,
Stefan Mayr
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
77 matches
Mail list logo