how to allow certain IPs to access my directory
Hi All. This is my first post. I would like to allow only certain IPs to access some of my site. I know that can be done in orion-web.xml using "access-mask/ip-access", but I believe it can only be applied to the whole application. What I want to do is to block IPs only to a certain directory. Is there any easy way to do that, like using .htaccess for apache? or, do I have to write my own servlet filter for that? thanks in advance.
remote access to aplication.
Hi, I have an application with a user manager class configure in orion-application.xml. I need access from application client to this application but if the class of user manager is defined I can't user the default admin login and passwd. My problem is that I need to have defined the user manager class but I need to access to application without use user of this user manager ( I need to user the admin access). How can I access to application with admin credetials(defined in principals.xml) and user-manager defined? Is possible? Thanks,
Re: hot redeployment - how to preserve session state?
I tried to use the hot-deploy just for development to not always have to restart Orion and log in. To only have to restart the server when classes change which are stored in the session would be better than on every little change during bug fixing... On this list I read about people using this, and the problem they were talking about most of the time was that classes have to be serializable... Now I tried that with a few objects in the session, and all of them were lost after touching application.xml. Peter Aaron Tavistock wrote: I'm not currently doing hot-deploy, but I've always wonder how it could posibly work given that a serialized class might have the underlying base class changed during hot-deploy (e.g. the classic 'run instance' is different than a 'new instance' problem that java throws a ClassCastException from). Its also theoretically problematic (I'm not sure if instanceof or reflection will work properly). Since this is a very low-level issue (e.g. Java simply doesn't have the facilities to really handle this), how does hot-deply work? The only reliable strategy would appear to be to preserver primatives (since they don't change), maybe preserve 'well-defined' objects (java.util.* is unlikely to change), and discard all the rest. Any thoughts? AT -Original Message- From: Peter Beck [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 29, 2002 7:41 AM To: Orion-Interest Subject: hot redeployment - how to preserve session state? After a forced redeployment of an application on Orion 1.5.3 by touching application.xml my session state seemst to be completely lost. I have set development=true in my global-web-application.xml, and the switch is present in the orion-web.xml in the application- deployment directory. The variables I try to serialize implement the Serializable interface. Some of them are simple JavaBeans, others just Strings. For testing I use a JSP which prints the variables in the session. Before the redeployment everything is there. and when a user is logged in, request.getRemoteUser() gives me the correct user name. After the redeployment session.toString() still gives me the same ID as before, but all variables in the session are gone. Even request.getRemoteUser() == null. What am I missing? Peter -- Peter Beck, JOANNEUM RESEARCH Forschungsges.m.b.H. [EMAIL PROTECTED]
Problem using basic authentication and WAP toolkit.
Hi. I have been using Orion's basic authentication to secure parts of our website without any problems. (See http://kb.atlassian.com/content/atlassian/howto/securingdirectory.html): We are now going to build the same functionality for WAP but the basic authentication doesn't work as expected. I think that the problem is that the server (Orion) sets the HTTP header Connection to 'Close' but I'm not sure. When I use Apache and basic authentication everyhing works fine. FYI: If I connect manually to Orion and move the keep-alive header last (as Explorer does) Orion doesn't close the connection... Does anyone know what's going on (since I can't find a logical explaination)? Regards Stefan Klåvus Below are some spy traces of the HTTP communication: ::ORION Explorer::: CONNECT FROM: 127.0.0.1/127.0.0.1 --- localhost:8085 C 01 GET /wap/do.member.information.viewUserSubscriptions HTTP/1.1 C 01 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, ap C 01 plication/vnd.ms-excel, application/msword, application/vnd.ms- C 01 powerpoint, */* C 01 Accept-Language: sv C 01 Accept-Encoding: gzip, deflate C 01 User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) C 01 C 01 Host: localhost:8088 C 01 Connection: Keep-Alive C 01 S 01 HTTP/1.1 401 Unauthorized S 01 Date: Tue, 29 Jan 2002 09:57:21 GMT S 01 Server: Orion/1.5.2 S 01 Content-Length: 95 S 01 Connection: Keep-Alive S 01 Keep-Alive: timeout=15, max=100 S 01 Content-Type: text/html S 01 WWW-Authenticate: Basic realm=publicwap S 01 S 01 HTMLHEADTITLE401 Unauthorized/TITLE/HEADBODYH1401 S 01Unauthorized/H1/BODY/HTMLC 01 CONNECTION CLOSED CONNECT FROM: 127.0.0.1/127.0.0.1 --- localhost:8085 C 02 GET /wap/do.member.information.viewUserSubscriptions HTTP/1.1 C 02 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, ap C 02 plication/vnd.ms-excel, application/msword, application/vnd.ms- C 02 powerpoint, */* C 02 Accept-Language: sv C 02 Accept-Encoding: gzip, deflate C 02 User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) C 02 C 02 Host: localhost:8088 C 02 Connection: Keep-Alive C 02 Authorization: Basic NDY3MDIxMDk0MTE6 C 02 S 01 HTTP/1.1 200 OK :: Orion Toolkit ::: CONNECT FROM: 127.0.0.1/127.0.0.1 --- localhost:8085 C 06 GET /wap/do.member.information.viewUserSubscriptions HTTP/1.1 C 06 Connection: keep-alive C 06 Date: Tue, 29 Jan 2002 11:14:54 GMT C 06 Accept: text/vnd.wap.wml,text/vnd.wap.wmlscript,application/vnd C 06 .wap.wmlc,application/vnd.wap.wmlscriptc,text/x-vCard,text/x-vc C 06 ard,text/x-vcal,text/x-vCalendar,text/x-vcalendar,image/vnd.wap C 06 .wbmp,application/vnd.wap.wbxml,application/vnd.wap.multipart.m C 06 ixed,multipart/mixed,image/gif,application/vnd.wap.hashed-certi C 06 ficate,application/vnd.wap.signed-certificate,application/vnd.w C 06 ap.cert-response,image/jpeg C 06 Accept-Charset: US-ASCII, ISO-8859-1, ISO-8859-2, ISO-8859-3, I C 06 SO-8859-4, ISO-8859-5, ISO-8859-6, ISO-8859-7, ISO-8859-8, ISO- C 06 8859-9, Shift_JIS, EUC-JP, ISO-2022-JP, GB2312, Big5, UTF-7, UT C 06 F-8, UTF-16, ISO-10646-UCS-2 C 06 Accept-Language: en C 06 Host: localhost:8086 C 06 User-Agent: Nokia-MIT-Browser/3.0 C 06 S 06 HTTP/1.1 401 Unauthorized S 06 Date: Tue, 29 Jan 2002 11:14:53 GMT S 06 Server: Orion/1.5.2 S 06 Content-Length: 95 S 06 Connection: Close S 06 Content-Type: text/html S 06 WWW-Authenticate: Basic realm=publicwap S 06 S 06 HTMLHEADTITLE401 Unauthorized/TITLE/HEADBODYH1401 S 06Unauthorized/H1/BODY/HTML C 06 CONNECTION CLOSED ::: Apache Toolkit : CONNECT FROM: 127.0.0.1/127.0.0.1 --- x.x.x.x:80 C 00 GET /web/admin/bb/wml/ HTTP/1.1 C 00 Connection: keep-alive C 00 Date: Tue, 29 Jan 2002 09:36:12 GMT C 00 Accept: text/vnd.wap.wml,text/vnd.wap.wmlscript,application/vnd C 00 .wap.wmlc,application/vnd.wap.wmlscriptc,text/x-vCard,text/x-vc C 00 ard,text/x-vcal,text/x-vCalendar,text/x-vcalendar,image/vnd.wap C 00 .wbmp,application/vnd.wap.wbxml,application/vnd.wap.multipart.m C 00 ixed,multipart/mixed,image/gif,application/vnd.wap.hashed-certi C 00 ficate,application/vnd.wap.signed-certificate,application/vnd.w C 00 ap.cert-response,image/jpeg C 00 Accept-Charset: US-ASCII, ISO-8859-1, ISO-8859-2, ISO-8859-3, I C 00 SO-8859-4, ISO-8859-5, ISO-8859-6, ISO-8859-7, ISO-8859-8, ISO- C 00 8859-9, Shift_JIS, EUC-JP, ISO-2022-JP, GB2312, Big5, UTF-7, UT C 00 F-8, UTF-16, ISO-10646-UCS-2 C 00 Accept-Language: en C 00 Host: localhost:8087 C 00 User-Agent: Nokia-MIT-Browser/3.0 C 00 S 00 HTTP/1.1 401 Authorization Required S 00 Date: Tue, 29 Jan 2002 09:37:16 GMT S 00 Server: Apache/1.3.12 (Unix) ApacheJServ/1.1.2 PHP/4.0.1pl2 S 00 WWW-Authenticate: Basic realm=bf S 00 Keep-Alive: timeout=15, max=100 S 00 Connection: Keep-Alive S 00 Transfer-Encoding: chunked
java.lang.InternalError: Illegal removing from cache
Whilst doing an ejbRemove on a BMP EJB I get the following exception. It would appear that the deletion from the database is successful, but is then rolled back. Has anyone got any ideas about this? Thanks in advance - Tom (Orion 1.5.2, SQL Server, Win 2000) java.lang.InternalError: Illegal removing from cache of com.aconitesolutions.esp.model.ESPBusinessFunctionKey@16592a6 at com.evermind[Orion/1.5.2 (build 10460)].server.ejb.EntityEJBHome.removeInstance(Unknown Source) at ESPBusinessFunction_EntityBeanWrapper2.remove(ESPBusinessFunction_EntityBeanWrapper2.java:122) at com.aconitesolutions.esp.manager.action.DeleteBusinessFunctionAction.process(DeleteBusinessFunctionAction.java:90) at com.aconitesolutions.utils.servlet.ActionServlet.processRequest(ActionServlet.java:154) at com.aconitesolutions.utils.servlet.ActionServlet.doPost(ActionServlet.java:106) at javax.servlet.http.HttpServlet.service(HttpServlet.java:211) at javax.servlet.http.HttpServlet.service(HttpServlet.java:309) at javax.servlet.http.HttpServlet.service(HttpServlet.java:336) at com.evermind[Orion/1.5.2 (build 10460)]._cxb._abe(Unknown Source) at com.evermind[Orion/1.5.2 (build 10460)]._cxb._uec(Unknown Source) at com.evermind[Orion/1.5.2 (build 10460)]._io._twc(Unknown Source) at com.evermind[Orion/1.5.2 (build 10460)]._io._gc(Unknown Source) at com.evermind[Orion/1.5.2 (build 10460)]._if.run(Unknown Source) _ Chat with friends online, try MSN Messenger: http://messenger.msn.com
Re: hot redeployment - how to preserve session state?
Hi Peter, We use hot-deployment in production, to be able to update the application without losing all the sessions. But you have to configure Orion explicitly to keep the session state, as it is disabled by default. On the other hand, we also us it during development, but if you update the ear file very often, you usually ends up complaining with an OutOfMemoryException or some sort of decompression problems. So it is not very stable when used very often in a short period of time. That's why we try no to hot-deploy the ears in production very often, as it might cause a kaa-boum. I hope it helps, D. Peter Beck wrote: I tried to use the hot-deploy just for development to not always have to restart Orion and log in. To only have to restart the server when classes change which are stored in the session would be better than on every little change during bug fixing... On this list I read about people using this, and the problem they were talking about most of the time was that classes have to be serializable... Now I tried that with a few objects in the session, and all of them were lost after touching application.xml. Peter Aaron Tavistock wrote: I'm not currently doing hot-deploy, but I've always wonder how it could posibly work given that a serialized class might have the underlying base class changed during hot-deploy (e.g. the classic 'run instance' is different than a 'new instance' problem that java throws a ClassCastException from). Its also theoretically problematic (I'm not sure if instanceof or reflection will work properly). Since this is a very low-level issue (e.g. Java simply doesn't have the facilities to really handle this), how does hot-deply work? The only reliable strategy would appear to be to preserver primatives (since they don't change), maybe preserve 'well-defined' objects (java.util.* is unlikely to change), and discard all the rest. Any thoughts? AT -Original Message- From: Peter Beck [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 29, 2002 7:41 AM To: Orion-Interest Subject: hot redeployment - how to preserve session state? After a forced redeployment of an application on Orion 1.5.3 by touching application.xml my session state seemst to be completely lost. I have set development=true in my global-web-application.xml, and the switch is present in the orion-web.xml in the application- deployment directory. The variables I try to serialize implement the Serializable interface. Some of them are simple JavaBeans, others just Strings. For testing I use a JSP which prints the variables in the session. Before the redeployment everything is there. and when a user is logged in, request.getRemoteUser() gives me the correct user name. After the redeployment session.toString() still gives me the same ID as before, but all variables in the session are gone. Even request.getRemoteUser() == null. What am I missing? Peter
Very strange behavour
This is perhaps not an orion fault but it is very strange.. I am using o4j 1.0.2.2; my client is an applet using ie 5.5 and jre 1.3.0. Sometimes happens that the client (applet) can't retriveve a file from the o4j server, but the file in fact is always there, the url is correct and this behaviour is sporadic.. From my jre console: Opening http://172.22.8.83:/TitoliPers/communications.properties with cookie JSESSIONID=FJMHEGHCCCJF. java.io.FileNotFoundException: http://172.22.8.83:/TitoliPers/communications.properties at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source) at sun.plugin.protocol.jdk12.http.HttpURLConnection.getInputStream(Unknown Source) at messaggi.CommunicationParameters.init(CommunicationParameters.java:30) at ambvis.AmbJApplet.init(AmbJApplet.java) at applet.AppletTitoliPersonale.init(AppletTitoliPersonale.java:210) at sun.applet.AppletPanel.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Looking in the log/default-web-app.log in o4j i have corresponding to this exception a bad request like this: 172.22.12.235 - - [30/Jan/2002:11:17:31 +0100] ET /TitoliPers/communications.properties HTTP/1.1 405 138 that is, instead of a GET request i have a ET request in the log, and so naturally the 405 error code. I dont know what to whink about this, especially because the error is sporadic.. p.s. applet is using the standard java.util.URLConnection to open the file..
Re: Application Client JMS
Hi, no, it is an application client, i.e. a normal Java - Applikation. I´d like to write a small Swing - app which monitors the messaging. I´m using Orion´s JMS. I want the application to look up an existing Topic on the server via JNDI and post / receive messages to / from this Topic. thanks, Jochen Manoj Sadangi schrieb: Hi Jochen , The MessageMonitor class you have written , is it a servlet? r u using Orion's JMS? thanks, manoj. Jochen Kressin wrote: Hi, i have some problems writing an application client that uses JMS. I have created a SessionBean which publishes messages and a MDB which receives the messages. This works fine. I now want to write a client application that can participate in messaging. The client connects to the server without problems, but messages published by the client seem to go nowhere. The MDB does not receive anything. Also, the client does not receive any messages sent by the SessionBean. The directory structure of the client app is: client +--- MessageMonitor.class +--- META-INF +---application-client.xml +---orion-application-client.xml The application-client.xml: ... resource-ref res-ref-namejms/TopicConnectionFactory/res-ref-name res-typejavax.jms.TopicConnectionFactory/res-type res-authContainer/res-auth /resource-ref resource-ref res-ref-namejms/BenelogNewOrder/res-ref-name res-typejavax.jms.Topic/res-type res-authContainer/res-auth /resource-ref where BenelogNewOrder is the name of the Topic I would like to subscribe to. The client looks up the Topic using something like: lookup(java:comp/env/jms/BenelogNewOrder); Please give me some hint what i am doing wrong. Also, any informations where to find more about app-clients Orion is appreciated. Neither orion nor atlassian seem to have tutorials on this topic. Thanks in advance! Jochen -- - Jochen Kressin [EMAIL PROTECTED] Interested in distributed computing? http://www.jeremi.org
Re: hot redeployment - how to preserve session state?
Hi you all, i have a question. I have an oracle data-source configured on a 1.5.2 orion server. Here you are: data-sourcesdata-source class="com.evermind.sql.DriverManagerDataSource" name="IMS" location="jdbc/IMSCoreDS" xa-location="jdbc/xa/IMSXADS" ejb-location="jdbc/IMSDS" schema="database-schemas/oracle.xml" connection-driver="oracle.jdbc.driver.OracleDriver" username="user" password="password" url="jdbc:oracle:thin:@10.3.1.6:port:SID" inactivity-timeout="30" //data-sources It works fine. But the problem comes when i have a network problem to connect to the data-base. Then orion isn't able to make a connection and instead of giving up connecting after 3 attemps(as i read this is the default value for the max-connect-attempts) itgetshanged up trying toconnect. is there any way to tell orion a connection timeoutfor oracle connections? Thank u. - Original Message - From: "Daniel López" [EMAIL PROTECTED] To: "Orion-Interest" [EMAIL PROTECTED] Sent: Wednesday, January 30, 2002 1:10 PM Subject: Re: hot redeployment - how to preserve session state? Hi Peter, We use hot-deployment in production, to be able to update the application without losing all the sessions. But you have to configure Orion explicitly to keep the session state, as it is disabled by default. On the other hand, we also us it during development, but if you update the ear file very often, you usually ends up complaining with an OutOfMemoryException or some sort of decompression problems. So it is not very stable when used very often in a short period of time. That's why we try no to hot-deploy the ears in production very often, as it might cause a kaa-boum. I hope it helps, D. Peter Beck wrote: I tried to use the hot-deploy just for development to not always have to restart Orion and log in. To only have to restart the server when classes change which are stored in the session would be better than on every little change during bug fixing... On this list I read about people using this, and the problem they were talking about most of the time was that classes have to be serializable... Now I tried that with a few objects in the session, and all of them were lost after touching application.xml. PeterAaron Tavistock wrote:I'm not currently doing hot-deploy, but I've always wonder how it could posibly work given that a serialized class might have the underlying base class changed during hot-deploy (e.g. the classic 'run instance' is different than a 'new instance' problem that java throws a ClassCastException from). Its also theoretically problematic (I'm not sure if instanceof or reflection will work properly). Since this is a very low-level issue (e.g. Java simply doesn't have the facilities to really handle this), how does hot-deply work? The only reliable strategy would appear to be to preserver primatives (since they don't change), maybe preserve 'well-defined' objects (java.util.* is unlikely to change), and discard all the rest. Any thoughts? AT -Original Message- From: Peter Beck [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 29, 2002 7:41 AM To: Orion-Interest Subject: hot redeployment - how to preserve session state? After a forced redeployment of an application on Orion 1.5.3 by touching application.xml my session state seemst to be completely lost. I have set development=true in my global-web-application.xml, and the switch is present in the orion-web.xml in the application- deployment directory. The variables I try to serialize implement the Serializable interface. Some of them are simple JavaBeans, others just Strings. For testing I use a JSP which prints the variables in the session. Before the redeployment everything is there. and when a user is logged in, request.getRemoteUser() gives me the correct user name. After the redeployment session.toString() still gives me the same ID as before, but all variables in the session are gone. Even request.getRemoteUser() == null. What am I missing? Peter
Re: MQSeries as JMS provider?
Look into the archives. Some time back Kaseman, Mark T has submitted his code for MQ-Series JMS integration. I am attaching his code and mail again I wanted to write an MVS Batch COBOL program that updates an MVS (OS/390) MQSeries queue and have it trigger a MDB on an Orion server. To do this, my MVS MQSeries has a remote queue definition pointing to an NT Server running MQSeries and Orion 1.5.2. Next I followed the Resource Providers documentation on www.orionserver.com and used the ContextScanningResourceProvider without any changes to be my MQSeries resource provider. I compiled this class and created a jar file, which I added to Orion/Lib, along with the various IBM MQSeries jars and the Sun JNDI File System provider jars. I then made the necessary Orion xml file updates and to my amazement it works. I can update an MVS MQSeries queue and have it trigger a Orion MDB on an NT server. The zip file contains all source code. mdb_orion_jms.ZIP Below is the sample output from the Orion DOS prompt. I tried writting to the MDB queue via a jsp = servlet = SLSB and from an MVS Batch COBOL program. Auto-unpacking C:\TEMP\orion\applications\mdb-orion.ear... done. Auto-unpacking C:\TEMP\orion\applications\mdb-orion\mdb-orion-web.war... done. Auto-deploying mdb-orion-web (Assembly had been updated)... Auto-deploying mdb-orion-ejb.jar (ejb-jar.xml had been touched since the previou s deployment)... done. Orion/1.5.2 initialized Auto-deploying ejb - servlet mdb test (Assembly had been updated)... SampleBeanSLSB: message = msg via jsp to servlet InitialDirContext ctx done: javax.naming.InitialContext@470b0d ctx QCF done: com.ibm.mq.jms.MQQueueConnectionFactory@bd614064 queueFactory.createQueueConnection() done: com.ibm.mq.jms.MQQueueConnection@3ef361 queueConnection.createQueueSession() done: (Queue)ctx.lookup() done: queueSession.createSender(queue) done: queueSession.createTextMessage() done: message.setText(msg) done: queueSender.send(queue, message) done: Bean got message: msg via jsp to servlet queueConnection.close() done: Bean got message: TEST MVS-TO-NT TALKING - Original Message - From: Keith Kee [EMAIL PROTECTED] To: Orion-Interest [EMAIL PROTECTED] Sent: Tuesday, January 29, 2002 9:30 PM Subject: MQSeries as JMS provider? Hi: Has anyone have any sucess integrating MQSeries as the JMS provider for the orion server? Thanks keith mdb_orion_jms.ZIP Description: Binary data
RE: java.lang.InternalError: Illegal removing from cache
Same happend to me some time ago. Ensure your PK class is ok and you overrides equals() and hashcode(). I had a copy and paste error in equals which caused the issue. (Yeah, I know, copy and paste is not a design pattern ;). Jens | -Original Message- | From: [EMAIL PROTECTED] | [mailto:[EMAIL PROTECTED]]On Behalf Of test test | Sent: Wednesday, January 30, 2002 12:00 PM | To: Orion-Interest | Subject: java.lang.InternalError: Illegal removing from cache | | | Whilst doing an ejbRemove on a BMP EJB I get the following exception. It | would appear that the deletion from the database is successful, | but is then | rolled back. Has anyone got any ideas about this? | Thanks in advance - | Tom | (Orion 1.5.2, SQL Server, Win 2000) | | | java.lang.InternalError: Illegal removing from cache of | com.aconitesolutions.esp.model.ESPBusinessFunctionKey@16592a6 | at com.evermind[Orion/1.5.2 (build | 10460)].server.ejb.EntityEJBHome.removeInstance(Unknown Source) | at | ESPBusinessFunction_EntityBeanWrapper2.remove(ESPBusinessFunction_ | EntityBeanWrapper2.java:122) | at | com.aconitesolutions.esp.manager.action.DeleteBusinessFunctionActi | on.process(DeleteBusinessFunctionAction.java:90) | at | com.aconitesolutions.utils.servlet.ActionServlet.processRequest(Ac | tionServlet.java:154) | at | com.aconitesolutions.utils.servlet.ActionServlet.doPost(ActionServ | let.java:106) | at javax.servlet.http.HttpServlet.service(HttpServlet.java:211) | at javax.servlet.http.HttpServlet.service(HttpServlet.java:309) | at javax.servlet.http.HttpServlet.service(HttpServlet.java:336) | at com.evermind[Orion/1.5.2 (build 10460)]._cxb._abe(Unknown Source) | at com.evermind[Orion/1.5.2 (build 10460)]._cxb._uec(Unknown Source) | at com.evermind[Orion/1.5.2 (build 10460)]._io._twc(Unknown Source) | at com.evermind[Orion/1.5.2 (build 10460)]._io._gc(Unknown Source) | at com.evermind[Orion/1.5.2 (build 10460)]._if.run(Unknown Source) | | | _ | Chat with friends online, try MSN Messenger: http://messenger.msn.com |
RE: IllegalStateException
Well ... usually I avoid issues such as yours by calling the scheduled operations from an external system. Although orion allows user threads other EJB Containers don't. Also I have noticed that Orion looses from time to time it's JNDI Context by doing so. Bottom line: Don't use user threads. Don't break EJB spec. I did not dig into former mails send by you to the list but why don't you use CRON or equal to trigger your action? You might be able to solve it within an hour ... are able to restart whenever you want ... and don't break EJB spec. Jens | -Original Message- | From: [EMAIL PROTECTED] | [mailto:[EMAIL PROTECTED]]On Behalf Of Magnus Hoem | Sent: Wednesday, January 30, 2002 4:46 PM | To: Orion-Interest | Subject: Re: IllegalStateException | | | Hello again! | The original error still seems to be there. I've relocated my Timer to a | seperate application (it was only used to post messages to a topic). | Because of that I am no longer using a Thread in my EJB:s (which was | suggested earlier that it might be the problem). I am starting orion | with the switch -userThreads. | | No matter what I do I still get the java.lang.IllegalStateException: | Transaction expired (Committed) error. My system starts without a | problem, it runs for a short period of time, (with all the jsp-pages | working fine) and then all of a sudden I get the error. I am monotoring | all the messages sent to the topic, so I can se that the beans still are | working (there are still messages beeing published on the Topic every | now and then). The problem is that I can't access any of the methods in | the home-interface. | | Anybody have an idea? | | Thanks, | Magnus | | On måndag, januari 28, 2002, at 07:25 , Alex Paransky wrote: | | You mention that one of the entity beans contains a timer, but you have | not mentioned how are you holding on to that timer. Is it a Static | reference in the entity bean or is it a Member of the EJB? Container | could physically remove the EJB from memory at any time, how are you | dealing with this? | | A typical Timer implementation uses a thread. You cannot start or stop | threads in an EJB object. If you want to use a timer, you might want | to consider using an external object that lives outside of EJB and | triggers events on a periodic basis. If you need access to that object | you might want to create an RMI object, and deploy it into the orion | JNDI tree so you can have access to it from EJB. | | -AP_ | | -Original Message- | From: [EMAIL PROTECTED] [mailto:owner-orion- | [EMAIL PROTECTED]]On Behalf Of Magnus Hoem | Sent: Monday, January 28, 2002 3:33 AM | To: Orion-Interest | Subject: IllegalStateException | | Hi! | I have a strange problem which I can't find a solution to. I am running | a system with a two message-driven beans and a couple of entity beans. | They are all listening to (and able to publish messages to) the same | Topic. One of the entity beans contains a Timer with a couple of | TimerTasks that publish messages to the topic that tells to mdb:s to do | different things. I also have a jsp that refreshes itself every couple | of minutes. When the system has been up and running for a while I | suddenly get a very strange error. When the self-refreshing jsp-page | (or load any other jsp-page connected to the system) is loaded I get | java.lang.IllegalStateException: Transaction expired (Committed) and | a reference to the line in the jsp where I try to connect to the Home | interface and run the create(), findByPrimaryKey() or findAll() | methods. Does anybody know why this happens and have a sollution? | I log all the messages sent to the topic, and the timer-bean keeps | sending messages after the error occurs... | | Thanks, | Magnus | |
RE: long sessions
The only real disadvantage is that you are making your memory footprint larger, but that can cause other sorts of situations (OutOfMemoryExceptions, making garbage collection take longer and potentially eat up more CPU, etc). Of course you could always just increase the memory allocated to the JVM. If the user object is the only thing in the session and its relatively light-weight, its probably not a big deal. If the user object is mid sized or larger, or you are storing other things in the session expect to see a noticable memory increase. -Original Message- From: Tim Courtney [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 29, 2002 7:17 PM To: Orion-Interest Subject: long sessions I have kind of a general app server question: I have a servlet that puts a user object into session - HttpSession session = req.getSession(true); session.setAttribute(user, user); - We use this object to check if a visitor has logged into the web site or not My boss has asked me to increase the timeout of this session to 8 hours !!! Apart from the obvious security issue, I was wondering about the load on the server. Is holding too many session at once a common cause of server failure ? I can't really give details about the number of users, but assume there will be a few hundred at any one time. The hardware specs of the app server are about mid range. thanks
Re: long sessions
We use this object to check if a visitor has logged into the web site or not
Using HttpSession for checking definitatively whether that user has
logged in or not won't
work.
The HttpSession will still be associated with that user's browser if and
only if they
use the same browser. If they use Netscape VS IE, different cookie and
thus different
HttpSession. Stop start the same browser, different cookie again.
Use a HashMap/HashTable in the ServletContext object, keyed on userID
instead. Create an instance of UserAccess object and add to the the
HashMap in the
ServletContext.
class UserAccess {
Date lastAccessDate;
String userID;
...
}
This will be absolutely a minimal impact on memory foot print and work.
Good luck,
curt
Re: how to allow certain IPs to access my directory
Hi Takeo, Wehn we came across this issue, we wrote our own servlet filter as IP based security is not defined in the JDK spec and then, even if you fin a solution like the one you ask, it will be orion-specific and non-portable. On the other hand, if you write your filter carefully, you can have a pretty flexible tool to do what you want (In our case we define the IP/Hostname masks through an XML document that can be loaded through the network, filesystem...). regards, D. Takeo Kameda wrote: Hi All. This is my first post. I would like to allow only certain IPs to access some of my site. I know that can be done in orion-web.xml using access-mask/ip-access, but I believe it can only be applied to the whole application. What I want to do is to block IPs only to a certain directory. Is there any easy way to do that, like using .htaccess for apache? or, do I have to write my own servlet filter for that? thanks in advance.
