[Resin-interest] Deadlock in access log
Hi We've been hit rather badly by errors very similar these: http://bugs.caucho.com/view.php?id=3509 during the last few days where we've had to restart Resin several time a day. A lot of threads are blocked on the same object at com.caucho.server.log.AccessLog.log(AccessLog.java:345). I could attach a stacktrace, but it's _very_ similar to those in mantis bug #3509. Our app just stalls on accepting incomming connections while threads and other services within the VM continue to run just fine. We are still on Resin Pro 3.1 (somewhere between 3.1.10 and 3.1.11 as we've been using a special build to alliviate another bug that's not listed in the 3.1.11 changelog) - any chance of a backport of the fixes to the 3.1 branch and a new version - or just a nightly build with the fix? Regards, Jens Dueholm Christensen Survey IT ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
[Resin-interest] Obfuscating Password in resin.xml
The following password xmlns ... technique works great for database definitions: database jndi-namejdbc/oracle/jndi-name driver typeoracle.jdbc.pool.OracleConnectionPoolDataSource/type urljdbc:oracle:thin:@${com.database.server}:${com.database.port}:${com.dat abase.sid}/url user${com.database.username}/user password xmlns:encryption=urn:java:com.company.encryption encryption:Passwordabcdef/encryption:Password /password /driver max-connections20/max-connections max-idle-time60s/max-idle-time /database However this same technique does not work for jsse-ssl definitions. jsse-ssl key-store-typejks/key-store-type key-store-file/opt/some/server/keys/some.kdb/key-store-file password xmlns:encryption=urn:java:com.company.encryption encryption:Passwordabcdef/encryption:Password /password cipher-suitesSSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WIT H_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CB C_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA/cipher-suites /jsse-ssl I get the following error at startup: /opt/company/server/conf/resin.xml:76: unable to create attribute SetterAttribute[public void com.caucho.vfs.JsseSSLFactory.setPassword(java.lang.String)] for com.caucho.vfs.JsseSSLFactory@176f5261 and QName[{http://caucho.com/ns/resin}password] Once upon a time ago there was discussion that this would be added to a future release. Any thoughts as to if that can happen easily? Thanks, Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Obfuscating Password in resin.xml
On 10/26/2011 02:28 PM, Aaron Freeman wrote: The following password xmlns ... technique works great for database definitions: database jndi-namejdbc/oracle/jndi-name driver typeoracle.jdbc.pool.OracleConnectionPoolDataSource/type urljdbc:oracle:thin:@${com.database.server}:${com.database.port}:${com.database.sid}/url user${com.database.username}/user password xmlns:encryption=urn:java:com.company.encryption encryption:Passwordabcdef/encryption:Password /password /driver max-connections20/max-connections max-idle-time60s/max-idle-time /database However this same technique does not work for jsse-ssl definitions. jsse-ssl key-store-typejks/key-store-type key-store-file/opt/some/server/keys/some.kdb/key-store-file password xmlns:encryption=urn:java:com.company.encryption encryption:Passwordabcdef/encryption:Password /password cipher-suitesSSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA/cipher-suites /jsse-ssl I get the following error at startup: /opt/company/server/conf/resin.xml:76: unable to create attribute SetterAttribute[public void com.caucho.vfs.JsseSSLFactory.setPassword(java.lang.String)] for com.caucho.vfs.JsseSSLFactory@176f5261 and QName[{http://caucho.com/ns/resin}password] Once upon a time ago there was discussion that this would be added to a future release. Any thoughts as to if that can happen easily? I'll need to check why that's not happening for jsse. We also have an open bug report to create a standard encryption class. It wouldn't be totally secure, of course, but would be better than plaintext. -- Scott Thanks, Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest