Re: [Resin-interest] ssl port

2007-06-01 Thread Sam 
Resin 3.1.1 includes some features in rewrite-dispatch that may be able
to help:
http://www.caucho.com/resin-3.1/doc/rewrite-tags.xtp#set

Basically, there is facility to set the isSecure method of the request
to return true if there is some condition of the request (such as a
header set by the load balancer) that can be used to determine that the
request should be secure.

http://caucho.com/ns/resin";>

  

  

  



If the load balancer is configured to proxy regular requests to port
8080 and SSL requests to port 8443 then something like the following
should work:

http://caucho.com/ns/resin";>

  

  

  



-- Sam



___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Re: [Resin-interest] ssl port

2007-06-01 Thread Knut Forkalsrud 
Michael Fortin wrote:
> What  do you mean by 'request adapter'?
>   
I mean the Wrapper or Decorator pattern, more specifically
http://java.sun.com/j2ee/1.4/docs/api/javax/servlet/http/HttpServletRequestWrapper.html

Subclass this one and override isSecure().  Then use a filter to inject 
the wrapped request
making that what the rest of your webapp sees.

-Knut


___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Re: [Resin-interest] ssl port

2007-06-01 Thread Michael Fortin 
We do have a header attribute that tells us if it's secure or not which 
I could use in a filter.  That would be an acceptable solution.   I've 
tried modifying the request in a filter before I tried setting up the 
8443 port but isSecure is immutable.  What  do you mean by 'request 
adapter'?

Michael

Knut Forkalsrud wrote:
> Michael Fortin wrote:
>   
>> How do I configure resin to know the request on 8443 is secure?
>>   
>> 
>
> If your advanced load balancer can inject an HTTP header in the SSL
> requests
> you can use a servlet filter to add a request adapter that overrides the
> isSecure method.
>
> -Knut
>
>
>
>
> ___
> resin-interest mailing list
> resin-interest@caucho.com
> http://maillist.caucho.com/mailman/listinfo/resin-interest
>   


___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Re: [Resin-interest] ssl port

2007-06-01 Thread Knut Forkalsrud 
Michael Fortin wrote:
> How do I configure resin to know the request on 8443 is secure?
>   

If your advanced load balancer can inject an HTTP header in the SSL
requests
you can use a servlet filter to add a request adapter that overrides the
isSecure method.

-Knut




___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Re: [Resin-interest] ssl port

2007-06-01 Thread Michael Fortin 
Hi Bill,

I've just tested my theory and it didn't work as I had hoped, the 
request is not flaged as secure.  In my resin.conf :




 
   

and I setup a simple jsp that outputs:

Secure? <%= request.isSecure() %>


when I call either of the following urls secure is false.

http://172.30.1.219:8080/test.jsp
http://172.30.1.219:8443/test.jsp


How do I configure resin to know the request on 8443 is secure?


Thanks,
Michael

Bill Au wrote:
> There is a  under 
>
> http://www.caucho.com/resin-3.0/config/resin.xtp#host
>
> You may have to use that to set the port number for SSL.
>
> Bill
>
> On 6/1/07, *Michael Fortin* <[EMAIL PROTECTED] 
> > wrote:
>
> Hi Bill,
>
> Thanks for the response.  Honestly, I haven't tested it just yet.  I
> didn't see a 'secure' attribute on the  config element so
> I just
> wanted to confirm that 8443 will implicitly be secure even though I'm
> not setting an encryption handler.  I didn't see anything here
> (http://caucho.com/resin-3.0/security/ssl.xtp#notneeded)  about it.
> I'll be back if it doesn't work.
>
> Thanks again,
> Michael
>
>
> Bill Au wrote:
> > With the SSL port set up in Resin, relative redirect on a https
> > request should go to the SSL port.  Is that not the case?
> >
> > Bill
> >
> > On 6/1/07, *Michael Fortin * <[EMAIL PROTECTED]
> 
> > >>
> wrote:
> >
> > Hello,
> >
> > We have our servers setup behind a load balancer and the
> load balancer
> > does all the encryption for ssl.  All traffic inside our
> network is on
> > port 8080.  If I do a relative redirect on a request from a
> secure
> > url
> > it returns an insecure url.  To try and fix this I setup
> another http
> > port in the resin conf for 8443 and set the load balancer to
> send
> > secure
> > traffic to that port.  Tomcat has a isSecure flag on it's
> > connector to
> > tell the request it's a secure request even though it's already
> > decrypted.  Does resin have something like that?  Will resin
> know to
> > make a secure link on that port?
> >
> > Resin version 3.0.18
> > JDK 1.5.0_10
> > Linux
> >
> > Thanks
> > Michael
> >
> >
> > ___
> > resin-interest mailing list
> > resin-interest@caucho.com 
> >
> > http://maillist.caucho.com/mailman/listinfo/resin-interest
> >
> >
> >
> 
> >
> > ___
> > resin-interest mailing list
> > resin-interest@caucho.com 
> > http://maillist.caucho.com/mailman/listinfo/resin-interest
> 
> >
>
>
> ___
> resin-interest mailing list
> resin-interest@caucho.com 
> http://maillist.caucho.com/mailman/listinfo/resin-interest
>
>
> 
>
> ___
> resin-interest mailing list
> resin-interest@caucho.com
> http://maillist.caucho.com/mailman/listinfo/resin-interest
>   


___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Re: [Resin-interest] ssl port

2007-06-01 Thread Bill Au 

There is a  under 

http://www.caucho.com/resin-3.0/config/resin.xtp#host

You may have to use that to set the port number for SSL.

Bill

On 6/1/07, Michael Fortin <[EMAIL PROTECTED]> wrote:


Hi Bill,

Thanks for the response.  Honestly, I haven't tested it just yet.  I
didn't see a 'secure' attribute on the  config element so I just
wanted to confirm that 8443 will implicitly be secure even though I'm
not setting an encryption handler.  I didn't see anything here
(http://caucho.com/resin-3.0/security/ssl.xtp#notneeded)  about it.
I'll be back if it doesn't work.

Thanks again,
Michael


Bill Au wrote:
> With the SSL port set up in Resin, relative redirect on a https
> request should go to the SSL port.  Is that not the case?
>
> Bill
>
> On 6/1/07, *Michael Fortin * <[EMAIL PROTECTED]
> > wrote:
>
> Hello,
>
> We have our servers setup behind a load balancer and the load
balancer
> does all the encryption for ssl.  All traffic inside our network is
on
> port 8080.  If I do a relative redirect on a request from a secure
> url
> it returns an insecure url.  To try and fix this I setup another
http
> port in the resin conf for 8443 and set the load balancer to send
> secure
> traffic to that port.  Tomcat has a isSecure flag on it's
> connector to
> tell the request it's a secure request even though it's already
> decrypted.  Does resin have something like that?  Will resin know to
> make a secure link on that port?
>
> Resin version 3.0.18
> JDK 1.5.0_10
> Linux
>
> Thanks
> Michael
>
>
> ___
> resin-interest mailing list
> resin-interest@caucho.com 
> http://maillist.caucho.com/mailman/listinfo/resin-interest
>
>
> 
>
> ___
> resin-interest mailing list
> resin-interest@caucho.com
> http://maillist.caucho.com/mailman/listinfo/resin-interest
>


___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Re: [Resin-interest] ssl port

2007-06-01 Thread Michael Fortin 
Hi Bill,

Thanks for the response.  Honestly, I haven't tested it just yet.  I 
didn't see a 'secure' attribute on the  config element so I just 
wanted to confirm that 8443 will implicitly be secure even though I'm 
not setting an encryption handler.  I didn't see anything here 
(http://caucho.com/resin-3.0/security/ssl.xtp#notneeded)  about it.  
I'll be back if it doesn't work.

Thanks again,
Michael


Bill Au wrote:
> With the SSL port set up in Resin, relative redirect on a https 
> request should go to the SSL port.  Is that not the case?
>
> Bill
>
> On 6/1/07, *Michael Fortin * <[EMAIL PROTECTED] 
> > wrote:
>
> Hello,
>
> We have our servers setup behind a load balancer and the load balancer
> does all the encryption for ssl.  All traffic inside our network is on
> port 8080.  If I do a relative redirect on a request from a secure
> url
> it returns an insecure url.  To try and fix this I setup another http
> port in the resin conf for 8443 and set the load balancer to send
> secure
> traffic to that port.  Tomcat has a isSecure flag on it's
> connector to
> tell the request it's a secure request even though it's already
> decrypted.  Does resin have something like that?  Will resin know to
> make a secure link on that port?
>
> Resin version 3.0.18
> JDK 1.5.0_10
> Linux
>
> Thanks
> Michael
>
>
> ___
> resin-interest mailing list
> resin-interest@caucho.com 
> http://maillist.caucho.com/mailman/listinfo/resin-interest
>
>
> 
>
> ___
> resin-interest mailing list
> resin-interest@caucho.com
> http://maillist.caucho.com/mailman/listinfo/resin-interest
>   


___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Re: [Resin-interest] ssl port

2007-06-01 Thread Bill Au 

With the SSL port set up in Resin, relative redirect on a https request
should go to the SSL port.  Is that not the case?

Bill

On 6/1/07, Michael Fortin <[EMAIL PROTECTED]> wrote:


Hello,

We have our servers setup behind a load balancer and the load balancer
does all the encryption for ssl.  All traffic inside our network is on
port 8080.  If I do a relative redirect on a request from a secure url
it returns an insecure url.  To try and fix this I setup another http
port in the resin conf for 8443 and set the load balancer to send secure
traffic to that port.  Tomcat has a isSecure flag on it's connector to
tell the request it's a secure request even though it's already
decrypted.  Does resin have something like that?  Will resin know to
make a secure link on that port?

Resin version 3.0.18
JDK 1.5.0_10
Linux

Thanks
Michael


___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

[Resin-interest] ssl port

2007-06-01 Thread Michael Fortin 
Hello,

We have our servers setup behind a load balancer and the load balancer 
does all the encryption for ssl.  All traffic inside our network is on 
port 8080.  If I do a relative redirect on a request from a secure url 
it returns an insecure url.  To try and fix this I setup another http 
port in the resin conf for 8443 and set the load balancer to send secure 
traffic to that port.  Tomcat has a isSecure flag on it's connector to 
tell the request it's a secure request even though it's already 
decrypted.  Does resin have something like that?  Will resin know to 
make a secure link on that port?

Resin version 3.0.18
JDK 1.5.0_10
Linux

Thanks
Michael


___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Re: [Resin-interest] On the subject of JSP compilation...

2007-06-01 Thread Yong Bakos 

John, check out resin's work directory for the source of the  
resulting class to which your jsp becomes.



On Jun 1, 2007, at 3:35 AM, John Steel wrote:

I've been using this pattern for some time with excellent results:
<%
 if (user == null) {
%>
  <%@ include file="/jsp/loginpanel.jsp" %>
<%
} else {
%>
  <%@ include file="/jsp/logoutpanel.jsp" %>
<%
}
%>
I'm curious how this affects performance. In once sense, the "assembled"
jsp is being changed each visit. So is it rebuilt each time? What gets
cached?

-- 
--
http://www.phonewebcam.com
[EMAIL PROTECTED]



___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest



___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

[Resin-interest] Problem Getting Initial Context for EJB

2007-06-01 Thread Phillpotts, James 
Hi,

I'm having a strange problem with my EJB over IIOP, in Resin 3.0 - I was
wondering if anyone might be able to give me some pointers, as I'm
thoroughly stuck now!

When I try to get the initial context, I get the following error in the
client:

javax.naming.ConfigurationException: MyEJBBean does not name a
NamingContext

On the resin side, I get the following logging:

IIOP[6]: handle request
IIOP[6] OID: /NameService
IIOP-call: com.caucho.iiop.CosServer.resolve
IIOP NameService lookup: /MyEJBBean
IIOP[6]: recycle
[6] keepalive (thread)
IIOP[6]: handle request
IIOP[6] OID: /MyEJBBean
IIOP-call: mypackage.MyEJBHome._is_a
IIOP _is_a: class _ejb.MyEJBBean.MyEJBBean__EJB$RemoteHome
org.omg.CosNaming.NamingContext false
IIOP[6] complete request
IIOP[6]: recycle
[6] keepalive (thread)

Can anyone offer any advice?

TIA,
James


PS - Some configuration details follow:


EJB Definition
==



  
MyEJBBean
mypackage.MyEJBHome
mypackage.MyEJB
mypackage.MyEJBBean
Stateless
Container
  




web.xml
===






resin.conf
==


...

...



  



This e-mail and any attachment is for authorised use by the intended 
recipient(s) only. It may contain proprietary material, confidential 
information and/or be subject to legal privilege. It should not be copied, 
disclosed to, retained or used by, any other party. If you are not an intended 
recipient then please promptly delete this e-mail and any attachment and all 
copies and inform the sender. Thank you.


___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Re: [Resin-interest] On the subject of JSP compilation...

2007-06-01 Thread Serge Knystautas 
John Steel wrote:
> I've been using this pattern for some time with excellent results:
> <%
> if (user == null) {
> %>   
>  <%@ include file="/jsp/loginpanel.jsp" %>
> <%
> } else {
> %>   
>  <%@ include file="/jsp/logoutpanel.jsp" %>
> <%
> }
> %>   
> I'm curious how this affects performance. In once sense, the "assembled" 
> jsp is being changed each visit. So is it rebuilt each time? What gets 
> cached?

It is much less complicated than you are imagining.  <%@ include %> is a 
static compilation, means that effectively /jsp/loginpanel.jsp and 
/log/logoutpanel.jsp are cut and paste into your main JSP before it is 
compiled.  There is no caching or recompiling or anything, anymore than 
the following code would be recompiled or cached specially:

<%
if (user == null) {
   %>Red<%
} else {
   %>Blue<%
}
%>

-- 
Serge Knystautas
Lokitech >> software . strategy . design >> http://www.lokitech.com
p. 301.656.5501
e. [EMAIL PROTECTED]


___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

[Resin-interest] On the subject of JSP compilation...

2007-06-01 Thread John Steel 
I've been using this pattern for some time with excellent results:
<%
if (user == null) {
%>   
 <%@ include file="/jsp/loginpanel.jsp" %>
<%
} else {
%>   
 <%@ include file="/jsp/logoutpanel.jsp" %>
<%
}
%>   
I'm curious how this affects performance. In once sense, the "assembled" 
jsp is being changed each visit. So is it rebuilt each time? What gets 
cached?

-- 
--
http://www.phonewebcam.com
[EMAIL PROTECTED]



___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Re: [Resin-interest] What is creating log/jvm-default.log andlog/watchdog-manager.log files

2007-06-01 Thread andy.duplain 
That won't be a problem - I am using logrotate to rotate the logs, and
not the rollover options within resin.  Currently 3 log files exist in
that directory:

jvm-default.log
watchdog-manager.log
resin.log (as per the log element I mentioned in my initial post).

Cheers,
Andy

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Matt Pangaro
Sent: Thursday, May 31, 2007 4:27 PM
To: General Discussion for the Resin application server
Subject: Re: [Resin-interest] What is creating log/jvm-default.log
andlog/watchdog-manager.log files

Andy,
I'm not sure if this still applies in 3.1.x, but in prior versions there

was a downside to co-opting that core JVM log. If you force that into 
your main console (stderr/out) log, Resin may not be able to roll it any

more. You can use that arg to put the core jvm log where you want it, 
but you may still want to keep it separate from your main console logs.

Matt Pangaro
Lokitech >> software . strategy . design
http://www.lokitech.com
m. 1.301.728.6906
f. 1.815.364.0656
e. [EMAIL PROTECTED]


[EMAIL PROTECTED] wrote:
> Darn - I should really explore all possibilities before posting.  I
> downloaded the source in the end and found out what was creating these
> logs - the solution is to use the (undocumented?) command line
argument
> -log-directory when starting resin, and making the logfile name
relative
> (i.e. "resin.log").
> 
> Oh well, I hope that might help someone,
> Cheers,
> Andy 
> 



___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest


___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest