Re: [Resin-interest] configure error on mac for 4.0.13
You now have to also install the developer package... http://lookfirst.com/2010/10/how-to-fix-missing-source-for-latest.html thanks apple. jon On Sun, Nov 14, 2010 at 2:10 AM, Riccardo Cohen r...@architectedulogiciel.frwrote: Hi Alex, thanks for your help I use the native java installed: java -version java version 1.6.0_22 Java(TM) SE Runtime Environment (build 1.6.0_22-b04-307-10M3261) Java HotSpot(TM) Client VM (build 17.1-b03-307, mixed mode) Actually you are right, the soft link send to a directory that does not exists : in /System/Library/Frameworks/JavaVM.framework/Versions/Current/Headers/ jni_md.h - ../../CurrentJDK/Headers/jni_md.h jvmti.h - ../../CurrentJDK/Headers/jvmti.h and there is no in /System/Library/Frameworks/JavaVM.framework/Versions/CurrentJDK/Headers directory... I clicked on both your links but there is an error with a white page... Should I be connected to apple dev account ? On the other hand, the jvmti.h is present in /System/Library/Frameworks/JavaVM.framework/Headers, and writing it hardcoded in the script will make the configure script work. The make problem does not seem to be related with java but with m4. Thanks a lot On 14/11/10 02:22, Alex wrote: Hello I try to compile resin 4.0.13 pro on macosx 10.6.4 intel Are you running JavaForMacOSX10.6 Update3 ? If so, update 3 removed the jvmti.h on my machine when I installed it. The soft-links exist but they point nowhere. I filed a bug with apple, and you can file one too if you can't see and vote: http://alturl.com/7je6e https://bugreport.apple.com/cgi-bin/WebObjects/RadarWeb.woa/12/wo/Z8gO7kmC3Cif9j23CAoM8M/5.83.28.0.9 Thanks, Alex Here is the error during ./configure : configure: error: *** Can't find JNI directory in JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/CurrentJDK/Home *** JNI is expected in /System/Library/Frameworks/JavaVM.framework/Versions/CurrentJDK/Home/include/ In configure script there is a test -r $JAVA_HOME/../Headers/jni_md.h and this actually won't work because /System/Library/Frameworks/JavaVM.framework/Headers/jni_md.h exists but is a soft link within a directory which is a soft link : ll /System/Library/Frameworks/JavaVM.framework/Headers/jni_md.h lrwxr-xr-x 1 root wheel 33 24 jul 16:15 /System/Library/Frameworks/JavaVM.framework/Headers/jni_md.h - ../../CurrentJDK/Headers/jni_md.h ll /System/Library/Frameworks/JavaVM.framework/Headers lrwxr-xr-x 1 root wheel 24 25 oct 08:50 /System/Library/Frameworks/JavaVM.framework/Headers - Versions/Current/Headers So replacing test -r by test -L should normally work, but actually it won't, because : test -L /System/Library/Frameworks/JavaVM.framework/Headers/jni_md.h echo $? 0 all right without /../, BUT : test -L /System/Library/Frameworks/JavaVM.framework/Versions/CurrentJDK/Home/../Headers/jni_md.h echo $? 1 fails with the /../ For the moment I replaced with full path hardcoded Same problem for JVMTI except that the test -L will work. Now configure is all right but make as an error : make Makefile:283: warning: overriding commands for target `modules/c/src/Makefile' Makefile:273: warning: ignoring old commands for target `modules/c/src/Makefile' CDPATH=${ZSH_VERSION+.}: cd . aclocal -I m4 aclocal: couldn't open directory `m4': No such file or directory make: *** [aclocal.m4] Error 1 I don't know how to solve this one. Thanks for your help. For information, there was no error in 4.0.10 -- Riccardo Cohen Architecte du Logiciel http://www.architectedulogiciel.fr +33 (0)6.09.83.64.49 Membre du réseau http://www.reflexe-conseil-centre.org ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest -- Riccardo Cohen Architecte du Logiciel http://www.architectedulogiciel.fr +33 (0)6.09.83.64.49 Membre du réseau http://www.reflexe-conseil-centre.org ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Firewall Question
Many firewalls can only block 256 ip's at a time. It becomes an expensive process for them to do packet inspection at that layer. You also need to setup a system to figure out which ip's to block and then pass those to the firewall. In my experience, this was a failable system because as soon as you block an IP, you could be potentially blocking a LOT of ip's if you block the wrong NAT gateway. =) You don't want to lock out the wrong people. I built a system like this for my last company called the 'autocockblocker'... it looked for attempts at repeated login/registration attempts and would tell the firewall to IP block those people... we ended up having to pretty much turn it off cause of the NAT issue. Really though, there are large companies (aka: cisco... aka http://www.ironport.com/) that make products that do exactly what you are proposing. I don't see a reason to do this within an app container like resin. That said, the utility of these products is always questionable if you have vectors in your application that are open for attack and thus needs a product like this, you probably have bigger issues anyway. =) jon On Thu, Jul 22, 2010 at 11:59 AM, Rob Lockstone lockst...@mac.com wrote: I'd think there'd be a way you could do this programatically with a filter. Though you'd need some way to notify your firewall to block the offending IP, and perhaps you don't have an actual firewall running. Then again, you could have another filter that rejects requests from listed IPs that your first filter writes to. :) I know, it's not an automatic feature; I'm just thinking out loud that it probably wouldn't be very hard to implement something that would do the job. Rob On Jul 21, 2010, at 12:47 , Aaron Freeman wrote: Jon, Right, so far that's been our tact. This one particular attack is a bit annoying because it's inflating our logs. I was just curious if this was a capability within Resin. We wouldn't take the time to write a custom tag or anything like that to stop it. Aaron On 7/21/2010 10:27 AM, Jon Stevens wrote: Having run very very large porn sites for a number of years, I've seen all sorts of automated 'attacks' like that. If you don't have anything responding to those url's, then you don't have any problems. =) Anyway, why bother? Just ignore it. I'm sure you have better things to do with your time than play whack-a-mole. jon On Wed, Jul 21, 2010 at 7:14 AM, Aaron Freemanaaron.free...@layerz.com wrote: Just wondering if anybody has ever worked through a scenario where you could automatically firewall off an IP address that requested a poisoned URL? There is an attacker continuously scanning all of our servers for a specific URL, but from several different IPs. It would be nice to be able to automatically firewall them off. Has anybody done anything like that before? Thanks, Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Firewall Question
Having run very very large porn sites for a number of years, I've seen all sorts of automated 'attacks' like that. If you don't have anything responding to those url's, then you don't have any problems. =) Anyway, why bother? Just ignore it. I'm sure you have better things to do with your time than play whack-a-mole. jon On Wed, Jul 21, 2010 at 7:14 AM, Aaron Freeman aaron.free...@layerz.com wrote: Just wondering if anybody has ever worked through a scenario where you could automatically firewall off an IP address that requested a poisoned URL? There is an attacker continuously scanning all of our servers for a specific URL, but from several different IPs. It would be nice to be able to automatically firewall them off. Has anybody done anything like that before? Thanks, Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Firewall Question
Disk space is cheap and your logs auto rotate. Hopefully you use a tool like 'grep' (aka: Splunk) to get the important bits (aka: stack traces) out of your logs. jon On Wed, Jul 21, 2010 at 12:47 PM, Aaron Freeman aaron.free...@layerz.com wrote: Jon, Right, so far that's been our tact. This one particular attack is a bit annoying because it's inflating our logs. I was just curious if this was a capability within Resin. We wouldn't take the time to write a custom tag or anything like that to stop it. Aaron On 7/21/2010 10:27 AM, Jon Stevens wrote: Having run very very large porn sites for a number of years, I've seen all sorts of automated 'attacks' like that. If you don't have anything responding to those url's, then you don't have any problems. =) Anyway, why bother? Just ignore it. I'm sure you have better things to do with your time than play whack-a-mole. jon On Wed, Jul 21, 2010 at 7:14 AM, Aaron Freemanaaron.free...@layerz.com wrote: Just wondering if anybody has ever worked through a scenario where you could automatically firewall off an IP address that requested a poisoned URL? There is an attacker continuously scanning all of our servers for a specific URL, but from several different IPs. It would be nice to be able to automatically firewall them off. Has anybody done anything like that before? Thanks, Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Question about Resin 4.0.6
I don't know if there is a way and it isn't something I'd depend on in the UI layer. Think of [class] like you'd think of an interface. You really should only put implementations of interfaces into the context. Otherwise, I'd consider putting a Map in there for the effect you want. jon On Fri, May 7, 2010 at 1:43 PM, Aaron Freeman aaron.free...@layerz.comwrote: Bummer, what's the proper way to test if a property exists then, since ${!empty [class].[property]} isn't the correct way? Thanks, Aaron On 5/7/2010 3:07 PM, Jon Stevens wrote: That is what JBoss does, so I'd say that Caucho fixed a bug. jon On Fri, May 7, 2010 at 12:59 PM, Aaron Freeman aaron.free...@layerz.comwrote: We are system testing Resin 4.0.6 with our old code base and found a curiosity. The following code used to work, regardless of what type receipt is: c:if test=${!empty receipt.details} Under Resin 3.0.x if receipt was a HashMap and had a details property then it would return true. If it was a HashMap and did not have a details property, it would correctly return false. And (most importantly), if receipt was _any_ other class, including built in java classes, it would just return false. With Resin 4.0.6 it now throws an error: 'details' is an unknown bean property of 'java.math.BigDecimal' That's not the expected behavior is it? Thanks, Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Sending log4j logs to the web apps log folder
I use this class to do JDK- commons-logging (which could either be modified to go directly to log4j or, just through CL and then to log4j)... import java.util.Map; import java.util.concurrent.ConcurrentHashMap; import java.util.logging.Handler; import java.util.logging.Level; import java.util.logging.LogManager; import java.util.logging.LogRecord; import java.util.logging.Logger; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; /** * Writes JDK log messages to commons logging. * * @see http://wiki.apache.org/myfaces/Trinidad_and_Common_Logging; */ public class JavaLoggingToCommonLoggingRedirector { static JDKLogHandler activeHandler; /** * Activates this feature. */ public static void activate() { try { Logger rootLogger = LogManager.getLogManager().getLogger(); // remove old handlers for (Handler handler : rootLogger.getHandlers()) { rootLogger.removeHandler(handler); } // add our own activeHandler = new JDKLogHandler(); activeHandler.setLevel(Level.ALL); rootLogger.addHandler(activeHandler); rootLogger.setLevel(Level.ALL); // done, let's check it right away!!! Logger.getLogger(JavaLoggingToCommonLoggingRedirector.class.getName()).info( activated: sending JDK log messages to Commons Logging); } catch (Exception exc) { LogFactory.getLog(JavaLoggingToCommonLoggingRedirector.class).error(activation failed, exc); } } public static void deactivate() { Logger rootLogger = LogManager.getLogManager().getLogger(); rootLogger.removeHandler(activeHandler); Logger.getLogger(JavaLoggingToCommonLoggingRedirector.class.getName()).info(dactivated); } protected static class JDKLogHandler extends Handler { private MapString, Log cachedLogs = new ConcurrentHashMapString, Log(); private Log getLog(String logName) { Log log = this.cachedLogs.get(logName); if (log == null) { log = LogFactory.getLog(logName); this.cachedLogs.put(logName, log); } return log; } @Override public void publish(LogRecord record) { Log log = this.getLog(record.getLoggerName()); String message = record.getMessage(); Throwable exception = record.getThrown(); Level level = record.getLevel(); if (level == Level.SEVERE) { log.error(message, exception); } else if (level == Level.WARNING) { log.warn(message, exception); } else if (level == Level.INFO) { log.info(message, exception); } else if (level == Level.CONFIG) { log.debug(message, exception); } else { log.trace(message, exception); } } @Override public void flush() { // nothing to do } @Override public void close() { // nothing to do } } } On Fri, Apr 2, 2010 at 12:14 PM, Scott Ferguson f...@caucho.com wrote: Stargazer wrote: If I have an entry in log4j.properties like this log4j.rootCategory=DEBUG, Console, R log4j.appender.R=org.apache.log4j.RollingFileAppender log4j.appender.R.File=log/mywebapp.log ... the logs from the webapp appear in $RESIN_HOME/log. Is there an entry I can use to get them to appear in the webapps WEB-INF/log without having to hard code the path please? I'm not as familiar with log4j as I should be. Is there a configuration to send the results to java.util.logging? All of Resin's logging is built around the JDK's logging system. -- Scott ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
[Resin-interest] minor issue in the security overview documentation
http://caucho.com/resin-4.0/admin/security-overview.xtp public void initialize(Subject subject, CallbackHandler handler, Map sharedState, Map options) { _subject = subject; _handler = handler; _state = sharedState; _userName = (String) _options.get(user); _password = (String) _options.get(password); } I don't think that _options is correct. =) jon ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Resin 4.0.5 Buffer Commit Point
This is why you don't put application logic into the view layer. Before you 'push' your data into the view, figure out if you want to do the redirect or not. jon On Thu, Mar 25, 2010 at 7:49 AM, Aaron Freeman aaron.free...@layerz.comwrote: We take some fairly lengthy queries (lengthy row based on row count), and push the data into hashmaps in JSTL pages. After that sometimes we evaluate the hashmap and sometimes have to redirect the request to another page. In 3.0.23 it works with no problems. In 4.0.5 we get java.lang.IllegalStateException: Can't sendRedirect() after data has committed to the client. The reason being, that the for loop is causing a ton of white space to be sent to be buffered up, and at some point a buffer size limit has been hit with only whitespace, causing Resin to then send the HTTP headers and commit the request. So in the for loop I can do this to fix the problem: c:forEach items=${requestScope.getRewriteUrlsQuery.rows} var=rewriteUrlsQuery % response.reset(); % /c:forEach The question is, is there a setting in the resin.xml where I can change the buffer size globally, or do we have to go to modify all JSPs that potentially have this problem? Was the default commit point changed between 3.0.x and 4.0.x, or some other architecture change, as we have never seen this until now?* * Thanks, Aaron* * ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Resin 4.0.5 Buffer Commit Point
I don't mind using JSP's for some of the (separated) control logic. For example, you have a form action: form action=email_confirm_submit.jsp Inside of it, it looks like this: http://code.google.com/p/subetha/source/browse/trunk/web/email_confirm_submit.jsp That said, look at that code. The logic for determining the next page to redirect to is either in the t:action or within the JSTL within the email_confirm_submit.jsp. Generally, it is nice to have it in JSTL because a UI person can change the location of the final page without having to modify java code to do so. The point being that by the time you get to the view layer (ie: a jsp that doesn't have _submit.jsp at the end), you don't do a redirect. You are depending on what is effectively a bug in Resin that has now been fixed in a newer version. You should modify your code to change that dependency because you can (and should) be doing it differently. jon On Thu, Mar 25, 2010 at 8:18 AM, Aaron Freeman aaron.free...@layerz.comwrote: It's not in the view layer. We segregate our controller JSPs from our view JSPs. So you will change your argument to say that we should not use JSPs at the control layer, and of course _most_ of our control logic is in pure Java, but there are cases where having our controller logic written in JSTL (and separated from other model/view JSP pages) is a substantial advantage for us. So the question still stands, is there a global way to change the commit point so we don't have to constantly reset a connection to clear the buffer? Aaron On 3/25/2010 10:02 AM, Jon Stevens wrote: This is why you don't put application logic into the view layer. Before you 'push' your data into the view, figure out if you want to do the redirect or not. jon On Thu, Mar 25, 2010 at 7:49 AM, Aaron Freeman aaron.free...@layerz.comwrote: We take some fairly lengthy queries (lengthy row based on row count), and push the data into hashmaps in JSTL pages. After that sometimes we evaluate the hashmap and sometimes have to redirect the request to another page. In 3.0.23 it works with no problems. In 4.0.5 we get java.lang.IllegalStateException: Can't sendRedirect() after data has committed to the client. The reason being, that the for loop is causing a ton of white space to be sent to be buffered up, and at some point a buffer size limit has been hit with only whitespace, causing Resin to then send the HTTP headers and commit the request. So in the for loop I can do this to fix the problem: c:forEach items=${requestScope.getRewriteUrlsQuery.rows} var=rewriteUrlsQuery % response.reset(); % /c:forEach The question is, is there a setting in the resin.xml where I can change the buffer size globally, or do we have to go to modify all JSPs that potentially have this problem? Was the default commit point changed between 3.0.x and 4.0.x, or some other architecture change, as we have never seen this until now?* * Thanks, Aaron* * ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
[Resin-interest] minor problem in 4.0.5 release notes
http://caucho.com/resin-4.0/changes/resin-4.0.5.xtp Under CDI and logging integration, it says ConsoleHandler and then gives an example for SocketHandler. jon ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] 4.0.0 on osx deploy problem
Yes, I can't remember what the solution was. =( Sorry! jon On Sat, Mar 20, 2010 at 2:16 AM, Rick Mann rm...@latencyzero.com wrote: John, did you ever find an answer to this? I'm getting it, too. On Jun 29, 2009, at 22:50:52, Jon Stevens wrote: Here is another problem. When deploying subetha on osx using the apple jdk 6, I get the stack trace below. When deplying subetha on osx using the landon fuller soylatte jdk, things work fine. I get a different set of errors using jdk5 which relate to the resin servlets apparently being compiled with jdk6. [16][ ~/checkout/resin-4.0.0 ]% ./bin/resin.sh Intentionally suppressing recursive invocation exception! java.lang.IllegalStateException: recursive invocation at java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1394) at java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1377) at sun.security.jca.ProviderConfig$1.run(ProviderConfig.java:64) at java.security.AccessController.doPrivileged(Native Method) at sun.security.jca.ProviderConfig.getLock(ProviderConfig.java:62) at sun.security.jca.ProviderConfig.getProvider(ProviderConfig.java:187) at sun.security.jca.ProviderList.getProvider(ProviderList.java:215) at sun.security.jca.ProviderList.getService(ProviderList.java:313) at sun.security.jca.GetInstance.getInstance(GetInstance.java:140) at java.security.cert.CertificateFactory.getInstance(CertificateFactory.java:148) at sun.security.pkcs.PKCS7.parseSignedData(PKCS7.java:244) at sun.security.pkcs.PKCS7.parse(PKCS7.java:141) at sun.security.pkcs.PKCS7.parse(PKCS7.java:110) at sun.security.pkcs.PKCS7.init(PKCS7.java:92) at sun.security.util.SignatureFileVerifier.init(SignatureFileVerifier.java:80) at java.util.jar.JarVerifier.processEntry(JarVerifier.java:256) at java.util.jar.JarVerifier.update(JarVerifier.java:188) at java.util.jar.JarFile.initializeVerifier(JarFile.java:321) at java.util.jar.JarFile.getInputStream(JarFile.java:386) at sun.misc.JarIndex.getJarIndex(JarIndex.java:99) at sun.misc.URLClassPath$JarLoader$1.run(URLClassPath.java:606) at java.security.AccessController.doPrivileged(Native Method) at sun.misc.URLClassPath$JarLoader.ensureOpen(URLClassPath.java:597) at sun.misc.URLClassPath$JarLoader.init(URLClassPath.java:581) at sun.misc.URLClassPath$3.run(URLClassPath.java:331) at java.security.AccessController.doPrivileged(Native Method) at sun.misc.URLClassPath.getLoader(URLClassPath.java:320) at sun.misc.URLClassPath.getLoader(URLClassPath.java:297) at sun.misc.URLClassPath.getResource(URLClassPath.java:167) at java.net.URLClassLoader$1.run(URLClassLoader.java:192) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at sun.misc.Launcher$ExtClassLoader.findClass(Launcher.java:244) at java.lang.ClassLoader.loadClass(ClassLoader.java:319) at java.lang.ClassLoader.loadClass(ClassLoader.java:309) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:330) at java.lang.ClassLoader.loadClass(ClassLoader.java:254) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:402) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:247) at java.lang.SystemClassLoaderAction.run(ClassLoader.java:2150) at java.security.AccessController.doPrivileged(Native Method) at java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1407) at java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1377) Intentionally suppressing recursive invocation exception! java.lang.IllegalStateException: recursive invocation at java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1394) at java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1377) at sun.security.jca.ProviderConfig$3.run(ProviderConfig.java:231) at java.security.AccessController.doPrivileged(Native Method) at sun.security.jca.ProviderConfig.doLoadProvider(ProviderConfig.java:225) at sun.security.jca.ProviderConfig.getProvider(ProviderConfig.java:205) at sun.security.jca.ProviderList.getProvider(ProviderList.java:215) at sun.security.jca.ProviderList.getService(ProviderList.java:313) at sun.security.jca.GetInstance.getInstance(GetInstance.java:140) at java.security.cert.CertificateFactory.getInstance(CertificateFactory.java:148) at sun.security.pkcs.PKCS7.parseSignedData(PKCS7.java:244) at sun.security.pkcs.PKCS7.parse(PKCS7.java:141) at sun.security.pkcs.PKCS7.parse(PKCS7.java:110) at sun.security.pkcs.PKCS7.init(PKCS7.java:92) at sun.security.util.SignatureFileVerifier.init
Re: [Resin-interest] the response time
Also, my point in mentioning an LB is that it should be done at the network level so as to not incur the same overhead of a reverse proxy like Apache (which is why this email started in the first place). At work we have zxtm connecting to jboss/tomcat which does well enough. Obviously if you are using the Resin-Apache module, then that is another story entirely as well. I assumed that the http layer in Resin is as good as Tomcat in terms of stability. If that is not the case, then you should be using the R-A module. jon On Sat, Jan 16, 2010 at 10:02 AM, Scott Hernandez scotthernan...@hotmail.com wrote: It depends on what your services, performance, and bandwidth requirements are. Anyway, there are (a few) options. ldirectord - (low level) http://linux.die.net/man/8/ldirectord balance -- (low level) http://www.inlab.de/balance.html trafficmanager -- (yahoo lb turned open-source) http://incubator.apache.org/projects/trafficserver.html zxtm -- (free/commercial) http://www.zeus.com/products/traffic-manager/index.html You can do this at the network level (MAC/IP) or application level (http, etc.). There are tons of reverse-proxies with load-balancing too. There is nothing wrong with using Apache and Resin, but people do use apache for things that aren't in its core set of features and then wonder why there are problems... On Sat, Jan 16, 2010 at 2:24 AM, Wesley Wu wumen...@gmail.com wrote: Hi Jon Scott, I don't like apache either but resin 4.0.2 cluster web-tier seems unstable for me. I've not tested the 4.0.3 cluster. My Apache config: ResinHost 192.168.1.4 6801 ResinBackup 192.168.1.5 6801 Which load balancer will be more appropriate for this usage? Thanks. ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Bean as HessianServices Breaks Injection
Given that we have a nice and fairly complex open source reference implementation application (subetha), it would be great if Scott (et. al) would test Resin 4.x releases against it. jon On Sat, Jan 16, 2010 at 6:47 PM, Scott Hernandez scotthernan...@hotmail.com wrote: I noticed when I registered my class as a HessianService it was no longer able to inject it. Is this an expected behavior? I am working against 4.0.3. BTW. You can reproduce all the problems I'm find using our resin4.0.3 branch of subetha - http://subetha.googlecode.com/svn/branches/resin4.0.3/. There are quite a few more things that seems broken I will post about when I have more time. Take a look at http://subetha.googlecode.com/svn/branches/resin4.0.3/src/org/subethamail/core/admin/ListWizardBean.java for an example bean that no longer works once I add this to our config: admin:ListWizardBeanresin:HessianService urlPattern=/api/ListWizard//admin:ListWizardBean -Scott ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] the response time
I don't understand why people still put their container behind apache. Unless you are using mod_rewrite or something like that, you don't need to do that. It isn't like apache somehow 'protects' resin from evil doers. If you need a load balancer, get a load balancer. jon On Fri, Jan 15, 2010 at 2:39 AM, long wang myim...@gmail.com wrote: Hi, there, I integrate resin with apache. My resin's version is 3.0.19 and apache is 2.0.59. I configured both of them to record the response time in microseconds(log format %D). But I found the time recorded by resin is much larger than apache. Sometimes it's hundreds of times larger. Does anyone know the reason? Regards, Ken ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] HempMemoryQueue Exception when synchronizing sessions between two nodes in a cluster
yep, i've had several conversations with the cto of terracotta and they are very on the ball about their products. jon On Thu, Dec 17, 2009 at 11:42 PM, Wesley Wu wumen...@gmail.com wrote: Thanks Jon, I'll definitely give terracotta a try. As far as I know, EHCache was a opensymphony project one or two years ago. I noticed that ehcache was acquired by terracotta and became a key component of terracotta. That's great! -Wesley ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] HempMemoryQueue Exception when synchronizing sessions between two nodes in a cluster
DO NOT USE JBOSS CACHE. Pile of shit. ehcache + terracotta (yes, there is an oss free version) = love. I'm not super clear on what you want, but it sounds like you want the TIM-MasterWorker (ExecutorService): http://forge.terracotta.org/releases/projects/tim-messaging/docs/about.html jon On Thu, Dec 17, 2009 at 11:51 AM, Wesley Wu wumen...@gmail.com wrote: So if I want my beans synchronized across the cluster, I have to use either JMS or some thirdparty cluster middleware like JBossCache? -Wesley ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] HempMemoryQueue Exception when synchronizing sessions between two nodes in a cluster
Yea, I've been using it for 3 years, clustered. I recently moved to ehcache and all my problems magically went away, I got way better JMX stats and performance increased. That and I configured ehcache in invalidation mode. WAAAY better than replication. jon On Thu, Dec 17, 2009 at 7:05 PM, Wesley Wu wumen...@gmail.com wrote: thanks Jon Jeff, lol, I'll take a serious look at ehcache + terracotta. I've used JBossCache for more than 2 years, but only on single JVM (not clustered). I might think the clustered cache should be working as they advertised. -Wesley 2009/12/18 Jeff Schnitzer j...@infohazard.org: I know that Jon has spent many, many days debugging and tuning JBoss Cache on a production cluster, so I'd endorse his review, despite the brashness. Jeff On Thu, Dec 17, 2009 at 3:37 PM, Jon Stevens latch...@gmail.com wrote: DO NOT USE JBOSS CACHE. Pile of shit. ehcache + terracotta (yes, there is an oss free version) = love. I'm not super clear on what you want, but it sounds like you want the TIM-MasterWorker (ExecutorService): http://forge.terracotta.org/releases/projects/tim-messaging/docs/about.html jon On Thu, Dec 17, 2009 at 11:51 AM, Wesley Wu wumen...@gmail.com wrote: So if I want my beans synchronized across the cluster, I have to use either JMS or some thirdparty cluster middleware like JBossCache? -Wesley ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Non-Hessian file store?
I haven't heard Rod's take on the matter (got url?), but then again I'm also not having problems with Hessian doing strange things to my objects. wink / jon On Thu, Aug 27, 2009 at 9:24 AM, Mattias Jiderhamn mj-li...@expertsystems.se wrote: Well, there are different opinions about DTOs too. I assume you've heard (Spring developer) Rod Johnsons take on the matter...? /Mattias Jon Stevens wrote (2009-08-27 17:35): Yea, just cause Hibernate has that feature doesn't mean it is a good feature. =) You may want to consider the DTO pattern... http://java.sun.com/blueprints/corej2eepatterns/Patterns/TransferObject.html I've found that over time, the pain of creating and dealing with DTO's is mitigated by the cleanliness of it and you don't run into weird issues like you are running into... jon On Thu, Aug 27, 2009 at 12:05 AM, Mattias Jiderhamn mj-li...@expertsystems.se wrote: http://docs.jboss.org/hibernate/stable/core/reference/en/html/transactions.html#transactions-basics-apptx Jon Stevens wrote (2009-08-26 21:48): You put Hibernate objects into the session? jon On Wed, Aug 26, 2009 at 8:37 AM, Mattias Jiderhamn mj-li...@expertsystems.se wrote: In Resin 4 persistent-store type=file seems to use Hessian for serializing the session values. This causes some trouble for us since Hessian in some cases tries to access uninitialized Hibernate collections after the session/transaction is closed. Is there a way to revert Resin 4 to the old behaviour...? -- /Mattias ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Non-Hessian file store?
You put Hibernate objects into the session? jon On Wed, Aug 26, 2009 at 8:37 AM, Mattias Jiderhamn mj-li...@expertsystems.se wrote: In Resin 4 persistent-store type=file seems to use Hessian for serializing the session values. This causes some trouble for us since Hessian in some cases tries to access uninitialized Hibernate collections after the session/transaction is closed. Is there a way to revert Resin 4 to the old behaviour...? -- /Mattias ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Limit data rate?
I wouldn't use Resin for that... I'd use apache2... and something like this... http://codee.pl/cband.html jon On Sat, Aug 22, 2009 at 10:44 PM, Rick Mann rm...@latencyzero.com wrote: Is there any way to configure resin to limit the rate at which it will send bits per resource? I have bandwidth limits on my server, and would be interested in slowing down the downloads of files (but not necessarily servlets). TIA, Rick ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Limit data rate?
If you want to limit the speed of a download, then write a filter to intercept the download and send out the data. It sends out X bytes of the file at a time and then waits X seconds before it sends another X bytes of the file and waits X seconds. read send wait read send wait ... ... jon On Sat, Aug 22, 2009 at 11:50 PM, Rick Mann rm...@latencyzero.com wrote: Thanks for the suggestion, but it's not really very helpful. I use Resin, and not Apache. On Aug 22, 2009, at 23:19:20, Jon Stevens wrote: I wouldn't use Resin for that... I'd use apache2... and something like this... http://codee.pl/cband.html jon On Sat, Aug 22, 2009 at 10:44 PM, Rick Mann rm...@latencyzero.com wrote: Is there any way to configure resin to limit the rate at which it will send bits per resource? I have bandwidth limits on my server, and would be interested in slowing down the downloads of files (but not necessarily servlets). TIA, Rick ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Limit data rate?
Hey Serge! You pretty much *have* to do this with an Input/OutputStream... jon On Sun, Aug 23, 2009 at 10:11 AM, Serge Knystautas ser...@lokitech.comwrote: You could also do this with an OutputStream. --Serge Knystautas PrestoSports On Aug 23, 2009, at 12:41 PM, Jon Stevens latch...@gmail.com wrote: If you want to limit the speed of a download, then write a filter to intercept the download and send out the data. It sends out X bytes of the file at a time and then waits X seconds before it sends another X bytes of the file and waits X seconds. read send wait read send wait ... ... jon On Sat, Aug 22, 2009 at 11:50 PM, Rick Mann rm...@latencyzero.com rm...@latencyzero.com wrote: Thanks for the suggestion, but it's not really very helpful. I use Resin, and not Apache. On Aug 22, 2009, at 23:19:20, Jon Stevens wrote: I wouldn't use Resin for that... I'd use apache2... and something like this... http://codee.pl/cband.htmlhttp://codee.pl/cband.html jon On Sat, Aug 22, 2009 at 10:44 PM, Rick Mann rm...@latencyzero.com rm...@latencyzero.com wrote: Is there any way to configure resin to limit the rate at which it will send bits per resource? I have bandwidth limits on my server, and would be interested in slowing down the downloads of files (but not necessarily servlets). TIA, Rick ___ resin-interest mailing list resin-interest@caucho.comresin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.comresin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.comresin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
[Resin-interest] 4.0.0 on osx deploy problem
Here is another problem. When deploying subetha on osx using the apple jdk 6, I get the stack trace below. When deplying subetha on osx using the landon fuller soylatte jdk, things work fine. I get a different set of errors using jdk5 which relate to the resin servlets apparently being compiled with jdk6. [16][ ~/checkout/resin-4.0.0 ]% ./bin/resin.sh Intentionally suppressing recursive invocation exception! java.lang.IllegalStateException: recursive invocation at java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1394) at java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1377) at sun.security.jca.ProviderConfig$1.run(ProviderConfig.java:64) at java.security.AccessController.doPrivileged(Native Method) at sun.security.jca.ProviderConfig.getLock(ProviderConfig.java:62) at sun.security.jca.ProviderConfig.getProvider(ProviderConfig.java:187) at sun.security.jca.ProviderList.getProvider(ProviderList.java:215) at sun.security.jca.ProviderList.getService(ProviderList.java:313) at sun.security.jca.GetInstance.getInstance(GetInstance.java:140) at java.security.cert.CertificateFactory.getInstance(CertificateFactory.java:148) at sun.security.pkcs.PKCS7.parseSignedData(PKCS7.java:244) at sun.security.pkcs.PKCS7.parse(PKCS7.java:141) at sun.security.pkcs.PKCS7.parse(PKCS7.java:110) at sun.security.pkcs.PKCS7.init(PKCS7.java:92) at sun.security.util.SignatureFileVerifier.init(SignatureFileVerifier.java:80) at java.util.jar.JarVerifier.processEntry(JarVerifier.java:256) at java.util.jar.JarVerifier.update(JarVerifier.java:188) at java.util.jar.JarFile.initializeVerifier(JarFile.java:321) at java.util.jar.JarFile.getInputStream(JarFile.java:386) at sun.misc.JarIndex.getJarIndex(JarIndex.java:99) at sun.misc.URLClassPath$JarLoader$1.run(URLClassPath.java:606) at java.security.AccessController.doPrivileged(Native Method) at sun.misc.URLClassPath$JarLoader.ensureOpen(URLClassPath.java:597) at sun.misc.URLClassPath$JarLoader.init(URLClassPath.java:581) at sun.misc.URLClassPath$3.run(URLClassPath.java:331) at java.security.AccessController.doPrivileged(Native Method) at sun.misc.URLClassPath.getLoader(URLClassPath.java:320) at sun.misc.URLClassPath.getLoader(URLClassPath.java:297) at sun.misc.URLClassPath.getResource(URLClassPath.java:167) at java.net.URLClassLoader$1.run(URLClassLoader.java:192) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at sun.misc.Launcher$ExtClassLoader.findClass(Launcher.java:244) at java.lang.ClassLoader.loadClass(ClassLoader.java:319) at java.lang.ClassLoader.loadClass(ClassLoader.java:309) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:330) at java.lang.ClassLoader.loadClass(ClassLoader.java:254) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:402) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:247) at java.lang.SystemClassLoaderAction.run(ClassLoader.java:2150) at java.security.AccessController.doPrivileged(Native Method) at java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1407) at java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1377) Intentionally suppressing recursive invocation exception! java.lang.IllegalStateException: recursive invocation at java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1394) at java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1377) at sun.security.jca.ProviderConfig$3.run(ProviderConfig.java:231) at java.security.AccessController.doPrivileged(Native Method) at sun.security.jca.ProviderConfig.doLoadProvider(ProviderConfig.java:225) at sun.security.jca.ProviderConfig.getProvider(ProviderConfig.java:205) at sun.security.jca.ProviderList.getProvider(ProviderList.java:215) at sun.security.jca.ProviderList.getService(ProviderList.java:313) at sun.security.jca.GetInstance.getInstance(GetInstance.java:140) at java.security.cert.CertificateFactory.getInstance(CertificateFactory.java:148) at sun.security.pkcs.PKCS7.parseSignedData(PKCS7.java:244) at sun.security.pkcs.PKCS7.parse(PKCS7.java:141) at sun.security.pkcs.PKCS7.parse(PKCS7.java:110) at sun.security.pkcs.PKCS7.init(PKCS7.java:92) at sun.security.util.SignatureFileVerifier.init(SignatureFileVerifier.java:80) at java.util.jar.JarVerifier.processEntry(JarVerifier.java:256) at java.util.jar.JarVerifier.update(JarVerifier.java:188) at java.util.jar.JarFile.initializeVerifier(JarFile.java:321) at java.util.jar.JarFile.getInputStream(JarFile.java:386) at sun.misc.JarIndex.getJarIndex(JarIndex.java:99) at sun.misc.URLClassPath$JarLoader$1.run(URLClassPath.java:606) at java.security.AccessController.doPrivileged(Native Method) at sun.misc.URLClassPath$JarLoader.ensureOpen(URLClassPath.java:597) at sun.misc.URLClassPath$JarLoader.init(URLClassPath.java:581) at sun.misc.URLClassPath$3.run(URLClassPath.java:331) at java.security.AccessController.doPrivileged(Native Method) at
[Resin-interest] 4.0.0 on osx make problem
Hi there, configure/make fails on osx 10.5.7 (64bit core 2 duo, macbook pro) [17][ ~/checkout/resin-4.0.0 ]% ./configure checking build system type... i386-apple-darwin9.7.0 checking host system type... i386-apple-darwin9.7.0 checking target system type... i386-apple-darwin9.7.0 checking for a BSD-compatible install... /opt/local/bin/ginstall -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /opt/local/bin/gmkdir -p checking for gawk... no checking for mawk... no checking for nawk... no checking for awk... awk checking whether make sets $(MAKE)... yes checking for gcc... gcc checking for C compiler default output file name... a.out checking whether the C compiler works... yes checking whether we are cross compiling... no checking for suffix of executables... checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ISO C89... none needed checking for style of include used by make... GNU checking dependency style of gcc... none checking for a sed that does not truncate output... /usr/bin/sed checking for grep that handles long lines and -e... /usr/bin/grep checking for egrep... /usr/bin/grep -E checking for ld used by gcc... /usr/libexec/gcc/i686-apple-darwin9/4.0.1/ld checking if the linker (/usr/libexec/gcc/i686-apple-darwin9/4.0.1/ld) is GNU ld... no checking for egrep... (cached) /usr/bin/grep -E checking how to run the C preprocessor... gcc -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking sys/poll.h usability... yes checking sys/poll.h presence... yes checking for sys/poll.h... yes checking sys/epoll.h usability... no checking sys/epoll.h presence... no checking for sys/epoll.h... no ROOT: ROOT2: /usr/local/resin ROOT3: /usr/local/resin checking for JAVA_HOME... /System/Library/Frameworks/JavaVM.framework/Home checking for /usr/libexec/gcc/i686-apple-darwin9/4.0.1/ld option to reload object files... -r checking for BSD-compatible nm... /usr/bin/nm -p checking whether ln -s works... yes checking how to recognize dependent libraries... pass_all checking dlfcn.h usability... yes checking dlfcn.h presence... yes checking for dlfcn.h... yes checking for g++... g++ checking whether we are using the GNU C++ compiler... yes checking whether g++ accepts -g... yes checking dependency style of g++... none checking how to run the C++ preprocessor... g++ -E checking for g77... no checking for xlf... no checking for f77... no checking for frt... no checking for pgf77... no checking for cf77... no checking for fort77... no checking for fl32... no checking for af77... no checking for xlf90... no checking for f90... no checking for pgf90... no checking for pghpf... no checking for epcf90... no checking for gfortran... no checking for g95... no checking for xlf95... no checking for f95... no checking for fort... no checking for ifort... no checking for ifc... no checking for efc... no checking for pgf95... no checking for lf95... no checking for ftn... no checking whether we are using the GNU Fortran 77 compiler... no checking whether accepts -g... no checking the maximum length of command line arguments... 196608 checking command to parse /usr/bin/nm -p output from gcc object... rm: conftest.dSYM: is a directory ok checking for objdir... .libs checking for ar... ar checking for ranlib... ranlib checking for strip... strip checking for dsymutil... dsymutil checking for nmedit... nmedit checking for -single_module linker flag... yes checking for -exported_symbols_list linker flag... yes rm: conftest.dSYM: is a directory checking if gcc supports -fno-rtti -fno-exceptions... no checking for gcc option to produce PIC... -fno-common checking if gcc PIC flag -fno-common works... yes checking if gcc static flag -static works... no checking if gcc supports -c -o file.o... yes checking whether the gcc linker (/usr/libexec/gcc/i686-apple-darwin9/4.0.1/ld) supports shared libraries... yes checking dynamic linker characteristics... darwin9.7.0 dyld checking how to hardcode library paths into programs... immediate checking whether stripping libraries is possible... yes checking if libtool supports shared libraries... yes checking whether to build shared libraries... yes checking whether to build static libraries... yes configure: creating libtool appending configuration tag CXX to libtool checking for ld used by g++... /usr/libexec/gcc/i686-apple-darwin9/4.0.1/ld checking if the linker (/usr/libexec/gcc/i686-apple-darwin9/4.0.1/ld) is GNU ld... no checking whether the g++ linker (/usr/libexec/gcc/i686-apple-darwin9/4.0.1/ld) supports shared libraries... yes checking for g++ option to produce PIC... -fno-common