[Resin-interest] Deadlock in access log

2011-10-26 Thread Jens Dueholm Christensen (JEDC) 
Hi

We've been hit rather badly by errors very similar these: 
http://bugs.caucho.com/view.php?id=3509 during the last few days where we've 
had to restart Resin several time a day.

A lot of threads are blocked on the same object at 
com.caucho.server.log.AccessLog.log(AccessLog.java:345). I could attach a 
stacktrace, but it's _very_ similar to those in mantis bug #3509.

Our app just stalls on accepting incomming connections while threads and other 
services within the VM continue to run just fine.

We are still on Resin Pro 3.1 (somewhere between 3.1.10 and 3.1.11 as we've 
been using a special build to alliviate another bug that's not listed in the 
3.1.11 changelog) - any chance of a backport of the fixes to the 3.1 branch and 
a new version - or just a nightly build with the fix?

Regards,
Jens Dueholm Christensen
Survey IT

___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

[Resin-interest] Obfuscating Password in resin.xml

2011-10-26 Thread Aaron Freeman 
The following password xmlns ... technique works great for database
definitions:

 

database

jndi-namejdbc/oracle/jndi-name

driver

typeoracle.jdbc.pool.OracleConnectionPoolDataSource/type

 
urljdbc:oracle:thin:@${com.database.server}:${com.database.port}:${com.dat
abase.sid}/url

user${com.database.username}/user

password
xmlns:encryption=urn:java:com.company.encryption

 
encryption:Passwordabcdef/encryption:Password

/password

/driver

max-connections20/max-connections

max-idle-time60s/max-idle-time

/database

 

 

However this same technique does not work for jsse-ssl definitions.

 

 

jsse-ssl

key-store-typejks/key-store-type

 
key-store-file/opt/some/server/keys/some.kdb/key-store-file

password
xmlns:encryption=urn:java:com.company.encryption

 
encryption:Passwordabcdef/encryption:Password

/password

 
cipher-suitesSSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WIT
H_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CB
C_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA/cipher-suites

/jsse-ssl

 

I get the following error at startup:

 

/opt/company/server/conf/resin.xml:76: unable to create attribute
SetterAttribute[public void
com.caucho.vfs.JsseSSLFactory.setPassword(java.lang.String)] for
com.caucho.vfs.JsseSSLFactory@176f5261 and
QName[{http://caucho.com/ns/resin}password]

 

Once upon a time ago there was discussion that this would be added to a
future release.  Any thoughts as to if that can happen easily?

 

Thanks,

 

Aaron

 

___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Re: [Resin-interest] Obfuscating Password in resin.xml

2011-10-26 Thread Scott Ferguson 

On 10/26/2011 02:28 PM, Aaron Freeman wrote:


The following password xmlns ... technique works great for database 
definitions:


database

jndi-namejdbc/oracle/jndi-name

driver

typeoracle.jdbc.pool.OracleConnectionPoolDataSource/type

urljdbc:oracle:thin:@${com.database.server}:${com.database.port}:${com.database.sid}/url

user${com.database.username}/user

password xmlns:encryption=urn:java:com.company.encryption

encryption:Passwordabcdef/encryption:Password

/password

/driver

max-connections20/max-connections

max-idle-time60s/max-idle-time

/database

However this same technique does not work for jsse-ssl definitions.

jsse-ssl

key-store-typejks/key-store-type

key-store-file/opt/some/server/keys/some.kdb/key-store-file

password xmlns:encryption=urn:java:com.company.encryption

encryption:Passwordabcdef/encryption:Password

/password

cipher-suitesSSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA/cipher-suites

/jsse-ssl

I get the following error at startup:

/opt/company/server/conf/resin.xml:76: unable to create attribute 
SetterAttribute[public void 
com.caucho.vfs.JsseSSLFactory.setPassword(java.lang.String)] for 
com.caucho.vfs.JsseSSLFactory@176f5261 and 
QName[{http://caucho.com/ns/resin}password]


Once upon a time ago there was discussion that this would be added to 
a future release.  Any thoughts as to if that can happen easily?




I'll need to check why that's not happening for jsse.

We also have an open bug report to create a standard encryption class. 
It wouldn't be totally secure, of course, but would be better than 
plaintext.


-- Scott


Thanks,

Aaron


___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest


___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest