Re: Tomcat SSL - Issue

2021-09-22 Thread Niranjan Babu Bommu
port where server is listening ssl(8443) and ipaddres of server where
tomcat is running, expect output like this

starting Nmap 6.40 ( http://nmap.org ) at 2021-09-22 14:35 EDT
Nmap scan report for 12.0.0.1
Host is up (0.35s latency).
PORT STATE SERVICEVERSION
8443/tcp open  https-alt?
| ssl-enum-ciphers:
|   TLSv1.0:
| ciphers:
|   TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - strong
|   TLS_DHE_RSA_WITH_AES_128_CBC_SHA - strong
|   TLS_DHE_RSA_WITH_AES_256_CBC_SHA - strong
|   TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - strong
|   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - strong
|   TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - strong
| compressors:
|   NULL
|   TLSv1.1:
| ciphers:
|   TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - strong
|   TLS_DHE_RSA_WITH_AES_128_CBC_SHA - strong
|   TLS_DHE_RSA_WITH_AES_256_CBC_SHA - strong
|   TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - strong
|   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - strong
|   TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - strong
| compressors:
|   NULL
|   TLSv1.2:
| ciphers:
|   TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - strong
|   TLS_DHE_RSA_WITH_AES_128_CBC_SHA - strong
|   TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - strong
|   TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - strong
|   TLS_DHE_RSA_WITH_AES_256_CBC_SHA - strong
|   TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - strong
|   TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - strong
|   TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - strong
|   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - strong
|   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - strong
|   TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - strong
|   TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - strong
|   TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - strong
|   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - strong
| compressors:
|   NULL
|_  least strength: strong


On Wed, Sep 22, 2021 at 8:48 AM Kumawat, Priyanka 
wrote:

> Hi Niranjan ,
>
> Thankyou.
>
> The script here on the below command will be the ssltest script that Chris
> have given ?
> Also IP address will be the IP of the server .?
>
>
> nmap -sV --script ssl-enum-ciphers -p  
>
> https://clicktime.symantec.com/3Cx1tBjB9n6EQyoUQjHJNWU7Vc?u=https%3A%2
> F%2Fgithub.com%2FChristopherSchultz%2Fssltest
>
>
> Thanks & Regards,
>
> Priyanka Kumawat | Middleware Admin
> T +91.7879364483
> EMail - priyanka.kuma...@dxc.com
> DL - ams-leveraged-webadmin-offsh...@dxc.com
>
> DXC Technology
>
>
>
>
>
>
> -Original Message-
> From: Niranjan Babu Bommu 
> Sent: 22 September 2021 04:53
> To: Tomcat Users List 
> Subject: Re: Tomcat SSL - Issue
>
> Another way you get supported is TLS and the cipher suite.
>
> nmap -sV --script ssl-enum-ciphers -p  
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> nmap -sV --script ssl-enum-ciphers -p  
>
>
>
> On Tue, Sep 21, 2021 at 5:25 PM Christopher Schultz <
> ch...@christopherschultz.net> wrote:
>
> > Priyanka,
> >
> > On 9/21/21 13:52, Kumawat, Priyanka wrote:
> > > Hello Team ,
> > >
> > > Please find the error details as below -
> > >
> > > The site can’t provide a secure connection .
> > >
> > > xmotam01.phl.com uses an unsupported protocol
> > >
> > > ERR_SSL_VERSION or CIPHER MISMATCH
> > >
> > > Unsupported protocol – The client and server don;t support a common
> > > protocol version.
> >
> > Many versions of Java 1.7 do not support TLSv1.2. Try running this
> > tool under your Java 1.7 environment for some good information:
> >
> > https://clicktime.symantec.com/3Cx1tBjB9n6EQyoUQjHJNWU7Vc?u=https%3A%2
> > F%2Fgithub.com%2FChristopherSchultz%2Fssltest
> >
> > -chris
> >
> > -
> > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> > For additional commands, e-mail: users-h...@tomcat.apache.org
> >
> >
>
> --
> *Thanks*
> *Niranjan*
>
>
> DXC Technology Company -- This message is transmitted to you by or on
> behalf of DXC Technology Company or one of its affiliates. It is intended
> exclusively for the addressee. The substance of this message, along with
> any attachments, may contain proprietary, confidential or privileged
> information or information that is otherwise legally exempt from
> disclosure. Any unauthorized review, use, disclosure or distribution is
> prohibited. If you are not the intended recipient of this message, you are
> not authorized to read, print, retain, copy or disseminate any part of this
> message. If you have received this message in error, please destroy and
> delete all copies 

Re: Tomcat SSL - Issue

2021-09-21 Thread Niranjan Babu Bommu
Another way you get supported is TLS and the cipher suite.

nmap -sV --script ssl-enum-ciphers -p  
















nmap -sV --script ssl-enum-ciphers -p  



On Tue, Sep 21, 2021 at 5:25 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:

> Priyanka,
>
> On 9/21/21 13:52, Kumawat, Priyanka wrote:
> > Hello Team ,
> >
> > Please find the error details as below -
> >
> > The site can’t provide a secure connection .
> >
> > xmotam01.phl.com uses an unsupported protocol
> >
> > ERR_SSL_VERSION or CIPHER MISMATCH
> >
> > Unsupported protocol – The client and server don;t support a common
> > protocol version.
>
> Many versions of Java 1.7 do not support TLSv1.2. Try running this tool
> under your Java 1.7 environment for some good information:
>
> https://github.com/ChristopherSchultz/ssltest
>
> -chris
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

-- 
*Thanks*
*Niranjan*


Re: JVM job for Tomcat taking lots and lots of CPU

2020-02-12 Thread Niranjan Babu Bommu
have you turned on codecahe , if that is true can you monitor codecahe?
known issue with codecache in java 7, when codecache fills up the compiler
may not get get restarted even after the codecache occupancy drops down to
half after the emergency flushing, this may cause high cpu usage by the
compiler threads.
if above all true here are the solutions.
1. increase codecache may be 128MB
2. upgrade jdk to 8


On Tue, Feb 11, 2020 at 7:40 PM James H. H. Lampert <
jam...@touchtonecorp.com> wrote:

> Ladies and Gentlemen:
>
> We have a customer installation in which the JVM job for our Tomcat
> server is frequently using massive amounts of CPU.
>
> It's Tomcat 7.0.67, running on an AS/400, in a 64-bit Java 7 JVM, with
> -Xms3096m and -Xmx5120m JVM arguments.
>
> GC information on the JVM job shows:
> > Garbage collected heap:
> >   Initial heap size  . . . . . . . . . :  3096.000M
> >   Maximum heap size  . . . . . . . . . :  5120.000M
> >   Current heap size  . . . . . . . . . :  4458.562M
> >   Heap in use  . . . . . . . . . . . . :  1907.673M
> > Other memory:
> >   Internal (break) memory size . . . . :   504.982M
> >   JIT memory size  . . . . . . . . . . :74.000M
> >   Shared classes memory size . . . . . : 0.000M
> > General GC information:
> >   Current GC cycle . . . . . . . . . . :   2184
> >   GC policy type . . . . . . . . . . . : GENCON
> >   Current GC cycle time  . . . . . . . :552
> >   Accumulated GC time  . . . . . . . . :5108241
>
> It seems to be doing a lot of garbage-collecting.
>
> Would switching to Java 8 help? Would switching to 7.0.93 help?
>
> --
> James H. H. Lampert
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

-- 
*Thanks*
*Niranjan*


Re: setupenv.sh

2018-04-20 Thread Niranjan Babu Bommu
options -d32 and -d64 have been addd to the  java launcher to specify
whether the program is be run in a 32-bit or 64-bit env, this is valid only
certain unix(solaris) env, windows and linux have their own 32-bit or
64-bit java installations.




On Fri, Apr 20, 2018 at 8:32 AM, Cheltenham, Chris <
ccheltenham-...@philasd.org> wrote:

> Hello,
>
>
>
> I have been trying to find out what this meand starting up Tomcat to no
> avail.
>
> Please help.
>
> I mean –d64 that is.
>
>
>
> JAVA_OPTS="-d64"
>
>
>
> ===
>
> Thank You;
>
> Chris Cheltenham
> Technology Services
> The School District of Philadelphia
>
> Work # 215-400-5025
> Cell # 215-301-6571
>



-- 
*Thanks*
*Niranjan*


Re: Tomcat managed server

2017-06-30 Thread Niranjan Babu Bommu
Hi Subhro,

tomcat document has the all the info you are looking for.

https://tomcat.apache.org/tomcat-7.0-doc/RUNNING.txt
https://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt

look for "Advanced Configuration - Multiple Tomcat Instances" in that page.

thanks
Niranjan

On Fri, Jun 30, 2017 at 11:18 AM, Subhro Paul  wrote:

> -Christopher Schultz  wrote: -
> To: users@tomcat.apache.org
> From: Christopher Schultz 
> Date: 06/29/2017 12:35PM
> Subject: Re: Tomcat managed server
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Subhro,
>
> On 6/29/17 11:57 AM, Subhro Paul wrote:
> > Can you tell me if we can create manged server in tomcat like we
> > can do in Weblogic server?
> >
> > I have Googled that and found information which is about setting
> > up different tomcat instances but not the managed server which we
> > can do in Weblogic.
> For those of us unfamiliar with WebLogic... can you explain what a
> "managed server in Tomcat" is?
>
> - -chris
> -BEGIN PGP SIGNATURE-
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAllVLFMACgkQHPApP6U8
> pFg8Vw//WcSo7+ynxMQvNsiJdiJ+HP+qPrkH5reYUvyYfj5D0f0W8RfCt5yvB1Um
> jdww+T9tpYbt2nt5iWYjBx27x9DbhTuJt/OnUNfZQw7PAP2S4L0Q6Amim7yQNzau
> 1nbRxpfSL4rBzR2aQvwNokyd1Uqy1Wwujkf8x4ozphAhtrpeX0ctYHJupusUAXZf
> ijQgDypgwWkPk2LpWkOQDF3jfsFqim/JRsw6DhRvV/u9jfPWGThmKUGF0JkilB+W
> kkiIjA3eH03HS/S+wIJBQ3tJoEbTo5H8Xg786hdO3Z1fCyUV13THK+wihLM1WlcA
> OLvBQlEn/Ms2tQKV1HOfMr4O4EOsxh+1yAz0Wh7oli0dOC8uurSxqI3J0oYbRP99
> d8RJbbNumMXuK0OYo6Gihs/M9dAtafLV1gamACFCBl4HSMTYUBn0NulImcznnX9X
> bue+lO2c+yeg2RAC5gOQnlq9VVcf+bOYRlak9rz5kdA9tp1XPQn9A3112HI0ebe3
> kuIe8eZMO0hbw/lrPG+kjdnjjCrFzeU6QQodnsZh6oZ1V1rB+A9acn9UeMuXOe6F
> gT9GPuxSCRciU3CScNd+9KjT5uEFXvGmP7Dmb7XFCsE4VRIDRFNhE7zRRsmrZfkX
> 4ProlRh9mryxJUyf1r+OLGK7kJOFccb+e4q19+7sVqfswHU+9xc=
> =sxgZ
> -END PGP SIGNATURE-
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
> Hi Chris,
> Managed Server is like instance of a server. Like one single Tomcat
> installation can have multiple instances. Each instance can run separately
> and can have different setup and configuration. You can configure them as a
> cluster as well. But all this instance is linked with single server. But i
> am not sure if Tomcat support that facility.
>
> Thanks,
> Subhro Paul
>
> =-=-=
> Notice: The information contained in this e-mail
> message and/or attachments to it may contain
> confidential or privileged information. If you are
> not the intended recipient, any dissemination, use,
> review, distribution, printing or copying of the
> information contained in this e-mail message
> and/or attachments to it are strictly prohibited. If
> you have received this communication in error,
> please notify us by reply e-mail or telephone and
> immediately and permanently delete the message
> and any attachments. Thank you
>
>
>


-- 
*Thanks*
*Niranjan*


Re: tomcat installation errors

2016-12-20 Thread Niranjan Babu Bommu
may be pid file lying around  from earlier stop/start?

remove the pid file  and start again.

/opt/tomcat/temp/tomcat.pid

On Tue, Dec 20, 2016 at 4:08 PM, Mary Wiegand 
wrote:

> Hi,
>
> I'm installing tomcat v8.5.9 on ubuntu 16.04
>
> this is my tomcat.service file:
>
> #System unit file for tomcat
> [Unit]
> Description=Apache Tomcat Web Application Container
> After=network.target
>
> [Service]
> Type=forking
>
> Environment=JAVA_HOME=/usr/lib/jvm/java-8-oracle/jre/bin/java
> Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid
> Environment=CATALINA_HOME=/opt/tomcat
> Environment=CATALINA_BASE=/opt/tomcat
> Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server-XX:+UseParallelGC'
> Environment='JAVA_OPTS=-Djava.awt.headless=true
> -Djava.security.edg=file:/dev/./urandom'
>
> ExecStart=/opt/tomcat/bin/startup.sh
> ExecStop=/opt/tomcat/bin/shutdown.sh
>
> User=tomcat
> Group=tomcat
> UMask=0007
> RestartSec=10
> Restart=always
>
> [Install]
> WantedBy=multi-user.target
>
>
> This is what I get when I check the journalctl -xe:
>
> tomcat.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
> PID file found but no matching process was found. Stop aborted.
> tomcat.service: Control process exited, code=exited status=1
> tomcat.service: Unit entered failed state.
> tomcat.service:Failed with result 'exit-code'.
>
> Anyone have any ideas for me on where to start looking for the
> invalidargument?
>
> Thanks,
>
> -Mary
>



-- 
*Thanks*
*Niranjan*


Re: Apache/Tomcat vulnerability

2016-11-25 Thread Niranjan Babu Bommu
you can find who is flooding site in apache access.log and block them in
firewall.

ex to find the IP:

cat /var/log/apache2/access.log |cut -d' ' -f1 |sort |uniq -c|sort -gr



On Fri, Nov 25, 2016 at 8:42 AM, Jaaz Portal  wrote:

> hi,
> we are from some weeks struggling with some Polish hackers that are
> bringing our server down. After updating apache to latest version (2.4.23)
> and tomcat (8.0.38) available for debian systems we still cannot secure our
> server.
>
> Today it has stopped to respond again and we needed to restart tomcat
> process to get it back alive.
>
> There is no too much clues in the logs. The apache error.log gives just
> this line:
>
> [Fri Nov 25 13:08:00.647835 2016] [mpm_event:error] [pid 13385:tid
> 1397934896385
> 92] AH00484: server reached MaxRequestWorkers setting, consider raising the
> MaxR
> equestWorkers setting
>
> seems that somehow tomcat, mod-jk2 or even apache is vulnerable to some new
> exploit, as we certainly does not have such traffic that would block our
> server otherwise
>
> for now we have increased MaxRequestWorkers and we have limited number of
> connections from one client to 5 by mod_bw and limited number of
> simultaneous connections from one ip by iptables but does not know if this
> will help
>
> best regards,
> artur
>



-- 
*Thanks*
*Niranjan*


Re: tomcat cache database server IP forever

2016-06-16 Thread Niranjan Babu Bommu
Thanks Chris,

thanks for the lead on this, will test this scenario and update on this.

Thanks
Niranjan

On Tue, Jun 14, 2016 at 3:56 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Niranjan,
>
> On 6/14/16 10:06 AM, Niranjan Babu Bommu wrote:
> > Thanks for your reply, here I'm attaching server.xml file in this
> > email.
> >
> > actually we are running MHA for mysql where we can spin up new db
> > server and  add to the cluster  or change the IP of db server
> > without impacting end user. our application is running on both
> > tomcat and jboss we switch whenever we want,  Recently we have
> > noticed that when we replaced the db server, jboss is able to
> > detect the dns change and sends connection requests to new IP where
> > as tomcat sending  connection requests to the old IP and throws
> > tons of error. Since we can't test this in real time in prod, we
> > were able to replicate this test env.
> >
> > tried with simple java program where it polls the host name  while
> > I'm changing the IP address of the server in DNS. I'm able to see
> > the new IP address imminently when I change that IP in DNS. this
> > confirms that java security setting looks fine, the same in-house
> > application works in jboss when we change the IP of DB server but
> > tomcat behaving differently. I ran out of options to figure out
> > where is the problem.
>
> What if you write a simple JSP, etc. that reports the IP address of
> db1.local and auto-refreshes every second?
>
> My suspicion is that the jdbc-pool is continuing to use connections
> that have already been established. No DNS resolution is performed to
> communicate over an existing TCP/IP connection.
>
> When you change the IP address of db1.local, are you also terminating
> all TCP/IP connections to the old db1.local host? If not, they will
> continue to function as if no change had occurred. New connections are
> likely to connect to the use server.
>
> Why are you playing games with IP addresses? If you are using MySQL
> HA, why not run it on a machine that doesn't change IP addresses and
> use that as a proxy to your db cluster? Then the HA proxy takes care
> of everything and you don't need to re-IP your whole cluster while
> it's running.
>
> - -chris
>
> > On Tue, Jun 14, 2016 at 4:04 AM, Mark Thomas <ma...@apache.org
> > <mailto:ma...@apache.org>> wrote:
> >
> > On 13/06/2016 19:21, Niranjan Babu Bommu wrote:
> >> Hi All,
> >>
> >> I have an issue with tomcat dns cache ttl,
> >
> > That simply is not possible. Tomcat doesn't cache DNS entries.
> >
> >> where if I change the IP address of the database, tomcat still
> >> sending connection requests to an old IP until I restart tomcat,
> >
> > Now that sounds like a better start to the problem description. You
> > are going to need to expand on that. A lot.
> >
> > Tomcat doesn't use a database by default so is this really a
> > Tomcat issue or an application issue? How is the database
> > configured? Is connection pooling being used? How are you
> > confirming connection requests are being directed to the old IP
> > address? Define "restart Tomcat".
> >
> > Mark
> >
> >> this is not the case with Jboss. I verified in java security,
> >> this what we have in java.
> >>
> >> #networkaddress.cache.ttl=-1
> >>
> >> since this property has been disabled, by default ttl will be 30
> >> sec, jboss 7 is respecting this value, but not tomcat.
> >>
> >> so far I have tried these things in tomcat.
> >>
> >> https://bz.apache.org/bugzilla/show_bug.cgi?id=33226
> >>
> >> neither of these settings is not working in tomcat
> >>
> >> -Dnetworkaddress.cache.ttl=0 or -Dsun.net.inetaddr.ttl=0
> >>
> >>
> >> java version "1.7.0_60" tomcat-7.0.56 os centos 6.
> >>
> >> can someone please help me out to fix this issue
> >>
> >
> >
> > -
> >
> >
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> > <mailto:users-unsubscr...@tomcat.apache.org> For additional
> > commands, e-mail: users-h...@tomcat.apache.org
> > <mailto:users-h...@tomcat.apache.org>
> >
> >
> >
> >
> > -- /*Thanks*/ /*Niranjan*/ /*+1 781.956.6900*/
> >
> >
> >
> > -
> >
> >
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> > For additional commands, e-mail: users-h...@tomcat.apache.org
> >
> -BEGIN PGP SIGNATURE-
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iEYEARECAAYFAldgYWkACgkQ9CaO5/Lv0PBbGQCeIuMkUUcAZX1m5aE8Yh40lgll
> hJAAn3rSoZspVPai4PH5eJYh79wPzfPl
> =EX/E
> -END PGP SIGNATURE-
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>


