Hi All,
I'm having some problems with using RemoteAddrValve to allow only certain addresses to
access an Engine.
I'm using tomcat 4.1.27 with jdk1.3.1 on Solaris.
I've configured the following:
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="a.b.c.d"/> under
the engine. I know I should have escaped the '.' (regexp) but it should work as is.
I'm receiving once in every few thousands of requests the following error:
2003-12-26 11:26:51 CoyoteAdapter An exception or error occurred in the container
during the request processing
java.lang.StringIndexOutOfBoundsException: String index out of range: 11
at java.lang.String.charAt(String.java:511)
at
org.apache.regexp.StringCharacterIterator.charAt(StringCharacterIterator.java:90)
at org.apache.regexp.RE.matchNodes(RE.java:1161)
at org.apache.regexp.RE.matchAt(RE.java:1448)
at org.apache.regexp.RE.match(RE.java:1540)
at org.apache.regexp.RE.match(RE.java:1468)
at org.apache.regexp.RE.match(RE.java:1561)
at
org.apache.catalina.valves.RequestFilterValve.process(RequestFilterValve.java:335)
at org.apache.catalina.valves.RemoteAddrValve.invoke(RemoteAddrValve.java:131)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:577)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:223)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:601)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:392)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:565)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:619)
at java.lang.Thread.run(Thread.java:479)
Also, once in every few thousands of requests I'm receiving a 403 access denied error
on a valid address (I can see that in the access log).
After checking the RequestFilterValve class, I can see it saves the compiled regular
expressions (RE) and reuses them to check every request. Looking at regexp
documentations, it is explicitly stated that RE is not thread-safe. Am I missing
something? It looks like under load, this valve fails.
Also, I can see that the RequestFilterValve class didn't change in the 5.0.16 version
either.
Any help will be appreciated...
Slavik.
---------------------------------------------------------------------------------------------------------------
This message contains information that may be confidential or privileged.
If you are not the intended recipient, you may not use, copy or disclose
to anyone any of the information in this message. If you have received
this message and are not the intended recipient, kindly notify the sender
and delete this message from your computer.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
