RE: Question - Form Validation

2002-12-29 Thread Jacob Hookom 
Why not browse the Jakarta Validator libs?  They are integrated into
Struts.

-Original Message-
From: Turner, John [mailto:[EMAIL PROTECTED]] 
Sent: Saturday, December 28, 2002 11:59 PM
To: ''Tomcat Users List ' '
Subject: RE: Question - Form Validation

 
Hi -

I was researching this very topic as an extension to using regular
expressions for form validation, and I found this on sourceforge.  It
might
be worth a look:

http://formproc.sourceforge.net/

I've never used it, but I plan to give it a look later.

John

-Original Message-
From: Denise Mangano
To: 'Tomcat Users List '
Sent: 12/28/02 8:09 PM
Subject: RE: Question - Form Validation

Any web site references? I'm pressed for time so can't wait for item to
be
shipped and no local bookstores have it in stock...

Also, if I am to have my JSP form post back to itself to validate, I
would
need to employ Java Beans for this - is that correct?

Sorry - I'm a newbie :)

Thanks! 

-Original Message-
From: Paul Campbell
To: Tomcat Users List
Sent: 12/28/2002 3:29 PM
Subject: RE: Question - Form Validation

Advanced Java Server Pages by Geary (Prentice Hall 2001)

At 03:30 PM 12/28/2002 -0500, you wrote:
>It seems to me that Struts is more for large scale enterprise webapps.
>Eventually once my webapp is up and running in a production
environment, if
>our project seems to be more popular than expected, then updates will
be
>necessary and alternative approaches will be considered.
>
>In the meantime, our webapp is for less than medium size organization,
the
>site is pretty simple - just select the fee you are paying and provide
the
>cc info for processing - all this for a pretty stable number of users
(for
>the time being).
>
>Can anyone provide links to any resources for form validation with JSP
- not
>using Struts?  I have a couple of books, but none seem to go into
enough
>detail..
>
>Thanks :)
>Denise
>
>-Original Message-
>From: Noel J. Bergman
>To: Tomcat Users List
>Sent: 12/27/2002 11:34 PM
>Subject: RE: Question - Form Validation
>
>Denise,
>
>There are a number of ways to do it.  One is to build a Struts
>application.
>Another is to have the form post back to itself.  If it likes the form
>data
>(validates), then it can forward to the target page.  There are various
>other solutions.
>
>--- Noel
>
>
>--
>To unsubscribe, e-mail:
>
>For additional commands, e-mail:
>
>
>--
>To unsubscribe, e-mail:

>For additional commands, e-mail:



--
To unsubscribe, e-mail:

For additional commands, e-mail:


--
To unsubscribe, e-mail:

For additional commands, e-mail:


--
To unsubscribe, e-mail:

For additional commands, e-mail:



--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Where can I find a complete mod_jk2 howto?

2002-12-29 Thread Dave 
On Sun, 29 Dec 2002 01:01:54 -0500, you wroth:

I was, but just download mod_jk2 was not the end of the story,
there are a lot of .jar files I don't know where to download, 
there is why I start to compile it by myself.

I find there is a target named "compile.tomcat5" in /coyote/build.xml,
Does anyone know whether I can ignore it, because there is where the
bugs are.

Thanks
Dave

> 
>For what platform?  Environment?
>
>AFAIK, "native" and "native2" mean Apache version, not JK/JK2, but I could
>be wrong...its been awhile since I built any of the connectors.
>
>Have you looked for a binary for your platform?  That will be a lot easier.
>
>John
>
>
>-Original Message-
>From: Dave
>To: [EMAIL PROTECTED]
>Sent: 12/29/02 12:19 AM
>Subject: Where can I find a complete mod_jk2 howto?
>
>Hi list,
>
>Most of the information is about mod_jk.  Does
>anyone can point me to a complete mod_jk2 howto.
>Should I use "/jk/native" or "/jk/native2" to make
>mod_jk2?
>
>Thanks 
>Dave
>
>
>--
>To unsubscribe, e-mail:
>
>For additional commands, e-mail:
>



--
To unsubscribe, e-mail:   
For additional commands, e-mail:

mod_jk or mod_jk2 for a production site?

2002-12-29 Thread Dave 
Hi List,

Is mod_jk2 stable enough for a production site?

Dave


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: How to config mod_jk2 jni with JVM ?

2002-12-29 Thread Gery Kahn 
Anthony Marlowe wrote:

Hi Gery,

How is your workers2.properties and jk2.properties setup?

Here is a excerpt from my Apache2 error_log:

[Fri Dec 27 13:47:31 2002] [notice] workerEnv.init() ok  
/Library/Apache2/conf/workers2.properties
[Fri Dec 27 13:47:31 2002] [error] mod_jk child init 1 -2 can be ignored
[Fri Dec 27 13:47:31 2002] [notice] Loaded  org/apache/jk/apr/TomcatStarter
[Fri Dec 27 13:47:31 2002] [notice] jni.init() setting  
stdout=/Library/Apache2/logs/stdout.log...
[Fri Dec 27 13:47:31 2002] [notice] jni.init() setting  
stderr=/Library/Apache2/logs/stderr.log...
[Fri Dec 27 13:47:31 2002] [notice] jni.init() ARG start
[Fri Dec 27 13:47:31 2002] [notice] jni.init() calling main()...
[Fri Dec 27 13:47:31 2002] [notice] jni.validate() class=  
org/apache/jk/apr/TomcatStarter
[Fri Dec 27 13:47:31 2002] [notice] Loaded  org/apache/jk/apr/TomcatStarter

Apache2  stderr.log and stdout.log

TomcatStarter: main()
Try  org.apache.tomcat.startup.Main
Try  org.apache.catalina.startup.BootstrapService
Starting org.apache.catalina.startup.BootstrapService
Created catalinaLoader in:  
/Volumes/Java_Development/jakarta-tomcat-4.1.18/server/lib
[INFO] Registry - -Loading registry information
[INFO] Registry - -Creating new Registry instance
[INFO] Registry - -Creating MBeanServer
[INFO] AprImpl - -JK2: Initialized apr
[INFO] ChannelJni - -JK2: listening on channel.jni:jni
[INFO] ChannelSocket - -JK2: ajp13 listening on 0.0.0.0/0.0.0.0:8009
[INFO] JkMain - -Jk running ID=0 time=4/111   
config=/Volumes/Java_Development/jakarta-tomcat-4.1.18/conf/ jk2.properties

Bootstrap: Create Catalina server
StandardEngine[Tomcat-Apache]: setJvmRoute=jvm1
Bootstrap: Starting service
Starting service Tomcat-Apache
Apache Tomcat/4.1.18
Bootstrap: Service started
TomcatStarter: Done
Server 1.6 is running
Press [Ctrl]+[C] to abort
Bootstrap: Stopping service
Stopping service Tomcat-Apache
Bootstrap: Service stopped
TomcatStarter: Done

Regards,

Tony






On Friday, Dec 27, 2002, at 15:19 Europe/Berlin, Gery Kahn wrote:

Anthony Marlowe wrote:


Hi Gery,[Fri Dec 27 13:47:31 2002] [notice] workerEnv.init() ok  
/Library/Apache2/conf/workers2.properties



I using Apache 2.0.43 with mod_jk2 and tomcat 4.1.18
You need to set the following in your workers2.properties:
[vm:]
info=Parameters used to load a JVM in the server process
JVM=this has to point to your JVM. you will probably need the  
complete  patch and not $JAVA_HOME...
OPT=-Djava.class.path=/Volumes/Java_Development/jakarta-tomcat- 
4.1.18/  
bin/tomcat-jni.jar:/Volumes/Java_Development/jakarta-tomcat-4.1.18/ 
bin/  
bootstrap.jar:/Volumes/Java_Development/jakarta-tomcat-4.1.18/server/  
lib/commons-logging.jar
OPT=-Dtomcat.home=/Volumes/Java_Development/jakarta-tomcat-4.1.18
OPT=-Dcatalina.home=/Volumes/Java_Development/jakarta-tomcat-4.1.18
OPT=-Xmx256M
#OPT=-Djava.compiler=NONE
disabled=0
Regards,
Tony
On Friday, Dec 27, 2002, at 13:39 Europe/Berlin, Gery Kahn wrote:

I have linux redhat 7.3, tomcat 4.1.17, apache 1.3.27 with mod_jk2
and jdk 1.4.1_01

How am i configure jni with JVM?
My apache refuses to startup JVM ?



--
To unsubscribe, e-mail: 

For additional commands, e-mail:   


--
To unsubscribe, e-mail:

For additional commands, e-mail:  


i did like you said and got jk2.log with follows :

[Fri Dec 27 16:17:53 2002] ( info ) [jk_vm_default.c (500)]   
vm.init(): Jni lib:  
/usr/java/j2sdk1.4.1_01/jre/lib/i386/client/libjvm.so
[Fri Dec 27 16:17:53 2002] (emerg ) [jk_vm_default.c (600)]  Fail->  
could not create JVM, code: -1



--
To unsubscribe, e-mail:

For additional commands, e-mail:  




Well.
My jk2.properties file only have follows:

handler.list=apr,request,channelJni
apr.jniModeSo=inprocess

The workers2.properties have:

[logger]
level=DEBUG

[config:]
file=${serverRoot}/conf/workers2.properties
debug=2
debugEnv=0

[uriMap:]
info=Maps the requests. Options: debug
debug=0

d[shm:]
info=Scoreboard. Required for reconfiguration and status with 
multiprocess servers
file=${serverRoot}/logs/jk2.shm
size=100
debug=0
disabled=0

[workerEnv:]
info=Global server options
timing=1
debug=0

[channel.jni:jni]
info=The jni channel, used if tomcat is started inprocess

[vm:]
info=Parameters used to load a JVM in the server process
JVM=/usr/java/j2sdk1.4.1_01/jre/lib/i386/client/libjvm.so
OPT=-Djava.class.path=/var/tomcat4/bin/tomcat-jni.jar:/var/tomcat4/bin/bootstrap.jar:/var/tomcat4/server/lib/commons-logging.jar
OPT=-Djava.library.path=/usr/java/j2sdk1.4.1_01/jre/lib:/usr/java/j2sdk1.4.1_01/jre/lib/i386:/usr/java/j2sdk1.4.1_01/jre/lib/i386/client
OPT=-Dtomcat.home=/var/tomcat4
OPT=-Dcatalina.home=/var/tomcat4
OPT=-Xmx256M
debug=99
disabled=0

[worker.jni:onStartup]
info=Command to be executed by the VM on startup. This one will start 
tomcat.
class=org/apache/jk/apr/TomcatStarter
AR

RE: mod_jk or mod_jk2 for a production site?

2002-12-29 Thread Mladen Turk 

> From: Dave
> 
> Hi List,
> 
> Is mod_jk2 stable enough for a production site?
> 

It's running ArcIMS on a live site (WIN2K + IIS) using inprocess JNI
with average 10K hits per day, for more then a month without reboot.

MT.

 


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

RE: SSL hangs on Tomcat 4.1.18

2002-12-29 Thread mech 
I was just trying around with minProcessors="1" and maxProcessors="2"

Although I get this warnings quite easily (just 2 or 3 browser windows
are enough), after one request (really slow) is completed the next
request is processed. So obviously the threads must have been reused.
If I set acceptCount="1" the browser comes up with page not found if all
threads are in use.

Maybe play around with the acceptCount setting. Even If your load is
low, some "nervous" user might keep clicking on https links, if the page
is not loading quickly enough.
I wonder not to see an "connectionTimeout" attribut? I set to 2 for
http and https (default should be 6 according to documentation).
Maybe that makes a difference, too?

By the way I encountered the following exception, if I stress test too
much:

---

Caught exception executing
org.apache.tomcat.util.net.TcpWorkerThread@c62080, terminating thread
org.apache.commons.logging.LogConfigurationException:
org.apache.commons.logging.LogConfigurationException:
org.apache.commons.logging.LogConfigurationException: Class
org.apache.commons.logging.impl.Jdk14Logger does not implement Log
at
org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImp
l.java:555)
at
org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImp
l.java:289)
at
org.apache.commons.logging.LogFactory.getLog(LogFactory.java:409)
at
org.apache.tomcat.util.log.CommonLogHandler.log(CommonLogHandler.java:97
)
at org.apache.tomcat.util.log.Log.log(Log.java:198)
at org.apache.tomcat.util.log.Log.log(Log.java:192)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.log(PoolTcpEndpoint.java:427)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:51
0)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
.java:530)
at java.lang.Thread.run(Thread.java:536)
Caused by: org.apache.commons.logging.LogConfigurationException:
org.apache.commons.logging.LogConfigurationException: Class
org.apache.commons.logging.impl.Jdk14Logger does not implement Log
at
org.apache.commons.logging.impl.LogFactoryImpl.getLogConstructor(LogFact
oryImpl.java:420)
at
org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImp
l.java:548)
... 9 more
Caused by: org.apache.commons.logging.LogConfigurationException: Class
org.apache.commons.logging.impl.Jdk14Logger does not implement Log
at
org.apache.commons.logging.impl.LogFactoryImpl.getLogConstructor(LogFact
oryImpl.java:416)
... 10 more

---

Class "org.apache.commons.loggin.impl.Jdk14Logger does not implement
Log" ??? BTW why doesn't it implement "Log", guess it should, shouldn't
it?



--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Configure jk with jni under apachw 1.3.27

2002-12-29 Thread Gery Kahn 
Well. I have this error about not finding JNIEndpoint class

[Sun Dec 29 14:40:08 2002]  [jk_jni_worker.c (796)]: Into load_jvm_dll, 
load /usr/java/j2sdk1.4.1_01/jre/lib/i386/client/libjvm.so
[Sun Dec 29 14:40:08 2002]  [jk_jni_worker.c (812)]: In load_jvm_dll, 
symbols resolved, done
[Sun Dec 29 14:40:08 2002]  [jk_jni_worker.c (923)]: Into detect_jvm_version
[Sun Dec 29 14:40:08 2002]  [jk_jni_worker.c (934)]: In 
detect_jvm_version, found: 10002, done
[Sun Dec 29 14:40:08 2002]  [jk_jni_worker.c (992)]: Into open_jvm2
[Sun Dec 29 14:40:08 2002]  [jk_jni_worker.c (1002)]: In open_jvm2, 
setting classpath to 
/var/tomcat4/bin/tomcat-jni.jar:/var/tomcat4/bin/bootstrap.jar
[Sun Dec 29 14:40:08 2002]  [jk_jni_worker.c (1046)]: In open_jvm2, the 
JVM will ignore unknown options
[Sun Dec 29 14:40:08 2002]  [jk_jni_worker.c (1053)]: In open_jvm2, 
about to create JVM...
[Sun Dec 29 14:40:08 2002]  [jk_jni_worker.c (1078)]: In open_jvm2, JVM 
created, done
[Sun Dec 29 14:40:08 2002]  [jk_jni_worker.c (1095)]: Into get_bridge_object
[Sun Dec 29 14:40:08 2002]  [jk_jni_worker.c (1123)]: Can't find class 
org/apache/tomcat/modules/server/JNIEndpoint
[Sun Dec 29 14:40:08 2002]  [jk_jni_worker.c (488)]: Fail-> can't get 
bridge object
[Sun Dec 29 14:40:08 2002]  [jk_jni_worker.c (1261)]: In 
detach_from_jvm, detached ok

Which jar to add or any other ideas?


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Tomcat log entries

2002-12-29 Thread Laszlo Nadai 
I am fairly new to Tomcat, scripts, etc.
I found the following and similar entries in my access log file:

64.160.45.159 - - [28/Dec/2002:15:00:17 -0800] "GET
/scripts/root.exe?/c+dir HTTP/1.0" 404 624
64.160.45.159 - - [28/Dec/2002:15:00:17 -0800] "GET
/MSADC/root.exe?/c+dir HTTP/1.0" 404 618
64.160.45.159 - - [28/Dec/2002:15:00:17 -0800] "GET
/c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 648
64.160.45.159 - - [28/Dec/2002:15:00:18 -0800] "GET
/d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 648
64.160.45.159 - - [28/Dec/2002:15:00:19 -0800] "GET
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 718
64.160.45.159 - - [28/Dec/2002:15:00:19 -0800] "GET
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 687
64.160.45.159 - - [28/Dec/2002:15:00:19 -0800] "GET
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 687
64.160.45.159 - - [28/Dec/2002:15:00:20 -0800] "GET
/scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 721
64.160.45.159 - - [28/Dec/2002:15:00:20 -0800] "GET
/scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 715
64.160.45.159 - - [28/Dec/2002:16:01:56 -0800] "GET
/scripts/root.exe?/c+dir HTTP/1.0" 404 624
64.160.45.159 - - [28/Dec/2002:16:01:56 -0800] "GET
/MSADC/root.exe?/c+dir HTTP/1.0" 404 618
64.160.45.159 - - [28/Dec/2002:16:01:58 -0800] "GET
/c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 648
64.160.45.159 - - [28/Dec/2002:16:02:00 -0800] "GET
/d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 648
64.160.45.159 - - [28/Dec/2002:16:02:04 -0800] "GET
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 718
64.160.45.159 - - [28/Dec/2002:16:02:06 -0800] "GET
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 687
64.160.45.159 - - [28/Dec/2002:16:02:07 -0800] "GET
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 687
64.160.45.159 - - [28/Dec/2002:16:02:09 -0800] "GET
/scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 721
64.160.45.159 - - [28/Dec/2002:16:02:10 -0800] "GET
/scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 715
64.165.213.97 - - [28/Dec/2002:16:38:12 -0800] "GET
/scripts/root.exe?/c+dir HTTP/1.0" 404 624
64.165.213.97 - - [28/Dec/2002:16:38:16 -0800] "GET
/MSADC/root.exe?/c+dir HTTP/1.0" 404 618
64.165.213.97 - - [28/Dec/2002:16:38:20 -0800] "GET
/c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 648
64.165.213.97 - - [28/Dec/2002:16:38:24 -0800] "GET
/d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 648

Can someone tell me what someone else was trying to do?
Based on the log, should I change any settings in my config?

Thanks,
laszlo


-
[This E-mail scanned for viruses by declude AntiVirus Software]


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

RE: Question - Form Validation

2002-12-29 Thread Turner, John 
 
Thanks for the tip...didn't know anything about them.  I found that FormProc
package while investigating Jakarta Regexp.

As an aside, is there a need for Regexp or ORO now that J2SE 1.4 has
java.util.regex?  I'm no regexp guru by any means, I'm just curious.  My
development skills are bad enough without having to worry about keeping
track of packages/libraries that aren't part of J2SE/J2EE.

John


-Original Message-
From: Jacob Hookom
To: 'Tomcat Users List'
Sent: 12/29/02 3:05 AM
Subject: RE: Question - Form Validation

Why not browse the Jakarta Validator libs?  They are integrated into
Struts.

-Original Message-
From: Turner, John [mailto:[EMAIL PROTECTED]] 
Sent: Saturday, December 28, 2002 11:59 PM
To: ''Tomcat Users List ' '
Subject: RE: Question - Form Validation

 
Hi -

I was researching this very topic as an extension to using regular
expressions for form validation, and I found this on sourceforge.  It
might
be worth a look:

http://formproc.sourceforge.net/

I've never used it, but I plan to give it a look later.

John

-Original Message-
From: Denise Mangano
To: 'Tomcat Users List '
Sent: 12/28/02 8:09 PM
Subject: RE: Question - Form Validation

Any web site references? I'm pressed for time so can't wait for item to
be
shipped and no local bookstores have it in stock...

Also, if I am to have my JSP form post back to itself to validate, I
would
need to employ Java Beans for this - is that correct?

Sorry - I'm a newbie :)

Thanks! 

-Original Message-
From: Paul Campbell
To: Tomcat Users List
Sent: 12/28/2002 3:29 PM
Subject: RE: Question - Form Validation

Advanced Java Server Pages by Geary (Prentice Hall 2001)

At 03:30 PM 12/28/2002 -0500, you wrote:
>It seems to me that Struts is more for large scale enterprise webapps.
>Eventually once my webapp is up and running in a production
environment, if
>our project seems to be more popular than expected, then updates will
be
>necessary and alternative approaches will be considered.
>
>In the meantime, our webapp is for less than medium size organization,
the
>site is pretty simple - just select the fee you are paying and provide
the
>cc info for processing - all this for a pretty stable number of users
(for
>the time being).
>
>Can anyone provide links to any resources for form validation with JSP
- not
>using Struts?  I have a couple of books, but none seem to go into
enough
>detail..
>
>Thanks :)
>Denise
>
>-Original Message-
>From: Noel J. Bergman
>To: Tomcat Users List
>Sent: 12/27/2002 11:34 PM
>Subject: RE: Question - Form Validation
>
>Denise,
>
>There are a number of ways to do it.  One is to build a Struts
>application.
>Another is to have the form post back to itself.  If it likes the form
>data
>(validates), then it can forward to the target page.  There are various
>other solutions.
>
>--- Noel
>
>
>--
>To unsubscribe, e-mail:
>
>For additional commands, e-mail:
>
>
>--
>To unsubscribe, e-mail:

>For additional commands, e-mail:



--
To unsubscribe, e-mail:

For additional commands, e-mail:


--
To unsubscribe, e-mail:

For additional commands, e-mail:


--
To unsubscribe, e-mail:

For additional commands, e-mail:



--
To unsubscribe, e-mail:

For additional commands, e-mail:


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

RE: Where can I find a complete mod_jk2 howto?

2002-12-29 Thread Turner, John 
 
Let's take a step back.

You don't need to build any JAR files to use JK2 (or JK).  Support for both
is included in Tomcat 4 via the default CoyoteConnector.  Check server.xml.
Thus, with a binary install of Tomcat, you are all set.  If you are trying
to build everything from source (including Tomcat), let us know that.

The only thing you need "extra" for either JK or JK2 is the Apache module,
and binaries are available for both of them.  If you decide to build the
Apache modules for either JK or JK2, all you need to build is mod_jk.so or
mod_jk2.so for your appropriate Apache version.

I had lots of problems with ant trying to build things in the past couple of
months...I used to be a build-from-source-no-matter-what person, but that
stance has mellowed a bit for Tomcat-oriented tasks.  Grabbing the binaries
is much quicker.

John

-Original Message-
From: Dave
To: Tomcat Users List
Sent: 12/29/02 3:22 AM
Subject: Re: Where can I find a complete mod_jk2 howto?

On Sun, 29 Dec 2002 01:01:54 -0500, you wroth:

I was, but just download mod_jk2 was not the end of the story,
there are a lot of .jar files I don't know where to download, 
there is why I start to compile it by myself.

I find there is a target named "compile.tomcat5" in /coyote/build.xml,
Does anyone know whether I can ignore it, because there is where the
bugs are.

Thanks
Dave

> 
>For what platform?  Environment?
>
>AFAIK, "native" and "native2" mean Apache version, not JK/JK2, but I
could
>be wrong...its been awhile since I built any of the connectors.
>
>Have you looked for a binary for your platform?  That will be a lot
easier.
>
>John
>
>
>-Original Message-
>From: Dave
>To: [EMAIL PROTECTED]
>Sent: 12/29/02 12:19 AM
>Subject: Where can I find a complete mod_jk2 howto?
>
>Hi list,
>
>Most of the information is about mod_jk.  Does
>anyone can point me to a complete mod_jk2 howto.
>Should I use "/jk/native" or "/jk/native2" to make
>mod_jk2?
>
>Thanks 
>Dave
>
>
>--
>To unsubscribe, e-mail:
>
>For additional commands, e-mail:
>



--
To unsubscribe, e-mail:

For additional commands, e-mail:


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

RE: apache and tomcat

2002-12-29 Thread Jianping Zhu 


How can i set up the environment varible JAVA_HOME for apache tomcat in
redhat linux 7.1
with bash shell?

thanks 


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Where can I find a complete mod_jk2 howto?

2002-12-29 Thread Dave 
On Sun, 29 Dec 2002 08:55:57 -0500, you wroth:

I think I know what you means, building from source isn't a
good idea for tomcat.

Thanks
Dave
> 
>Let's take a step back.
>
>You don't need to build any JAR files to use JK2 (or JK).  Support for both
>is included in Tomcat 4 via the default CoyoteConnector.  Check server.xml.
>Thus, with a binary install of Tomcat, you are all set.  If you are trying
>to build everything from source (including Tomcat), let us know that.
>
>The only thing you need "extra" for either JK or JK2 is the Apache module,
>and binaries are available for both of them.  If you decide to build the
>Apache modules for either JK or JK2, all you need to build is mod_jk.so or
>mod_jk2.so for your appropriate Apache version.
>
>I had lots of problems with ant trying to build things in the past couple of
>months...I used to be a build-from-source-no-matter-what person, but that
>stance has mellowed a bit for Tomcat-oriented tasks.  Grabbing the binaries
>is much quicker.
>
>John
>
>-Original Message-
>From: Dave
>To: Tomcat Users List
>Sent: 12/29/02 3:22 AM
>Subject: Re: Where can I find a complete mod_jk2 howto?
>
>On Sun, 29 Dec 2002 01:01:54 -0500, you wroth:
>
>I was, but just download mod_jk2 was not the end of the story,
>there are a lot of .jar files I don't know where to download, 
>there is why I start to compile it by myself.
>
>I find there is a target named "compile.tomcat5" in /coyote/build.xml,
>Does anyone know whether I can ignore it, because there is where the
>bugs are.
>
>Thanks
>Dave
>
>> 
>>For what platform?  Environment?
>>
>>AFAIK, "native" and "native2" mean Apache version, not JK/JK2, but I
>could
>>be wrong...its been awhile since I built any of the connectors.
>>
>>Have you looked for a binary for your platform?  That will be a lot
>easier.
>>
>>John
>>
>>
>>-Original Message-
>>From: Dave
>>To: [EMAIL PROTECTED]
>>Sent: 12/29/02 12:19 AM
>>Subject: Where can I find a complete mod_jk2 howto?
>>
>>Hi list,
>>
>>Most of the information is about mod_jk.  Does
>>anyone can point me to a complete mod_jk2 howto.
>>Should I use "/jk/native" or "/jk/native2" to make
>>mod_jk2?
>>
>>Thanks 
>>Dave
>>
>>
>>--
>>To unsubscribe, e-mail:
>>
>>For additional commands, e-mail:
>>
>
>
>
>--
>To unsubscribe, e-mail:
>
>For additional commands, e-mail:
>



--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: SSL hangs on Tomcat 4.1.18

2002-12-29 Thread Remy Maucherat 
mech wrote:

I was just trying around with minProcessors="1" and maxProcessors="2"

Although I get this warnings quite easily (just 2 or 3 browser windows
are enough), after one request (really slow) is completed the next
request is processed. So obviously the threads must have been reused.
If I set acceptCount="1" the browser comes up with page not found if all
threads are in use.

Maybe play around with the acceptCount setting. Even If your load is
low, some "nervous" user might keep clicking on https links, if the page
is not loading quickly enough.
I wonder not to see an "connectionTimeout" attribut? I set to 2 for
http and https (default should be 6 according to documentation).
Maybe that makes a difference, too?

By the way I encountered the following exception, if I stress test too
much:


I don't know why you get that exception, but if you actually get it, 
then the root cause should be that something went bad during the socket 
accept.
Standard socket processing is obviously better tested than SSL sockets, 
so I doubt this happens; could you debug this further, and give more 
details ?

It would be a good idea to test stability with PureTLS or the newest 
JSSE (that might help if the problems come from JSSE from JDK 1.4).

Remy


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

RE: SSL hangs on Tomcat 4.1.18

2002-12-29 Thread mech 
That's my Tomcat 4.1.18 server.xml used for testing. Running on Win98,
JDK 1.4.1b21



Tried it again, after a while of "wild and crazy" clicking in my Mozilla
and IE simultaniously and loading/waiting for https resources to be
loaded on my localhost (sometimes the request stall because of to much
load):

Caught exception executing
org.apache.tomcat.util.net.TcpWorkerThread@497062, terminating thread
org.apache.commons.logging.LogConfigurationException:
org.apache.commons.logging.LogConfigurationException:
org.apache.commons.logging.LogConfigurationException: Class
org.apache.commons.logging.impl.Jdk14Logger does not implement Log
at
org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImp
l.java:555)
at
org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImp
l.java:289)
at
org.apache.commons.logging.LogFactory.getLog(LogFactory.java:409)
at
org.apache.tomcat.util.log.CommonLogHandler.log(CommonLogHandler.java:97
)
at org.apache.tomcat.util.log.Log.log(Log.java:198)
at org.apache.tomcat.util.log.Log.log(Log.java:192)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.log(PoolTcpEndpoint.java:427)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:51
0)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
.java:530)
at java.lang.Thread.run(Thread.java:536)
Caused by: org.apache.commons.logging.LogConfigurationException:
org.apache.commons.logging.LogConfigurationException: Class
org.apache.commons.logging.impl.Jdk14Logger does not implement Log
at
org.apache.commons.logging.impl.LogFactoryImpl.getLogConstructor(LogFact
oryImpl.java:420)
at
org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImp
l.java:548)
... 9 more
Caused by: org.apache.commons.logging.LogConfigurationException: Class
org.apache.commons.logging.impl.Jdk14Logger does not implement Log
at
org.apache.commons.logging.impl.LogFactoryImpl.getLogConstructor(LogFact
oryImpl.java:416)
... 10 more





> I don't know why you get that exception, but if you actually get it, 
> then the root cause should be that something went bad during 
> the socket 
> accept.
I think I saw some error about sockets, too. But couldn't reproduce it
now. Maybe mixed it up. The only thing I can definitely reproduce as
often as I try is the above setting leading to those exceptions.
> Standard socket processing is obviously better tested than 
> SSL sockets, 
> so I doubt this happens; could you debug this further, and give more 
> details ?

Stopping service Tomcat-Standalone
29.12.2002 18:08:12 org.apache.tomcat.util.log.CommonLogHandler log
SCHWERWIEGEND: Caught exception executing
org.apache.tomcat.util.net.TcpWorkerThread@497062, terminating thread
java.lang.IllegalStateException
at
org.apache.tomcat.util.threads.ThreadPool.runIt(ThreadPool.java:245)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:50
3)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
.java:530)
at java.lang.Thread.run(Thread.java:536)

> 
> It would be a good idea to test stability with PureTLS or the newest 
> JSSE (that might help if the problems come from JSSE from JDK 1.4).
> 
Actually this all was just a simple test myself. I didn't experience
problems with ssl under normal "setting". This thing with processors 1-2
was just a test I wouldn't do in real life.

My advice: Simply don't try those stupid settings. I wouldn't even know
where to start debugging more. I'm happy if everything works with the
default setup ;-)

> Remy
> 


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Is session id guaranteed to be unique?

2002-12-29 Thread Tim Funk 
See this thread for more information:

http://marc.theaimsgroup.com/?l=tomcat-dev&m=104072138429223&w=2


Glenn Olander wrote:

Yes, it should be rare. We observed it once under heavy system load, but 
haven't been
able to reproduce it. For our app however (or any security-sensitive 
app), this could have
serious security consequences, so we'd like to ensure it never happens.

Craig, if you're around, I'm guessing the check was removed for 
performance reasons?
I verified that there is no check for uniqueness by using my own random 
number
generator which always returns the same sequence of bytes.
Any advice on how to enforce uniqueness other than replacing 
StandardManager
with a manager of our own?

Note that this issue should be independent of the seeding algorithm. 
Regardless of
how the seed is derived, it would still be possible for the random
number generator to produce a session id which matches one which is already
in use, thus effectively giving one user access to another user's session.

- Glenn


Turner, John wrote:



I guess that depends on your definition of "guaranteed".  I happened 
to be
researching this very question earlier today, and I ended up at this URL:

http://w6.metronet.com/~wjm/tomcat/2001/Sep/msg00544.html

According to that (though it is over a year old), Tomcat 4 uses
java.security.SecureRandom to generate session ids.  The seeding 
algorithm
is a combination of things, so I guess its possible that there be 
identical
session ids, but my guess is it would be unbelievably rare.

John

-Original Message-
From: Glenn O
To: Tomcat Users List
Sent: 12/28/02 10:48 PM
Subject: Is session id guaranteed to be unique?


I'm tracking down a problem which only occurs rarely, but has the 
symptom that when I attach
data to one session, it appears to mistakenly become attached to another

session. It is almost as if
tomcat is generating two sessions which have the same session id.

I'm looking at the tomcat source for createSession() in 
ManagerBase.java, and I notice this code is
commented out:

  }
  /*
  synchronized (sessions) {
  while (sessions.get(sessionId) != null)// Guarantee 
uniqueness
  sessionId = generateSessionId();
  }
  */
  session.setId(sessionId);


Does that mean tomcat could occasionally produce duplicate session id's?

 




--
To unsubscribe, e-mail:   

For additional commands, e-mail: 






--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Special character in file name

2002-12-29 Thread Arcadius A. 
Hello!

I'm having a strange problem.

In my JSP, I have the following code :

 

My trouble is that the image doesn't show in tomcat  (see
http://ahouans.sh.cvut.cz:8080/test/test.jsp  ) ... but the image is on the
server (see  http://ahouans.sh.cvut.cz/test/test.jsp )

I have notced the following:

 The image does not display at all when the image name contains the
character  "+" and that the server is not accessed through port 80 (so the
trouble comes up Only when Tomcat is used in standalone mode... see
http://ahouans.sh.cvut.cz:8080/test/test.jsp [this is the standalone mode]
vs.  http://ahouans.sh.cvut.cz/test/test.jsp  [apache+tomcat] ...note that
we are accessing the same file through different ports )

I have the same problem with both tomcat 3.2 and 4.1.

Is there anything I am doing wrong?
Note that the files are uploaded on the server and I cannot tell the
people not to use special characters in their file name.

Thanks

Arcadius.





--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Is session id guaranteed to be unique?

2002-12-29 Thread Jason Pyeron 

should the source not be patched?

how inefficient would collision detection be?
best case it would be a HashSet.contains and the storage for the set

-jason pyeron

On Sun, 29 Dec 2002, Tim Funk wrote:

See this thread for more information:

http://marc.theaimsgroup.com/?l=tomcat-dev&m=104072138429223&w=2


Glenn Olander wrote:
> Yes, it should be rare. We observed it once under heavy system load, but 
> haven't been
> able to reproduce it. For our app however (or any security-sensitive 
> app), this could have
> serious security consequences, so we'd like to ensure it never happens.
> 
> Craig, if you're around, I'm guessing the check was removed for 
> performance reasons?
> I verified that there is no check for uniqueness by using my own random 
> number
> generator which always returns the same sequence of bytes.
> Any advice on how to enforce uniqueness other than replacing 
> StandardManager
> with a manager of our own?
> 
> Note that this issue should be independent of the seeding algorithm. 
> Regardless of
> how the seed is derived, it would still be possible for the random
> number generator to produce a session id which matches one which is already
> in use, thus effectively giving one user access to another user's session.
> 
> - Glenn
> 
> 
> Turner, John wrote:
> 
>>
>>
>> I guess that depends on your definition of "guaranteed".  I happened 
>> to be
>> researching this very question earlier today, and I ended up at this URL:
>>
>> http://w6.metronet.com/~wjm/tomcat/2001/Sep/msg00544.html
>>
>> According to that (though it is over a year old), Tomcat 4 uses
>> java.security.SecureRandom to generate session ids.  The seeding 
>> algorithm
>> is a combination of things, so I guess its possible that there be 
>> identical
>> session ids, but my guess is it would be unbelievably rare.
>>
>> John
>>
>> -Original Message-
>> From: Glenn O
>> To: Tomcat Users List
>> Sent: 12/28/02 10:48 PM
>> Subject: Is session id guaranteed to be unique?
>>
>>
>> I'm tracking down a problem which only occurs rarely, but has the 
>> symptom that when I attach
>> data to one session, it appears to mistakenly become attached to another
>>
>> session. It is almost as if
>> tomcat is generating two sessions which have the same session id.
>>
>> I'm looking at the tomcat source for createSession() in 
>> ManagerBase.java, and I notice this code is
>> commented out:
>>
>>   }
>>   /*
>>   synchronized (sessions) {
>>   while (sessions.get(sessionId) != null)// Guarantee 
>> uniqueness
>>   sessionId = generateSessionId();
>>   }
>>   */
>>   session.setId(sessionId);
>>
>>
>> Does that mean tomcat could occasionally produce duplicate session id's?
>>
>>  
>>
> 
> 
> 
> -- 
> To unsubscribe, e-mail:   
> 
> For additional commands, e-mail: 
> 
> 
> 
> 


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 


-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-   -
- Jason Pyeron   http://www.pyerotechnics.com   -
- Owner & Lead  Pyerotechnics Development, Inc. -
- +1 410 808 6646 (c)   500 West University Parkway #1S -
- +1 410 467 2266 (f)   Baltimore, Maryland  21210-3253 -
-   -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.




--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Re: Is session id guaranteed to be unique?

2002-12-29 Thread Glenn Olander 
Thanks. I installed my own Manager with a fix similar to yours and it 
seems to solve
the problem (I used a contrived Random class to generate duplicate 
session id's).

This certainly sounds like a serious bug to me. If there's a mechanism 
in place to
warn tomcat users about security problems, I'd recommend doing so, in 
addition
to applying the patch. Speaking of which, I may be wrong, but I don't 
think your
patch is quite right. You'll need to append the jvmRoute _before_ doing the
sessions.get() call, and again each time inside the loop. In other 
words, I believe
it should look like this:

   String sessionId = generateSessionId();
   String jvmRoute = getJvmRoute();
   // @todo Move appending of jvmRoute generateSessionId()???
   if (jvmRoute != null) {
   sessionId += '.' + jvmRoute;
   }
  
   synchronized (sessions) {
   while (sessions.get(sessionId) != null){// Guarantee 
uniqueness
   log("Found duplicate session id, getting a new one.");
   sessionId = generateSessionId();
   if (jvmRoute != null) {
   sessionId += '.' + jvmRoute;
   }
   }
   }
  
   session.setId(sessionId);

   return (session);

- Glenn


Tim Funk wrote:

See this thread for more information:

http://marc.theaimsgroup.com/?l=tomcat-dev&m=104072138429223&w=2





--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Is session id guaranteed to be unique?

2002-12-29 Thread Glenn Olander 
Glenn Olander wrote:


to applying the patch. Speaking of which, I may be wrong, but I don't 
think your
patch is quite right. You'll need to append the jvmRoute _before_ doing the 



Never mind, I see you moved the appending into generateSessionId().

- Glenn



--
To unsubscribe, e-mail:   
For additional commands, e-mail:

RE: apache and tomcat

2002-12-29 Thread Turner, John 

At a command prompt:

JAVA_HOME=/some/path/to/JDK; export JAVA_HOME

Test it at a command prompt:

  echo $JAVA_HOME

That will be valid for that login session only.  If you need it for every
login session, you'll want to put it in your login scripts.  If you want it
available for everyone, all the time, the best place to put that might be
/etc/profile. If you put it in scripts, put "export JAVA_HOME" on a separate
line.

John

-Original Message-
From: Jianping Zhu [mailto:[EMAIL PROTECTED]] 
Sent: Sunday, December 29, 2002 11:30 AM
To: Tomcat Users List
Cc: [EMAIL PROTECTED]
Subject: RE: apache and tomcat 




How can i set up the environment varible JAVA_HOME for apache tomcat in
redhat linux 7.1 with bash shell?

thanks 


--
To unsubscribe, e-mail:

For additional commands, e-mail:


---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.419 / Virus Database: 235 - Release Date: 11/13/2002
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.419 / Virus Database: 235 - Release Date: 11/13/2002
 

--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Help: logging fails under mod_jk

2002-12-29 Thread Rob Cartier 
I have a very simple peice of code that is in my jsp

<%
System.out.println("JSP==> " + request.getRemoteUser() + "|" +
request.getRequestURI()
+ "|" + request.getRemoteAddr() + "|" + new java.util.Date().toString()
+ "|" + request.getHeader("User-Agent") );
%>

This worked fine under mod_webapp but no generates some really weird results
when I switched over to mod_jk

I get

JSP==> null|ml PUBLIC "-//W3C//DTD HTML 4.01|ansitional/|Sun Dec 29
13:50:10 EST 2002|  
 null|/fsa/index.jsp|192.168.1.2|Thu Dec 26 18:35:43 EST
2002|Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Q312461)

any ideas would be really helpful

Otherwise it appears my mod_jk is working ??


Rob



--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Tomcat Ant custom taks

2002-12-29 Thread Gee Jee 
Hi,

I've been sort of using the Tomcat library for Ant custom tasks. I got some of 
it to work by using the information on the Tomcat website. However, I did not 
find a consise overview of this library. Is this available somewhere? It 
seems very useful as a part of my build scripts. 

Gerard Janssen

--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Please Help me

2002-12-29 Thread Manoj Tyagi 
Hi,
I am new to this mailing list and Posting for the first time.
I have a prob. using Tomcat 4.0 on Win ME system with Apache 
My Apache is configured on port 80 properly and working fine.
I am Developing Sites in PHP and Its working fine with Apache.
 
Now I Installed Tomcat 4.0 on my system for JSP Support.
Tomcat is working fine seperately, When i use it on Port 8080

Now i want to invoke the JSP Support from Apache. 
I have been advised to Copy the ApacheModuleJserv.dll  in the Apache's Modules 
Directory and to include the following line in httpd.conf

LoadModule jserv_module modules/ApacheModuleJServ.dll 

I have done that.

I searched on net, and got that everytime Tomcat will generate the tomcat-apache.conf  
file in the conf directory of tomcat. It is advised to include the following line in 
the httpd.conf 

include "c:\tomcat\conf\tomcat-apache.conf"

My Tomcat is working fine, but there is no configuration file in the directory.


Please help me to come out with this prob.

Regards


Manoj Tyagi

Problems starting up...

2002-12-29 Thread mia isabelle 
 
Hi,

I can't get the Tomcat server to start. I used the startup.bat, setclasspath.bat, 
catalina.bat with the following configuration:

Using CATALINA_BASE: d:\tomcat41

Using CATALINA_HOME: d:\tomcat41

Using CATALINA_TMPDIR: d:\tomcat41\temp

Using JAVA_HOME: D:\jdk1.3

When it executes the last line : %_EXECJAVA% %JAVA_OPTS% -Xdebug 
-Xrunjdwp:transport=dt_shmem,address=jdbconn,server=y,suspend=n 
-Djava.endorsed.dirs="%JAVA_ENDORSED_DIRS%" -classpath "%CLASSPATH%" 
-Dcatalina.base="%CATALINA_BASE%" -Dcatalina.home="%CATALINA_HOME%" 
-Djava.io.tmpdir="%CATALINA_TMPDIR%" %MAINCLASS% %ACTION%

I got the followings:

Exception in thread "main" java.lang.NoClassDefFoundError: org/xml/sax/InputSource

at java.lang.Class.newInstance0(Native Method)

at java.lang.Class.newInstance(Class.java:237)

at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:179)

Similarly, if I use the configuration from the Start menu: D:\jdk1.3\bin\java.exe -jar 
-Duser.dir="d:\Tomcat41" "d:\Tomcat41\bin\bootstrap.jar" start, it gave me the same 
thing as the above.

Can someone point out where I could get the "org/xml/sax/InputSource"?

Thanks in advance,

Mia

 Yahoo! Travel
- Get the latest travel deals in town!

Tomcat 5.0 alpha where are you?

2002-12-29 Thread grenoml 
I wanted to test out Tomcat 5.0 alpha but I can't find any links on the
Jakarta Tomcat website anywhere where I can download a 5.0 build.  Is
this a secret or what?



__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

--
To unsubscribe, e-mail:   
For additional commands, e-mail:

RE: Tomcat 5.0 alpha where are you?

2002-12-29 Thread Rafael Fernandez 
Look for it here:
http://jakarta.apache.org/builds/jakarta-tomcat/release/v5.0.0-alpha/bin
/


-Original Message-
From: grenoml [mailto:[EMAIL PROTECTED]] 
Sent: Sunday, December 29, 2002 6:31 PM
To: [EMAIL PROTECTED]
Subject: Tomcat 5.0 alpha where are you?

I wanted to test out Tomcat 5.0 alpha but I can't find any links on the
Jakarta Tomcat website anywhere where I can download a 5.0 build.  Is
this a secret or what?



__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

--
To unsubscribe, e-mail:

For additional commands, e-mail:






--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Tomcat log entries

2002-12-29 Thread Bill Barker 
This is simply some Windows server that is infected with the Nimbda Worm
looking for a new place to crawl to.  It only infects non-patched IIS
servers, so for Tomcat stand-alone or Apache, you can safely ignore it.

"Laszlo Nadai" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am fairly new to Tomcat, scripts, etc.
> I found the following and similar entries in my access log file:
>
> 64.160.45.159 - - [28/Dec/2002:15:00:17 -0800] "GET
> /scripts/root.exe?/c+dir HTTP/1.0" 404 624
> 64.160.45.159 - - [28/Dec/2002:15:00:17 -0800] "GET
> /MSADC/root.exe?/c+dir HTTP/1.0" 404 618
> 64.160.45.159 - - [28/Dec/2002:15:00:17 -0800] "GET
> /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 648
> 64.160.45.159 - - [28/Dec/2002:15:00:18 -0800] "GET
> /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 648
> 64.160.45.159 - - [28/Dec/2002:15:00:19 -0800] "GET
> /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 718
> 64.160.45.159 - - [28/Dec/2002:15:00:19 -0800] "GET
> /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 687
> 64.160.45.159 - - [28/Dec/2002:15:00:19 -0800] "GET
> /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 687
> 64.160.45.159 - - [28/Dec/2002:15:00:20 -0800] "GET
> /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 721
> 64.160.45.159 - - [28/Dec/2002:15:00:20 -0800] "GET
> /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 715
> 64.160.45.159 - - [28/Dec/2002:16:01:56 -0800] "GET
> /scripts/root.exe?/c+dir HTTP/1.0" 404 624
> 64.160.45.159 - - [28/Dec/2002:16:01:56 -0800] "GET
> /MSADC/root.exe?/c+dir HTTP/1.0" 404 618
> 64.160.45.159 - - [28/Dec/2002:16:01:58 -0800] "GET
> /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 648
> 64.160.45.159 - - [28/Dec/2002:16:02:00 -0800] "GET
> /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 648
> 64.160.45.159 - - [28/Dec/2002:16:02:04 -0800] "GET
> /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 718
> 64.160.45.159 - - [28/Dec/2002:16:02:06 -0800] "GET
> /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 687
> 64.160.45.159 - - [28/Dec/2002:16:02:07 -0800] "GET
> /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 687
> 64.160.45.159 - - [28/Dec/2002:16:02:09 -0800] "GET
> /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 721
> 64.160.45.159 - - [28/Dec/2002:16:02:10 -0800] "GET
> /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 715
> 64.165.213.97 - - [28/Dec/2002:16:38:12 -0800] "GET
> /scripts/root.exe?/c+dir HTTP/1.0" 404 624
> 64.165.213.97 - - [28/Dec/2002:16:38:16 -0800] "GET
> /MSADC/root.exe?/c+dir HTTP/1.0" 404 618
> 64.165.213.97 - - [28/Dec/2002:16:38:20 -0800] "GET
> /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 648
> 64.165.213.97 - - [28/Dec/2002:16:38:24 -0800] "GET
> /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 648
>
> Can someone tell me what someone else was trying to do?
> Based on the log, should I change any settings in my config?
>
> Thanks,
> laszlo
>
>
> -
> [This E-mail scanned for viruses by declude AntiVirus Software]





--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Please Help me

2002-12-29 Thread Bill Barker 
JServ is deprecated, and AFAIK, not supported at all for Tomcat 4.x.  Since
you are running under Windows, mod_webapp isn't an option.  You'll need to
get the mod_jk connector from
http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk/release/v1.2.2
/.

"Manoj Tyagi" <[EMAIL PROTECTED]> wrote in message
000f01c2af27$0a531e80$0200a8c0@rps">news:000f01c2af27$0a531e80$0200a8c0@rps...
Hi,
I am new to this mailing list and Posting for the first time.
I have a prob. using Tomcat 4.0 on Win ME system with Apache
My Apache is configured on port 80 properly and working fine.
I am Developing Sites in PHP and Its working fine with Apache.

Now I Installed Tomcat 4.0 on my system for JSP Support.
Tomcat is working fine seperately, When i use it on Port 8080

Now i want to invoke the JSP Support from Apache.
I have been advised to Copy the ApacheModuleJserv.dll  in the Apache's
Modules Directory and to include the following line in httpd.conf

LoadModule jserv_module modules/ApacheModuleJServ.dll

I have done that.

I searched on net, and got that everytime Tomcat will generate the
tomcat-apache.conf  file in the conf directory of tomcat. It is advised to
include the following line in the httpd.conf

include "c:\tomcat\conf\tomcat-apache.conf"

My Tomcat is working fine, but there is no configuration file in the
directory.


Please help me to come out with this prob.

Regards


Manoj Tyagi








--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Problems starting up...

2002-12-29 Thread Bill Barker 

"mia isabelle" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>
> Hi,
>
> I can't get the Tomcat server to start. I used the startup.bat,
setclasspath.bat, catalina.bat with the following configuration:
>
> Using CATALINA_BASE: d:\tomcat41
>
> Using CATALINA_HOME: d:\tomcat41
>
> Using CATALINA_TMPDIR: d:\tomcat41\temp
>
> Using JAVA_HOME: D:\jdk1.3
>
> When it executes the last line : %_EXECJAVA%
%JAVA_OPTS% -Xdebug -Xrunjdwp:transport=dt_shmem,address=jdbconn,server=y,su
spend=n -Djava.endorsed.dirs="%JAVA_ENDORSED_DIRS%" -classpath
"%CLASSPATH%" -Dcatalina.base="%CATALINA_BASE%" -Dcatalina.home="%CATALINA_H
OME%" -Djava.io.tmpdir="%CATALINA_TMPDIR%" %MAINCLASS% %ACTION%
>
> I got the followings:
>
> Exception in thread "main" java.lang.NoClassDefFoundError:
org/xml/sax/InputSource
>
> at java.lang.Class.newInstance0(Native Method)
>
> at java.lang.Class.newInstance(Class.java:237)
>
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:179)
>
> Similarly, if I use the configuration from the Start menu:
D:\jdk1.3\bin\java.exe -jar -Duser.dir="d:\Tomcat41"
"d:\Tomcat41\bin\bootstrap.jar" start, it gave me the same thing as the
above.
>
> Can someone point out where I could get the "org/xml/sax/InputSource"?

It should be in the xerces jars, which should be living in
$CATALINA_HOME/common/endorsed, which should be what JAVA_ENDORSED_DIRS is
set to.

If you find which of these isn't true on your system, you've probably solved
your problem :).

>
> Thanks in advance,
>
> Mia
>
> Yahoo! Travel
> - Get the latest travel deals in town!





--
To unsubscribe, e-mail:   
For additional commands, e-mail:

[ANNOUNCE] BasicPortal 0.7k available on SourceForge

2002-12-29 Thread John Menke 
The BasicPortal Project has released version 0.7k.  BasicPortal is a Struts
based application that can help your developers get a head start on their
Portal development.  Setup the database and deploy the .war and you are
ready to go!

Version 0.7k contains:

- ability to add content to comments
- contact manager module
- task manager module
- email module
- custom DAO
- secure modules

The BasicPortal application can be customized for use in your company.

Any questions on BasicPortal should be directed to the MVC Progammers
list -- [EMAIL PROTECTED]


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Where can I find a complete mod_jk2 howto?

2002-12-29 Thread Bill Barker 
Building from source really isn't that bad.  Granted, I haven't managed to
get the Ant build to work for Jk2, but if you're GNU tools are sufficiently
up-to-date (e.g. Make, AutoConfig, LibTool), then using 'buildconf.sh' and
'configure' is reasonably painless to build the mod_jk2 native code.  The
mod_jk module (aka 'native') is more forgiving of older versions of the GNU
stuff.


"Dave" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
On Sun, 29 Dec 2002 08:55:57 -0500, you wroth:

I think I know what you means, building from source isn't a
good idea for tomcat.

Thanks
Dave
>
>Let's take a step back.
>
>You don't need to build any JAR files to use JK2 (or JK).  Support for both
>is included in Tomcat 4 via the default CoyoteConnector.  Check server.xml.
>Thus, with a binary install of Tomcat, you are all set.  If you are trying
>to build everything from source (including Tomcat), let us know that.
>
>The only thing you need "extra" for either JK or JK2 is the Apache module,
>and binaries are available for both of them.  If you decide to build the
>Apache modules for either JK or JK2, all you need to build is mod_jk.so or
>mod_jk2.so for your appropriate Apache version.
>
>I had lots of problems with ant trying to build things in the past couple
of
>months...I used to be a build-from-source-no-matter-what person, but that
>stance has mellowed a bit for Tomcat-oriented tasks.  Grabbing the binaries
>is much quicker.
>
>John
>
>-Original Message-
>From: Dave
>To: Tomcat Users List
>Sent: 12/29/02 3:22 AM
>Subject: Re: Where can I find a complete mod_jk2 howto?
>
>On Sun, 29 Dec 2002 01:01:54 -0500, you wroth:
>
>I was, but just download mod_jk2 was not the end of the story,
>there are a lot of .jar files I don't know where to download,
>there is why I start to compile it by myself.
>
>I find there is a target named "compile.tomcat5" in /coyote/build.xml,
>Does anyone know whether I can ignore it, because there is where the
>bugs are.
>
>Thanks
>Dave
>
>>
>>For what platform?  Environment?
>>
>>AFAIK, "native" and "native2" mean Apache version, not JK/JK2, but I
>could
>>be wrong...its been awhile since I built any of the connectors.
>>
>>Have you looked for a binary for your platform?  That will be a lot
>easier.
>>
>>John
>>
>>
>>-Original Message-
>>From: Dave
>>To: [EMAIL PROTECTED]
>>Sent: 12/29/02 12:19 AM
>>Subject: Where can I find a complete mod_jk2 howto?
>>
>>Hi list,
>>
>>Most of the information is about mod_jk.  Does
>>anyone can point me to a complete mod_jk2 howto.
>>Should I use "/jk/native" or "/jk/native2" to make
>>mod_jk2?
>>
>>Thanks
>>Dave
>>
>>
>>--
>>To unsubscribe, e-mail:
>>
>>For additional commands, e-mail:
>>
>
>
>
>--
>To unsubscribe, e-mail:
>
>For additional commands, e-mail:
>





--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Is session id guaranteed to be unique?

2002-12-29 Thread Bill Barker 

"Jason Pyeron" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>
> should the source not be patched?

IMHO, the source should be patched.  As a result, Tim's patch will be in the
4.1.19 release.

>
> how inefficient would collision detection be?
> best case it would be a HashSet.contains and the storage for the set
>
> -jason pyeron
>
> On Sun, 29 Dec 2002, Tim Funk wrote:
>
> See this thread for more information:
>
> http://marc.theaimsgroup.com/?l=tomcat-dev&m=104072138429223&w=2
>
>
> Glenn Olander wrote:
> > Yes, it should be rare. We observed it once under heavy system load, but
> > haven't been
> > able to reproduce it. For our app however (or any security-sensitive
> > app), this could have
> > serious security consequences, so we'd like to ensure it never happens.
> >
> > Craig, if you're around, I'm guessing the check was removed for
> > performance reasons?
> > I verified that there is no check for uniqueness by using my own random
> > number
> > generator which always returns the same sequence of bytes.
> > Any advice on how to enforce uniqueness other than replacing
> > StandardManager
> > with a manager of our own?
> >
> > Note that this issue should be independent of the seeding algorithm.
> > Regardless of
> > how the seed is derived, it would still be possible for the random
> > number generator to produce a session id which matches one which is
already
> > in use, thus effectively giving one user access to another user's
session.
> >
> > - Glenn
> >
> >
> > Turner, John wrote:
> >
> >>
> >>
> >> I guess that depends on your definition of "guaranteed".  I happened
> >> to be
> >> researching this very question earlier today, and I ended up at this
URL:
> >>
> >> http://w6.metronet.com/~wjm/tomcat/2001/Sep/msg00544.html
> >>
> >> According to that (though it is over a year old), Tomcat 4 uses
> >> java.security.SecureRandom to generate session ids.  The seeding
> >> algorithm
> >> is a combination of things, so I guess its possible that there be
> >> identical
> >> session ids, but my guess is it would be unbelievably rare.
> >>
> >> John
> >>
> >> -Original Message-
> >> From: Glenn O
> >> To: Tomcat Users List
> >> Sent: 12/28/02 10:48 PM
> >> Subject: Is session id guaranteed to be unique?
> >>
> >>
> >> I'm tracking down a problem which only occurs rarely, but has the
> >> symptom that when I attach
> >> data to one session, it appears to mistakenly become attached to
another
> >>
> >> session. It is almost as if
> >> tomcat is generating two sessions which have the same session id.
> >>
> >> I'm looking at the tomcat source for createSession() in
> >> ManagerBase.java, and I notice this code is
> >> commented out:
> >>
> >>   }
> >>   /*
> >>   synchronized (sessions) {
> >>   while (sessions.get(sessionId) != null)// Guarantee
> >> uniqueness
> >>   sessionId = generateSessionId();
> >>   }
> >>   */
> >>   session.setId(sessionId);
> >>
> >>
> >> Does that mean tomcat could occasionally produce duplicate session
id's?
> >>
> >>
> >>
> >
> >
> >
> > --
> > To unsubscribe, e-mail:
> > 
> > For additional commands, e-mail:
> > 
> >
> >
> >
>
>
> --
> To unsubscribe, e-mail:

> For additional commands, e-mail:

>
>
> --
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> -   -
> - Jason Pyeron   http://www.pyerotechnics.com   -
> - Owner & Lead  Pyerotechnics Development, Inc. -
> - +1 410 808 6646 (c)   500 West University Parkway #1S -
> - +1 410 467 2266 (f)   Baltimore, Maryland  21210-3253 -
> -   -
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
>
> This message is for the designated recipient only and may contain
> privileged, proprietary, or otherwise private information. If you
> have received it in error, purge the message from your system and
> notify the sender immediately.  Any other use of the email by you
> is prohibited.





--
To unsubscribe, e-mail:   
For additional commands, e-mail:

application context loaded twice

2002-12-29 Thread Mohan Radhakrishnan 
Hi,
   Why would



 load my application context twice?

My listener is called twice while the following line



loads it only once.

   What am I  missing ? Appreciate help.

Mohan

--
To unsubscribe, e-mail:   
For additional commands, e-mail:

RE: Where can I find a complete mod_jk2 howto?

2002-12-29 Thread Turner, John 
 
Well, I hope you're around next week when I get back to my desk.  ;)

I tried building JK from the 1.2.2 source before I left for the holidays and
had zero result.  Everything ran beautifully, no error messages that I could
see either on the screen or in the configure log, yet after running 'make'
and 'make install' I didn't have a mod_jk.so file anywhere on my system.  It
was very perplexing!

John

-Original Message-
From: Bill Barker
To: [EMAIL PROTECTED]
Sent: 12/29/02 9:38 PM
Subject: Re: Where can I find a complete mod_jk2 howto?

Building from source really isn't that bad.  Granted, I haven't managed
to
get the Ant build to work for Jk2, but if you're GNU tools are
sufficiently
up-to-date (e.g. Make, AutoConfig, LibTool), then using 'buildconf.sh'
and
'configure' is reasonably painless to build the mod_jk2 native code.
The
mod_jk module (aka 'native') is more forgiving of older versions of the
GNU
stuff.


"Dave" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
On Sun, 29 Dec 2002 08:55:57 -0500, you wroth:

I think I know what you means, building from source isn't a
good idea for tomcat.

Thanks
Dave
>
>Let's take a step back.
>
>You don't need to build any JAR files to use JK2 (or JK).  Support for
both
>is included in Tomcat 4 via the default CoyoteConnector.  Check
server.xml.
>Thus, with a binary install of Tomcat, you are all set.  If you are
trying
>to build everything from source (including Tomcat), let us know that.
>
>The only thing you need "extra" for either JK or JK2 is the Apache
module,
>and binaries are available for both of them.  If you decide to build
the
>Apache modules for either JK or JK2, all you need to build is mod_jk.so
or
>mod_jk2.so for your appropriate Apache version.
>
>I had lots of problems with ant trying to build things in the past
couple
of
>months...I used to be a build-from-source-no-matter-what person, but
that
>stance has mellowed a bit for Tomcat-oriented tasks.  Grabbing the
binaries
>is much quicker.
>
>John
>
>-Original Message-
>From: Dave
>To: Tomcat Users List
>Sent: 12/29/02 3:22 AM
>Subject: Re: Where can I find a complete mod_jk2 howto?
>
>On Sun, 29 Dec 2002 01:01:54 -0500, you wroth:
>
>I was, but just download mod_jk2 was not the end of the story,
>there are a lot of .jar files I don't know where to download,
>there is why I start to compile it by myself.
>
>I find there is a target named "compile.tomcat5" in /coyote/build.xml,
>Does anyone know whether I can ignore it, because there is where the
>bugs are.
>
>Thanks
>Dave
>
>>
>>For what platform?  Environment?
>>
>>AFAIK, "native" and "native2" mean Apache version, not JK/JK2, but I
>could
>>be wrong...its been awhile since I built any of the connectors.
>>
>>Have you looked for a binary for your platform?  That will be a lot
>easier.
>>
>>John
>>
>>
>>-Original Message-
>>From: Dave
>>To: [EMAIL PROTECTED]
>>Sent: 12/29/02 12:19 AM
>>Subject: Where can I find a complete mod_jk2 howto?
>>
>>Hi list,
>>
>>Most of the information is about mod_jk.  Does
>>anyone can point me to a complete mod_jk2 howto.
>>Should I use "/jk/native" or "/jk/native2" to make
>>mod_jk2?
>>
>>Thanks
>>Dave
>>
>>
>>--
>>To unsubscribe, e-mail:
>>
>>For additional commands, e-mail:
>>
>
>
>
>--
>To unsubscribe, e-mail:
>
>For additional commands, e-mail:
>





--
To unsubscribe, e-mail:

For additional commands, e-mail:


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

RE: Servlet/Session/Attribute Listeners not very useful ?

2002-12-29 Thread Mohan Radhakrishnan 
Hi,
   We implement session timeout by writing a filter.

   We have a requirement to put user configurable reports into the session.
Now if the user object ( a small container with a profile ) in the session
is bound we need to load previously configured reports into the session.

   They seem to be quite useful from the business logic perspective. We too
get exceptions but my filter should block the app. before these happen.

Mohan

-Original Message-
From: Jon Eaves [mailto:[EMAIL PROTECTED]]
Sent: Saturday, December 28, 2002 5:38 PM
To: Tomcat Users List
Subject: Servlet/Session/Attribute Listeners not very useful ?


Hi all,

Can anybody tell me what possible use these particular interfaces
are ?

After thinking that they would be a good idea to use for web app
session management enhancements (session timeout etc) it turns out
that the invocations of valueUnbound(), sessionDestroyed(),
attributeRemoved() all occur _after_ the event has occurred, and
the values that would possibly be useful are all gone throwning
IllegalStateExceptions left right and centre.

What gives ? Did the Servlet Spec people have some other use for
these Interfaces that I'm not smart enough to work out, or are
they only useful for printing "object added|removed|replaced"
without being able to actually obtain the object?

The specifications for 2.4 for javax.servlet.http.HttpSession
still say the same things as 2.3, and if implemented in the
same way don't appear to be useful at all

Or is there some special magic that I'm not invoking the right
way ?

Help me, I'm confused ..

Cheers,
-- jon

-- 
Jon Eaves <[EMAIL PROTECTED]>
http://www.eaves.org/jon/


--
To unsubscribe, e-mail:

For additional commands, e-mail:


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

RE: Struts - XML/XSL

2002-12-29 Thread Schnitzer, Jeff 
Take a look at the Maverick MVC framework (http://mav.sourceforge.net).  It is 
Struts-like in concept, but you can run any model through an arbitrary pipeline of 
XSLT (and several other) transformations in Cocoon-like fashion.  The pipeline will be 
efficiently connected with SAX events if appropriate.  As an example, you can easily 
run your model through an XSLT transformation and then through a FOP transformation to 
send PDF back to the client.

Using the optional Domify module, you don't even need JSP to generate the XML in the 
first place.  The Domify adapter uses reflection to create a lazily-loaded DOM façade 
of your model directly.  This is much more efficient than generating and parsing text 
XML.

Try it out :-)

Jeff Schnitzer

> -Original Message-
> From: Puneet Agarwal [mailto:[EMAIL PROTECTED]]
> Sent: Friday, December 27, 2002 11:16 AM
> To: [EMAIL PROTECTED]
> Subject: Struts - XML/XSL
> 
> I know that this topic has been dicsussed in this forum a number
> of times.
> I came to know this from mail archives, but my question still
> remains unanswered.
> 
> In our application we have to generate some XML documents apart
>  from HTML screens.
> The intent here is to send these XML documents to a Swing client
> through a socket.
> 
> there is also a possibility that some of the screens may be
> required in both HTML and Swing.
> 
> I have been searching for information on this for past few days.
> 
> one of the nice option that I cam acorss is described on URL
> 
> http://www.javaworld.com/javaworld/jw-02-2002/jw-0201-strutsxslt.html
> 
> while going through the struts mail archives, I came acorss a mail
> written by Craig on 06/12/2000
> 
> the mail can be accessed on link
> 
> http://www.servlets.com/archive/servlet/ReadMsg?msgId=18247&listName=strut
> s-dev
> 
> Here Craig talks about developing some facility within struts
> which could do the same.
> 
> Does struts have such a facility.
> 
> Would be grateful if someone cuold give some tips/links, which
> could help me in deciding as what is the best option.
> 
> 
> Regards
> Puneet Agarwal
> 
> --
> To unsubscribe, e-mail:    [EMAIL PROTECTED]>
> For additional commands, e-mail:  [EMAIL PROTECTED]>
> 


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

RE: Servlet/Session/Attribute Listeners not very useful ?

2002-12-29 Thread Jason Jonas - ATTBI 
Jon,

I've used the SessionListener interface once to write usage stats to a
database when a user logs out explicitly or implicitly when the
session times out. Haven't used it since and not too sure if I would
again. However, the mechanism worked well enough to satisfy our
requirement.

If you're trying to access your application objects bound into the
session, perhaps you could wrap them in a single application object.
While this is a kludge, it means the object references are readily
available and would eliminate the IllegalStateExceptions you're
encountering now. Just a thought.

Jason

-Original Message-
From: Jon Eaves [mailto:[EMAIL PROTECTED]]
Sent: Saturday, December 28, 2002 6:08 AM
To: Tomcat Users List
Subject: Servlet/Session/Attribute Listeners not very useful ?

Hi all,

Can anybody tell me what possible use these particular interfaces
are ?

After thinking that they would be a good idea to use for web app
session management enhancements (session timeout etc) it turns out
that the invocations of valueUnbound(), sessionDestroyed(),
attributeRemoved() all occur _after_ the event has occurred, and
the values that would possibly be useful are all gone throwning
IllegalStateExceptions left right and centre.

What gives ? Did the Servlet Spec people have some other use for
these Interfaces that I'm not smart enough to work out, or are
they only useful for printing "object added|removed|replaced"
without being able to actually obtain the object?

The specifications for 2.4 for javax.servlet.http.HttpSession
still say the same things as 2.3, and if implemented in the
same way don't appear to be useful at all

Or is there some special magic that I'm not invoking the right
way ?

Help me, I'm confused ..

Cheers,
-- jon

--
Jon Eaves <[EMAIL PROTECTED]>
http://www.eaves.org/jon/


--
To unsubscribe, e-mail:

For additional commands, e-mail:




--
To unsubscribe, e-mail:   
For additional commands, e-mail:

can not find any file

2002-12-29 Thread Wyman Chan 
Hi all,

I can not find any file to download in
http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk2/release/v2.0.
2/bin/linux/, anyone have idea about it?

Thanks in advance!

Regards,
Wyman.



--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Servlet/Session/Attribute Listeners not very useful ?

2002-12-29 Thread Jon Eaves 
Jason Jonas - ATTBI wrote:

Jon,


Hi Jason,



I've used the SessionListener interface once to write usage stats to a
database when a user logs out explicitly or implicitly when the
session times out. Haven't used it since and not too sure if I would
again. However, the mechanism worked well enough to satisfy our
requirement.


Yeah. That is also a use. Again, it's "anonymous" in that you can't
identify exactly what session expired, just that a session expired.



If you're trying to access your application objects bound into the
session, perhaps you could wrap them in a single application object.
While this is a kludge, it means the object references are readily
available and would eliminate the IllegalStateExceptions you're
encountering now. Just a thought.


It's more that I want to "clean up" some application wide data
when the session expires. I can't even work out how to map the
session that has just expired to anything useful either. If I
could get the "session id of the session that expired" then it
could store the information in application scope and use the ID
as a key.

From my reading of the Servlet Specs and the API documentation it
appears that the intention of the expert group was along those
lines, but it doesn't seem to have carried through in the
implementation.

"SRV.10.7 Session Events
Listener classes provide the developer with a way of tracking sessions
within a web application. ... session became invalid because the
container timed out the session, or because a web component .. called
the invalidate() method. The disctinction may be determined indirectly
using listeners and the HTTPSession API methods"

and

javax.servlet.http.HttpSessionListener

public void sessionDestroyed(HttpSessionEvent se)

Notification that a session was invalidated.

javax.servlet.http.HttpSessionEvent only has 1 method, to get the
session. Which at that time is invalid.

I might have to try some more obscure options like trying to use
an HttpSessionAttributeListener and the HttpSessionBindingEvent to
see if when a session is invalidated a BindingEvent is emitted.
I'm not thinking I'm going to be all that successful though.

I was half hoping that Craig might be able clarify after he's finished
with his Festive cheer ;-)

Cheers,
	-- jon



Jason

-Original Message-
From: Jon Eaves [mailto:[EMAIL PROTECTED]]
Sent: Saturday, December 28, 2002 6:08 AM
To: Tomcat Users List
Subject: Servlet/Session/Attribute Listeners not very useful ?

Hi all,

Can anybody tell me what possible use these particular interfaces
are ?

After thinking that they would be a good idea to use for web app
session management enhancements (session timeout etc) it turns out
that the invocations of valueUnbound(), sessionDestroyed(),
attributeRemoved() all occur _after_ the event has occurred, and
the values that would possibly be useful are all gone throwning
IllegalStateExceptions left right and centre.

What gives ? Did the Servlet Spec people have some other use for
these Interfaces that I'm not smart enough to work out, or are
they only useful for printing "object added|removed|replaced"
without being able to actually obtain the object?

The specifications for 2.4 for javax.servlet.http.HttpSession
still say the same things as 2.3, and if implemented in the
same way don't appear to be useful at all

Or is there some special magic that I'm not invoking the right
way ?

Help me, I'm confused ..

Cheers,
-- jon

--
Jon Eaves <[EMAIL PROTECTED]>
http://www.eaves.org/jon/


--
To unsubscribe, e-mail:

For additional commands, e-mail:




--
To unsubscribe, e-mail:   
For additional commands, e-mail: 



--
Jon Eaves <[EMAIL PROTECTED]>
http://www.eaves.org/jon/



--
To unsubscribe, e-mail:   
For additional commands, e-mail:

RE: Tomcat 5.0 alpha where are you?

2002-12-29 Thread grenoml 
Thanks Rafael!

--- Rafael Fernandez <[EMAIL PROTECTED]> wrote:
> Look for it here:
>
http://jakarta.apache.org/builds/jakarta-tomcat/release/v5.0.0-alpha/bin
> /
> 
> 
> -Original Message-
> From: grenoml [mailto:[EMAIL PROTECTED]] 
> Sent: Sunday, December 29, 2002 6:31 PM
> To: [EMAIL PROTECTED]
> Subject: Tomcat 5.0 alpha where are you?
> 
> I wanted to test out Tomcat 5.0 alpha but I can't find any links on
> the
> Jakarta Tomcat website anywhere where I can download a 5.0 build.  Is
> this a secret or what?
> 
> 
> 
> __
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
> http://mailplus.yahoo.com
> 
> --
> To unsubscribe, e-mail:
> 
> For additional commands, e-mail:
> 
> 
> 
> 
> 
> 
> --
> To unsubscribe, e-mail:  
> 
> For additional commands, e-mail:
> 
> 


__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Is session id guaranteed to be unique?

2002-12-29 Thread Jason Pyeron 
Where can we find Tim's patch (post the patch to the list please).

two reasons for this:
to implement it
and to peer review it.

-jp


-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-   -
- Jason Pyeron   http://www.pyerotechnics.com   -
- Owner & Lead  Pyerotechnics Development, Inc. -
- +1 410 808 6646 (c)   500 West University Parkway #1S -
- +1 410 467 2266 (f)   Baltimore, Maryland  21210-3253 -
-   -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.


On Sun, 29 Dec 2002, Bill Barker wrote:


"Jason Pyeron" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>
> should the source not be patched?

IMHO, the source should be patched.  As a result, Tim's patch will be in the
4.1.19 release.

>
> how inefficient would collision detection be?
> best case it would be a HashSet.contains and the storage for the set
>
> -jason pyeron
>
> On Sun, 29 Dec 2002, Tim Funk wrote:
>
> See this thread for more information:
>
> http://marc.theaimsgroup.com/?l=tomcat-dev&m=104072138429223&w=2
>
>




--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Mysql driver problem...

2002-12-29 Thread Keith Pemberton 
Ok, first off sorry if this is a little vague and I can write more
details later.  Anyway, I am new at this stuff with setting up the mysql
driver to work with tomcat by setting a JNDI Datasource.  I followed the
directions under that heading in the documentation from the Tomcat
website for the mysql driver, but I keep getting a "Cannot load JDBC
driver class 'null'" message when I try to create a connection using the
driver.  I put the .jar file in the $TOMCAT/common/lib directory and
restarted tomcat.  Anyone have any quick tips for me to try?  I can post
my code later if yall need it; it's just late right now and I don't feel
like cutting and pasting.  Anyway, thanks in advance!

Keith  


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Is session id guaranteed to be unique?

2002-12-29 Thread Bill Barker 
http://nagoya.apache.org/eyebrowse/ReadMsg?[EMAIL PROTECTED]
e.org&msgNo=53858


"Jason Pyeron" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Where can we find Tim's patch (post the patch to the list please).
>
> two reasons for this:
> to implement it
> and to peer review it.
>
> -jp
>
>
> --
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> -   -
> - Jason Pyeron   http://www.pyerotechnics.com   -
> - Owner & Lead  Pyerotechnics Development, Inc. -
> - +1 410 808 6646 (c)   500 West University Parkway #1S -
> - +1 410 467 2266 (f)   Baltimore, Maryland  21210-3253 -
> -   -
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
>
> This message is for the designated recipient only and may contain
> privileged, proprietary, or otherwise private information. If you
> have received it in error, purge the message from your system and
> notify the sender immediately.  Any other use of the email by you
> is prohibited.
>
>
> On Sun, 29 Dec 2002, Bill Barker wrote:
>
>
> "Jason Pyeron" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> >
> > should the source not be patched?
>
> IMHO, the source should be patched.  As a result, Tim's patch will be in
the
> 4.1.19 release.
>
> >
> > how inefficient would collision detection be?
> > best case it would be a HashSet.contains and the storage for the set
> >
> > -jason pyeron
> >
> > On Sun, 29 Dec 2002, Tim Funk wrote:
> >
> > See this thread for more information:
> >
> > http://marc.theaimsgroup.com/?l=tomcat-dev&m=104072138429223&w=2
> >
> >





--
To unsubscribe, e-mail:   
For additional commands, e-mail:

session id's really unique?

2002-12-29 Thread shawn 
If I use RequestDispatcher.forward(request, response) to another context
am I running the risk of session id conflicts?  

I mean if a session Id is given in one context, another context is
restarted and the java.security.SecureRandom is re-initialized for that
webapp, then it would seem possible that newly generated sessions in the
second context could match the previosly generated session id that was
transferred from the first context.

I doubt I know as much as many on this list, but that is something that
I wondered about.

Shawn

PS  I'm relying on potentially outdated info from a list that was posted
in response to this topic.

 >Tomcat 4 uses an instance of java.security.SecureRandom to generate
> session identifiers for a particular session.  The instance is initialized
> the first time (after Tomcat is started, or after a webapp is restarted)
> that a session identifier is requested.
> 


> More seriously, it is *you* as the application developer that is deciding
> whether or not to execute the RequestDispatcher.include() or
> RequestDispatcher.forward() call -- it's not the container.  It is totally
> up to *you* to decide whether or not this is allowed, because *you* wrote
> the app.
> 
 yes I did but will the sessions tranfer uniquely?


--
To unsubscribe, e-mail:   
For additional commands, e-mail: