Re: Get object from session before it expires.

[Alexander Wallace]

I gave that a try, the problem with it is that my session has many instances 
of that same object, but it is only one instance the one I'm interested on. 
That's why i wanted to pull it out of the session since I can retrieve the 
particular one by name...

Any ideas?

On Monday 17 March 2003 10:44, mike jackson wrote:
> Value bound and unbound is the way to do this.  I have an object that
> creates and destroys "temp" tables in my database this way.  It's kinda
> clunky, but it works.
>
> When the object is unbound (either it is removed from the session or the
> session is invalidated) you'll get an event.  As long as you don't
> remove the object yourself you ought to be mostly ok.  With tomcat 3.x I
> have the issue that sometimes I have to kill -9 tomcat (not often) which
> doesn't trigger the value unbound event, but it's mostly ok.
>
> --mikej
> -=-
> mike jackson
> [EMAIL PROTECTED]
>
> -Original Message-
> From: Alexander Wallace [mailto:[EMAIL PROTECTED]
> Sent: Monday, March 17, 2003 8:23 AM
> To: Tomcat Users List
> Subject: Get object from session before it expires.
>
> I've been searching and just want to make sure I was told correctly.
>
> I was told in an IRC that there is no way to get an object from a
> session
> before it expires.
>
> I know you can listen for valueUnbound, but that tells me when all
> instances
> of a class are being unbound.
>
> I know you can listen to sessionDestroyed and get the session from the
> HttpSessionEvent, but by then the session has already been invalidated
> and I
> can't get a hold on a particular object.
>
> What I need is to know before a session is invalidated, so that I can
> pull a
> particular instance of a class from the session and update a database
> with
> it.
>
> I was told that is not possible... Is this right? Any suggestions?
>
> Thanks in advance!
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Get object from session before it expires.

[Alexander Wallace]

I've been searching and just want to make sure I was told correctly.

I was told in an IRC that there is no way to get an object from a session 
before it expires. 

I know you can listen for valueUnbound, but that tells me when all instances 
of a class are being unbound.

I know you can listen to sessionDestroyed and get the session from the 
HttpSessionEvent, but by then the session has already been invalidated and I 
can't get a hold on a particular object.

What I need is to know before a session is invalidated, so that I can pull a 
particular instance of a class from the session and update a database with 
it.

I was told that is not possible... Is this right? Any suggestions?

Thanks in advance!


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: How to use a JNDI Ressource

[Alexander Wallace]

Something like:

   try {
Context ctx = new InitialContext();
String whatever = (String)ctx.lookup("java:comp/env/whatever");

}
catch (Exception e) { }


On Friday 14 March 2003 14:32, Georges Roux wrote:
> Hi,
>
> I run tomcat 4.1.18 Standalone on Linux.
>
> How can I use my named values from my context environment in a jsp?
>
> I have this in my server.xml :
> 
> ...
>  type="java.lang.String" value="hello world."/>
> ...
> 
>
>
> Georges
>
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Ejectute a method on an object instance when session is deactivated.

[Alexander Wallace]

I tryed that but when I do getAttribute("myObj") from the session, I get an 
error saying that the session has already been invalidated.

Any clues?

On Friday 14 March 2003 13:17, Shapira, Yoav wrote:
> Howdy,
> In a SessionListener's sessionDestroyed() method, the HttpSessionEvent
> argument has a getSession() method you get use to get the Session
> itself, and then do getAttribute("...") on the session to get the
> object.
>
> Yoav Shapira
> Millennium ChemInformatics
>
> >-Original Message-
>
> From: Alexander Wallace [mailto:[EMAIL PROTECTED]
>
> >Sent: Friday, March 14, 2003 2:13 PM
> >To: Tomcat Users List
> >Subject: Ejectute a method on an object instance when session is
> >deactivated.
> >
> >Hi there... I don't need sessionpersistence. Bu i do need to execute a
> >method
> >on an instance of an object that is in the session when it's about to
> >expire.
> >Can someone point me on a direction? I know I can implement a session
> >listener, but ho do I grab the objects of the session that is about to
>
> be
>
> >closed?
> >
> >Thanks.
> >
> >-
> >To unsubscribe, e-mail: [EMAIL PROTECTED]
> >For additional commands, e-mail: [EMAIL PROTECTED]
>
> This e-mail, including any attachments, is a confidential business
> communication, and may contain information that is confidential,
> proprietary and/or privileged.  This e-mail is intended only for the
> individual(s) to whom it is addressed, and may not be saved, copied,
> printed, disclosed or used by anyone else.  If you are not the(an) intended
> recipient, please immediately delete this e-mail from your computer system
> and notify the sender.  Thank you.
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Ejectute a method on an object instance when session is deactivated.

[Alexander Wallace]

Thanyou very much for the help!

On Friday 14 March 2003 13:17, Shapira, Yoav wrote:
> Howdy,
> In a SessionListener's sessionDestroyed() method, the HttpSessionEvent
> argument has a getSession() method you get use to get the Session
> itself, and then do getAttribute("...") on the session to get the
> object.
>
> Yoav Shapira
> Millennium ChemInformatics
>
> >-Original Message-
>
> From: Alexander Wallace [mailto:[EMAIL PROTECTED]
>
> >Sent: Friday, March 14, 2003 2:13 PM
> >To: Tomcat Users List
> >Subject: Ejectute a method on an object instance when session is
> >deactivated.
> >
> >Hi there... I don't need sessionpersistence. Bu i do need to execute a
> >method
> >on an instance of an object that is in the session when it's about to
> >expire.
> >Can someone point me on a direction? I know I can implement a session
> >listener, but ho do I grab the objects of the session that is about to
>
> be
>
> >closed?
> >
> >Thanks.
> >
> >-
> >To unsubscribe, e-mail: [EMAIL PROTECTED]
> >For additional commands, e-mail: [EMAIL PROTECTED]
>
> This e-mail, including any attachments, is a confidential business
> communication, and may contain information that is confidential,
> proprietary and/or privileged.  This e-mail is intended only for the
> individual(s) to whom it is addressed, and may not be saved, copied,
> printed, disclosed or used by anyone else.  If you are not the(an) intended
> recipient, please immediately delete this e-mail from your computer system
> and notify the sender.  Thank you.
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Ejectute a method on an object instance when session is deactivated.

[Alexander Wallace]

Hi there... I don't need sessionpersistence. Bu i do need to execute a method 
on an instance of an object that is in the session when it's about to expire. 
Can someone point me on a direction? I know I can implement a session 
listener, but ho do I grab the objects of the session that is about to be 
closed?

Thanks.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Listener problem in tomcat 4.1.18

[Alexander Wallace]

Could you be running multiple instances of your web app? Like it would happen 
if you have a context for it declared in server.xml and also have a jar or a 
directory in webapps. ?


On Monday 13 January 2003 18:05, David Hemingway wrote:
> Hi,
> This has been posted before, this time i have made it more thorough.
>
> My top of my context inside my server.xml looks like:
>
>   reloadable="false" crossContext="true">
>
> my web.xml looks like:
>
> 
> 
> com.lawonline.StartServlet
> 
> 
>
>
>
> The code in the listener:
>
>
>  public void contextInitialized(ServletContextEvent sce)
>  {
>   sce.getServletContext().setAttribute("startServlet", this);
>   System.out.println("Context Initialized");
>
>   synchronized(this)
>   {
>if(!hasBeenInitialized)
>{
> scheduler = Scheduler.getScheduler();
> System.out.println("The listener is: "+this);
> hasBeenInitialized = true;
>}
>   }
>
>   System.out.println("Got Scheduler Instance");
>  }
>
>
> When server start the listener starts up as expected. However upon the
> first request 2 more instances are created straight away. Does anyne know
> what could cause this and furthermore how to rectify the situation. I only
> want ONE instance as multiple instances causes major concurrency issues.
> Thanks in advance
>
> regards,
> Dave


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Tomcat 4.1.18 changes https into httpss

[Alexander Wallace]

Thank you very much for the reply. After double checking all my settings and 
for hunting where the problem was, i disabled a filter i had implemented to 
ensure that https was being used when i wanted. 

Disabling the filter allowed tc 4.1.18 to work using https. So now the problem 
becomes why the filter does work under 4.1.12 and not 4.1.18.

A quick debug of the filter shows that the problem must be of implementation.

Tomcat 4.1.12's httpRequest.getRequestURL() returns 
http://my.server.com:443/myapp
  ^^^
That's the only way i had to know if i was being requested something via SSL, 
so i wrote my filter to check for the secure port.

Tomcat 4.1.18's httpRequest.getRequestURL() returns 
https://my.server.com/myapp
^
And even though my TC doesn't handle the SSL, i'm now told what scheme is 
being requested.  

This is a wellcome change, I just didn't know about it! I hope it stays that 
way, becouse i now have to rewrite the filter, i hope i don't have to rewrite 
it again for future upgrades.

Any coments? Suggestions?

PS.
I'm running linux, debian (woody and sid)... jdk 1.4.1-rc-b19. Apache-ssl 
1.3.26
Again thanks!


> Alexander,
> This sounds like a bug to me.  If so, instead of moving to a
> different "hack" to solve the problem, I think it would be good to fix
> it.
> What OS are you using, and can you provide any more setup details, how
> your SSL is set up, etc.?
> This should also probably be brought up on the development mailing
> list.
>
> And, are you 100% sure that the app doesn't change at all and it works
> on 4.1.12 and not 4.1.18?
>
>  - Jeff Tulley
>
> --
> To unsubscribe, e-mail:  
>  For additional
> commands, e-mail: 


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: NOONE? Was: Tomcat 4.1.18 changes https into httpss

[Alexander Wallace]

Did you find a similar problem then using apache and apache-ssl with tomcat 
4.1.18?  What makes me wonder if this is a bug or something is that the same 
app, with the same settings for mod_jk, works perfectly with TC 4.1.12 and 
before. I was hopping someone here on the list would tell me if this is 
normal or i'm messing up in the configuration.

If i can't get any other clues on how to make apache-ssl + tc 4.1.18 i may 
give your hack a go, and will glady accept your offer to help... Thank you 
very much for your response.

On Sunday 05 January 2003 12:21 am, David Orriss Jr wrote:
> Actually in my case I 'punted' I used ProxyPass and ProxyPassReverse and
> pass the SSL requests via a URL over to the non-SSL servlet engine...  Yea
> it was a hack, but effective.. ;)
>
> On Saturday, January 04, 2003 5:02 PM,
>
> Alexander Wallace <[EMAIL PROTECTED]> wrote:
> > Really noone read my mayl or has any clue as of what am i doing wrong? If
>
> it
>
> > is something that was discussed a lot, i did not see anything in the
> > archives, if so, at least tell me so. I really need help here.
>
> --
> David Orriss Jr.
>
> Please email me if you want my ICQ/AIM/IM ID's.
>
>
>
> --
> To unsubscribe, e-mail:  
> <mailto:[EMAIL PROTECTED]> For additional
> commands, e-mail: <mailto:[EMAIL PROTECTED]>


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Anyone? Was: Tomcat 4.1.18 changes https into httpss

[Alexander Wallace]

Anyone using tomcat 4.1.18 with apache-ssl?


On Friday 03 January 2003 06:41 pm, Alexander Wallace wrote:
> Hello there... I have a web app that works perfect under tomcat 4.1.12.
>
> I'm using apache + mod_jk.
>
> It works partially ok with 4.1.18, everything under http works fine, but if
> i call something using https, i get the following error:
>
> An error occured while loading
> https://my.server.com/myapp/secure/activation.jsp:
>
> Could not start process Unable to create io-slave:
> klauncher said: Unknown protocol 'httpss'.
>
> So for some reason, even tho i'm requesting https, something appends an
> extra s making an httpss request?
>
> Again, this app works fine in 4.1.12.
>
> Does 4.1.18 requires special configuration for apache or mod_jk or
> server.xml?
>
> Thanks in advance.
>
> --
> To unsubscribe, e-mail:  
> <mailto:[EMAIL PROTECTED]> For additional
> commands, e-mail: <mailto:[EMAIL PROTECTED]>


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

NOONE? Was: Tomcat 4.1.18 changes https into httpss

[Alexander Wallace]

Really noone read my mayl or has any clue as of what am i doing wrong? If it 
is something that was discussed a lot, i did not see anything in the 
archives, if so, at least tell me so. I really need help here.

On Friday 03 January 2003 06:41 pm, Alexander Wallace wrote:
> Hello there... I have a web app that works perfect under tomcat 4.1.12.
>
> I'm using apache + mod_jk.
>
> It works partially ok with 4.1.18, everything under http works fine, but if
> i call something using https, i get the following error:
>
> An error occured while loading
> https://my.server.com/myapp/secure/activation.jsp:
>
> Could not start process Unable to create io-slave:
> klauncher said: Unknown protocol 'httpss'.
>
> So for some reason, even tho i'm requesting https, something appends an
> extra s making an httpss request?
>
> Again, this app works fine in 4.1.12.
>
> Does 4.1.18 requires special configuration for apache or mod_jk or
> server.xml?
>
> Thanks in advance.
>
> --
> To unsubscribe, e-mail:  
> <mailto:[EMAIL PROTECTED]> For additional
> commands, e-mail: <mailto:[EMAIL PROTECTED]>


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Tomcat 4.1.18 changes https into httpss

[Alexander Wallace]

Hello there... I have a web app that works perfect under tomcat 4.1.12. 

I'm using apache + mod_jk.

It works partially ok with 4.1.18, everything under http works fine, but if i 
call something using https, i get the following error:

An error occured while loading 
https://my.server.com/myapp/secure/activation.jsp:

Could not start process Unable to create io-slave:
klauncher said: Unknown protocol 'httpss'.

So for some reason, even tho i'm requesting https, something appends an extra 
s making an httpss request?

Again, this app works fine in 4.1.12.

Does 4.1.18 requires special configuration for apache or mod_jk or server.xml?

Thanks in advance.

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Tomcat 4.1.18 + apache SSL Problems

[Alexander Wallace]

Hello there... I have a web app that works perfect under tomcat 4.1.12. 

It works partially ok with 4.1.18, everything under http works fine, but if i 
call something using https, i get the following error:

An error occured while loading 
https://my.server.com/myapp/secure/activation.jsp:

Could not start process Unable to create io-slave:
klauncher said: Unknown protocol 'httpss'.

So for some reason, even tho i'm requesting https, something appends an extra 
s making an httpss request?

Again, this app works fine in 4.1.12.

Does 4.1.18 requires special configuration for apache or mod_jk or server.xml?

Thanks in advance.


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Log file naming?

[Alexander Wallace]

Don't you have a timestamp option in server.xml for the logs?

On Tuesday 17 December 2002 14:54, Armbrust, Daniel C. wrote:
> Is there anyway that I can reconfigure Tomcat 4.1.12 so that my log files
> do not have the date in them?  I would like to have one log file that I can
> skim over for a month of activity, not 31 that I have to combine.
>
> It seems to give you options for changing everything else, why it the date
> stuff hard coded?
>
> Dan
>
> --
> To unsubscribe, e-mail:  
>  For additional
> commands, e-mail: 


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Selecting which pages to use SSL with

[Alexander Wallace]

I've gone through your same questions lately, and still learnning, but here is 
what i've learned from the list and other places.

*Once you start using https, you should NOT switch back to http, doing so will 
allow whomever to sniff the session id  and put in risk whatever you thought 
you secured with https. So, if during a session, a user goes to https, you 
should not switch back to http just becouse the next page does not need to be 
secured, at this point it is not the page, but the session, that needs to be 
secure.

*There are noumerous ways to know if you are running https and also to switch 
to https if you were not.

I use a filter to look at what port and protocol is being requested, and 
switch to https if necesary. The method used varies if you use apache + 
tomcat or tomcat stand alone. This becouse when using apache, apache talks to 
tomcat always in http, it takes charge of all comunication being secure with 
the client, but it tell's you the user requested a secure session by 
appending the secure port number to the url requested. If tomcat is being 
used stand alone, you can check what protoclo was requested and other stuff 
using httpRequest's getScheme() getProtocol() getServerPort() and stuff like 
that.

If a servlet or jsp needs to know if secure session was requested, you can use 
the isSecure() method of the request.

There is also a way to force tomcat to ensure secure scheme is being used, byt 
adding something like the following to your web.xml



  SSL-Only Portion Of This Webapp
  /secure/*


  CONFIDENTIAL

  

And you can also make apache not serve anything but whatever uri prefix you 
specify so it won't serve something if it begins with /secure, which you can 
use as the prefix for any jsp or servlet you want to make sure run only in a 
secure way.

I hope all this helps!




On Tuesday 17 December 2002 14:43, Cook, Christopher H (IndSys, GE Interlogix) 
wrote:
> The documentation supplied for tomcat that pertains to the configuration of
> ssl states - "indeed a developer can pick and choose which pages require a
> secure connection and which do not. For a reasonably busy site, it is
> customary to only run certain pages under SSL, namely those pages where
> sensitive information could possibly be exchanged. ...  Any pages which
> absolutely require a secure connection should check the protocol type
> associated with the page request and take the appropriate action of https
> is not specified."
>
> I have SSL set up in my application currently, so that any page I request
> can either use https or http.  How do restrict access to some pages using
> http, while allowing others to use it?  Basically how do I implement the
> scenario's described in the above passage?  Or where is there documentation
> on this?
>
> Thanks,
>
> Chris
>
> --
> To unsubscribe, e-mail:  
>  For additional
> commands, e-mail: 


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Naïve question about root

[Alexander Wallace]

You should not be as root all the time becouse root can do anything, and any 
little mistake could be desastrous, like running rm when you actually meant 
mv, or stuff like that.

It is safe (as far as someone sniffing your root password, or any other 
user's) to use ssh, but don't stay connected as root for the same reason 
above and also if someone else can phisically access your machine.

Running any service as root can be dangerous since the service has the same 
permissions as root. If the service has security flaws, someoune could gain 
the priviledges of the service and do whatever they want in your system. You 
ofcourse need that the service has those flaws and that people know how to 
explode them for this to happen. No reason to risk here.


On Tuesday 17 December 2002 13:53, Denise Mangano wrote:
> I know this is a naïve question, and slightly irrelevant to the
> newsgroup...
>
> I keep getting told left and right not to work as root.  I heeded this
> advice a while back and created a user.  Here is the thing.  My RH 7.3 box,
> running Apache 1.3.27 & Tomcat 3.1.17 (no I haven't gotten them connected
> with mod_jk yet:) ) is logged in as root.  But I work on my files through a
> secure shell from my workstation, where I log in as the user I created.  Is
> it not safe to leave my box logged in as root?
>
> My concern is when people access my website can they somehow get into my
> box and wreak havoc?  For example with my current setup people are
> accessing a website hosted on a machine that is logged in with root
> access   Is it better that I sign in on the actual box as this created
> user only changing login to root as needed or does the logon of the actual
> box not matter as long as I am not messing around as root...?  If I should
> sign onto the box as this user, how can I make sure this user has rights to
> Apache and Tomcat? (as of right now this user has rights to execute java
> commands, but I am not sure if there is anything special I need to do for
> apache and tomcat).  On a side note is there anyway to create a user that
> has "almost" root access but can't do the damage root can do?
>
> Again naïve, but thought I would throw it out here anyway :) Thanks!!
>
> Denise Mangano
>
> --
> To unsubscribe, e-mail:  
>  For additional
> commands, e-mail: 


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Running tomcat as user other than root

[Alexander Wallace]

If she starts it, she can stop it and restart it. Unless you have modified TC 
to use ports below 1000, which only worsk for root.

On Tuesday 17 December 2002 10:04, Philip Juels wrote:
> I'm sure this has been asked before, but I can't find the answer
>
> How can I start/stop tomcat as a user other than root?  I have a
> webmaster that I'd like to give the ability to restart tomcat, but I
> don't want to give her root access to the server (RH7.3 on an intel
> platform).
>
> Thanks,
>
> Philip Juels
> IT Manager
> Harvard-Partners Center for Genetics and Genomics
> 65 Landsdowne St
> Cambridge, MA 02139
> [EMAIL PROTECTED]
> 617.768.8292
>
>
> --
> To unsubscribe, e-mail:  
>  For additional
> commands, e-mail: 


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: how do i make apache auto load index.jsp

[Alexander Wallace]

Thankyou, good to know, i'll see which aproach is easyer for me.

On Monday 16 December 2002 21:30, Turner, John wrote:
> This has come up many times before.  There is no easy solution. 
> Apparently, Apache doesn't do the DirectoryIndex until after it checks to
> see if the URL should be passed to Tomcat.  Since the actual URL has no
> "*.jsp" on it at that time, it doesn't go to Tomcat.
>
> There have been various alternatives suggested on the list in the past:
>
> 1) setup a index.html file to do a META refresh of 0 to URL/index.jsp
> 2) use mod_rewrite to intercept URLs that don't have a file on them,
> rewriting them to /index.jsp
> 3) send all requests to Tomcat, and use the web.xml welcome file list to
> have index.jsp come up first (this would make Apache pretty useless)
>
> There are probably other workarounds.
>
> John
>
>
> -Original Message-
> From: Alexander Wallace [mailto:[EMAIL PROTECTED]]
> Sent: Monday, December 16, 2002 8:11 PM
> To: [EMAIL PROTECTED]
> Subject: how do i make apache auto load index.jsp
>
> When using apache + tomcat, and calling my web app context, with no page
> being
> requested, i get  404 error If i call tomcat directly (using port 8080)
> tomcat loads index.jsp fine.
>
> How can i make apache also load the index.jsp ?
>
> I thought that by adding the index.jsp to the httpd.conf DirectoryIndex
> directive it would do it, but it doesn't...
>
> Thanks in advance.
>
> --
> To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
>
> ---
> Incoming mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.419 / Virus Database: 235 - Release Date: 11/13/2002
>
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.419 / Virus Database: 235 - Release Date: 11/13/2002
>
>
> --
> To unsubscribe, e-mail:  
> <mailto:[EMAIL PROTECTED]> For additional
> commands, e-mail: <mailto:[EMAIL PROTECTED]>


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: app roll out.

[Alexander Wallace]

My guess is that the solution with apache works becouse even if apache switces 
to https, it still talks to tomcat via plain http, and since the objects are 
in tomcat's session, and tomcat doesn't need to switch to https, it will not 
create a new session.

On Monday 16 December 2002 20:41, Joseph Shraibman wrote:
> But that doesn't explain why apache would be any better at that than
> tomcat.
>
> James Higginbotham wrote:
> > That's probably the case if you were using cookies to track sessions.
> > The cookie spec mentions that the port is also part of the scope of a
> > cookie, so when you went from www.foo.com:80 to www.foo.com:443 you
> > changed the scope of the original cookie and thus created a new
> > "session" on the server side. The fix is to either change the cookie's
> > domain to be foo.com rather than www.foo.com, which will make it match
> > to all servers in that domain on all ports. At least, this seems to be
> > what I remember the issue being several years ago for a similar
> > deployment I did.
>
> --
> To unsubscribe, e-mail:  
>  For additional
> commands, e-mail: 


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

how do i make apache auto load index.jsp

[Alexander Wallace]

When using apache + tomcat, and calling my web app context, with no page being 
requested, i get  404 error If i call tomcat directly (using port 8080) 
tomcat loads index.jsp fine. 

How can i make apache also load the index.jsp ? 

I thought that by adding the index.jsp to the httpd.conf DirectoryIndex 
directive it would do it, but it doesn't...

Thanks in advance.

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: app roll out.

[Alexander Wallace]

The line:

RedirectMatch ^/$ http://mysite/theContext 

did the trick.

Now I have to find out how to make apache call index.jsp automatically if no 
page is requested.  If i use http://localhost:8080/myapp tomcat calls 
index.jsp automatically, but when going through apache 
(http://localhost/myapp) apache doesn't load the index.jsp.  

How can i make it load index.jsp automatically?

Thanks again!

On Monday 16 December 2002 15:42, Ben Ricker wrote:
> This would be done by Apache (though it could possibly be done by
> Tomcat; I use Apache). You can do it one of two ways:
>
> 1) Use mod_rewrite to rewrite "/index.html" to "/path-to-context-name".
> Not sure on the mechanics of this. Try the Apache list for pointers, or
> any number of tutotials on mod_rewrite.
>
> 2) Use the 'Redirect' directive in Apache. This is what I use and has
> worked for 2 years. Basically, you stick a line in your httpd.conf which
> goes:
>
> Redirect temp www.domain.com www.domain.com/path-to-context


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: app roll out.

[Alexander Wallace]

Adding a line like the one you suggest doesn't seem to work... People at 
apache's irc said it should be something like:

Redirect / http://www.domain.com/context

But that only seems to create infinite redirects since it redirects to the 
same domain name.

The docs say that redirect takes a URI and then a URL.

Could you check your config files and paste one line here? Just to make sure 
the syntax is correct?

Thanks!

On Monday 16 December 2002 15:42, Ben Ricker wrote:

> Redirect temp www.domain.com www.domain.com/path-to-context
>
> Hth,
>
> Ben Ricker


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: app roll out.

[Alexander Wallace]

That sounds very interesting, i have to see how that works, becouse i don't 
use apache for anything else.  I just need to figure out how to change the 
domain of the cookies...

Thanks a lot!

On Monday 16 December 2002 16:14, James Higginbotham wrote:
> That's probably the case if you were using cookies to track sessions.
> The cookie spec mentions that the port is also part of the scope of a
> cookie, so when you went from www.foo.com:80 to www.foo.com:443 you
> changed the scope of the original cookie and thus created a new
> "session" on the server side. The fix is to either change the cookie's
> domain to be foo.com rather than www.foo.com, which will make it match
> to all servers in that domain on all ports. At least, this seems to be
> what I remember the issue being several years ago for a similar
> deployment I did.
>
> HTH,
> James
>
> > -Original Message-
> > From: Alexander Wallace [mailto:[EMAIL PROTECTED]]
> > Sent: Monday, December 16, 2002 4:10 PM
> > To: Tomcat Users List
> > Subject: Re: app roll out.
> >
> >
> > I'm redirecting everything to tomcat, but part of my app
> > requires ssl, and
> > although tomcat can handle ssl, when i tryed it, all objects
> > in my session
> > that was started not using ssl, were not accessible once
> > swithced to ssl. I
> > don't know if this is the right behavior or if there is a way
> > around it, i
> > asked the list and never got an answer, so i asummed that's
> > how it should be.
> >
> > Thanks!
> >
> > On Monday 16 December 2002 15:41, David Kavanagh wrote:
> > > Well, if you were just running tomcat, I'd say put your app in
> > > webapps/ROOT, but I'm not sure how to configure mod_jk to
> >
> > redirect all
> >
> > > stuff from the server root to tomcat. If you are directing
> >
> > everything
> >
> > > to tomcat, just bag apache altogether!
> > >
> > > David
> > >
> > > On 12/16/2002 4:28 PM, Alexander Wallace wrote:
> > > >Hi there. Almost ready to deploy my app to test in real
> >
> > world.  I'm
> >
> > > >using apache + tomcat (using mod_jk).  My app name is wxyz, and I
> > > >have purchased the domain name i want it to be under. I
> >
> > want to call
> >
> > > >www.mydomain.com and get my app's index. instead of typing the
> > > >www.mydomain.com/wxyz.
> > > >
> > > >How can i do that? Can someone, if not tell me how, tell
> >
> > me where to
> >
> > > >read  to learn how to do it?
> > > >
> > > >Sorry about the newbienezz of the email. I know nothing about this
> > > >things.
> > > >
> > > >Thanks!
> > > >
> > > >
> > > >--
> > > >To unsubscribe, e-mail:
> > > > <mailto:[EMAIL PROTECTED]> For additional
> > > > commands, e-mail: <mailto:[EMAIL PROTECTED]>
> > >
> > > --
> > > To unsubscribe, e-mail:
> > > <mailto:[EMAIL PROTECTED]> For additional
> > > commands, e-mail: <mailto:[EMAIL PROTECTED]>
> >
> > --
> > To unsubscribe, e-mail:
> > <mailto:tomcat-user-> [EMAIL PROTECTED]>
> > For
> > additional commands,
> > e-mail: <mailto:[EMAIL PROTECTED]>
>
> --
> To unsubscribe, e-mail:  
> <mailto:[EMAIL PROTECTED]> For additional
> commands, e-mail: <mailto:[EMAIL PROTECTED]>


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: Shtting down classes when tomcat shuts down.

[Alexander Wallace]

Thankyou, i'll see into that. I did writhe the classes so i can change them.  

About the logging, well, i did post a message here, i don't thing i found out 
what i was hoping (using System.out.println(), if the classes are not 
servlets, the log goes to catalina and not my app).

Anyways, i can live with that, but i'll probably use the   
ServletContextListener to solve the problem with the classes not shutting 
down.

Again thanks!

On Monday 16 December 2002 15:49, Shapira, Yoav wrote:
> Hi,
>
> >Hello. I have some classes that are started by a servlet when tomcat
> >starts, their main method has a timer to execute some stuff
>
> periodically. >When I shut tomcat down, the classes remain running.  How
> can i make them >shut down with tomcat?
>
> One possible way would be to implement a ServletContextListener and its
> contextDestroyed() event, shut down the classes gracefully.
>
> Another way, assuming the classes are extensions of threads, to mark
> them as daemons.  Daemon threads will die when tomcat exits.
>
> Did you write these classes or are they 3rd party?
>
> >The reason they stay up is probabbly the same for their log file to be
> >catalina's log and not my app's log, which i still have not figured out
>
> how
>
> >to change.
>
> I doubt that's the reason they stay up.  It's more likely that the above
> are two separate issues.  You could post another question in a new
> thread with logging questions.  I suggest you search the archives first
> as the above question is fairly common.
>
> Yoav Shapira
> Millennium ChemInformatics
>
> --
> To unsubscribe, e-mail:  
>  For additional
> commands, e-mail: 


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: app roll out.

[Alexander Wallace]

I'm redirecting everything to tomcat, but part of my app requires ssl, and 
although tomcat can handle ssl, when i tryed it, all objects in my session 
that was started not using ssl, were not accessible once swithced to ssl. I 
don't know if this is the right behavior or if there is a way around it, i 
asked the list and never got an answer, so i asummed that's how it should be.

Thanks!

