You are correct: The correct package is org.apache.tomcat.util.net. ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, January 13, 2004 10:39 AM Subject: RE: SSL failure with some browsers - Access denied by access control list
BTW, I when this failed to produce debug messages I tried to verify that there are classes with the org.apache.tomcat.net package in Tomcat 5. Maybe I missed it, but I did not see it on any of the jar files. b. -----Original Message----- From: Melloni Bruno (Nokia-BI/Dallas) Sent: Tuesday, January 13, 2004 10:44 AM To: 'Tomcat Users List'; '[EMAIL PROTECTED]' Subject: RE: SSL failure with some browsers - Access denied by access control list Mixed results: - I got no debug messages when it failed even after setting log4j.logger.org.apache.tomcat.net=DEBUG. - By experimenting (afterwards) and placing the files in common/lib and common/classes instead of server/lib and server/classes and adding log4j.logger.org.apache.catalina.session.ManagerBase=INFO, RollFile I managed to eliminate the annoying (unrelated) bug in Tomcat 5 that gives the warning message: log4j:WARN No appenders could be found for logger (org.apache.catalina.session.ManagerBase). log4j:WARN Please initialize the log4j system properly. b. -----Original Message----- From: ext Bill Barker [mailto:[EMAIL PROTECTED] Sent: Monday, January 12, 2004 2:00 PM To: [EMAIL PROTECTED] Subject: Re: SSL failure with some browsers - Access denied by access control list Copy the log4j-1.2.8.jar and commons-logging.jar to $CATALINA_HOME/server/lib, and create a log4j.properties (or .xml) file in $CATALINA_HOME/server/classes with the logging level. ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, January 12, 2004 9:24 AM Subject: RE: SSL failure with some browsers - Access denied by access control list Bill, Where do I find the place to set the debug level for 'org.apache.tomcat.net'? I apologize for bugging you with this. I already searched the Tomcat docs, the whole Tomcat 5.0 deployed tree, and the contents of the whole conf directory (including server.xml) but could not find where Tomcat hides the log4j config file (or for that matter even the commons-logging jar file!!!). I know it must be somewhere since the server does actually log its messages, but I can't find it. I am familiar with log4j and my application uses it. My application has log4j-1.2.8 in its lib directory and its own application-specific log4j configuration file, and it all works wonderfully. Except of course, for the usual annoying but innocuous well-known Tomcat bug (that no one knows how to fix) about the "log4j:WARN No appenders could be found for logger (org.apache.catalina.session.ManagerBase)" message. Bruno -----Original Message----- From: news [mailto:[EMAIL PROTECTED] Behalf Of ext Bill Barker Sent: Friday, January 09, 2004 9:33 PM To: [EMAIL PROTECTED] Subject: Re: SSL failure with some browsers - Access denied by access control list At a guess, those Mozilla versions don't support TLS, which is Tomcat's default SSL protocol. Whatever it is, try turning up your commons-logging debug level for 'org.apache.tomcat.net' to 'debug'. You should get plenty of messages in your Tomcat logs to help you figure out why Tomcat doesn't like Mozilla. <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] Problem: - Making any https call fails with the message "Forbidden. You were denied access because: Access denied by access control list.". - The failure happens even accessing https://<host>:8443/tomcat-docs, while a regular http call succeeds. - The failure happens with some browsers (i.e.: Mozilla) but now with others (i.e.: Internet Explorer, and most versions of Netscape). - The failure appears to only happen when accessing a server on a different box than the one where the browser is running. It has not happened (so far) on the same box as the client. - The failure appears to happen with the Tomcat running on either Windows or Solaris. - The failure is not related to the JDK's Verisign Certificate issue (expired Jan 7). It was happening in December, and it was not corrected by JDK 1.4.2_03. Also, the certificates being used are self-signed according to the Tomcat's default instructions. Questions: - Is this a configuration issue? Or is it a deeper problem with either Tomcat or the browsers? I have not seen many postings out there on this topic, so I assume (and hope) the problem is a dumb configuration snafu. - Is there a know solution? I have not found any on the Tomcat archives, on the Mozilla archives, or even after several exchanges with the Mozilla support people. - Is there any additional information I can provide that might shed some light as to why this is happening? Environment details: - Tomcat version: 5. - JDK version 1.4.2 (both _02 and _03). - Mozilla versions failing (at least 1.4 and 1.5). - IE version succeeding (at least 6.0) - Netscape version succeeding (at least 4.5, 4.7, and I believe one of the 7.x versions). server.xml: (feel free to comment if you see something wrong even if unrelated) <Server port="8105" shutdown="SHUTDOWN" debug="0"> <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" debug="0"/> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" debug="0"/> <GlobalNamingResources> <Environment name="simpleValue" type="java.lang.Integer" value="30"/> <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved"> </Resource> <ResourceParams name="UserDatabase"> <parameter> <name>factory</name> <value>org.apache.catalina.users.MemoryUserDatabaseFactory</value> </parameter> <parameter> <name>pathname</name> <value>conf/tomcat-users.xml</value> </parameter> </ResourceParams> </GlobalNamingResources> <Service name="Catalina"> <Connector port="8089" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" redirectPort="8443" acceptCount="100" debug="0" connectionTimeout="20000" disableUploadTimeout="true" /> <Connector port="8443" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" debug="0" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> <Connector port="8109" enableLookups="false" redirectPort="8443" debug="0" protocol="AJP/1.3" /> <Engine name="Catalina" defaultHost="localhost" debug="0"> <Logger className="org.apache.catalina.logger.FileLogger" prefix="catalina_log." suffix=".txt" timestamp="true"/> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" debug="0" resourceName="UserDatabase"/> <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> <Logger className="org.apache.catalina.logger.FileLogger" directory="logs" prefix="localhost_log." suffix=".txt" timestamp="true"/> </Host> </Engine> </Service> </Server> Bruno Melloni eBusiness Application Center, Americas Nokia, Inc 6000 Connection Drive, Mailstop 4w223 Irving, TX 75039 USA *Office: +1 (972)894-6120 *Cellular: +1 (469) 939-1067 * SMS: [EMAIL PROTECTED] * e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments. In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