-- 
*Thanks*
*Niranjan*


Re: tomcat dns cache forever

2016-06-14 Thread Niranjan Babu Bommu
Hi Chris,

here is how I'm connecting to the database.



Thanks
Niranjan

On Tue, Jun 14, 2016 at 3:41 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Niranjan,
>
> On 6/10/16 11:45 AM, Niranjan Babu Bommu wrote:
> > I have an issue with tomcat dns cache ttl, where if I change the IP
> > address of the database, tomcat still sending connection requests
> > to an old IP until I restart tomcat, this is not the case with
> > Jboss. I verified in java security, this what we have in java.
> >
> > #networkaddress.cache.ttl=-1
> >
> > since this property has been disabled, by default ttl will be 30
> > sec, jboss 7 is respecting this value, but not tomcat.
> >
> > so far I have tried these things in tomcat.
> >
> > https://bz.apache.org/bugzilla/show_bug.cgi?id=33226
> >
> > neither of these settings is not working in tomcat
> >
> > -Dnetworkaddress.cache.ttl=0 or -Dsun.net.inetaddr.ttl=0
> >
> >
> > java version "1.7.0_60" tomcat-7.0.56 os centos 6.
> >
> > can someone please help me out to fix this issue?
>
> How are you connecting to your database?
>
> - -chris
> -BEGIN PGP SIGNATURE-
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iEYEARECAAYFAldgXeoACgkQ9CaO5/Lv0PAsAQCgv1QJp55fv8v1VIYXIGLzWWLn
> M6wAniY7ewMkxz5ogyIqg4PybnFtYBtV
> =TdRc
> -END PGP SIGNATURE-
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>


-- 
*Thanks*
*Niranjan*


Re: tomcat cache database server IP forever

2016-06-14 Thread Niranjan Babu Bommu
Hi Mark,

Thanks for your reply, here I'm attaching server.xml file in this email.

 actually we are running MHA for mysql where we can spin up new db server
and  add to the cluster  or change the IP of db server without impacting
end user. our application is running on both tomcat and jboss we switch
whenever we want,  Recently we have noticed that when we  replaced the db
server, jboss is able to detect the dns change and sends connection
requests to new IP where as tomcat sending  connection requests to the old
IP and throws tons of error.
Since we can't test this in real time in prod, we were able to replicate
this test env.

 tried with simple java program where it polls the host name  while I'm
changing the IP address of the server in DNS. I'm able to see the new IP
address imminently when I change that IP in DNS. this confirms that java
security setting looks fine, the same in-house application works in jboss
when we change the IP of DB server but tomcat behaving differently. I ran
out of options to figure out where is the problem.

Thanks
Niranjan




On Tue, Jun 14, 2016 at 4:04 AM, Mark Thomas <ma...@apache.org> wrote:

> On 13/06/2016 19:21, Niranjan Babu Bommu wrote:
> > Hi All,
> >
> > I have an issue with tomcat dns cache ttl,
>
> That simply is not possible. Tomcat doesn't cache DNS entries.
>
> > where if I change the IP address
> > of the database, tomcat still sending connection requests to an old IP
> > until I restart tomcat,
>
> Now that sounds like a better start to the problem description. You are
> going to need to expand on that. A lot.
>
> Tomcat doesn't use a database by default so is this really a Tomcat
> issue or an application issue? How is the database configured? Is
> connection pooling being used? How are you confirming connection
> requests are being directed to the old IP address? Define "restart Tomcat".
>
> Mark
>
> > this is not the case with Jboss. I verified in java
> > security, this what we have in java.
> >
> > #networkaddress.cache.ttl=-1
> >
> > since this property has been disabled, by default ttl will be 30 sec,
> jboss
> > 7 is respecting this value, but not tomcat.
> >
> > so far I have tried these things in tomcat.
> >
> > https://bz.apache.org/bugzilla/show_bug.cgi?id=33226
> >
> > neither of these settings is not working in tomcat
> >
> > -Dnetworkaddress.cache.ttl=0 or -Dsun.net.inetaddr.ttl=0
> >
> >
> > java version "1.7.0_60"
> > tomcat-7.0.56
> > os centos 6.
> >
> > can someone please help me out to fix this issue
> >
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>


-- 
*Thanks*
*Niranjan*
*+1 781.956.6900*




  
  
  
  
  
  
  
  
  

  
  




  

  
  



















  
 

  
  


  

  







  


  

  


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

tomcat cache database server IP forever

2016-06-13 Thread Niranjan Babu Bommu
Hi All,

I have an issue with tomcat dns cache ttl, where if I change the IP address
of the database, tomcat still sending connection requests to an old IP
until I restart tomcat, this is not the case with Jboss. I verified in java
security, this what we have in java.

#networkaddress.cache.ttl=-1

since this property has been disabled, by default ttl will be 30 sec, jboss
7 is respecting this value, but not tomcat.

so far I have tried these things in tomcat.

https://bz.apache.org/bugzilla/show_bug.cgi?id=33226

neither of these settings is not working in tomcat

-Dnetworkaddress.cache.ttl=0 or -Dsun.net.inetaddr.ttl=0


java version "1.7.0_60"
tomcat-7.0.56
os centos 6.

can someone please help me out to fix this issue
-- 
*Thanks*
*Niranjan*


tomcat dns cache forever

2016-06-10 Thread Niranjan Babu Bommu
Hi All,

I have an issue with tomcat dns cache ttl, where if I change the IP address
of the database, tomcat still sending connection requests to an old IP
until I restart tomcat, this is not the case with Jboss. I verified in java
security, this what we have in java.

#networkaddress.cache.ttl=-1

since this property has been disabled, by default ttl will be 30 sec, jboss
7 is respecting this value, but not tomcat.

so far I have tried these things in tomcat.

https://bz.apache.org/bugzilla/show_bug.cgi?id=33226

neither of these settings is not working in tomcat

-Dnetworkaddress.cache.ttl=0 or -Dsun.net.inetaddr.ttl=0


java version "1.7.0_60"
tomcat-7.0.56
os centos 6.

can someone please help me out to fix this issue?

-- 
*Thanks*
*Niranjan*


Re: Problem with monitoring with JMX

2016-05-24 Thread Niranjan Babu Bommu
can you try putting config in startup script?


CATALINA_OPTS="-Xms512M -Xmx1024M -server -XX:+UseParallelGC"
CATALINA_OPTS="$CATALINA_OPTS -Dcom.sun.management.jmxremote \
-Dcom.sun.management.jmxremote.port= \
-Dcom.sun.management.jmxremote.authenticate=false \
-Dcom.sun.management.jmxremote.ssl=false "

I'm guessing when you set this in setenv.sh, this may not able to find all
the classes.

On Tue, May 24, 2016 at 4:31 PM, Niranjan Babu Bommu <
niranjan.bo...@gmail.com> wrote:

> make sense,  if you are not using shared apps better to use CATALINA_OPTS.
>
> On Tue, May 24, 2016 at 4:07 PM, Edwin Quijada <listas_quij...@hotmail.com
> > wrote:
>
>> I read that is better use CATALINA_OPTS instead of JAVA_OPTS
>>
>> 
>> From: Niranjan Babu Bommu <niranjan.bo...@gmail.com>
>> Sent: Tuesday, May 24, 2016 7:44 PM
>> To: Tomcat Users List
>> Subject: Re: Problem with monitoring with JMX
>>
>> I think this would be JAVA_OPTS.
>>
>> CATALINA_OPTS="-Xms512M -Xmx1024M -server -XX:+UseParallelGC"
>>
>> On Tue, May 24, 2016 at 2:50 PM, Edwin Quijada <
>> listas_quij...@hotmail.com>
>> wrote:
>>
>> > Hi!
>> > I am trying to monitor my Tomcat server using JMX remote when I
>> configure
>> > the JMX protocol when I try to start Tomcat I get this
>> >
>> > Could not load Logmanager "org.apache.juli.ClassLoaderLogManager"
>> > java.lang.ClassNotFoundException: org.apache.juli.ClassLoaderLogManager
>> > at java.net.URLClassLoader$1.run(URLClassLoader.java:372)
>> > at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
>> > at java.security.AccessController.doPrivileged(Native Method)
>> > at java.net.URLClassLoader.findClass(URLClassLoader.java:360)
>> > at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
>> > at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
>> > at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
>> > at java.util.logging.LogManager$1.run(LogManager.java:195)
>> > at java.util.logging.LogManager$1.run(LogManager.java:181)
>> > at java.security.AccessController.doPrivileged(Native Method)
>> > at java.util.logging.LogManager.(LogManager.java:181)
>> > at java.util.logging.Logger.demandLogger(Logger.java:448)
>> > at java.util.logging.Logger.getLogger(Logger.java:502)
>> > at
>> com.sun.jmx.remote.util.ClassLogger.(ClassLogger.java:55)
>> > at
>> >
>> sun.management.jmxremote.ConnectorBootstrap.(ConnectorBootstrap.java:814)
>> > at sun.management.Agent.startAgent(Agent.java:257)
>> > at sun.management.Agent.startAgent(Agent.java:447)
>> > Can't load log handler "1catalina.org.apache.juli.AsyncFileHandler"
>> > java.lang.ClassNotFoundException:
>> > 1catalina.org.apache.juli.AsyncFileHandler
>> > java.lang.ClassNotFoundException:
>> > 1catalina.org.apache.juli.AsyncFileHandler
>> >
>> > and to the bottom I get errror :
>> > Error: Password file not found:
>> > /usr/lib/jvm/java-8-oracle/jre/lib/management/jmxremote.password
>> >
>> > but my config doesnt use password
>> >
>> > This is my setenv.sh
>> > CATALINA_OPTS="-Xms512M -Xmx1024M -server -XX:+UseParallelGC"
>> > CATALINA_OPTS="$CATALINA_OPTS -Dcom.sun.management.jmxremote \
>> > -Dcom.sun.management.jmxremote.port= \
>> > -Dcom.sun.management.jmxremote.authenticate=false \
>> > -Dcom.sun.management.jmxremote.ssl=false "
>> >
>> > When I put off this configuration everything is fine and Tomcat can
>> startup
>> >
>> > Any cluees?>
>> >
>> >
>> #-Dcom.sun.management.jmxremote.password.file=../conf/jmxremote.password \
>> > #-Dcom.sun.management.jmxremote.access.file=../conf/jmxremote.access"
>> >
>> >
>> >
>>
>>
>> --
>> *Thanks*
>> *Niranjan*
>> *+1 781.956.6900*
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>>
>
>
> --
> *Thanks*
> *Niranjan*
> *+1 781.956.6900 <%2B1%20781.956.6900>*
>



-- 
*Thanks*
*Niranjan*
*+1 781.956.6900*


Re: Problem with monitoring with JMX

2016-05-24 Thread Niranjan Babu Bommu
make sense,  if you are not using shared apps better to use CATALINA_OPTS.

On Tue, May 24, 2016 at 4:07 PM, Edwin Quijada <listas_quij...@hotmail.com>
wrote:

> I read that is better use CATALINA_OPTS instead of JAVA_OPTS
>
> ____
> From: Niranjan Babu Bommu <niranjan.bo...@gmail.com>
> Sent: Tuesday, May 24, 2016 7:44 PM
> To: Tomcat Users List
> Subject: Re: Problem with monitoring with JMX
>
> I think this would be JAVA_OPTS.
>
> CATALINA_OPTS="-Xms512M -Xmx1024M -server -XX:+UseParallelGC"
>
> On Tue, May 24, 2016 at 2:50 PM, Edwin Quijada <listas_quij...@hotmail.com
> >
> wrote:
>
> > Hi!
> > I am trying to monitor my Tomcat server using JMX remote when I configure
> > the JMX protocol when I try to start Tomcat I get this
> >
> > Could not load Logmanager "org.apache.juli.ClassLoaderLogManager"
> > java.lang.ClassNotFoundException: org.apache.juli.ClassLoaderLogManager
> > at java.net.URLClassLoader$1.run(URLClassLoader.java:372)
> > at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
> > at java.security.AccessController.doPrivileged(Native Method)
> > at java.net.URLClassLoader.findClass(URLClassLoader.java:360)
> > at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
> > at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
> > at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
> > at java.util.logging.LogManager$1.run(LogManager.java:195)
> > at java.util.logging.LogManager$1.run(LogManager.java:181)
> > at java.security.AccessController.doPrivileged(Native Method)
> > at java.util.logging.LogManager.(LogManager.java:181)
> > at java.util.logging.Logger.demandLogger(Logger.java:448)
> > at java.util.logging.Logger.getLogger(Logger.java:502)
> > at
> com.sun.jmx.remote.util.ClassLogger.(ClassLogger.java:55)
> > at
> >
> sun.management.jmxremote.ConnectorBootstrap.(ConnectorBootstrap.java:814)
> > at sun.management.Agent.startAgent(Agent.java:257)
> > at sun.management.Agent.startAgent(Agent.java:447)
> > Can't load log handler "1catalina.org.apache.juli.AsyncFileHandler"
> > java.lang.ClassNotFoundException:
> > 1catalina.org.apache.juli.AsyncFileHandler
> > java.lang.ClassNotFoundException:
> > 1catalina.org.apache.juli.AsyncFileHandler
> >
> > and to the bottom I get errror :
> > Error: Password file not found:
> > /usr/lib/jvm/java-8-oracle/jre/lib/management/jmxremote.password
> >
> > but my config doesnt use password
> >
> > This is my setenv.sh
> > CATALINA_OPTS="-Xms512M -Xmx1024M -server -XX:+UseParallelGC"
> > CATALINA_OPTS="$CATALINA_OPTS -Dcom.sun.management.jmxremote \
> > -Dcom.sun.management.jmxremote.port= \
> > -Dcom.sun.management.jmxremote.authenticate=false \
> > -Dcom.sun.management.jmxremote.ssl=false "
> >
> > When I put off this configuration everything is fine and Tomcat can
> startup
> >
> > Any cluees?>
> >
> > #-Dcom.sun.management.jmxremote.password.file=../conf/jmxremote.password
> \
> > #-Dcom.sun.management.jmxremote.access.file=../conf/jmxremote.access"
> >
> >
> >
>
>
> --
> *Thanks*
> *Niranjan*
> *+1 781.956.6900*
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>


-- 
*Thanks*
*Niranjan*
*+1 781.956.6900*


Re: Problem with monitoring with JMX

2016-05-24 Thread Niranjan Babu Bommu
I think this would be JAVA_OPTS.

CATALINA_OPTS="-Xms512M -Xmx1024M -server -XX:+UseParallelGC"

On Tue, May 24, 2016 at 2:50 PM, Edwin Quijada 
wrote:

> Hi!
> I am trying to monitor my Tomcat server using JMX remote when I configure
> the JMX protocol when I try to start Tomcat I get this
>
> Could not load Logmanager "org.apache.juli.ClassLoaderLogManager"
> java.lang.ClassNotFoundException: org.apache.juli.ClassLoaderLogManager
> at java.net.URLClassLoader$1.run(URLClassLoader.java:372)
> at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
> at java.security.AccessController.doPrivileged(Native Method)
> at java.net.URLClassLoader.findClass(URLClassLoader.java:360)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
> at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
> at java.util.logging.LogManager$1.run(LogManager.java:195)
> at java.util.logging.LogManager$1.run(LogManager.java:181)
> at java.security.AccessController.doPrivileged(Native Method)
> at java.util.logging.LogManager.(LogManager.java:181)
> at java.util.logging.Logger.demandLogger(Logger.java:448)
> at java.util.logging.Logger.getLogger(Logger.java:502)
> at com.sun.jmx.remote.util.ClassLogger.(ClassLogger.java:55)
> at
> sun.management.jmxremote.ConnectorBootstrap.(ConnectorBootstrap.java:814)
> at sun.management.Agent.startAgent(Agent.java:257)
> at sun.management.Agent.startAgent(Agent.java:447)
> Can't load log handler "1catalina.org.apache.juli.AsyncFileHandler"
> java.lang.ClassNotFoundException:
> 1catalina.org.apache.juli.AsyncFileHandler
> java.lang.ClassNotFoundException:
> 1catalina.org.apache.juli.AsyncFileHandler
>
> and to the bottom I get errror :
> Error: Password file not found:
> /usr/lib/jvm/java-8-oracle/jre/lib/management/jmxremote.password
>
> but my config doesnt use password
>
> This is my setenv.sh
> CATALINA_OPTS="-Xms512M -Xmx1024M -server -XX:+UseParallelGC"
> CATALINA_OPTS="$CATALINA_OPTS -Dcom.sun.management.jmxremote \
> -Dcom.sun.management.jmxremote.port= \
> -Dcom.sun.management.jmxremote.authenticate=false \
> -Dcom.sun.management.jmxremote.ssl=false "
>
> When I put off this configuration everything is fine and Tomcat can startup
>
> Any cluees?>
>
> #-Dcom.sun.management.jmxremote.password.file=../conf/jmxremote.password \
> #-Dcom.sun.management.jmxremote.access.file=../conf/jmxremote.access"
>
>
>


-- 
*Thanks*
*Niranjan*
*+1 781.956.6900*


Re: tomcat(7.0.56) is not releasing idle jdbc connections

2016-05-11 Thread Niranjan Babu Bommu
I'm re-posting my ds



On Wed, May 11, 2016 at 10:16 AM, Niranjan Babu Bommu <
niranjan.bo...@gmail.com> wrote:

> I tried the same config on test stacks. numidle always "10" why it is
> behaving differently in prod?
>
>auth="Container"
>   type="javax.sql.DataSource"
>   testWhileIdle="true"
>   testOnBorrow="true"
>   testOnReturn="false"
>   fairQueue="false"
>   validationQuery="SELECT 1"
>   validationInterval="3"
>   timeBetweenEvictionRunsMillis="3"
>   maxActive="100"
>   maxIdle="10"
>   minIdle="10"
>   maxWait="1"
>   initialSize="10"
>   removeAbandonedTimeout="60"
>   removeAbandoned="true"
>   logAbandoned="true"
>   minEvictableIdleTimeMillis="30"
>   jmxEnabled="true"
>
> jdbcInterceptors="ConnectionState;StatementFinalizer;ResetAbandonedTimer"
>   username=""
>   password=""
>   driverClassName="com.mysql.jdbc.Driver"
>
> url="jdbc:mysql:///?useServerPrepStmts=falseuseOldAliasMetadataBehavior=true"/>
>
> On Wed, May 11, 2016 at 7:35 AM, Niranjan Babu Bommu <
> niranjan.bo...@gmail.com> wrote:
>
>> Hi Mark
>> I have included defined data source in this mail, do you want me to
>> include complete server.xml?
>>
>> thanks
>> Niranjan
>>
>> On Wed, May 11, 2016 at 7:19 AM, Mark Thomas <ma...@apache.org> wrote:
>>
>>> On 11/05/2016 11:58, Niranjan Babu Bommu wrote:
>>> > Hi,
>>> >
>>> > we are migrating prod servers to tomcat, since we are doing it slowly
>>> we
>>> > have found an issue in jdbc connection pool, tomcat is not releasing
>>> idle
>>> > jdbc connections, even we have tried setting maxIdle="10" but "NumIdle
>>> 97"
>>> > always. due to this threads are piling up in database.
>>> >
>>> > I'm including my config here, can someone please help me out, how to
>>> > minimize idle jdbc connections.
>>>
>>> Where have you added the configuration below?
>>>
>>> Mark
>>>
>>>
>>> >
>>> > >> >   auth="Container"
>>> >   type="javax.sql.DataSource"
>>> >   testWhileIdle="true"
>>> >   testOnBorrow="true"
>>> >   testOnReturn="false"
>>> >   fairQueue="false"
>>> >   validationQuery="SELECT 1"
>>> >   validationInterval="3"
>>> >   timeBetweenEvictionRunsMillis="3"
>>> >   maxActive="100"
>>> >   maxIdle="10"
>>> >   minIdle="10"
>>> >   maxWait="1"
>>> >   initialSize="10"
>>> >   removeAbandonedTimeout="60"
>>> >   removeAbandoned="true"
>>> >   logAbandoned="true"
>>> >   minEvictableIdleTimeMillis="30"
>>> >   jmxEnabled="true"
>>> >
>>> >
>>> jdbcInterceptors="ConnectionState;StatementFinalizer;ResetAbandonedTimer"
>>> >   username=""
>>> >   password=""
>>> >   driverClassName="com.mysql.jdbc.Driver"
>>> >
>>> >
>>> url="jdbc:mysql:///?useServerPrepStmts=falseuseOldAliasMetadataBehavior=true"/>
>>> >
>>> >
>>>
>>>
>>> -
>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>>
>>>
>>
>>
>> --
>> *Thanks*
>> *Niranjan*
>> *+1 781.956.6900 <%2B1%20781.956.6900>*
>>
>
>
>
> --
> *Thanks*
> *Niranjan*
> *+1 781.956.6900 <%2B1%20781.956.6900>*
>



-- 
*Thanks*
*Niranjan*
*+1 781.956.6900*


Re: tomcat(7.0.56) is not releasing idle jdbc connections

2016-05-11 Thread Niranjan Babu Bommu
I tried the same config on test stacks. numidle always "10" why it is
behaving differently in prod?



On Wed, May 11, 2016 at 7:35 AM, Niranjan Babu Bommu <
niranjan.bo...@gmail.com> wrote:

> Hi Mark
> I have included defined data source in this mail, do you want me to
> include complete server.xml?
>
> thanks
> Niranjan
>
> On Wed, May 11, 2016 at 7:19 AM, Mark Thomas <ma...@apache.org> wrote:
>
>> On 11/05/2016 11:58, Niranjan Babu Bommu wrote:
>> > Hi,
>> >
>> > we are migrating prod servers to tomcat, since we are doing it slowly we
>> > have found an issue in jdbc connection pool, tomcat is not releasing
>> idle
>> > jdbc connections, even we have tried setting maxIdle="10" but "NumIdle
>> 97"
>> > always. due to this threads are piling up in database.
>> >
>> > I'm including my config here, can someone please help me out, how to
>> > minimize idle jdbc connections.
>>
>> Where have you added the configuration below?
>>
>> Mark
>>
>>
>> >
>> > > >   auth="Container"
>> >   type="javax.sql.DataSource"
>> >   testWhileIdle="true"
>> >   testOnBorrow="true"
>> >   testOnReturn="false"
>> >   fairQueue="false"
>> >   validationQuery="SELECT 1"
>> >   validationInterval="3"
>> >   timeBetweenEvictionRunsMillis="3"
>> >   maxActive="100"
>> >   maxIdle="10"
>> >   minIdle="10"
>> >   maxWait="1"
>> >   initialSize="10"
>> >   removeAbandonedTimeout="60"
>> >   removeAbandoned="true"
>> >   logAbandoned="true"
>> >   minEvictableIdleTimeMillis="30"
>> >   jmxEnabled="true"
>> >
>> >
>> jdbcInterceptors="ConnectionState;StatementFinalizer;ResetAbandonedTimer"
>> >   username=""
>> >   password=""
>> >   driverClassName="com.mysql.jdbc.Driver"
>> >
>> >
>> url="jdbc:mysql:///?useServerPrepStmts=falseuseOldAliasMetadataBehavior=true"/>
>> >
>> >
>>
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>>
>
>
> --
> *Thanks*
> *Niranjan*
> *+1 781.956.6900 <%2B1%20781.956.6900>*
>



-- 
*Thanks*
*Niranjan*
*+1 781.956.6900*


Re: tomcat(7.0.56) is not releasing idle jdbc connections

2016-05-11 Thread Niranjan Babu Bommu
Hi Mark
I have included defined data source in this mail, do you want me to include
complete server.xml?

thanks
Niranjan

On Wed, May 11, 2016 at 7:19 AM, Mark Thomas <ma...@apache.org> wrote:

> On 11/05/2016 11:58, Niranjan Babu Bommu wrote:
> > Hi,
> >
> > we are migrating prod servers to tomcat, since we are doing it slowly we
> > have found an issue in jdbc connection pool, tomcat is not releasing idle
> > jdbc connections, even we have tried setting maxIdle="10" but "NumIdle
> 97"
> > always. due to this threads are piling up in database.
> >
> > I'm including my config here, can someone please help me out, how to
> > minimize idle jdbc connections.
>
> Where have you added the configuration below?
>
> Mark
>
>
> >
> >  >   auth="Container"
> >   type="javax.sql.DataSource"
> >   testWhileIdle="true"
> >   testOnBorrow="true"
> >   testOnReturn="false"
> >   fairQueue="false"
> >   validationQuery="SELECT 1"
> >   validationInterval="3"
> >   timeBetweenEvictionRunsMillis="3"
> >   maxActive="100"
> >   maxIdle="10"
> >   minIdle="10"
> >   maxWait="1"
> >   initialSize="10"
> >   removeAbandonedTimeout="60"
> >   removeAbandoned="true"
> >   logAbandoned="true"
> >   minEvictableIdleTimeMillis="30"
> >   jmxEnabled="true"
> >
> > jdbcInterceptors="ConnectionState;StatementFinalizer;ResetAbandonedTimer"
> >   username=""
> >   password=""
> >   driverClassName="com.mysql.jdbc.Driver"
> >
> >
> url="jdbc:mysql:///?useServerPrepStmts=falseuseOldAliasMetadataBehavior=true"/>
> >
> >
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>


-- 
*Thanks*
*Niranjan*
*+1 781.956.6900*


tomcat(7.0.56) is not releasing idle jdbc connections

2016-05-11 Thread Niranjan Babu Bommu
Hi,

we are migrating prod servers to tomcat, since we are doing it slowly we
have found an issue in jdbc connection pool, tomcat is not releasing idle
jdbc connections, even we have tried setting maxIdle="10" but "NumIdle 97"
always. due to this threads are piling up in database.

I'm including my config here, can someone please help me out, how to
minimize idle jdbc connections.




-- 
*Thanks*
*Niranjan*


Re: Issue with JMX in tomcat

2015-04-07 Thread Niranjan Babu Bommu
I think the following OPTS is missing.

-Dcom.sun.management.jmxremote=true

On Tue, Apr 7, 2015 at 10:45 AM, Paul, Subhro subhro.p...@pseg.com wrote:

 Dear Team,

 Below is the property I was using to enable JMX in tomcat.conf file
 without authentication :

 CATALINA_OPTS=${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
 -Dcom.sun.management.jmxremote.ssl=false
 -Dcom.sun.management.jmxremote.authenticate=false
 -Djava.rmi.server.hostname=xx.xxx.xxx.xxx

 This was working fine through jConsole or VisualVM remotely.

 To move the change in production server we decided to enable user
 authentication. So, on the same box we did a trial and changed the property
 value as below:

 CATALINA_OPTS=${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
 -Dcom.sun.management.jmxremote.ssl=false
 -Dcom.sun.management.jmxremote.authenticate=true
 -Djava.rmi.server.hostname=10.184.222.84
 -Dcom.sun.management.jmxremote.password.file=/export/home/webserve/jmxremote.password
 -Dcom.sun.management.jmxremote.access.file=/export/home/webserve/jmxremote.access

 Content in jmxremote.access :
 monitorRole readonly
 controlRole readwrite


 Content in jmxremote.password :
 monitorRole webserve
 controlRole webserve


 Tomcat is running under webserve user. Now every time we connect to the
 JMX on the server getting message Authentication Failed! Invalid username
 or password

 We are using Linux 6.5 64 bit OS, Tomcat6 and JAVA 1.6. Please let me know
 what I need to change here?

 Thanks  Regards,
 Subhro Paul



 -

 The information contained in this e-mail, including any attachment(s), is
 intended solely for use by the named addressee(s).  If you are not the
 intended recipient, or a person designated as responsible for delivering
 such messages to the intended recipient, you are not authorized to
 disclose, copy, distribute or retain this message, in whole or in part,
 without written authorization from PSEG.  This e-mail may contain
 proprietary, confidential or privileged information. If you have received
 this message in error, please notify the sender immediately. This notice is
 included in all e-mail messages leaving PSEG.  Thank you for your
 cooperation.

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org




-- 
*Thanks*
*Niranjan*
*+1 781.956.6900*


Re: Issue with JMX in tomcat

2015-04-07 Thread Niranjan Babu Bommu
What you see in the log?

can you try chmod to read on two files?

-r 1   jmxremote.password
-r 1   jmxremote.access


On Tue, Apr 7, 2015 at 11:19 AM, Paul, Subhro subhro.p...@pseg.com wrote:



 -Original Message-
 From: Niranjan Babu Bommu [mailto:niranjan.bo...@gmail.com]
 Sent: Tuesday, April 07, 2015 11:02 AM
 To: Tomcat Users List
 Subject: Re: Issue with JMX in tomcat

 Email sent from outside of PSEG. Use caution before using
 links/attachments.


 I think the following OPTS is missing.

 -Dcom.sun.management.jmxremote=true

 On Tue, Apr 7, 2015 at 10:45 AM, Paul, Subhro subhro.p...@pseg.com
 wrote:

  Dear Team,
 
  Below is the property I was using to enable JMX in tomcat.conf file
  without authentication :
 
  CATALINA_OPTS=${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
  -Dcom.sun.management.jmxremote.ssl=false
  -Dcom.sun.management.jmxremote.authenticate=false
  -Djava.rmi.server.hostname=xx.xxx.xxx.xxx
 
  This was working fine through jConsole or VisualVM remotely.
 
  To move the change in production server we decided to enable user
  authentication. So, on the same box we did a trial and changed the
 property
  value as below:
 
  CATALINA_OPTS=${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
  -Dcom.sun.management.jmxremote.ssl=false
  -Dcom.sun.management.jmxremote.authenticate=true
  -Djava.rmi.server.hostname=10.184.222.84
 
 -Dcom.sun.management.jmxremote.password.file=/export/home/webserve/jmxremote.password
 
 -Dcom.sun.management.jmxremote.access.file=/export/home/webserve/jmxremote.access
 
  Content in jmxremote.access :
  monitorRole readonly
  controlRole readwrite
 
 
  Content in jmxremote.password :
  monitorRole webserve
  controlRole webserve
 
 
  Tomcat is running under webserve user. Now every time we connect to the
  JMX on the server getting message Authentication Failed! Invalid
 username
  or password
 
  We are using Linux 6.5 64 bit OS, Tomcat6 and JAVA 1.6. Please let me
 know
  what I need to change here?
 
  Thanks  Regards,
  Subhro Paul
 
 
 
  -
 
  The information contained in this e-mail, including any attachment(s), is
  intended solely for use by the named addressee(s).  If you are not the
  intended recipient, or a person designated as responsible for delivering
  such messages to the intended recipient, you are not authorized to
  disclose, copy, distribute or retain this message, in whole or in part,
  without written authorization from PSEG.  This e-mail may contain
  proprietary, confidential or privileged information. If you have received
  this message in error, please notify the sender immediately. This notice
 is
  included in all e-mail messages leaving PSEG.  Thank you for your
  cooperation.
 
  -
  To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
  For additional commands, e-mail: users-h...@tomcat.apache.org
 
 


 --
 *Thanks*
 *Niranjan*
 *+1 781.956.6900*



 Dear Niranjan,

 I applied your suggestion and restarted the server. But I am still getting
 same message.

 Thanks  Regards,
 Subhro Paul


 -

 The information contained in this e-mail, including any attachment(s), is
 intended solely for use by the named addressee(s).  If you are not the
 intended recipient, or a person designated as responsible for delivering
 such messages to the intended recipient, you are not authorized to
 disclose, copy, distribute or retain this message, in whole or in part,
 without written authorization from PSEG.  This e-mail may contain
 proprietary, confidential or privileged information. If you have received
 this message in error, please notify the sender immediately. This notice is
 included in all e-mail messages leaving PSEG.  Thank you for your
 cooperation.

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org




-- 
*Thanks*
*Niranjan*
*+1 781.956.6900*


Re: catalina.out rotation in tomcat 7.0.56

2014-11-26 Thread Niranjan Babu Bommu
Hi Chris,

Can you please help me out catalina.out rotation, I have only thing pending
in my migration project.

I want to rotate catalina.out everyday midnight.

Thanks
Niranjan

On Fri, Nov 21, 2014 at 2:00 PM, Niranjan Babu Bommu 
niranjan.bo...@gmail.com wrote:

 Hi Chris,

 Thanks for your reply.

 Actually I'm running multiple instances in tomcat, log-rotation works fine
 for all the instances but they are not rotation midnight everyday,

 '.'-MM-ddRollover at midnight each day.
 Thanks
 Niranjan

 On Fri, Nov 21, 2014 at 12:18 PM, Christopher Schultz 
 ch...@christopherschultz.net wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA256

 Niranjan,

 On 11/21/14 10:38 AM, Niranjan Babu Bommu wrote:
  I’m working on a project migrating apps from jboss to tomcat, I’m
  running into an issue that is catalina.out rotation, I’m using
  log4.properties. Everything works fine, log rotation happening but
  not everyday midnight. I ‘m having difficult time to figure out.
  could some one help me out on this
 
  I followed this document to setup.
 
  http://tomcat.apache.org/tomcat-7.0-doc/logging.html#Using_Log4j.
 
  log4j.properties in CATALINA_BASE/lib
 
 
 
  log4j.rootLogger=INFO,catalina
 
  log4j.appender.catalina=org.apache.log4j.DailyRollingFileAppender
  log4j.appender.catalina.File=${catalina.base}/logs/catalina.out
  log4j.appender.catalina.Append=true
  log4j.appender.catalina.Encoding=UTF-8
 
  # Roll-over the log once per day
  log4j.appender.catalina.DatePattern='.'-MM-dd'.log'
  log4j.appender.catalina.layout=org.apache.log4j.PatternLayout
  log4j.appender.catalina.layout.ConversionPattern=%d [%t] %-5p %c-
  %m%n

 If you use ${catalina.base}/logs/catalina.out with log4j and you are
 also using Tomcat's standard scripts to launch Tomcat, then you will
 have a conflict because logs/catalina.out is used for redirection of
 the stdout and stderr streams when the JVM launches.

 Instead, use a different file with log4j, and minimize the amount of
 stuff going to stdout/stderr so that it does not require any rotation
 at all.

 - -chris
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1
 Comment: GPGTools - http://gpgtools.org

 iQIcBAEBCAAGBQJUb3PUAAoJEBzwKT+lPKRYRaoP/ijh53H4flvtl8uVTVxwRBXc
 kt12tGfEfMgm8D6oneh6oZ4gNO6VnGKEWP8VHCEvKzZPCUgTwx2/VPTKi8lRdrKl
 JghjfbzuuVHIF+VQi5ClzT6uNveiIhzi60oleyzMHiIjaCs1lSR6HJ7V2W67Mu2M
 iEVz2j33/WA5BQzDPRwpbiJBFVzdJrfD2YTmUdIoIBaLLKYTBxgmGcLbamvUwsXg
 qotuN5wWQRgcIiclE0O7Ko+F075tY3ec65llV6olIlzGLXIKqhzsj9Tg15cRx97A
 RQCUAV9qH1MjFHhBnVfHOkte/6JqAetjHeN7Cf3rIWjp+CdC6fO0teLGJPtZHvAQ
 6eeN0VntGy6OSe12r3nID+FvDTgBWe85UPAwk3hP1wXgMYaclOMRwfa5kD3zM4Tm
 y2ZMrdQKMq6xfl1hSXCtYA5mYjMVxSELTarGv42V9hqErk+4BUxzm6v/71G1NCCj
 8yQo6+X7Ei4QfjUuO/K9u+/aZP70n+39MxMVopSa/Ol95RlxzI+1bJJtIsjZFU/7
 VgkZ6mHdHrLJMdgOIsjM3spfOZvbpKuIboo/bGLe5TnUfoccNTmnYml0KWKGWhqh
 fLYTtc9Pl5JdYmpi3MqBTr2Yv3dGssC9yW1G0zDztNrv6qn3YXKFJ61gMj1rDhau
 SaLFI4P3EQ4mWjKmI0j0
 =O3bN
 -END PGP SIGNATURE-

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org




 --
 *Thanks*
 *Niranjan*
 *+1 781.956.6900 %2B1%20781.956.6900*




-- 
*Thanks*
*Niranjan*
*+1 781.956.6900*


Re: Deploying .ca-bundle file .crt file as SSL certificates

2014-11-24 Thread Niranjan Babu Bommu
Hi Kernel,

I think you have create a keystore from the cert, please follow these
instruction and ket me know.

Create store with temporary key inside:

keytool -genkey -alias alias name -keystore yourkeystore.jks -storepass
Hello1
Then delete existing entry:

keytool -delete -alias temp -keystore yourkeystore.jks -storepass Hello1
Now you've got empty store. You can check that it's empty:

keytool -list -keystore yourkeystore.jks -storepass Hello1
Then import your certificate to the store:

keytool -import -alias alias name  -file cert_file.crt -keypass keypass
-keystore yourkeystore.jks -storepass Hello1


Thanks
Niranjan


On Mon, Nov 24, 2014 at 10:13 AM, Kernel freak kernelfr...@gmail.com
wrote:

 Hello friends,

 I am using apache tomcat and I would like to deploy a Spring-MVC
 application which I am working on. In that, via Spring-Security I have
 specified to use https which requires to install the SSL certificate on the
 server.
 I am running a Debian Wheezy server, and I have certificate files with
 extension as .crt and .ca-bundle. Unfortunately I cannot find any resources
 which mention where and how to install these files. What I found was these
 files are meant for webserver. Is that correct? If yes, can I use them to
 deploy these 2 files? Kindly let me know. Also if anyone can help me with
 one more problem I have posted on StackOverflow  :

 http://stackoverflow.com/questions/27106983/configuring-apache-tomcat-to-start-webapp-by-default

 Regards,
 Kernel




-- 
*Thanks*
*Niranjan*
*+1 781.956.6900*


Re: Deploying .ca-bundle file .crt file as SSL certificates

2014-11-24 Thread Niranjan Babu Bommu
Sorry, I did not notice that.


   - *Import a root or intermediate CA certificate to an existing Java
   keystore*

   keytool -import -trustcacerts -alias root -file *ca.crt* -keystore
   *yourkeystore.jks*


On Mon, Nov 24, 2014 at 11:02 AM, Kernel freak kernelfr...@gmail.com
wrote:

 Thank you, and what about the CA-Bundle file? Did you got a chance to look
 at the question I have posted on Stackoverflow mentioned in the original
 question?

 On Mon, Nov 24, 2014 at 4:51 PM, Niranjan Babu Bommu 
 niranjan.bo...@gmail.com wrote:

  Hi Kernel,
 
  I think you have create a keystore from the cert, please follow these
  instruction and ket me know.
 
  Create store with temporary key inside:
 
  keytool -genkey -alias alias name -keystore yourkeystore.jks -storepass
  Hello1
  Then delete existing entry:
 
  keytool -delete -alias temp -keystore yourkeystore.jks -storepass Hello1
  Now you've got empty store. You can check that it's empty:
 
  keytool -list -keystore yourkeystore.jks -storepass Hello1
  Then import your certificate to the store:
 
  keytool -import -alias alias name  -file cert_file.crt -keypass keypass
  -keystore yourkeystore.jks -storepass Hello1
 
 
  Thanks
  Niranjan
 
 
  On Mon, Nov 24, 2014 at 10:13 AM, Kernel freak kernelfr...@gmail.com
  wrote:
 
   Hello friends,
  
   I am using apache tomcat and I would like to deploy a Spring-MVC
   application which I am working on. In that, via Spring-Security I have
   specified to use https which requires to install the SSL certificate on
  the
   server.
   I am running a Debian Wheezy server, and I have certificate files with
   extension as .crt and .ca-bundle. Unfortunately I cannot find any
  resources
   which mention where and how to install these files. What I found was
  these
   files are meant for webserver. Is that correct? If yes, can I use them
 to
   deploy these 2 files? Kindly let me know. Also if anyone can help me
 with
   one more problem I have posted on StackOverflow  :
  
  
 
 http://stackoverflow.com/questions/27106983/configuring-apache-tomcat-to-start-webapp-by-default
  
   Regards,
   Kernel
  
 
 
 
  --
  *Thanks*
  *Niranjan*
  *+1 781.956.6900*
 




-- 
*Thanks*
*Niranjan*
*+1 781.956.6900*


Re: Deploying .ca-bundle file .crt file as SSL certificates

2014-11-24 Thread Niranjan Babu Bommu
Are you able to see the 8443 port listening?

nc -z ipaddress 8443

On Mon, Nov 24, 2014 at 11:25 AM, Kernel freak kernelfr...@gmail.com
wrote:

 I have added the certificate. I modified the server.xml code to add the
 following lines :
  Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true
 maxThreads=150
scheme=https secure=true clientAuth=false
 sslProtocol=TLS
keystoreFile=/root/.keystore keystorepass=password for
 keystore /

 Now when I open the application, it redirects to https, but it says unable
 to connect, your connection to this website maynotbe encrypted. What am I
 doing wrong?



 On Mon, Nov 24, 2014 at 5:20 PM, Niranjan Babu Bommu 
 niranjan.bo...@gmail.com wrote:

  Sorry, I did not notice that.
 
 
 - *Import a root or intermediate CA certificate to an existing Java
 keystore*
 
 keytool -import -trustcacerts -alias root -file *ca.crt* -keystore
 *yourkeystore.jks*
 
 
  On Mon, Nov 24, 2014 at 11:02 AM, Kernel freak kernelfr...@gmail.com
  wrote:
 
   Thank you, and what about the CA-Bundle file? Did you got a chance to
  look
   at the question I have posted on Stackoverflow mentioned in the
 original
   question?
  
   On Mon, Nov 24, 2014 at 4:51 PM, Niranjan Babu Bommu 
   niranjan.bo...@gmail.com wrote:
  
Hi Kernel,
   
I think you have create a keystore from the cert, please follow these
instruction and ket me know.
   
Create store with temporary key inside:
   
keytool -genkey -alias alias name -keystore yourkeystore.jks
  -storepass
Hello1
Then delete existing entry:
   
keytool -delete -alias temp -keystore yourkeystore.jks -storepass
  Hello1
Now you've got empty store. You can check that it's empty:
   
keytool -list -keystore yourkeystore.jks -storepass Hello1
Then import your certificate to the store:
   
keytool -import -alias alias name  -file cert_file.crt -keypass
  keypass
-keystore yourkeystore.jks -storepass Hello1
   
   
Thanks
Niranjan
   
   
On Mon, Nov 24, 2014 at 10:13 AM, Kernel freak 
 kernelfr...@gmail.com
wrote:
   
 Hello friends,

 I am using apache tomcat and I would like to deploy a Spring-MVC
 application which I am working on. In that, via Spring-Security I
  have
 specified to use https which requires to install the SSL
 certificate
  on
the
 server.
 I am running a Debian Wheezy server, and I have certificate files
  with
 extension as .crt and .ca-bundle. Unfortunately I cannot find any
resources
 which mention where and how to install these files. What I found
 was
these
 files are meant for webserver. Is that correct? If yes, can I use
  them
   to
 deploy these 2 files? Kindly let me know. Also if anyone can help
 me
   with
 one more problem I have posted on StackOverflow  :


   
  
 
 http://stackoverflow.com/questions/27106983/configuring-apache-tomcat-to-start-webapp-by-default

 Regards,
 Kernel

   
   
   
--
*Thanks*
*Niranjan*
*+1 781.956.6900*
   
  
 
 
 
  --
  *Thanks*
  *Niranjan*
  *+1 781.956.6900*
 




-- 
*Thanks*
*Niranjan*
*+1 781.956.6900*


Re: Deploying .ca-bundle file .crt file as SSL certificates

2014-11-24 Thread Niranjan Babu Bommu
it works for me with this conf.

 Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true
   address=IPADDRESS
   executor=THREADNAME scheme=https secure=true
   keystoreFile=PATH of keystore file
   keystorePass=PASSWRD
sslProtocol=TLSv1 /


On Mon, Nov 24, 2014 at 11:27 AM, Niranjan Babu Bommu 
niranjan.bo...@gmail.com wrote:

 Are you able to see the 8443 port listening?

 nc -z ipaddress 8443

 On Mon, Nov 24, 2014 at 11:25 AM, Kernel freak kernelfr...@gmail.com
 wrote:

 I have added the certificate. I modified the server.xml code to add the
 following lines :
  Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true
 maxThreads=150
scheme=https secure=true clientAuth=false
 sslProtocol=TLS
keystoreFile=/root/.keystore keystorepass=password for
 keystore /

 Now when I open the application, it redirects to https, but it says unable
 to connect, your connection to this website maynotbe encrypted. What am I
 doing wrong?



 On Mon, Nov 24, 2014 at 5:20 PM, Niranjan Babu Bommu 
 niranjan.bo...@gmail.com wrote:

  Sorry, I did not notice that.
 
 
 - *Import a root or intermediate CA certificate to an existing Java
 keystore*
 
 keytool -import -trustcacerts -alias root -file *ca.crt* -keystore
 *yourkeystore.jks*
 
 
  On Mon, Nov 24, 2014 at 11:02 AM, Kernel freak kernelfr...@gmail.com
  wrote:
 
   Thank you, and what about the CA-Bundle file? Did you got a chance to
  look
   at the question I have posted on Stackoverflow mentioned in the
 original
   question?
  
   On Mon, Nov 24, 2014 at 4:51 PM, Niranjan Babu Bommu 
   niranjan.bo...@gmail.com wrote:
  
Hi Kernel,
   
I think you have create a keystore from the cert, please follow
 these
instruction and ket me know.
   
Create store with temporary key inside:
   
keytool -genkey -alias alias name -keystore yourkeystore.jks
  -storepass
Hello1
Then delete existing entry:
   
keytool -delete -alias temp -keystore yourkeystore.jks -storepass
  Hello1
Now you've got empty store. You can check that it's empty:
   
keytool -list -keystore yourkeystore.jks -storepass Hello1
Then import your certificate to the store:
   
keytool -import -alias alias name  -file cert_file.crt -keypass
  keypass
-keystore yourkeystore.jks -storepass Hello1
   
   
Thanks
Niranjan
   
   
On Mon, Nov 24, 2014 at 10:13 AM, Kernel freak 
 kernelfr...@gmail.com
wrote:
   
 Hello friends,

 I am using apache tomcat and I would like to deploy a Spring-MVC
 application which I am working on. In that, via Spring-Security I
  have
 specified to use https which requires to install the SSL
 certificate
  on
the
 server.
 I am running a Debian Wheezy server, and I have certificate files
  with
 extension as .crt and .ca-bundle. Unfortunately I cannot find any
resources
 which mention where and how to install these files. What I found
 was
these
 files are meant for webserver. Is that correct? If yes, can I use
  them
   to
 deploy these 2 files? Kindly let me know. Also if anyone can help
 me
   with
 one more problem I have posted on StackOverflow  :


   
  
 
 http://stackoverflow.com/questions/27106983/configuring-apache-tomcat-to-start-webapp-by-default

 Regards,
 Kernel

   
   
   
--
*Thanks*
*Niranjan*
*+1 781.956.6900*
   
  
 
 
 
  --
  *Thanks*
  *Niranjan*
  *+1 781.956.6900*
 




 --
 *Thanks*
 *Niranjan*
 *+1 781.956.6900 %2B1%20781.956.6900*




-- 
*Thanks*
*Niranjan*
*+1 781.956.6900*


catalina.out rotation in tomcat 7.0.56

2014-11-21 Thread Niranjan Babu Bommu
Hi

I’m working on a project migrating apps from jboss to tomcat, I’m running
into an issue that is catalina.out rotation, I’m using log4.properties.
Everything works fine, log rotation happening but not everyday midnight. I
‘m having difficult time to figure out. could some one help me out on this


I followed this document to setup.


http://tomcat.apache.org/tomcat-7.0-doc/logging.html#Using_Log4j.


 log4j.properties in CATALINA_BASE/lib



log4j.rootLogger=INFO,catalina

log4j.appender.catalina=org.apache.log4j.DailyRollingFileAppender
log4j.appender.catalina.File=${catalina.base}/logs/catalina.out
log4j.appender.catalina.Append=true
log4j.appender.catalina.Encoding=UTF-8

# Roll-over the log once per day
log4j.appender.catalina.DatePattern='.'-MM-dd'.log'
log4j.appender.catalina.layout=org.apache.log4j.PatternLayout
log4j.appender.catalina.layout.ConversionPattern=%d [%t] %-5p %c- %m%n

-- 
*Thanks*
*Niranjan*


Re: catalina.out rotation in tomcat 7.0.56

2014-11-21 Thread Niranjan Babu Bommu
Hi Chris,

Thanks for your reply.

Actually I'm running multiple instances in tomcat, log-rotation works fine
for all the instances but they are not rotation midnight everyday,

'.'-MM-ddRollover at midnight each day.
Thanks
Niranjan

On Fri, Nov 21, 2014 at 12:18 PM, Christopher Schultz 
ch...@christopherschultz.net wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA256

 Niranjan,

 On 11/21/14 10:38 AM, Niranjan Babu Bommu wrote:
  I’m working on a project migrating apps from jboss to tomcat, I’m
  running into an issue that is catalina.out rotation, I’m using
  log4.properties. Everything works fine, log rotation happening but
  not everyday midnight. I ‘m having difficult time to figure out.
  could some one help me out on this
 
  I followed this document to setup.
 
  http://tomcat.apache.org/tomcat-7.0-doc/logging.html#Using_Log4j.
 
  log4j.properties in CATALINA_BASE/lib
 
 
 
  log4j.rootLogger=INFO,catalina
 
  log4j.appender.catalina=org.apache.log4j.DailyRollingFileAppender
  log4j.appender.catalina.File=${catalina.base}/logs/catalina.out
  log4j.appender.catalina.Append=true
  log4j.appender.catalina.Encoding=UTF-8
 
  # Roll-over the log once per day
  log4j.appender.catalina.DatePattern='.'-MM-dd'.log'
  log4j.appender.catalina.layout=org.apache.log4j.PatternLayout
  log4j.appender.catalina.layout.ConversionPattern=%d [%t] %-5p %c-
  %m%n

 If you use ${catalina.base}/logs/catalina.out with log4j and you are
 also using Tomcat's standard scripts to launch Tomcat, then you will
 have a conflict because logs/catalina.out is used for redirection of
 the stdout and stderr streams when the JVM launches.

 Instead, use a different file with log4j, and minimize the amount of
 stuff going to stdout/stderr so that it does not require any rotation
 at all.

 - -chris
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1
 Comment: GPGTools - http://gpgtools.org

 iQIcBAEBCAAGBQJUb3PUAAoJEBzwKT+lPKRYRaoP/ijh53H4flvtl8uVTVxwRBXc
 kt12tGfEfMgm8D6oneh6oZ4gNO6VnGKEWP8VHCEvKzZPCUgTwx2/VPTKi8lRdrKl
 JghjfbzuuVHIF+VQi5ClzT6uNveiIhzi60oleyzMHiIjaCs1lSR6HJ7V2W67Mu2M
 iEVz2j33/WA5BQzDPRwpbiJBFVzdJrfD2YTmUdIoIBaLLKYTBxgmGcLbamvUwsXg
 qotuN5wWQRgcIiclE0O7Ko+F075tY3ec65llV6olIlzGLXIKqhzsj9Tg15cRx97A
 RQCUAV9qH1MjFHhBnVfHOkte/6JqAetjHeN7Cf3rIWjp+CdC6fO0teLGJPtZHvAQ
 6eeN0VntGy6OSe12r3nID+FvDTgBWe85UPAwk3hP1wXgMYaclOMRwfa5kD3zM4Tm
 y2ZMrdQKMq6xfl1hSXCtYA5mYjMVxSELTarGv42V9hqErk+4BUxzm6v/71G1NCCj
 8yQo6+X7Ei4QfjUuO/K9u+/aZP70n+39MxMVopSa/Ol95RlxzI+1bJJtIsjZFU/7
 VgkZ6mHdHrLJMdgOIsjM3spfOZvbpKuIboo/bGLe5TnUfoccNTmnYml0KWKGWhqh
 fLYTtc9Pl5JdYmpi3MqBTr2Yv3dGssC9yW1G0zDztNrv6qn3YXKFJ61gMj1rDhau
 SaLFI4P3EQ4mWjKmI0j0
 =O3bN
 -END PGP SIGNATURE-

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org




-- 
*Thanks*
*Niranjan*
*+1 781.956.6900*