On Monday 16 December 2002 15:41, David Kavanagh wrote:
> Well, if you were just running tomcat, I'd say put your app in
> webapps/ROOT, but I'm not sure how to configure mod_jk to redirect all
> stuff from the server root to tomcat. If you are directing everything to
> tomcat, just bag apache altogether!
>
> David
>
> On 12/16/2002 4:28 PM, Alexander Wallace wrote:
> >Hi there. Almost ready to deploy my app to test in real world.  I'm using
> >apache + tomcat (using mod_jk).  My app name is wxyz, and I have purchased
> >the domain name i want it to be under. I want to call www.mydomain.com and
> >get my app's index. instead of typing the www.mydomain.com/wxyz.
> >
> >How can i do that? Can someone, if not tell me how, tell me where to read
> > to learn how to do it?
> >
> >Sorry about the newbienezz of the email. I know nothing about this things.
> >
> >Thanks!
> >
> >
> >--
> >To unsubscribe, e-mail:  
> > <mailto:[EMAIL PROTECTED]> For additional
> > commands, e-mail: <mailto:[EMAIL PROTECTED]>
>
> --
> To unsubscribe, e-mail:  
> <mailto:[EMAIL PROTECTED]> For additional
> commands, e-mail: <mailto:[EMAIL PROTECTED]>


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: app roll out.

[Alexander Wallace]

Thankyou very much, option 2 is probably what i'll use.

On Monday 16 December 2002 15:42, Ben Ricker wrote:
> This would be done by Apache (though it could possibly be done by
> Tomcat; I use Apache). You can do it one of two ways:
>
> 1) Use mod_rewrite to rewrite "/index.html" to "/path-to-context-name".
> Not sure on the mechanics of this. Try the Apache list for pointers, or
> any number of tutotials on mod_rewrite.
>
> 2) Use the 'Redirect' directive in Apache. This is what I use and has
> worked for 2 years. Basically, you stick a line in your httpd.conf which
> goes:
>
> Redirect temp www.domain.com www.domain.com/path-to-context
>
> Hth,
>
> Ben Ricker
>
> On Mon, 2002-12-16 at 15:28, Alexander Wallace wrote:
> > Hi there. Almost ready to deploy my app to test in real world.  I'm using
> > apache + tomcat (using mod_jk).  My app name is wxyz, and I have
> > purchased the domain name i want it to be under. I want to call
> > www.mydomain.com and get my app's index. instead of typing the
> > www.mydomain.com/wxyz.
> >
> > How can i do that? Can someone, if not tell me how, tell me where to read
> > to learn how to do it?
> >
> > Sorry about the newbienezz of the email. I know nothing about this
> > things.
> >
> > Thanks!
> >
> >
> > --
> > To unsubscribe, e-mail:  
> > <mailto:[EMAIL PROTECTED]> For additional
> > commands, e-mail: <mailto:[EMAIL PROTECTED]>


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: app roll out.

[Alexander Wallace]

I have an index.jsp, and it works if i call www.mydomain.com/myapp, but i want 
to just call www.mydomain.com... I don't even knwo how to reffer to whay i 
need, it may be virtual domain?

On Monday 16 December 2002 15:33, J. Norment wrote:
> name the starting page of your app index.jsp ?
>
> On Mon, 16 Dec 2002 15:28:39 -0600, Alexander Wallace wrote:
> >Hi there. Almost ready to deploy my app to test in real world.  I'm
> >using
> >apache + tomcat (using mod_jk).  My app name is wxyz, and I have
> >purchased
> >the domain name i want it to be under. I want to call
> >www.mydomain.com and
> >get my app's index. instead of typing the www.mydomain.com/wxyz.
> >
> >How can i do that? Can someone, if not tell me how, tell me where to
> >read to
> >learn how to do it?
> >
> >Sorry about the newbienezz of the email. I know nothing about this
> >things.
> >
> >Thanks!
> >
> >
> >--
> >To unsubscribe, e-mail:   <mailto:tomcat-user-
> >[EMAIL PROTECTED]>
> >For additional commands, e-mail: <mailto:tomcat-user-
> >[EMAIL PROTECTED]>
>
> --
> To unsubscribe, e-mail:  
> <mailto:[EMAIL PROTECTED]> For additional
> commands, e-mail: <mailto:[EMAIL PROTECTED]>


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Shtting down classes when tomcat shuts down.

[Alexander Wallace]

Hello. I have some classes that are started by a servlet when tomcat starts, 
their main method has a timer to execute some stuff periodically. When i shut 
tomcat down, the classes remain running.  How can i make them shut down with 
tomcat? 

The reason they stay up is probabbly the same for their log file to be 
catalina's log and not my app's log, which i still have not figured out how 
to change.

Thanks!


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

app roll out.

[Alexander Wallace]

Hi there. Almost ready to deploy my app to test in real world.  I'm using 
apache + tomcat (using mod_jk).  My app name is wxyz, and I have purchased 
the domain name i want it to be under. I want to call www.mydomain.com and 
get my app's index. instead of typing the www.mydomain.com/wxyz.

How can i do that? Can someone, if not tell me how, tell me where to read to 
learn how to do it?

Sorry about the newbienezz of the email. I know nothing about this things. 

Thanks!


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

System.out.println() on classes goes to catalina.log (Logging to my app revisited)

[Alexander Wallace]

Ok, when i do System.out.println() in one of my servlets, it goes to my app 
log, but if the servlet calls a class and the class has System.out.println, 
they go to catalina.log... Is this how it's supposed to be? Is there a way to 
make those go to my app log?

Thanks.

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Logging to my app.

[Alexander Wallace]

Thanks, i'll check it out. 

On Friday 13 December 2002 12:05, Shapira, Yoav wrote:
> Howdy,
> getServletContext().log(...);  The ServletContext javadoc has more
> details.
>
> Yoav Shapira
> Millennium ChemInformatics
>
> >-Original Message-
>
> From: Alexander Wallace [mailto:[EMAIL PROTECTED]]
>
> >Sent: Friday, December 13, 2002 1:00 PM
> >To: [EMAIL PROTECTED]
> >Subject: Logging to my app.
> >
> >How can i send log messages toy my app's log file (already configured
>
> in
>
> >server.xml) insetad of catalina.log?
> >
> >I noticed that some System.out.println() goes to one and others to the
> >other...
> >
> >Thanks!
> >
> >--
> >To unsubscribe, e-mail:   <mailto:tomcat-user-
> >[EMAIL PROTECTED]>
> >For additional commands, e-mail: <mailto:tomcat-user-
> >[EMAIL PROTECTED]>
>
> --
> To unsubscribe, e-mail:  
> <mailto:[EMAIL PROTECTED]> For additional
> commands, e-mail: <mailto:[EMAIL PROTECTED]>


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: Logging to my app.

[Alexander Wallace]

Thanks, i do have that working already, but you know how all (almost all) the 
System.out.println() goes into cataline.log, i was wondering if there was an 
easy line to send to the app log, not he catalina.log.


On Friday 13 December 2002 12:05, Patrick GIRY wrote:
> In your server.xml you define a Logger in you web app
> context like this :
>
>   reloadable="true"
> crossContext="true">
>  className="org.apache.catalina.logger.FileLogger"
>  prefix="localhost_examples_log."
> suffix=".txt"
> timestamp="true"/>
>
> You can set your own prefix muwebapp_log.
>
> A+
>  --- Alexander Wallace <[EMAIL PROTECTED]> a
> écrit : > How can i send log messages toy my app's log
> file
>
> > (already configured in
> > server.xml) insetad of catalina.log?
> >
> > I noticed that some System.out.println() goes to one
> > and others to the
> > other...
> >
> > Thanks!
> >
> > --
> > To unsubscribe, e-mail:
> > <mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail:
> > <mailto:[EMAIL PROTECTED]>
>
> =
> A+
> Patrick GIRY
> e-mail : [EMAIL PROTECTED]
>
> ___
> Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
> Yahoo! Mail : http://fr.mail.yahoo.com
>
> --
> To unsubscribe, e-mail:  
> <mailto:[EMAIL PROTECTED]> For additional
> commands, e-mail: <mailto:[EMAIL PROTECTED]>


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Logging to my app.

[Alexander Wallace]

How can i send log messages toy my app's log file (already configured in 
server.xml) insetad of catalina.log?

I noticed that some System.out.println() goes to one and others to the 
other...

Thanks!

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Sevlet at startup, not starting

[Alexander Wallace]

Thanks for all the help.

On Thursday 12 December 2002 19:15, Jacob Kjome wrote:
> That's what init() is there for.  Just note that the container is allowed
> to unload and reload servlets at any time it wants to so your init() and
> destroy() methods aren't guaranteed to run just once.  If you have
> application initialization that you want to happen once and only once
> during the entire run of the application, look into putting that code in
> the contextInitialized() method of a servlet context listener.
>
> Jake
>
> At 05:40 PM 12/12/2002 -0600, you wrote:
> >Well, that must be it then!
> >
> >I should just move all my code that i want inited to the init then righ?
> > Is that safe to do?
> >
> >Thanks!
> >
> >On Thursday 12 December 2002 16:19, Jacob Kjome wrote:
> > > Hello Alexander,
> > >
> > > Note that loading on startup only calls the init() method.  It does not
> > > call doGet() or anything like that.  Just making sure you understood
> > > that.
> > >
> > > Jake
> > >
> > > Thursday, December 12, 2002, 4:09:41 PM, you wrote:
> > >
> > > AW> Hi there... I have 1 servlet to start at startup, but it doesnt. If
> > > i call the AW> servlet from a browser, it starts fine.
> > >
> > > AW> My web.xml has:
> > >
> > > AW>   
> > > AW> Startup
> > > AW> Servlet that starts different startup classes and
> > > AW> stuff.
> > > AW> com.difh.servlets.Startup
> > > AW> 1
> > > AW>   
> > >
> > > AW> and
> > >
> > > AW>   
> > > AW> Startup
> > > AW> /srv/com.difh.servlets.Startup
> > > AW>   
> > >
> > > AW> Any clues as to why this doesn't get run when tomcat starts?
> > >
> > > AW> Thanks!
> > >
> > >
> > > AW> --
> > > AW> To unsubscribe, e-mail:
> > >  AW> For additional
> > > commands, e-mail: 
> >
> >--
> >To unsubscribe, e-mail:  
> >  For additional
> > commands, e-mail: 


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Sevlet at startup, not starting

[Alexander Wallace]

Well, that must be it then! 
 
I should just move all my code that i want inited to the init then righ? Is 
that safe to do?

Thanks!

On Thursday 12 December 2002 16:19, Jacob Kjome wrote:
> Hello Alexander,
>
> Note that loading on startup only calls the init() method.  It does not
> call doGet() or anything like that.  Just making sure you understood that.
>
> Jake
>
> Thursday, December 12, 2002, 4:09:41 PM, you wrote:
>
> AW> Hi there... I have 1 servlet to start at startup, but it doesnt. If i
> call the AW> servlet from a browser, it starts fine.
>
> AW> My web.xml has:
>
> AW>   
> AW> Startup
> AW> Servlet that starts different startup classes and
> AW> stuff.
> AW> com.difh.servlets.Startup
> AW> 1
> AW>   
>
> AW> and
>
> AW>   
> AW> Startup
> AW> /srv/com.difh.servlets.Startup
> AW>   
>
> AW> Any clues as to why this doesn't get run when tomcat starts?
>
> AW> Thanks!
>
>
> AW> --
> AW> To unsubscribe, e-mail:  
>  AW> For additional
> commands, e-mail: 


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Sevlet at startup, not starting

[Alexander Wallace]

Hi there... I have 1 servlet to start at startup, but it doesnt. If i call the 
servlet from a browser, it starts fine.

My web.xml has:

  
Startup
Servlet that starts different startup classes and 
stuff.
com.difh.servlets.Startup
1
  

and

  
Startup
/srv/com.difh.servlets.Startup
  

Any clues as to why this doesn't get run when tomcat starts?

Thanks!


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Urgent!!!!!!! JavaBean

[Alexander Wallace]

If you have tomcat configured to autoload classes when they are changed,
then you don't have to restart, otherwise you either restart or use the
administration tool that comes with tomcat to reload the app 
On Tue, 2002-12-10 at 03:23, Galbayar Dorjgotov wrote:
> hello all!
> I'm installed Apache Tomcat 4.x version and running fine and it serves many
> services.
> After java bean changes i must restart tomcat?
> 
> 
> --
> To unsubscribe, e-mail:   
> For additional commands, e-mail: 
> 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Getting examples to run (Spanish) Was RE: Idon´t understand the objective of thisopen list !

[Alexander Wallace]

(***Sorry for re posting, I just wanted to change the subject line***)

No hay de que... De antemano te comento que tomcat es bastante sencillo
de instalar y usar, asi que el problema que estas teniendo, espero sea
una cosa sencilla. Me gustaria comenzar por ver como instalaste tomcat,
y en que sistema operativo, saber si bajaste la version completa o la LE
de tomcat.

Pues por lo general, si funciona tomcat, funcionan los ejemplos. Los
casos en los que he visto que los ejemplos no funcionan, es por ejemplo
cuando, en debian, se instala tomcat usando apt-get y no se instalan los
ejemplos que vienen como paquete aparte.

Puedes ver el directorio webaps de tu tomcat y adentro el directorio
examples?

Bueno, espero respuesta para ver si le hallamos.

Saludos!

On Mon, 2002-12-09 at 23:11, Carlos Alberto Peláez Ayala wrote:
> Gracias por tu ayuda alexander, eres muy amable.
> Haber te comento. Lo que sucede es que instalé el Tomcat 4.1.12 y al parecer
> está corriendo, pero creo que hay algunas fallas.
> Como te digo, cuando abro la página http://localhost:8080, esta aparece
> correctamente. En la parte inferior izquierda de esa página hay unos enlaces
> que referencian a los ejemplos, que estan en la carpeta
> /directorio_de_instalación/tomcat/webapps/examples. Supuestamente estos
> ejemplos ya deberían estar corriendo, pero no es así.
> Aparecen estos errores:
> 
> HTTP Status 404 - /examples/jsp/
> 
> 
> 
> 
> type Status report
> 
> message /examples/jsp/



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

RE: I don´t understand the objective of thisopen list !

[Alexander Wallace]

You can most likely find how to contribute in the jakarta site.

On Mon, 2002-12-09 at 23:26, Theodore A. Jencks wrote:
> I'm brand new to this list and have noticed the lack of good documentation 
>available.  However the docs that exist are extremely helpful and I've found plenty 
>of information on configuring Tomcat.  Since this thread is getting so much publicity 
>I might as well restate my willingness to improve upon the documentation that 
>currently exists.  To say that the developers of Tomcat owe us users anything would 
>be ridicules they have already done so much.  However I think good documentation is 
>key for the success of any software.  If you use Tomcat you should be concerned with 
>it's future.  In short good documentation is a win for everyone, just take PHP as an 
>example.  One big reason that it's so popular is because of a great documentation 
>team.  Heck I'd go so far as to say that's why Microsoft dominates the computer 
>industry; it's because they have the best docs in the industry hands down.  I think 
>open source developers realize this but often don't have time to do anything about 
>it.  Here is an opportunity though as I've offered my services.  So if anyone knows 
>who I should contact about this I'm all ears.
> 
> Best regards,
> Theo
> 
> 
> ==
> Theodore A. Jencks-- DigitalFacet, Inc. --
> President P.O. Box 242
> Tel:  925-362-0015Alamo, CA
> Fax:  925-362-899594507
> [EMAIL PROTECTED]
> http://www.digitalfacet.com
> ==
> 
> 
> 
> 
> --
> To unsubscribe, e-mail:   
> For additional commands, e-mail: 
> 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Problems with starting Tomcat 4.1.12 - PLEASE HELP

[Alexander Wallace]

I'm not sure if it is a typo or what, but what you describe you typed
should not work, try this:

-go to a command prompt
-type c:\ and hit enter
-type cd tomcat\jakarta-4.1.12\bin and hit enter
-type startup.bat and hit enter

If i'm being too simple please forgive me.

On Mon, 2002-12-09 at 23:37, Siobhan Quigley wrote:
> Tref,
> 
> I tried retyping the command as C:\ Cd tomcat\jakarta-4.1.12\bin\startup.bat
> but it could not find the path specified.
> 
> The following variable was se up for SDK
> variable name = Path
> variable value = stemRoot%\System32\Wbem;C:\Java\bin;
> 
> 'Thanks for you help
> 
> 
> - Original Message -
> From: "Tref Gare" <[EMAIL PROTECTED]>
> To: "Tomcat Users List" <[EMAIL PROTECTED]>
> Sent: Monday, December 09, 2002 10:32 PM
> Subject: RE: Problems with starting Tomcat 4.1.12 - PLEASE HELP
> 
> 
> > Sorry if you've already done this but it's not clear from your message.
> >
> > Is C:\Tomcat\jakarta-tomcat-4.1.12\bin\startup.bat exactly what you've
> > entered? Ie: at the command prompt.
> >
> > That is
> >
> > C:
> > Cd tomcat\jakarta-tomcat-4.1.12\bin
> > Startup.bat
> >
> > If the above is returning a "can't find this thing" type message then
> > the first thing to check is that it's actually there (typos in the path
> > etc).
> >
> > Alternatively:
> > Have you got your JDK in your path?
> > Ie: PATH=C:\path\to\your\jdk\bin
> >
> >
> > cheers
> >
> > --
> > Tref Gare
> > Development Consultant
> > Areeba
> > Level 19/114 William St, Melbourne VIC 3000
> > email: [EMAIL PROTECTED]
> > phone: +61 3 9642 5553
> > fax: +61 3 9642 1335
> > website: http://www.areeba.com.au
> > --
> > "This email is intended only for the use of the individual or entity
> > named above and contains information that is confidential. No
> > confidentiality is waived or lost by any mis-transmission. If you
> > received this correspondence in error, please notify the sender and
> > immediately delete it from your system. You must not disclose, copy or
> > rely on any part of this correspondence if you are not the intended
> > recipient. Any communication directed to clients via this message is
> > subject to our Agreement and relevant Project Schedule. Any information
> > that is transmitted via email which may offend may have been sent
> > without knowledge or the consent of Areeba."
> > --
> >
> > -Original Message-
> > From: Siobhan Quigley [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, 10 December 2002 7:45 AM
> > To: [EMAIL PROTECTED]
> > Subject: Problems with starting Tomcat 4.1.12 - PLEASE HELP
> >
> > I have installed the Java SDK and Tomcat 4.1.12 (release version).  I
> > have set the JAVA_HOME  and the
> > CATALINA_HOME  variables and did the ECHO test.  When I try to start up
> > Tomcat, I type
> > C:\Tomcat\jakarta-tomcat-4.1.12\bin\startup.bat but I get an error
> > message saying it can not
> > find the path specified.
> >
> > What do I need to type to (a) start the application and (b) shut down
> > the
> > application.? (I am a complete beginner)
> >
> > Thanks for your help
> >
> > rocket
> >
> >
> >
> > --
> > To unsubscribe, e-mail:
> 
> > For additional commands, e-mail:
> 
> >
> 
> 
> --
> To unsubscribe, e-mail:   
> For additional commands, e-mail: 
> 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

RE: I don´t understand the objective of thisopen list !

[Alexander Wallace]

I also have a technical background, but not as big as yours. I have been
programming in java por 3 months now. Even before I started programming
I gave tomcat a try to see my options. I have to tell you that getting
tomcat to run and work fine is trivial. That setting up  connection
pooling is just a matter of following the instructions in jakarta's
site, and that setting mod_jk to work, just following the example, took
like 30 minutes... Now, i'm a linux user, i don't know if it's as easy
or not in windows, but if you can't get tomcat running with minimal
effort, then there has to be a problem in your setop that is beyont
tomcat.

On Tue, 2002-12-10 at 00:37, Mike DiChiappari wrote:
> Notice that I didn't ask a question JOEL BERGMAN (are you a Jakarta 
> developer).  I simply chimed in when someone else expressed 
> dissatisfaction with this list.  I have been disappointed and 
> frustrated by the  that is called documentation.  I stopped 
> trying to get tomcat to work properly over a year ago.  Recently I 
> looked into it again, and noticed little to no improvement.
> 
> Note that my background is technical, with over twenty years of 
> building commercial quality software.  I don't believe in a lot of 
> pie-in-the-sky ideals in terms of software development.  I rate 
> software on three important criteria: does it do what it is intended, 
> can it be used easily, and is it maintainable.
> 
> In terms of tomcat, I give it a grade of incomplete on all three of 
> the above.  I can not tell if it does what its supposed to because I 
> can't get it to work with a reasonable amount of effort.
> 
> Here if my contribution to Jarkata and people looking for a low cost 
> Java solution.  Use JRUN (discalimer: I am not affiliated with 
> Macromedia in any way).  It is under $1000 and includes a full J2EE 
> implementation (JSP, servlets, EJB).  It looks like the installer 
> does all the stuff that mod_jk, mod_jk2, and mod_web are supposed to 
> (if anyone could get them to work).  A development version is 
> available for free.
> 
> Mike
> 
> 
> 
> >  > -Original Message-
> >>  From: Mike DiChiappari [mailto:[EMAIL PROTECTED]]
> >>  Sent: Monday, December 09, 2002 4:37 PM
> >>  To: Tomcat Users List
> >>  Subject: Re: I don´t understand the objective of this open list !
> >>
> >>
> >>  I know the reason for this list - at least as it applies to Jakarta.
> >>  It is meant to address the complete lack of adequate documentation
> >>  for tomcat.
> >
> >Are you volunteering to write some, Mike DiChiappari?  That is how things
> >get done: someone DOES them.
> >
> >If you don't know enough, you could skim the mailing list looking for
> >questions, finding out when they were answered to the questioner's
> >satisfaction, and using that as your source material.
> >
> >Or do you just want answers to YOUR questions?
> >
> > --- Noel
> >
> >
> >--
> >To unsubscribe, e-mail:   
> >For additional commands, e-mail: 
> 
> 
> --
> To unsubscribe, e-mail:   
> For additional commands, e-mail: 
> 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

RE: RE: I don´t understand the objective ofthisopen list !

[Alexander Wallace]

5)
>   at org.apache.catalina.core.StandardHost.install(StandardHost.java:803)
>   at org.apache.catalina.startup.HostConfig.deployDescriptors
> (HostConfig.java:452)
>   at org.apache.catalina.startup.HostConfig.deployApps
> (HostConfig.java:409)
>   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:879)
>   at org.apache.catalina.startup.HostConfig.lifecycleEvent
> (HostConfig.java:368)
>   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent
> (LifecycleSupport.java:166)
>   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1196)
>   at org.apache.catalina.core.StandardHost.start(StandardHost.java:738)
>   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1188)
>   at org.apache.catalina.core.StandardEngine.start
> (StandardEngine.java:347)
>   at org.apache.catalina.core.StandardService.start
> (StandardService.java:497)
>   at org.apache.catalina.core.StandardServer.start
> (StandardServer.java:2189)
>   at org.apache.catalina.startup.Catalina.start(Catalina.java:510)
>   at org.apache.catalina.startup.Catalina.execute(Catalina.java:400)
>   at org.apache.catalina.startup.Catalina.process(Catalina.java:180)
>   at java.lang.reflect.Method.invoke(Native Method)
>   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:203)
> [ERROR] Digester - -Parse Fatal Error at line 307 column 39: The string "--"
> is
> not permitted within comments.  "--"
> is not permitted within comments.>
> [INFO] Http11Protocol - -Starting Coyote HTTP/1.1 on port 8080
> [INFO] ChannelSocket - -JK2: ajp13 listening on tcp port 8009
> [INFO] JkMain - -Jk running ID=0 time=1/141
> config=/www2/websev/uportal/tomcat/dist/conf/jk2.properties
> 
> Si deseas, te puedo enviar todos los archivos completos de los logs para que
> los analices.
> Lo obvio, es que estos archivos de ejemplo, deberían ya estar corriendo,
> además como una página que está dentro de /admin y que tampoco carga, que se
> enlaza desde un vínculo en la parte superior de la página de inicio. Hay
> algo que tenga que hacerle a esta versión de tomcat (4.1.12) para que me
> corran esos ejemplos, o es que existe algún problema con algo ?.
> Gracias por tu ayuda.
> 
> 
> -Mensaje original-
> De: Alexander Wallace [mailto:[EMAIL PROTECTED]]
> Enviado el: lunes, 09 de diciembre de 2002 17:24
> Para: Tomcat Users List
> Asunto: Re: RE: I don´t understand the objective of thisopen list !
> 
> 
> Te puedo ayudar en español si gustas, dime cual es tu problema y veremos
> si me es posible ayudarte a resolverlo.
> 
> Saludos.
> 
> On Mon, 2002-12-09 at 08:13, [EMAIL PROTECTED] wrote:
> > what curious that is the first time that someone here, can to answer to
> > something. Yes, this list is not for fighting, but is for help at other
> > persons...maybe you can help me to solve my "easy" technical problem and
> forget
> > this, because i think that you don´t have damages, it´s right ?.
> > Thank´s.
> >
> > Mensaje citado por: "Laxmikanth M.S." <[EMAIL PROTECTED]>:
> >
> > > This is not the list for fighting..
> > > if u have personal grievance please send it to intended person not to
> > > the
> > > list
> > > please avoid flooding mails like this hereafter.even I am sorry
> > > for
> > > sending to all but no othergo
> > >
> > > Regards
> > > Laxmikanth M S
> > > Off*  : 91-80-6610330 extn 1256
> > > Res* : 91-80-5267150
> > > http://www.sonata-software.com
> > >
> > > > Coming together is the beginning, staying together is progress and
> > > working
> > > > together is Success
> > > What lies behind us and what lies before us are tiny matters compared
> > > to
> > > what lies within us  - Emerson
> > >
> > >
> > > > -Original Message-
> > > > From:   Donie Kelly [SMTP:[EMAIL PROTECTED]]
> > > > Sent:   Monday, December 09, 2002 7:16 PM
> > > > To: 'Tomcat Users List'
> > > > Subject:RE: I don´t understand the objective of this open list !
> > > >
> > > > You're defiantly blacklisted now :)
> > > >
> > > >
> > > >
> > > > -Original Message-
> > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> > > > Sent: 09 December 2002 13:40
> > > > To: [EMAIL PROTECTED]
> > > > Subject: I don´t understand the objective of

Re: RE: I don´t understand the objective of thisopen list !

[Alexander Wallace]

Te puedo ayudar en español si gustas, dime cual es tu problema y veremos
si me es posible ayudarte a resolverlo.

Saludos.

On Mon, 2002-12-09 at 08:13, [EMAIL PROTECTED] wrote:
> what curious that is the first time that someone here, can to answer to 
> something. Yes, this list is not for fighting, but is for help at other 
> persons...maybe you can help me to solve my "easy" technical problem and forget 
> this, because i think that you don´t have damages, it´s right ?.
> Thank´s.
> 
> Mensaje citado por: "Laxmikanth M.S." <[EMAIL PROTECTED]>:
> 
> > This is not the list for fighting..
> > if u have personal grievance please send it to intended person not to
> > the
> > list
> > please avoid flooding mails like this hereafter.even I am sorry
> > for
> > sending to all but no othergo
> > 
> > Regards
> > Laxmikanth M S 
> > Off*  : 91-80-6610330 extn 1256
> > Res* : 91-80-5267150
> > http://www.sonata-software.com
> > 
> > > Coming together is the beginning, staying together is progress and
> > working
> > > together is Success
> > What lies behind us and what lies before us are tiny matters compared
> > to
> > what lies within us  - Emerson
> > 
> > 
> > > -Original Message-
> > > From: Donie Kelly [SMTP:[EMAIL PROTECTED]]
> > > Sent: Monday, December 09, 2002 7:16 PM
> > > To:   'Tomcat Users List'
> > > Subject:  RE: I don´t understand the objective of this open list !
> > > 
> > > You're defiantly blacklisted now :)
> > > 
> > > 
> > > 
> > > -Original Message-
> > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> > > Sent: 09 December 2002 13:40
> > > To: [EMAIL PROTECTED]
> > > Subject: I don´t understand the objective of this open list !
> > > 
> > > In 3 opportunities i wrote to this stuped (sorry) list, and NEVER i
> > found
> > > help.
> > > I hope that the people that participates of this list, don´t have
> > damages
> > > about
> > > other people that don´t belong´s at your countries.
> > > Thank´s for NOTHING.
> > > 
> > > 
> > > --
> > > To unsubscribe, e-mail:
> > > 
> > > For additional commands, e-mail:
> > > 
> > > 
> > > --
> > > To unsubscribe, e-mail:
> > > 
> > > For additional commands, e-mail:
> > > 
> > *
> > Disclaimer: The information in this e-mail and any attachments is
> > confidential / privileged. It is intended solely for the addressee or
> > addressees. If you are not the addressee indicated in this message, you
> > may
> > not copy or deliver this message to anyone. In such case, you should
> > destroy
> > this message and kindly notify the sender by reply email. Please
> > advise
> > immediately if you or your employer does not consent to Internet email
> > for
> > messages of this kind.
> > *
> > 
> > --
> > To unsubscribe, e-mail:  
> > 
> > For additional commands, e-mail:
> > 
> > 
> > 
> 
> --
> To unsubscribe, e-mail:   
> For additional commands, e-mail: 
> 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Problems with starting Tomcat 4.1.12 - PLEASE HELP

[Alexander Wallace]

I'm not a windows user, so I can't tell you much, but you start the
server with exactly that startup.bat and use shutdown.bat to the the
oposite. What are the contets of your JAVA_HOME? CATALINA_HOME?

On Mon, 2002-12-09 at 14:45, Siobhan Quigley wrote:
> I have installed the Java SDK and Tomcat 4.1.12 (release version).  I have set the 
>JAVA_HOME  and the
> CATALINA_HOME  variables and did the ECHO test.  When I try to start up Tomcat, I 
>type
> C:\Tomcat\jakarta-tomcat-4.1.12\bin\startup.bat but I get an error message saying it 
>can not
> find the path specified.
> 
> What do I need to type to (a) start the application and (b) shut down the
> application.? (I am a complete beginner)
> 
> Thanks for your help
> 
> rocket
> 
> 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

RE: Advise on how to hanle url names when using https

[Alexander Wallace]

Cool, thanks!

On Mon, 2002-12-09 at 15:52, Turner, John wrote:
> 
> Once you serve content via SSL, further URLs can be relative.  There is no
> requirement that all SSL-based URLs be hardcoded.
> 
> If you have myApp/whatever.jsp in your content, and the request originated
> via SSL, the URL will be converted to
> https://some.server.com/myApp/whatever.jsp on the fly.
> 
> Since best practice for SSL is to protect ALL content in the SSL-enabled
> "area" and not just the page that asks for a password or credit card number,
> the scenario above happens by default.
> 
> The only time you need to hardcode the entire URL is when you want to switch
> from SSL to non-SSL, or non-SSL to SSL, and that's because the switch is
> done by the browser, not the server, and the browser needs to know whether
> to attempt a connection to port 80 or port 443.
> 
> John
> 
> > -Original Message-
> > From: Alexander Wallace [mailto:[EMAIL PROTECTED]]
> > Sent: Monday, December 09, 2002 4:46 PM
> > To: Tomcat Users List
> > Subject: Advise on how to hanle url names when using https
> > 
> > 
> > Hi there. Using apache + tomcat, is there a better/different way of
> > reffering to resources (jsps/servlets) in an app when https 
> > is required
> > other than hardcoding the full url
> > (https://my.server.com/myapp/whatever.jsp) in the jsps and servlet's
> > that whant to call those resources?
> > 
> > Thanks.
> > 
> > 
> > 
> > 
> > 
> > --
> > To unsubscribe, e-mail:   
> > <mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail: 
> > <mailto:[EMAIL PROTECTED]>
> > 
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: Advise on how to hanle url names when using https

[Alexander Wallace]

Thankyou! Based on that i made a filter that does pretty much the same
thing, based on the resource prefix. The only thing I disliked about it
is that it takes all the stuff in the request if post was used and puts
them in a parameter list.

Again, thanks!

On Mon, 2002-12-09 at 15:50, Chris Parker wrote:
> Others will have suggestions...
> 
> Before you settle on a solution, look here
> http://www.javaworld.com/javaworld/jw-02-2002/jw-0215-ssl.html
> 
> The code they show is old and slightly broken at this point.  It took me
> half a day or so to get it working correctly on my server.  BUT, it couldn't
> be any easier once complete.
> 
> <===>
> Chris Parker
> Programmer/Analyst
> Health Care Services Division
> California Youth Authority
> 
> - Original Message -
> From: Alexander Wallace <[EMAIL PROTECTED]>
> To: Tomcat Users List <[EMAIL PROTECTED]>
> Sent: Monday, December 09, 2002 1:45 PM
> Subject: Advise on how to hanle url names when using https
> 
> 
> > Hi there. Using apache + tomcat, is there a better/different way of
> > reffering to resources (jsps/servlets) in an app when https is required
> > other than hardcoding the full url
> > (https://my.server.com/myapp/whatever.jsp) in the jsps and servlet's
> > that whant to call those resources?
> >
> > Thanks.
> >
> >
> >
> >
> >
> > --
> > To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
> >
> >
> 
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Advise on how to hanle url names when using https

[Alexander Wallace]

Hi there. Using apache + tomcat, is there a better/different way of
reffering to resources (jsps/servlets) in an app when https is required
other than hardcoding the full url
(https://my.server.com/myapp/whatever.jsp) in the jsps and servlet's
that whant to call those resources?

Thanks.





--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: For all: Excuse me please.

[Alexander Wallace]

Can your repost your problem?

On Mon, 2002-12-09 at 08:51, [EMAIL PROTECTED] wrote:
> First that all, sorry by my english. Since the Friday 07 of December, i post my 
> questions in the list and i don´t have answer of nobody. Maybe, nobody have a 
> little time for help me. Now, I think that this is my problem and no the 
> problem of other persons. Please, for Jhon Turner, Laxmikanth M S, Doni Kelly, 
> Yoav Shapira and for ALL persons of this list, i give to all a excuses for my 
> despair.
> I sorry my behavior, and my big wish is that all people...they can be my 
> friends.
> Sorry for all, and i hope your hands for help me.
> God bless all here and thank´s for your answers.
> :):):):):):):):):):):):):):):):):):):):):):):):):):):):):):):):):):):):):):):):)
> :):):):):)
> 
>  
>  
> 
> 
> 
> --
> To unsubscribe, e-mail:   
> For additional commands, e-mail: 
> 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Security constrant to force SSL works with apache+tomcat?

[Alexander Wallace]

On Sat, 2002-12-07 at 03:35, Craig R. McClanahan wrote:

> 
> That's not quite right.
> 
> Starting a session in http and switching to https for the sensitive part
> (i.e. fill your shopping cart on http and switch for the checkout page
> that asks for your credit card number) is fine.
> 
> Switching from https to http, in the same session, is not fine.
> 

But when i switch from http to https, all objects I had in the session
are not accessible anymore, I asume that's becouse a new session is
created. Isn't that how it is? I've been trying to find out if i can
retrieve those objects in the http session (if it's anotherone). Session
sharing is not possible anymore...

If it was the same session id when switching from http to https, then
that would also be a security risk would not it?

Thanks!



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Tomcat standalone + SSL.

[Alexander Wallace]

I think i've been schooled in this already, so please disregard this
unless still want to comment on it... Thanks again and sorry for this
post, but it was made one minute before I was kindly informed by Milt
Epstein that there is no way of doing what i ask here...


On Fri, 2002-12-06 at 16:48, Alexander Wallace wrote:
> Hello there... I have asked this question before but maybe with the
> wrong subject, so here i try again.
> 
> I have a web app that needs to use SSL at one point, but not from the
> beginning. Now i understand tat once i start using SSL i need to stay in
> that mode, and that is fine.
> 
> My problem is that when i'm in https mode, i need to get from the
> session some objects that were put there when the app was using http
> mode.
> 
> I asumme this is becouse tomcat is creating a new session and encrypting
> it's id when https is used.
> 
> But how can i have access to those objects?
> 
> Has anyone experienced this situation? How did you fix it?
> 
> Thanks in advance.
> 
> 
> 
> 
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: Security constrant to force SSL works with apache+tomcat?

[Alexander Wallace]

On Fri, 2002-12-06 at 16:17, Milt Epstein wrote:
> 
> I have apache in front of tomcat, and those methods work fine for me.
> So perhaps there is something else going on here, something in your
> configuration that is not right.

Could it be the an option in the configuration files for mod_jk? Could
you share yours? If i use the methods (getRemoteAddress() and such) in
stand alone mode, they work fine...

> AFAIK, pretty much no.  Doing so would be a security risk.  This has
> come up many times before, check the list archives.  General
> recommendation is to not switch between http and https, always use one
> or the other.

That makes a lot of sence and i was kind of afraid that woudl be the
answer. Just wanted to make sure...
> 
> Also, I'm not sure I understand the need for using tomcat security
> constraints for forcing https usage when using apache in front of
> tomcat. 

I guess I can lieve with that, what i wanted to avoid was hardcoding the
url (including servername and all that) in my jsps and servlets that
access the resources that need to be secured.  

How do you hadle this?

I wrote a filter that prette much redirects based on a url prefix, but i
rather not do that if i don't have to.

Thanks Milt!

> 
> 
> > On Fri, 2002-12-06 at 12:34, David Brown wrote:
> > > Alexander Wallace writes:
> > >
> > > > I have not tested this, but wanted to make sure before I do all the
> > > > necesary changes.
> > > >
> > > > I have apache in front of tomcat, apache handles the ssl
> > > > communication... I need to make sure that some stuff happens only via
> > > > ssl, and i had a filter for that. But i was recommended to use a
> > > > security constranint in tomcat instead.  Will this work having apache on
> > > > top of tomcat?
> > > >
> > > > Also. I only have apache + tomcat becouse when I enabled SSL to tomcat
> > > > stand alone, whenever switching to ssl, i would not be able to access
> > > > all my session objects created before the switch. Is there a way to
> > > > avoid that? If is i would just remove apache from the picture. Al my
> > > > static content needs to come from tomcat anyway.
> > > >
> > > > Also, is there a way to read the ip address of the requesting user if
> > > > apache is the front to tomcat?
> > > >
> > > > I realize some of this are different topics, but have to do with the
> > > > same stuff...
> > > >
> > > > Thanks to all in advance!
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > --
> > > > To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> > > > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> > > >
> > >
> > >
> > >
> > > Hello Alexander, i know tc can enable/disable dns lookups on requests (i'm
> > > not sure if this is what u r looking 4). a dns resolver can do reverse
> > > lookups but getting the ip i'm not sure if there is anyway to do this from
> > > within tc. all i can say is the "standard" config as laid down by apache and
> > > tc works 4 me. i have several servlets and jsp's running on 4 virtual hosts
> > > all ssl capable depending on the "webapp" deployed and the user/role defined
> > > in my JDBCRealm. everything runs pretty much "out-of-the-box" config. all my
> > > tc ssl requests go through: https://localhost:8443/, all my cgi-bin
> > > requests go through htts://localhost:443/cgi-bin/ and all other
> > > traffic routes as: port 80 or 8080 as expected. removing apache is not
> > > advisable. apache has many directives that r very usefull as user access
> > > controls. also, u need to impart more info on ur environment and what u plan
> > > to do to give the gurus on this ml a better picture. if u plan to operate on
> > > the public wire much more consideration will need to be given b4 u expose
> > > ports: 80, 8080, 443, 8443 etc. hope this helps, david.
> > >
> > > --
> > > To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> > > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> > >
> >
> >
> >
> > --
> > To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> >
> 
> Milt Epstein
> Research Programmer
> Integration and Software Engineering (ISE)
> Campus Information Technologies and Educational Services (CITES)
> University of Illinois at Urbana-Champaign (UIUC)
> [EMAIL PROTECTED]
> 
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Tomcat standalone + SSL.

[Alexander Wallace]

Hello there... I have asked this question before but maybe with the
wrong subject, so here i try again.

I have a web app that needs to use SSL at one point, but not from the
beginning. Now i understand tat once i start using SSL i need to stay in
that mode, and that is fine.

My problem is that when i'm in https mode, i need to get from the
session some objects that were put there when the app was using http
mode.

I asumme this is becouse tomcat is creating a new session and encrypting
it's id when https is used.

But how can i have access to those objects?

Has anyone experienced this situation? How did you fix it?

Thanks in advance.





--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: connection pool to postgresql

[Alexander Wallace]

Here is what i have in server.xml in the context of my app

 

  
factory
   
org.apache.commons.dbcp.BasicDataSourceFactory
  
  
driverClassName
org.postgresql.Driver
  
  
url
   
jdbc:postgresql://IP.GOES.HERE.XX/db_name_goes_here
  
  
username
TheUserNameGoesHere
  
  
password
ThePasswordGoesHere
  
  
maxActive
50
  
  
maxIdle
10
  
  
maxWait
-1
  
 

then my web.xml

  
postgreSQL Datasource
jdbc/postgresql
javax.sql.DataSource
Container
  

The following class provides connections from the pool:

import java.sql.Connection;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.sql.DataSource;

/**
 * Class Pool provides pooled connections from JNDI data source.
 * 
 */
public class Pool {

/**
 * Method Pool creates a database pool
 */
public Pool() {
System.err.println("Pool Initialized");
}

/**
 * Method getConnection.
 * @return Connection 
 */
public static Connection getConnection() {

Connection cn = null;

try {
Context ctx = new InitialContext();
DataSource ds =
(DataSource)ctx.lookup("java:comp/env/jdbc/postgresql");
if (ds != null) { 
cn = ds.getConnection();
}
}
catch (Exception e) {
e.printStackTrace(System.err);
}

return cn;
}
}

And to get a connection and use it, just declare like:

Connection cn = Pool.getConnection();

And that's it!

On Fri, 2002-12-06 at 16:11, Dionisio Ruiz de Zarate wrote:
> Hello can anybody help me to configure one connection pool to postgresql
> from tomcat?
> and how can i use fron one java class?
> thanks
> 
> 
> 
> --
> To unsubscribe, e-mail:   
> For additional commands, e-mail: 
> 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Tomcat and Apache web server

[Alexander Wallace]

You probably just need to specify index.jsp in the url.

On Fri, 2002-12-06 at 14:05, dustin cavanaugh wrote:
> This is a follow-on question to the "Tomacat and
> apache web server" thread.
> 
> I'm running Apache2.0.43, Tomcat4.1.12, mod_jk2
> (12/4/02) on a Win2K platform. I have an webapp I'll
> call "Project" that resides in the webapps directory.
> Within Project, I have a class file called "DoStuff".
> localhost:8080/Project/DoStuff, works properly.
> However, www.myhost.com/Project/DoStuff returns a 404.
> www.myhost.com/jkstatus also works properly.
> 
> What's missing/wrong?
> 
> __
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
> http://mailplus.yahoo.com
> 
> --
> To unsubscribe, e-mail:   
> For additional commands, e-mail: 
> 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Security constrant to force SSL works with apache+tomcat?

[Alexander Wallace]

Thankyou david...  If i run tomcat standalone I can use
request.getRemoteAddr(), request.getRemoteHost(), and
request.getRemoteUser() to get some info I would love to have, but if
apache is in front of tomcat the info is always localhost and null for
the other methods, at least the way I'm doing it... So i was wondering
if there was a way to get the same info i get with tomcat stand alone.

Pretty much what I want to do is run an app that will be open to the
public. It has a section that needs to be protected with ssl. And i
would like to use tomcat standalone but if i use tomcat's ssl, i loose
all objects i placed in the session before i swhitch to https... Is
there a way to be able to access those objects in the non https session?

Thanks!

On Fri, 2002-12-06 at 12:34, David Brown wrote:
> Alexander Wallace writes: 
> 
> > I have not tested this, but wanted to make sure before I do all the
> > necesary changes. 
> > 
> > I have apache in front of tomcat, apache handles the ssl
> > communication... I need to make sure that some stuff happens only via
> > ssl, and i had a filter for that. But i was recommended to use a
> > security constranint in tomcat instead.  Will this work having apache on
> > top of tomcat?  
> > 
> > Also. I only have apache + tomcat becouse when I enabled SSL to tomcat
> > stand alone, whenever switching to ssl, i would not be able to access
> > all my session objects created before the switch. Is there a way to
> > avoid that? If is i would just remove apache from the picture. Al my
> > static content needs to come from tomcat anyway. 
> > 
> > Also, is there a way to read the ip address of the requesting user if
> > apache is the front to tomcat? 
> > 
> > I realize some of this are different topics, but have to do with the
> > same stuff... 
> > 
> > Thanks to all in advance! 
> > 
> >  
> > 
> >  
> > 
> > --
> > To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> 
> > 
>  
> 
> 
> Hello Alexander, i know tc can enable/disable dns lookups on requests (i'm 
> not sure if this is what u r looking 4). a dns resolver can do reverse 
> lookups but getting the ip i'm not sure if there is anyway to do this from 
> within tc. all i can say is the "standard" config as laid down by apache and 
> tc works 4 me. i have several servlets and jsp's running on 4 virtual hosts 
> all ssl capable depending on the "webapp" deployed and the user/role defined 
> in my JDBCRealm. everything runs pretty much "out-of-the-box" config. all my 
> tc ssl requests go through: https://localhost:8443/, all my cgi-bin 
> requests go through htts://localhost:443/cgi-bin/ and all other 
> traffic routes as: port 80 or 8080 as expected. removing apache is not 
> advisable. apache has many directives that r very usefull as user access 
> controls. also, u need to impart more info on ur environment and what u plan 
> to do to give the gurus on this ml a better picture. if u plan to operate on 
> the public wire much more consideration will need to be given b4 u expose 
> ports: 80, 8080, 443, 8443 etc. hope this helps, david. 
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: Security constrant to force SSL works with apache+tomcat?

[Alexander Wallace]

I guess, in answer to my first question here, The security constrain
tells tomcat to use it's own ssl, it won't tell apache to use ssl...

I would totally use tomcat stand alone with ssl, if i can figure out how
not to loose objects created in the session before switching to https..
Any insight here?

Thanks.

On Fri, 2002-12-06 at 13:01, Alexander Wallace wrote:
> I have not tested this, but wanted to make sure before I do all the
> necesary changes.
> 
> I have apache in front of tomcat, apache handles the ssl
> communication... I need to make sure that some stuff happens only via
> ssl, and i had a filter for that. But i was recommended to use a
> security constranint in tomcat instead.  Will this work having apache on
> top of tomcat? 
> 
> Also. I only have apache + tomcat becouse when I enabled SSL to tomcat
> stand alone, whenever switching to ssl, i would not be able to access
> all my session objects created before the switch. Is there a way to
> avoid that? If is i would just remove apache from the picture. Al my
> static content needs to come from tomcat anyway.
> 
> Also, is there a way to read the ip address of the requesting user if
> apache is the front to tomcat?
> 
> I realize some of this are different topics, but have to do with the
> same stuff...
> 
> Thanks to all in advance!
> 
> 
> 
> 
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Security constrant to force SSL works with apache+tomcat?

[Alexander Wallace]

I have not tested this, but wanted to make sure before I do all the
necesary changes.

I have apache in front of tomcat, apache handles the ssl
communication... I need to make sure that some stuff happens only via
ssl, and i had a filter for that. But i was recommended to use a
security constranint in tomcat instead.  Will this work having apache on
top of tomcat? 

Also. I only have apache + tomcat becouse when I enabled SSL to tomcat
stand alone, whenever switching to ssl, i would not be able to access
all my session objects created before the switch. Is there a way to
avoid that? If is i would just remove apache from the picture. Al my
static content needs to come from tomcat anyway.

Also, is there a way to read the ip address of the requesting user if
apache is the front to tomcat?

I realize some of this are different topics, but have to do with the
same stuff...

Thanks to all in advance!





--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Filters don't affect request dispatcher forward

[Alexander Wallace]

Thanks for the schooling, now it's all clear!

I realy appreciate it.

On Tue, 2002-12-03 at 23:41, Craig R. McClanahan wrote:
> 
> 
> On 3 Dec 2002, Alexander Wallace wrote:
> 
> > Date: 03 Dec 2002 21:42:54 +0100
> > From: Alexander Wallace <[EMAIL PROTECTED]>
> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> > To: Tomcat Users List <[EMAIL PROTECTED]>
> > Subject: Re: Filters don't affect request dispatcher forward
> >
> > I have one extra question... Asumming one should not switch from https
> > to http for security reasons... How does one handle the situation in
> > which a user should login with a password (that one would like to
> > encrypt so it can't be sniffed)? Should the whole app be run using
> > https? Isn't that too hard on resources?
> >
> 
> If you switch back, you're just as vulnerable as if you did the login
> under non-SSL (in other words, the encryption of the username and
> password on the SSL login gives you a *false* sense of security, not
> anything real).  So why bother with all the extra effort in the first
> place?
> 
> If you really care about the security of passwords, run the whole session
> in SSL (and buy an extra CPU for your server, for goodness sake, if that
> really matters).  If you don't care, life is much simpler if you just run
> everything non-SSL.
> 
> If you decide to implement switching back to non-SSL on a public internet
> app, please let me know where it is so I can avoid it.
> 
> > Does this not switching from https to http also apply when you have
> > apache handling all the ssl comunication?
> >
> 
> Yep ... the issue is the exposure of session id information in cleartext,
> not the mechanics of how you processed it on your server.
> 
> >
> > Thanks again in advance.
> 
> Craig
> 
> 
> >
> > On Tue, 2002-12-03 at 18:37, Alexander Wallace wrote:
> > > Ok, thankyou for the advice, I will do that then. What i was trying to
> > > do is actually what you are telling me i shouldn't.
> > >
> > > Again, thanks!
> > >
> > > On Tue, 2002-12-03 at 11:20, Craig R. McClanahan wrote:
> > > >
> > > >
> > > > On 3 Dec 2002, Alexander Wallace wrote:
> > > >
> > > > > Date: 03 Dec 2002 10:21:19 -0600
> > > > > From: Alexander Wallace <[EMAIL PROTECTED]>
> > > > > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> > > > > To: Tomcat Users List <[EMAIL PROTECTED]>
> > > > > Subject: Re: Filters don't affect request dispatcher forward
> > > > >
> > > > > Hey I love that! Thanks, let me try it!
> > > > >
> > > > > Now, with this solution, I figure i can't fore stuff that doesn't match
> > > > > the "to be secured" pattern to go over http and not https if it is
> > > > > requested, right? I still can live with that, but it would sure be
> > > > > cool..
> > > > >
> > > >
> > > > I'm not sure what you're really asking, but ...
> > > >
> > > > If you declare a security constraint with a transport guarantee, any URL
> > > > that matches the specified pattern(s) can *only* be accessed via SSL.  Any
> > > > URL that does not match the pattern can be accessed over *either* SSL or
> > > > non-SSL.
> > > >
> > > > One additional note -- web applications that allow a user to switch from
> > > > SSL back to non-SSL on the same session are broken.  What you've just done
> > > > is allowed anyone snooping the network to swipe the session id and
> > > > impersonate your user (for example, click the "buy" button again using the
> > > > credit card number that was entered on a secure page).
> > > >
> > > > You should program your apps that, once a user switches from non-SSL to
> > > > SSL, you never again accept a non-SSL request for that same session id.
> > > > If the user needs to go back (for example, after checking out of an
> > > > ecommerce site you want to buy some more stuff), start a new session first
> > > > (and clear the confidential data you might have captured).
> > > >
> > > > > Thanks!
> > > >
> > > > Craig
> > > >
> > > >
> > > > --
> > > > To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> > > > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> > > >
> > >
> > >
> > >
> > > --
> > > To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> > > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> > >
> >
> >
> >
> > --
> > To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> >
> >
> 
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: Filters don't affect request dispatcher forward

[Alexander Wallace]

I have one extra question... Asumming one should not switch from https
to http for security reasons... How does one handle the situation in
which a user should login with a password (that one would like to
encrypt so it can't be sniffed)? Should the whole app be run using
https? Isn't that too hard on resources?

Does this not switching from https to http also apply when you have
apache handling all the ssl comunication?


Thanks again in advance.

On Tue, 2002-12-03 at 18:37, Alexander Wallace wrote:
> Ok, thankyou for the advice, I will do that then. What i was trying to
> do is actually what you are telling me i shouldn't.
> 
> Again, thanks!
> 
> On Tue, 2002-12-03 at 11:20, Craig R. McClanahan wrote:
> > 
> > 
> > On 3 Dec 2002, Alexander Wallace wrote:
> > 
> > > Date: 03 Dec 2002 10:21:19 -0600
> > > From: Alexander Wallace <[EMAIL PROTECTED]>
> > > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> > > To: Tomcat Users List <[EMAIL PROTECTED]>
> > > Subject: Re: Filters don't affect request dispatcher forward
> > >
> > > Hey I love that! Thanks, let me try it!
> > >
> > > Now, with this solution, I figure i can't fore stuff that doesn't match
> > > the "to be secured" pattern to go over http and not https if it is
> > > requested, right? I still can live with that, but it would sure be
> > > cool..
> > >
> > 
> > I'm not sure what you're really asking, but ...
> > 
> > If you declare a security constraint with a transport guarantee, any URL
> > that matches the specified pattern(s) can *only* be accessed via SSL.  Any
> > URL that does not match the pattern can be accessed over *either* SSL or
> > non-SSL.
> > 
> > One additional note -- web applications that allow a user to switch from
> > SSL back to non-SSL on the same session are broken.  What you've just done
> > is allowed anyone snooping the network to swipe the session id and
> > impersonate your user (for example, click the "buy" button again using the
> > credit card number that was entered on a secure page).
> > 
> > You should program your apps that, once a user switches from non-SSL to
> > SSL, you never again accept a non-SSL request for that same session id.
> > If the user needs to go back (for example, after checking out of an
> > ecommerce site you want to buy some more stuff), start a new session first
> > (and clear the confidential data you might have captured).
> > 
> > > Thanks!
> > 
> > Craig
> > 
> > 
> > --
> > To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> > 
> 
> 
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: Filters don't affect request dispatcher forward

[Alexander Wallace]

Ok, thankyou for the advice, I will do that then. What i was trying to
do is actually what you are telling me i shouldn't.

Again, thanks!

On Tue, 2002-12-03 at 11:20, Craig R. McClanahan wrote:
> 
> 
> On 3 Dec 2002, Alexander Wallace wrote:
> 
> > Date: 03 Dec 2002 10:21:19 -0600
> > From: Alexander Wallace <[EMAIL PROTECTED]>
> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> > To: Tomcat Users List <[EMAIL PROTECTED]>
> > Subject: Re: Filters don't affect request dispatcher forward
> >
> > Hey I love that! Thanks, let me try it!
> >
> > Now, with this solution, I figure i can't fore stuff that doesn't match
> > the "to be secured" pattern to go over http and not https if it is
> > requested, right? I still can live with that, but it would sure be
> > cool..
> >
> 
> I'm not sure what you're really asking, but ...
> 
> If you declare a security constraint with a transport guarantee, any URL
> that matches the specified pattern(s) can *only* be accessed via SSL.  Any
> URL that does not match the pattern can be accessed over *either* SSL or
> non-SSL.
> 
> One additional note -- web applications that allow a user to switch from
> SSL back to non-SSL on the same session are broken.  What you've just done
> is allowed anyone snooping the network to swipe the session id and
> impersonate your user (for example, click the "buy" button again using the
> credit card number that was entered on a secure page).
> 
> You should program your apps that, once a user switches from non-SSL to
> SSL, you never again accept a non-SSL request for that same session id.
> If the user needs to go back (for example, after checking out of an
> ecommerce site you want to buy some more stuff), start a new session first
> (and clear the confidential data you might have captured).
> 
> > Thanks!
> 
> Craig
> 
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: Filters don't affect request dispatcher forward

[Alexander Wallace]

Hey I love that! Thanks, let me try it!

Now, with this solution, I figure i can't fore stuff that doesn't match
the "to be secured" pattern to go over http and not https if it is
requested, right? I still can live with that, but it would sure be
cool..

Thanks!

On Mon, 2002-12-02 at 19:31, Craig R. McClanahan wrote:
> 
> 
> On 2 Dec 2002, Alexander Wallace wrote:
> 
> > Date: 02 Dec 2002 18:41:26 -0600
> > From: Alexander Wallace <[EMAIL PROTECTED]>
> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> > To: Tomcat Users List <[EMAIL PROTECTED]>
> > Subject: Filters don't affect request dispatcher forward
> >
> > Hi there. I wrote a filter to ensure that resources that i want accessed
> > using https are, and the ones that don't need to aren't.
> >
> > I found out that filters are only applied if the request came from the
> > user, by typing the url or using a link, etc. They are not used if the
> > resource is called using request dispatcher.
> >
> > Supposedly this is becouse of a lack of specifications in the servlet
> > api, but that should be fixed in the api used by tomcat 5.
> >
> > Is all this correct?
> 
> Yes, basically.
> 
> > Is there a work around while tomcat 5 is released?
> 
> You can use a security constraint with a  element to
> require that certain accesses be performed only on SSL connections.  Then,
> the container will do the necessary redirect for you.
> 
> An example that requires any (context-relative) path starting with "/foo"
> or "/bar" to be done on SSL would look like this:
> 
>   
> 
>   SSL-Only Portion Of This Webapp
>   
>   /foo/*
>   /bar/*
> 
> 
>   CONFIDENTIAL
> 
>   
> 
> Note that, because there is no , login will not be
> required -- only execution over SSL will be required, and only for URLs in
> the named "subdirectories".  All other accesses to the webapp will be
> allowed over either SSL or non-SSL requests.
> 
> >
> > Also, does someone have or knows of a proven filter that redirects to
> > http or https? Mine seesm to work ok, but i want to make sure I'm not
> > missing something.
> >
> 
> With the above security constraint, you won't need a filter at all :-).
> 
> > Thanks in advance!
> >
> 
> Craig
> 
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Tomcat + apache. Lost ability to get ip and hostname of user.

[Alexander Wallace]

I have apache running in front of tomcat, This mainly becouse I would
loose all my session objects in tomcat when switching from http to https
(anyone knows how to prevent this by the way?). But now, I don't have
the ability to get the ip address and hostname of the user in my
servlets, using request.getRemoteAddr() and so... Is there a way to get
those? 

Thanks in advance!





--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Filters don't affect request dispatcher forward

[Alexander Wallace]

Hi there. I wrote a filter to ensure that resources that i want accessed
using https are, and the ones that don't need to aren't.

I found out that filters are only applied if the request came from the
user, by typing the url or using a link, etc. They are not used if the
resource is called using request dispatcher.

Supposedly this is becouse of a lack of specifications in the servlet
api, but that should be fixed in the api used by tomcat 5.

Is all this correct? Is there a work around while tomcat 5 is released?

Also, does someone have or knows of a proven filter that redirects to
http or https? Mine seesm to work ok, but i want to make sure I'm not
missing something.

Thanks in advance!





--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: JDBCRealm + Form Based Auth. How do I tell it were to go iflogin is ok?

[Alexander Wallace]

Cool! I get it, thank you very much.

Now I have another problem. Wheny my app redirects to the login page, no
matter what I enter, (an existing or inexisting user in the database), I
am taken to the login error page. The user is null. How can I make sure
the users are being pulled from the db? Thank you in advance. Following
are my realm def in my context and then web.xml:



And my web.xml goes:





postgreSQL Datasource
jdbc/postgres
javax.sql.DataSource
Container




Login
com.lto.servlets.Login





Login


/login








Java Application
/*


Admin

   


  FORM
  Java Application
  
/login
/loginError.jsp
  


 

  Admin


  GM


  Sales



/servlet/TestPGPool




30





Thanks again!

On Tue, 2002-08-27 at 16:59, Craig R. McClanahan wrote:
> 
> 
> On 27 Aug 2002, Alexander Wallace wrote:
> 
> > Date: 27 Aug 2002 09:17:58 +0100
> > From: Alexander Wallace <[EMAIL PROTECTED]>
> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> > To: Tomcat Users List <[EMAIL PROTECTED]>
> > Subject: JDBCRealm + Form Based Auth. How do I tell it were to go if
> > login is ok?
> >
> > Hello there. Very new to realms and java, so sorry if this is too
> > stupid.
> >
> > I have set up a JDBCRealm using PostgreSQL and it all seems to work, It
> > does connect and load the roles, and when I try to access protected
> > resources, it does go to the Form based login I specigy in web.xml and
> > the error page for that works too.
> >
> > My question is, since the form action in the login page points to <%=
> > response.encodeURL("j_security_check") %>, how, or where do I specify
> > where my app goes after a succesful login?
> >
> 
> Short answer - your application should *never* reference the URL of the
> login page, or the "j_security_check" page directly.
> 
> Longer answer - the basic philosohpy of form-based login is to mimic BASIC
> login.  The formal definition of the algorithm is in the servlet spec:
> 
>   http://java.sun.com/products/servlet/download.html
> 
> in Chapter 12.  Essentially, it goes like this on each request:
> 
> * Client submits a request for a particular URI
> 
> * Server determines of there is a security constraint
>   covering that URI
>   --> If none, allow the request to proceed
> 
> * Server determins if the user is already logged on
>   --> If so, check roles and allow or disallow access
> 
> * Server SAVES the original request and sends back
>   the form login page
> 
> * User submits the login credentials
> 
> * Server checks the credentials
>   --> If incorrect, send back the form error page
>   --> If correct, RESTORES the original request and proceeds
> 
> So, the answer to the question "where do I go after logging in" is "the
> page you originally asked for that triggered the authentication dialog."
> 
> If the flow is still confusing, temporarily switch your application to use
> BASIC authentication instead (where the browser pops up a
> username/password dialog box).  There is no way to address that dialog
> box, right?  Or to say where it should go afterwards?  That's because the
> browser (in the case of BASIC) is doing the same thing -- it will resubmit
> your original request for you along with the username/password.
> 
> 
> > Thanks in advance!
> >
> 
> Craig
> 
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

JDBCRealm + Form Bases Auth. How do I tell it were to go if loginis ok?

[Alexander Wallace]

Hello there. Very new to realms and java, so sorry if this is too
stupid.

I have set up a JDBCRealm using PostgreSQL and it all seems to work, It
does connect and load the roles, and when I try to access protected
resources, it does go to the Form based login I specigy in web.xml and
the error page for that works too.

My question is, since the form action in the login page points to <%=
response.encodeURL("j_security_check") %>, how, or where do I specify
where my app goes after a succesful login?

Thanks in advance!







--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

JDBCRealm + Form Based Auth. How do I tell it were to go if loginis ok?

[Alexander Wallace]

Hello there. Very new to realms and java, so sorry if this is too
stupid.

I have set up a JDBCRealm using PostgreSQL and it all seems to work, It
does connect and load the roles, and when I try to access protected
resources, it does go to the Form based login I specigy in web.xml and
the error page for that works too.

My question is, since the form action in the login page points to <%=
response.encodeURL("j_security_check") %>, how, or where do I specify
where my app goes after a succesful login?

Thanks in advance!




--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: pgSQL connection pooling

[Alexander Wallace]

On Mon, 2002-08-19 at 15:04, Felipe Schnack wrote:
>   Well, this poolman isn't updated anymore...
>   how can I use tomcat's own connectionpooling?

IF you still need help with using tomcat's connection pooling with
postgresql, let me know, I'm using that.


> On Mon, 2002-08-19 at 10:51, V. Cekvenich wrote:
> > This should be a faq:
> > http://poolman.sf.net is perhaps most popular (but not updated).
> > 
> > Tomcat comes with it's own (but can't be unit tested)
> > 
> > and... a good sample "good practices" tomcat web app is at 
> > basicPortal.sh.net.
> > 
> > hth,
> > V.
> > 
> > 
> > Felipe Schnack wrote:
> > >   Anyone uses pgSQL with Tomcat 4? I'm starting a project with it and
> > > would like to know if the ConnectionPooling provided with the jdbc
> > > drivers for this database are good or not.  
> > > 
> > 
> > 
> > 
> > --
> > To unsubscribe, e-mail:   
> > For additional commands, e-mail: 
> > 
> -- 
> 
> Felipe Schnack
> Analista de Sistemas
> [EMAIL PROTECTED]
> Cel.: (51)91287530
> Linux Counter #281893
> 
> Faculdade Ritter dos Reis
> www.ritterdosreis.br
> [EMAIL PROTECTED]
> Fone/Fax.: (51)32303328
> 
> 
> --
> To unsubscribe, e-mail:   
> For additional commands, e-mail: 
> 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

RE: Realms advise.

[Alexander Wallace]

That's what I have thought, I guess javascript is the only choise if
this aproach is used.

Thanks!

On Fri, 2002-08-16 at 17:26, Barney Hamish wrote:
> The only way I thought of to get around this problem was to prefix usernames
> with the other field. In your case login form has three fields, username,
> password and office and you have a javascript that concatenates the office
> number to the username when the user submits the login form...
> 
> we have bill from office 1 and bill from office 2:
> Username: Bill
> Password: Foo
> Office: 1
> then we submit
> j_username: 1Bill
> j_password: Foo
> 
> and for Bill from office 2:
> Username: Bill
> Password: Foo
> Office: 2
> then we submit
> j_username: 2Bill
> j_password: Foo
> 
> Hamish
> 
> -Original Message-
> From: Alexander Wallace [mailto:[EMAIL PROTECTED]]
> Sent: Friday, August 16, 2002 12:26 PM
> To: [EMAIL PROTECTED]
> Subject: Realms advise.
> 
> 
> Not being experienced with realms I want to ask for your advece, will
> this work?
> 
> I need to validate not only username and password, but one extra field
> (an integer, OfficeID). This is becouse my webapp can service users from
> different offices, and each office has it's own set of users and data.
> In other words, The app needs to make sure that there is a username X
> with password Y for Office Z.
> 
> 
> Will realms work here?
> 
> I guess before continuing with my questions I'll wait to find out. Since
> they may be particular to the use of realms or other options.
> 
> Thanks in advance!
> 
> 
> 
> 
> 
> 
> --
> To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Realms advise.

[Alexander Wallace]

Not being experienced with realms I want to ask for your advece, will
this work?

I need to validate not only username and password, but one extra field
(an integer, OfficeID). This is becouse my webapp can service users from
different offices, and each office has it's own set of users and data.
In other words, The app needs to make sure that there is a username X
with password Y for Office Z.


Will realms work here?

I guess before continuing with my questions I'll wait to find out. Since
they may be particular to the use of realms or other options.

Thanks in advance!






--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: NetBeans + Tomcat 4.0.4

[Alexander Wallace]

Thankyou! I'll check it out.

On Mon, 2002-08-12 at 04:34, Larry Meadors wrote:
> In your context tag, add the reloadable="true" attribute. Here is a
> link:
> 
> http://jakarta.apache.org/tomcat/tomcat-4.0-doc/config/context.html
> 
> This is really cool, because if you use the thread's classloader to read
> properties files, or other files, the classloader sees changes to them,
> and they get reloaded too. Too cool!
> 
> InputStream is;
> 
>is=Thread.currentThread().getContextClassLoader().getResourceAsStream("some-file.xml");
> 
> Larry
> 
> >>> [EMAIL PROTECTED] 08/10/02 11:19 AM >>>
> I checked the link out and actually found out that 
> it's possible to do the same by just starting 
> tomcat with./catalina.sh jpda start... 
> 
> One thing the link mentions is that he uses the 
> context with reload so that tomcat doesn't have 
> to be restarted. How do you go about doing
> that? 
> 
> The tomcat site talks about using the administration apps to achieve
> that but a quick google search on how to set it up (not through the
> admin apps) didn't get me what I was looking for.
> 
> Thanks! 
> 
> On Fri, 2002-08-09 at 23:01, Larry Meadors wrote:
> > Look here:
> > 
> >
> http://www.mail-archive.com/struts-user@jakarta.apache.org/msg30523.html
> > 
> > Instructions on how to set up tomcat and netbeans with the JPDA
> > debugger.
> > 
> > Larry
> > 
> > >>> [EMAIL PROTECTED] 08/09/02 15:59 PM >>>
> > Does anyone here use NetBeans with tomcat 404?
> > 
> > I'm using it, and use a small class to start tomcat from netbeans
> > (instead of using the internal one that's 3.2), it works great when I
> > want to debug servlets. But no JSP works, they all give error 500,
> even
> > the ones in /exaples. But if i start it manually (i can't debug then,
> or
> > is there a way?) the jsps work fine.
> > 
> > The root couse starts with: java.lang.NoSuchMethodError:
> > javax.servlet.ServletResponse.resetBuffer()
> > 
> > Any clues?
> > 
> > 
> > 
> > 
> > 
> > --
> > To unsubscribe, e-mail:  
> > 
> > For additional commands, e-mail:
> > 
> > 
> > 
> > 
> > --
> > To unsubscribe, e-mail:  
> 
> > For additional commands, e-mail:
> 
> > 
> 
> 
> 
> --
> To unsubscribe, e-mail:  
> 
> For additional commands, e-mail:
> 
> 
> 
> 
> --
> To unsubscribe, e-mail:   
> For additional commands, e-mail: 
> 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

RE: JNDI JDBC COnnection pooling problem...

[Alexander Wallace]

I changed to username, it didn't work either.

Thanks.


On Tue, 2002-08-13 at 04:05, Andrew wrote:
> Try changing the name of your parameter from 'user' to 'username'
> 
> 
> That worked for me with another driver (MSSQL Server JDBC Driver)
> 
> 
> - Andrew
> 
> > -Original Message-
> > From: Alexander Wallace [mailto:[EMAIL PROTECTED]] 
> > Sent: Monday, August 12, 2002 11:33 AM
> > To: [EMAIL PROTECTED]
> > Subject: JNDI JDBC COnnection pooling problem...
> > 
> > 
> > Hello. This has to be a very simple one for those who know.
> > 
> > I'm getting a java.lang.NullPointerException in my app, in 
> > the second line here:
> > 
> > Context ctx = (Context) new InitialContext().lookup("java:comp/env");
> > conn = ((DataSource) 
> > ctx.lookup("jdbc/pgsql")).getConnection(); **Error happens here**
> > 
> > And have the following in my server.xml (I put my whole 
> > context in case my error is there) 
> > 
> >  > reloadable="true" crossContext="true">
> >>  prefix="localhost_lto_log." suffix=".txt"
> >   timestamp="true"/>
> >>   value="15"/>
> >> value="context.param.value" override="false"/>
> > 
> >  > type="javax.sql.DataSource"/>
> >   
> >
> > userawallace
> >
> > passwordpasswd
> > driverClassName
> >   org.postgresql.Driver
> > driverName
> >  
> > jdbc:postgresql://10.100.101.1/awallace
> >   
> >> type="javax.mail.Session"/>
> >   
> > 
> >   mail.smtp.host
> >   localhost
> > 
> >   
> > 
> >  > debug="99"
> > driverName="org.postgresql.Driver"
> >
> > connectionURL="jdbc:postgresql://10.100.101.1/awallace?user=aw
> > allace;password=passwd"
> > userTable="tbl_users" 
> > userNameCol="user_name" userCredCol="password"
> > userRoleTable="user_roles" 
> > roleNameCol="role_name"
> > digest="MD5"/>
> > 
> > 
> > 
> > 
> > Thank you in advance.
> > 
> > 
> > 
> > 
> > --
> > To unsubscribe, e-mail:   
> > <mailto:tomcat-user-> [EMAIL PROTECTED]>
> > For 
> > additional commands, 
> > e-mail: <mailto:[EMAIL PROTECTED]>
> > 
> > 
> 
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: user's roles verification

[Alexander Wallace]

Excellent! This sounds just great!

Thanks to all that helped!

On Mon, 2002-08-12 at 22:55, Craig R. McClanahan wrote:
> 
> 
> On 12 Aug 2002, Alexander Wallace wrote:
> 
> > Date: 12 Aug 2002 15:43:58 +0100
> > From: Alexander Wallace <[EMAIL PROTECTED]>
> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> > To: Tomcat Users List <[EMAIL PROTECTED]>
> > Subject: user's roles verification
> >
> >
> >
> > I've got (i think) Realms working. I need some advice for good
> > practices...
> >
> > My original idea (before hearing about realms and such) was to direct
> > all requests for any resource of my webapp to a servlet that would
> > verify user roles.
> >
> > Then I was told here that i would run into a lot of problems if I did
> > that. And was recomended to check filters and that realms are for this
> > purpose.
> >
> > Here is my main question: Using realms, should each jsp verify the role
> > of the user trying to access it? Or is there a more elegant way to do
> > it, to keep code in jsp minimum and centralize that task?
> >
> > The verification will have to happen for each one of the pages in my web
> > app..
> >
> > Thank you in advance!
> >
> 
> Using Filters would be for if you want your app to do its own checking.
> 
> Using Realms (as provided by Tomcat) implies that you are defining a
>  in your web application that says, in essence, "in
> order to access the following URLs, the user must be authenticated *and*
> possess one of the following roles".  If you are using this approach, your
> app doesn't have to do a thing (other than define the security constraint
> element in web.xml) -- the container does all the work for you.
> 
> Craig
> 
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

JNDI JDBC COnnection pooling problem...

[Alexander Wallace]

Hello. This has to be a very simple one for those who know.

I'm getting a java.lang.NullPointerException in my app, in the second
line here:

Context ctx = (Context) new InitialContext().lookup("java:comp/env");
conn = ((DataSource) ctx.lookup("jdbc/pgsql")).getConnection(); **Error
happens here**

And have the following in my server.xml (I put my whole context in case
my error is there) 


  
  
  


  
   
userawallace
   
passwordpasswd
driverClassName
  org.postgresql.Driver
driverName
 
jdbc:postgresql://10.100.101.1/awallace
  
  
  

  mail.smtp.host
  localhost

  






Thank you in advance.




--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

user's roles verification

[Alexander Wallace]

I've got (i think) Realms working. I need some advice for good
practices...

My original idea (before hearing about realms and such) was to direct
all requests for any resource of my webapp to a servlet that would
verify user roles.

Then I was told here that i would run into a lot of problems if I did
that. And was recomended to check filters and that realms are for this
purpose.

Here is my main question: Using realms, should each jsp verify the role
of the user trying to access it? Or is there a more elegant way to do
it, to keep code in jsp minimum and centralize that task?

The verification will have to happen for each one of the pages in my web
app..

Thank you in advance!



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

RE: NetBeans + Tomcat 4.0.4

[Alexander Wallace]

Cool! THank you so much. And also when I started using jpda to attach an
external tomcat, the problem was not there.


On Mon, 2002-08-12 at 12:59, Turner, John wrote:
> 
> I had the same problem...the folks on the netbeans list told me it was a bug
> with tomcat integration.  Not sure if it was fixed or not, I've been using
> 4.0.3 with Netbeans and it is OK.
> 
> John Turner
> [EMAIL PROTECTED]
> 
> 
> -Original Message-
> From: Alexander Wallace [mailto:[EMAIL PROTECTED]]
> Sent: Friday, August 09, 2002 12:04 PM
> To: [EMAIL PROTECTED]
> Subject: NetBeans + Tomcat 4.0.4
> 
> 
> Does anyone here use NetBeans with tomcat 404?
> 
> I'm using it, and use a small class to start tomcat from netbeans
> (instead of using the internal one that's 3.2), it works great when I
> want to debug servlets. But no JSP works, they all give error 500, even
> the ones in /exaples. But if i start it manually (i can't debug then, or
> is there a way?) the jsps work fine.
> 
> The root couse starts with: java.lang.NoSuchMethodError:
> javax.servlet.ServletResponse.resetBuffer()
> 
> Any clues?
> 
> 
> 
> 
> 
> --
> To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: Problems with *

[Alexander Wallace]

Thankyou criag, your explanation is very clear. 

I have / right now, and though I seem to be
getting the result I was expecting (I see the requested url with
servletPath, and when i do the forward to the jsp, I do get the content
of the jsp), I think i should follow your advice, i don't want to run
into trouble later. I should check out filters and realms... I hope is
not too hard :/

Thanks again!

On Sat, 2002-08-10 at 21:06, Craig R. McClanahan wrote:
> 
> 
> On 10 Aug 2002, Alexander Wallace wrote:
> 
> > Date: 10 Aug 2002 13:56:15 +0100
> > From: Alexander Wallace <[EMAIL PROTECTED]>
> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> > To: Tomcat Users List <[EMAIL PROTECTED]>
> > Subject: Re: Problems with *
> >
> > Ok, but what I mean by access rights are a set of very custom
> > permissions (existing in a database table) givent to different roles
> > asigned to users of my web app, is that also handled by filters?
> >
> > Also, at this point I my servlet does receive requests (let's say
> > /login) and checks if the users (in this case by providing an id in the
> > url) is trying to log in into a valid "company" in the web app, and if
> > so, I use a forward to a jsp that actually shows the login form and
> > let's them log in. I'm not sure if you meant I was not going to be able
> > to serve anyghing from my servlet, but i do.
> >
> > I'm I all confused then? I'm sorry if i sound too newbie... I am tho :/
> >
> 
> Lets assume that you map your access-checking servlet to "/*".
> Your user asks for the URL:
> 
>   http://localhost:8080/myapp/foo/bar.jsp
> 
> and, because of the mapping, it is sent to your servlet.  Your servlet
> receives a servletPath of "" and a pathInfo of "/foo/bar.jsp", so you
> check the access restrictions for that page and say "OK, go for it".
> 
> Now, you try something like this:
> 
> String pathInfo = request.getPathInfo();
> ... validate that accessing pathInfo is ok ...
> RequestDispatcher rd =
>getServletContext().getRequestDispatcher(pathInfo);
> rd.forward(request, response);
> 
> So what happens when you execute this?
> 
> If you think it's going to execute your JSP page, you're going to be very
> unpleasantly surprised.  Why?  Because the "/foo/bar.jsp" path is mapped
> back to your access control servlet, due to the "/*" mapping.  You end up
> with an infinite loop, terminating ultimately in a stack overflow.
> 
> This is why any attempt to use a servlet for access checking, followed by
> a forward, is doomed to failure.  PLEASE go read up about filters -- this
> is one of the things that filters were designed to enable.
> 
> Craig
> 
> 
> > On Sat, 2002-08-10 at 18:59, Craig R. McClanahan wrote:
> > >
> > >
> > > On 10 Aug 2002, Alexander Wallace wrote:
> > >
> > > > Date: 10 Aug 2002 12:17:03 +0100
> > > > From: Alexander Wallace <[EMAIL PROTECTED]>
> > > > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> > > > To: Tomcat Users List <[EMAIL PROTECTED]>
> > > > Subject: Re: Problems with *
> > > >
> > > > What I need to be able to do is to make sure, that every request, for
> > > > any page has enought rights to view the page and use it, So i thought of
> > > > using a servlet as a controller. If I understand correctly what you
> > > > talked about in this and your previous post, using the servlet mapping
> > > > to "/" will not work at some point.
> > > >
> > > > I'm not that experienced yet in these matters, could you ilustrate to me
> > > > a bit why this won't cut it?
> > > >
> > >
> > > Using a *servlet* for your purpose (checking access rights) will not work
> > > at all -- see my previous post for why you should use a Filter instead.
> > >
> > > The problem with the "/" mapping in particular is that this mapping is
> > > assigned, by default, to a servlet that serves static content.  So, when
> > > you make a request to a URL like:
> > >
> > >   http://localhost:8080/myapp/index.html
> > >
> > > you generally won't have a servlet mapped to this -- and Tomcat assigns it
> > > to the default file-serving servlet, which serves the "/index.html" static
> > > resource from your web application for you.
> > >
> > > If you map a servlet to "/", you have just *repl

RE: Problems with *

[Alexander Wallace]

Thank you! I will read the info in those links. I hope i can handle it!
This is all very new and sometimes confusing to me.

I do have /

But if i type /whatever, i'm checking in my servlet for that and doing a
forward to my desired jsp or whatever. Although this seems to be working
now ( i do get the content of my jsps and all that), I guess I should
follow your advice, since that's what thos things (realms and filters)
are made for.

Thankyou again!

On Sat, 2002-08-10 at 20:27, Jacob Hookom wrote:
> 
> 
> | -Original Message-
> | From: Alexander Wallace [mailto:[EMAIL PROTECTED]]
> | Sent: Saturday, August 10, 2002 7:56 AM
> | To: Tomcat Users List
> | Subject: Re: Problems with *
> | 
> | Ok, but what I mean by access rights are a set of very custom
> | permissions (existing in a database table) givent to different roles
> | asigned to users of my web app, is that also handled by filters?
> 
> You will want to look at using a JdbcRealm which will take care of that
> for you.  Realms are the new standard for handling user roles.
> 
> http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html#JDBCRea
> lm
> 
> Otherwise you can do a filter like Craig mentioned which acts as an
> intermediary before requests hit your servlet or pages in the first
> place.
> 
> http://www.javaworld.com/javaworld/jw-06-2001/jw-0622-filters.html
> 
> | 
> | Also, at this point I my servlet does receive requests (let's say
> | /login) and checks if the users (in this case by providing an id in
> the
> | url) is trying to log in into a valid "company" in the web app, and if
> | so, I use a forward to a jsp that actually shows the login form and
> | let's them log in. I'm not sure if you meant I was not going to be
> able
> | to serve anyghing from my servlet, but i do.
> 
> I think the assumption was that you were binding to just "/" not
> "/login".  If you just do "/" then you will run into major issues as
> Craig mentioned.
> 
> | 
> | I'm I all confused then? I'm sorry if i sound too newbie... I am tho
> :/
> 
> -Jake
> 
> | 
> | On Sat, 2002-08-10 at 18:59, Craig R. McClanahan wrote:
> | >
> | >
> | > On 10 Aug 2002, Alexander Wallace wrote:
> | >
> | > > Date: 10 Aug 2002 12:17:03 +0100
> | > > From: Alexander Wallace <[EMAIL PROTECTED]>
> | > > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> | > > To: Tomcat Users List <[EMAIL PROTECTED]>
> | > > Subject: Re: Problems with *
> | > >
> | > > What I need to be able to do is to make sure, that every request,
> for
> | > > any page has enought rights to view the page and use it, So i
> thought
> | of
> | > > using a servlet as a controller. If I understand correctly what
> you
> | > > talked about in this and your previous post, using the servlet
> mapping
> | > > to "/" will not work at some point.
> | > >
> | > > I'm not that experienced yet in these matters, could you ilustrate
> to
> | me
> | > > a bit why this won't cut it?
> | > >
> | >
> | > Using a *servlet* for your purpose (checking access rights) will not
> | work
> | > at all -- see my previous post for why you should use a Filter
> instead.
> | >
> | > The problem with the "/" mapping in particular is that this mapping
> is
> | > assigned, by default, to a servlet that serves static content.  So,
> when
> | > you make a request to a URL like:
> | >
> | >   http://localhost:8080/myapp/index.html
> | >
> | > you generally won't have a servlet mapped to this -- and Tomcat
> assigns
> | it
> | > to the default file-serving servlet, which serves the "/index.html"
> | static
> | > resource from your web application for you.
> | >
> | > If you map a servlet to "/", you have just *replaced* the standard
> | > processing, because Tomcat will map the request to your servlet
> instead
> | of
> | > the standard one.  Now, let's assume that the user has the rights
> they
> | > need to access that resource and you want to let them have it.  What
> | > should your rights-checking servlet do?
> | >
> | > That's right ... you're stuck.  There is no way to ask Tomcat to
> serve
> | the
> | > resource, because there is no longer any mapping for the default
> | > file-serving servlet.
> | >
> | > The answer is to use a Filter instead, because a Filter can examine
> a
> | > request *before* it is given to a servlet, and either intercept it
> (not
&g

Re: Problems with *

[Alexander Wallace]

Ok, but what I mean by access rights are a set of very custom
permissions (existing in a database table) givent to different roles
asigned to users of my web app, is that also handled by filters?

Also, at this point I my servlet does receive requests (let's say
/login) and checks if the users (in this case by providing an id in the
url) is trying to log in into a valid "company" in the web app, and if
so, I use a forward to a jsp that actually shows the login form and
let's them log in. I'm not sure if you meant I was not going to be able
to serve anyghing from my servlet, but i do.

I'm I all confused then? I'm sorry if i sound too newbie... I am tho :/

On Sat, 2002-08-10 at 18:59, Craig R. McClanahan wrote:
> 
> 
> On 10 Aug 2002, Alexander Wallace wrote:
> 
> > Date: 10 Aug 2002 12:17:03 +0100
> > From: Alexander Wallace <[EMAIL PROTECTED]>
> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> > To: Tomcat Users List <[EMAIL PROTECTED]>
> > Subject: Re: Problems with *
> >
> > What I need to be able to do is to make sure, that every request, for
> > any page has enought rights to view the page and use it, So i thought of
> > using a servlet as a controller. If I understand correctly what you
> > talked about in this and your previous post, using the servlet mapping
> > to "/" will not work at some point.
> >
> > I'm not that experienced yet in these matters, could you ilustrate to me
> > a bit why this won't cut it?
> >
> 
> Using a *servlet* for your purpose (checking access rights) will not work
> at all -- see my previous post for why you should use a Filter instead.
> 
> The problem with the "/" mapping in particular is that this mapping is
> assigned, by default, to a servlet that serves static content.  So, when
> you make a request to a URL like:
> 
>   http://localhost:8080/myapp/index.html
> 
> you generally won't have a servlet mapped to this -- and Tomcat assigns it
> to the default file-serving servlet, which serves the "/index.html" static
> resource from your web application for you.
> 
> If you map a servlet to "/", you have just *replaced* the standard
> processing, because Tomcat will map the request to your servlet instead of
> the standard one.  Now, let's assume that the user has the rights they
> need to access that resource and you want to let them have it.  What
> should your rights-checking servlet do?
> 
> That's right ... you're stuck.  There is no way to ask Tomcat to serve the
> resource, because there is no longer any mapping for the default
> file-serving servlet.
> 
> The answer is to use a Filter instead, because a Filter can examine a
> request *before* it is given to a servlet, and either intercept it (not
> enough access rights) or pass it on (access rights are fine).
> 
> Do some google searches on "servlet filter" and you will find pointers to
> some articles about how they work.
> 
> > Thank you!
> 
> Craig
> 
> 
> >
> > On Sat, 2002-08-10 at 00:40, Craig R. McClanahan wrote:
> > >
> > >
> > > On Fri, 9 Aug 2002, Todd Kaplinger wrote:
> > >
> > > > Date: Fri, 09 Aug 2002 17:43:36 -0400
> > > > From: Todd Kaplinger <[EMAIL PROTECTED]>
> > > > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>,
> > > >  [EMAIL PROTECTED]
> > > > To: [EMAIL PROTECTED]
> > > > Subject: Re: Problems with *
> > > >
> > > > define a servlet mapping of just "/". this is the default servlet mapping.
> > >
> > > That's still not going to work for what the proposed use case was --
> > > because you've just disabled the default file-serving servlet that serves
> > > static content.
> > >
> > > Craig
> > >
> > >
> > > --
> > > To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> > > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> > >
> >
> >
> >
> > --
> > To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> >
> >
> 
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: NetBeans + Tomcat 4.0.4

[Alexander Wallace]

I checked the link out and actually found out that it's possible to do
the same by just starting tomcat with./catalina.sh jpda start... 

One thing the link mentions is that he uses the context with reload so
that tomcat doesn't have to be restarted. How do you go about doing
that? 

The tomcat site talks about using the administration apps to achieve
that but a quick google search on how to set it up (not through the
admin apps) didn't get me what I was looking for.

 Thanks! 

On Fri, 2002-08-09 at 23:01, Larry Meadors wrote:
> Look here:
> 
> http://www.mail-archive.com/struts-user@jakarta.apache.org/msg30523.html
> 
> Instructions on how to set up tomcat and netbeans with the JPDA
> debugger.
> 
> Larry
> 
> >>> [EMAIL PROTECTED] 08/09/02 15:59 PM >>>
> Does anyone here use NetBeans with tomcat 404?
> 
> I'm using it, and use a small class to start tomcat from netbeans
> (instead of using the internal one that's 3.2), it works great when I
> want to debug servlets. But no JSP works, they all give error 500, even
> the ones in /exaples. But if i start it manually (i can't debug then, or
> is there a way?) the jsps work fine.
> 
> The root couse starts with: java.lang.NoSuchMethodError:
> javax.servlet.ServletResponse.resetBuffer()
> 
> Any clues?
> 
> 
> 
> 
> 
> --
> To unsubscribe, e-mail:  
> 
> For additional commands, e-mail:
> 
> 
> 
> 
> --
> To unsubscribe, e-mail:   
> For additional commands, e-mail: 
> 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Problems with *

[Alexander Wallace]

What I need to be able to do is to make sure, that every request, for
any page has enought rights to view the page and use it, So i thought of
using a servlet as a controller. If I understand correctly what you
talked about in this and your previous post, using the servlet mapping
to "/" will not work at some point.  

I'm not that experienced yet in these matters, could you ilustrate to me
a bit why this won't cut it?

Thank you!

On Sat, 2002-08-10 at 00:40, Craig R. McClanahan wrote:
> 
> 
> On Fri, 9 Aug 2002, Todd Kaplinger wrote:
> 
> > Date: Fri, 09 Aug 2002 17:43:36 -0400
> > From: Todd Kaplinger <[EMAIL PROTECTED]>
> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>,
> >  [EMAIL PROTECTED]
> > To: [EMAIL PROTECTED]
> > Subject: Re: Problems with *
> >
> > define a servlet mapping of just "/". this is the default servlet mapping.
> 
> That's still not going to work for what the proposed use case was --
> because you've just disabled the default file-serving servlet that serves
> static content.
> 
> Craig
> 
> 
> --
> To unsubscribe, e-mail:   
> For additional commands, e-mail: 
> 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: NetBeans + Tomcat 4.0.4

[Alexander Wallace]

Thanks! I'll check it out.

On Fri, 2002-08-09 at 23:01, Larry Meadors wrote:
> Look here:
> 
> http://www.mail-archive.com/struts-user@jakarta.apache.org/msg30523.html
> 
> Instructions on how to set up tomcat and netbeans with the JPDA
> debugger.
> 
> Larry
> 
> >>> [EMAIL PROTECTED] 08/09/02 15:59 PM >>>
> Does anyone here use NetBeans with tomcat 404?
> 
> I'm using it, and use a small class to start tomcat from netbeans
> (instead of using the internal one that's 3.2), it works great when I
> want to debug servlets. But no JSP works, they all give error 500, even
> the ones in /exaples. But if i start it manually (i can't debug then, or
> is there a way?) the jsps work fine.
> 
> The root couse starts with: java.lang.NoSuchMethodError:
> javax.servlet.ServletResponse.resetBuffer()
> 
> Any clues?
> 
> 
> 
> 
> 
> --
> To unsubscribe, e-mail:  
> 
> For additional commands, e-mail:
> 
> 
> 
> 
> --
> To unsubscribe, e-mail:   
> For additional commands, e-mail: 
> 




--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

NetBeans + Tomcat 4.0.4

[Alexander Wallace]

Does anyone here use NetBeans with tomcat 404?

I'm using it, and use a small class to start tomcat from netbeans
(instead of using the internal one that's 3.2), it works great when I
want to debug servlets. But no JSP works, they all give error 500, even
the ones in /exaples. But if i start it manually (i can't debug then, or
is there a way?) the jsps work fine.

The root couse starts with: java.lang.NoSuchMethodError:
javax.servlet.ServletResponse.resetBuffer()

Any clues?





--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Problems with *

[Alexander Wallace]

Hi there! New to the list. And to java and tomcat, so please be nice.

I have a problem with a servlet mapping. If i use a url-pattern like

/Hello on a servlet mapping pointing to a
particular servlet, the servlet get's the request and i can use
request.getServletPath() to get the URI.

But if I use something like /* or
*, and it seems that anyghing with an *, the
servlet get's called, BUT request.getServletPath() is empty!

What I want is to actually direct all requests to my webapp to a
particular servlet to validate priviledges (is this the best way to
ensure that noone without permission accesses any page?)

Thanks in advance for the help! 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: